We believe it is, and I’ll explain the reasons here by detailing the exact process used to store the notes in the database. I did try to explain it before in this post but unfortunately the explanation was obfuscated at best, and incorrect at worst.

So here’s what happens when you create a note in Privnote:

1. You write the note and click the POST button
2. The server generates a random note id, let’s call it the NoteID. This is the 16 chars ID you see in the note link
3. The server hashes the note ID and gets a HashedNoteID = Hash(NoteID). We’re currently using SHA-1 as the hashing algorithm, but the particular algorithm is not very important here
4. The server encrypts the note contents (and also the email and reference, if there is any) using the NoteID, and stores the encrypted version in the database using the HashedNoteID as the database primary key

If someone with access to the database would like to read the note she would be unable because she doesn’t have the key to decrypt it (NoteID), only the database primary key (HashedNoteID). The HashedNoteID cannot be used to “go back” to the NoteID because hashes are “one-way”. So the only person who can actually decrypt (and thus see) the note is the one who has the original NoteID or, in other words, the one who has the link to the note.

For completeness, this is what happens when you view a note in Privnote:

1. The server extracts the NoteID from the URL
2. The server hashes the NoteID and gets the HashedNoteID. This is the same HashedNoteID used when generating the note, since the NoteID used to make the hash is the same in both cases
3. The server retrieves the note from the database using HashedNoteID as the database primary key and decrypts its contents using NoteID as the encryption key
4. The server shows the page with the decrypted note
5. The server permanently deletes the note from the database, keeping only a record of the HashedNoteID, the time when it was read, and the IP address where it was read from, to show it when someone tries to see the note again

I apologize for not being clear in my original explanation, and hope to have explained myself better this time. Thanks to everyone who corrected me and provided a better explanation, both here and in other blogs.

Finally, I must say that we have received a lot of great feedback these days, and that motivates us to keep improving Privnote as well as making it available in more languages.

• it’s already written in the “official” App Engine platform (Python+Django)
• it’s entirely based on a request/response mechanism
• we would forget about scalability problems forever

So we give it a try and implemented a prototype, just to see how it goes, but, in the end, GAE didn’t work because:

• it doesn’t have support for SSL, which is mandatory for Privnote
• it doesn’t support third-party Python C extensions (which we use in Privnote) unless they’re pure-python modules

As for scaling Privnote, we”ll have to try other alternatives, but it was a good experience to gain some knowledge about Google App Engine and cloud computing, which are very hot topic these days.

So I’m happy that I finally made a choice. From now on, I’ll write everything here. I can always aggregate the articles in the Insophia blog, if I see the need. My original idea with the Insophia blog was to be written by all Insophia people but, after a year, there are only 3 articles and all of them written by myself. Why did this happened?. Not much bloggers at Insophia, I guess. In any case, the “new” Insophia blog will be more like a “News” section (with quick short posts) and all articles (well, at least mine) will be published here.

In the future, if some people at Insophia become interested in blogging (blogging should be encouraged, but never -ever- enforced) we could aggregate all their blogs into the Insophia blog.

All you have to do is enter the site, write the note and click Post. Then you get a link that you can send to the only person you want to read it.

What makes it so secure then?.

Two things mostly:

• SSL encryption makes sure the note contents never leaves your browser (neither arrives at the recipient browser) in plain text
• When the note is read (by clicking the link) it automatically self-destructs so no one else who clicks the link could read it. If the note was not read by the intended recipient, at least he/she will known that someone else did it and that the content was compromised

What about the site administrators, you may ask, those ones who always seem to have “full power” over your data. Well, with Privnote, those cannot read your note either. The explanation is a bit more technical, but here it goes: When the note is received by the server, a note ID is created (the same ID you see in the link to read the note). The note contents is then encrypted and saved in the database but (and here’s the magic) the salt to encrypt the note is not the note ID but a hash of the note ID. Hashes “one way” so you cannot go back to the note ID from the hash. So the note gets stored in the DB encrypted with a token that only the person which has the note link can read it. Oh, and we also have web server access logs disabled which makes impossible for any administrator to decrypt the note contents. So, as you can see, the only person who has the key to decrypt it is the one who has the link to the note.

As an additional feature, you can get notified when your note gets read, something that (even today) is not possible with any email or instant messaging software.

Also, I want to mention that the application is available in English and Spanish. By default, it works in the language of your browser, but you can change it using the language selector in the top right corner.

I would like to hear your thoughts about it, feel free to post any comment, criticisms and suggestions.

favicon de pablohoffman.com (desde 2004)

nuevo favicon google.com

Voy a contar los pixeles iguales y si superan el 50% los demando!

You have to run the following commands with the guest PC turned off:

VBoxManage setextradata "Guest PC" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/Protocol" TCP
VBoxManage setextradata "Guest PC" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/GuestPort" 22
VBoxManage setextradata "Guest PC" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/HostPort" 2222

Where “Guest PC” is the virtual machine name, the same name you see in the machines list (in the VirtualBox main window). Those commands add a local forward from TCP port 2222 (on the host) to TCP port 22 on the guest.

So now you can access the guest PC via ssh by running “ssh localhost -p 2222″

If you want to make it even simpler you can provide a quick shortcut by adding these lines to your ~/.ssh/config:

Host guestpc
    Hostname localhost
    Port 2222

After that, you can connect by just typing “ssh guestpc”

A couple of things that come to my mind now:

• If you’re running a hosting company, you should re-consider your business, specially if it’s a python/django one
• This is a huge booster for Django and, at the same time, a big blow for Rails
• Guido joining Google was a good idea

Let’s see how it goes, but I foresee a promising future for this one.

First of all, “fidsk -l” won’t show all your FreeBSD disklabels, you’ll have to do “cat /proc/partitions” to find the partition you wan’t to mount. If the Kernel has support for disklabels (it comes by default on modern Kernels) you will see all your BSD disklabels.

Example:

# cat /proc/partitions
major minor  #blocks  name

   8     0  195360984 sda
   8     1     104391 sda1
   8     2    1044225 sda2
   8     3  194209785 sda3
   8    16   78184008 sdb
   8    17   78180291 sdb1
   8    32  117220824 sdc
   8    33  117218241 sdc1
   8    37    1048576 sdc5
   8    38    2097152 sdc6
   8    39    3145728 sdc7
   8    40    1048576 sdc8
   8    41  109878209 sdc9

Suppose I want to mount /dev/sdc9 (it was /usr in my old FreeBSD) on /mnt. This is the command to do it:

mount -r -t ufs -o ufstype=ufs2 /dev/sdc9 /mnt

Support for UFS2 is read-only.

When you have accounts in dozens and dozens of servers, it could be hard to replicate and keep track of all your configuration files (aka. rc files). To be honest, that’s the reason why I never used rc files in the past, and always tried to stick with the default behavior of programs. But, for some time now, I’ve been using Subversion to keep and manage my personal rc files and it has proven extremely useful. If you don’t know Subversion I recommend you to read about it, even if you don’t plan to use it for development. It’s a great tool for keeping track of files, not necessarily source code. The Subversion book is the reference, but you can also find plenty of tutorials online.

So the idea is simple: just use Subversion (SVN) to keep track of your configuration files, like you would use it to keep track of source code.

To create a repository for your personal rc files you would do something like this:

cd ~
svn mkdir -m "adding pablo rcfiles" https://svn.insophia.com/rcfiles/pablo
svn co https://svn.insophia.com/rcfiles/pablo .

Then, when you want to add some configuration files to revision control you would do:

cd ~
svn add .vimrc
svn ci -m "added vimrc to rcfiles"

Finally, when you edit some configuration files you can commit in one server and then run “svn up” in the all rest to synchronize to the last version, so you only need to modify your configuration files once, which is great. Also, if by some reason you broke a configuration file you could always revert to any prior version of the file (SVN provides this functionality). So, this is useful even if you don’t have accounts in multiple servers.

We also use this approach at Insophia to manage the configuration files of our servers, and it has proven equally useful.

Well, you can and it’s quite simple. Here’s the recipe for Linux.

1. Install tsocks using your Linux distribution package manager (preferably) or compiling from source.

2. Add a file ~/.tsocksrc with this content:

server = 127.0.0.1
server_type = 5
server_port = 9999

3. add this to your environment variables:

TSOCKS_CONF_FILE=~/.tsocksrc

4. ssh’d into the remote server by typing:

ssh -D 9999 user@server

5. launch the application using tsocks. For example, if you want to run Firefox using the remote server connection, type:

tsocks firefox

There you go. The program will run using the connection from the remote server (where you have ssh’ed) in a complete transparent way, no matter which ports the program uses. An alternative way is to run the programs with this environment variable set:

LD_PRELOAD=/usr/lib/libtsocks.so

That would use the tsocks library always, even if you don’t run the program with tsocks.

If tsocks is not available you still can do this if the application can be configured to use a SOCKS5 server (localhost:9999 in this case). For example, in Firefox you would have to go to: Preferences - Advanced - Network - Connect - Settings, and enter SOCKS Host: localhost, Port: 9999.