Rebuilding Laptop OS

So I made the mistake of attempting to get 2FA setup to login to my Ubuntu MATE laptop (i.e.: Linux.com: How to Set Up 2-Factor Authentication for Login and sudo). Well, that didn’t go well. I’m pretty sure I had the same problem this time around as the last time — since my Home directory is encrypted, login couldn’t read the Google Authenticator config from my ~/.config/. Ended up locking myself out of my system, couldn’t access my encrypted home drive & ended up blowing my system away. Fortunately, I don’t usually save oo much to my local drive (for reasons like this) but I did lose some simple image work I was doing, so that kind of sucks…

Regardless: learned my lesson & will not be messing with 2FA on login for the foreseeable future =]

S Symbol: White: Cyan Glow
Recreating some of the icons I was working on before the wipe.

FINALLY: A Good Password Management Article

DreamHost recently posted an article on their site about password management: DreamHost: How to Create Strong Passwords to Keep Your Website Safe. Just the list of points is much better than what I’m used to seeing:

  1. Make your password long.
  2. Don’t use a common phrase.
  3. Test your password.
  4. Don’t reuse your password.
  5. Use a password manager.
  6. Don’t store passwords in your browser.
  7. Follow the rules every time.
  8. Use two-factor authentication.
  9. Consider the Passphrase/Diceware Method.
  10. Use security questions wisely.
  11. Keep an eye on your smartphone.

I still have to actually read the specifics for each, but that list alone is a great guide on modern password management.

iOS’ USB Restricted Mode “Loophole”

Everyone seems to be trying to point out this “loophole” as a huge deal, getting in the way of the new feature in iOS 11.4.1 that disables the USB port for anything but charging if the device has been locked for more than an hour (or S.O.S. mode is activated on the device).

The “loophole” that people are calling a flaw is that if certain Lightning-connecting accessories are connected within the one-hour window, the timer is stopped. This does not apply to all lightning accessories, as the Lightning-to-3.5mm jack accessory does not reset the count. Apple’s Lightning-to-USB 3 Camera Adapter, however, is one of the accessories that stop the countdown. This makes perfect sense, as it allows the user to connect an accessory without the need to unlock first. If the device is in a pocket, then said accessory can just be connected. It would be one thing if Lightning accessories were trusted the same way as computers are, but that is not the case here. There is no cryptographic key exchange when connecting accessories so the device doesn’t know one accessory from another, without manufacturers making changes to their products.

This is a great step forward, making it much more difficult for attackers & warrant-skipping authorities from having virtually unlimited time to try & crack a device. Here I’m specifically thinking of the GrayKey device & any other services offered by shady companies for unlocking iOS devices.

Screenshot showing the new USB Restriction setting.

Magisk on Project Treble ROMs

So it looks like LineageOS 15.1 for the Xiaomi Mi MIX 2 is now Treble supported, which is apparently leading to Magisk issues, at least for me…:

Archive: /sdcard/Magisk-v16.6.zip
inflating: META-INF/com/google/android/update-binary
inflating: META-INF/com/google/android/updater-script
inflating: arm/magiskboot
inflating: arm/magiskinit
inflating: chromeos/futility
inflating: chromeos/kernel.keyblock
inflating: chromeos/kernel_data_key.vbprivk
inflating: common/addon.d.sh
inflating: common/boot_patch.sh
inflating: common/magisk.apk
inflating: common/util_functions.sh
inflating: x86/magiskboot
inflating: x86/magiskinit
inflating: META-INF/MANIFEST.MF
inflating: META-INF/CERT.SF
inflating: META-INF/CERT.RSA
************************
* Magisk v16.6 Installer
************************
- Mounting /system, /vendor
mount: can't find /vendor in /etc/fstab
! Cannot mount /vendor
- Unmounting partitions
Updater process ended with ERROR: 1
I:Install took 4 second(s).
Error installing zip file '/sdcard/Magisk-v16.6.zip'

Hopefully there is a simple fix for this, but for right now, it looks like I’m stuck with root-less. XDA appears to be having issues as well, so I can’t look for my answer there. I guess that’s what I get for not reading changelogs before flashing 😉

EDIT: 20180710-0900: So of course it was a simple fix… Just needed to update TWRP to the latest version, for me that’s: v.3.2.2-1.
I got some help from Jerry981028 on GitHub, who let me know what line supported recoveries need to have for Treble support: Android-Jerry/android_device_xiaomi_mido-twrp/twrp.fstab