Net Alert | Secure Accounts

Secure Accounts is comprised of five different modules, each designed to function as a standalone resource on a specific aspect of account security, or as a series, with each module building on one another.

The five modules include:

  • Secure Your Accounts: A comic that explains why people should take their account security seriously
  • Account Phishing and Civil Society: A brief explanation of what phishing is and two examples of phishing attacks against civil society groups based on recent Citizen Lab research
  • 2-step verification in 2-minutes: A comic that explains what 2-step verification is and why it’s important
  • Set up 2-step verification now: A collection of links to instructions on how to set up 2-step verification on popular online platforms
  • Who could get access?: A app that users humour to highlight how adopting better security habits will mean hackers need more time and skill to break into your accounts

Dialogue from “The Twilight Samurai”

“Kayano Iguchi: Father, If I learn to do needlework someday I can make kimonos. But what good will book learning ever do me?

Seibei Iguchi: Well, it probably won’t ever be as useful as needlework. But you know, book learning gives you the power to think. However the world might change, if you have the power to think you’ll always survive somehow. That’s true for boys and for girls. All right?

Kayano Iguchi: Yes.”

—Yamada, Yogi. “The Twilight Samurai”. Film. 2002.

Crimes Against English: Adulting

Every new generation contends with the no longer relevant advice of the previous generation. After World War II, a booming economy made lifetime jobs with pensions the norm. But, by the time Generation X was born, corporate downsizing, off-shoring and the creation of the 401(k) in 1978, made many of the beliefs of the Boomer generation irrelevant to the contempory workplace. Still, Generation X were called “slackers” both because the environment was different and seeing the materialism of their parents did not bring them happiness, they brought in different values.

I think a similar dynamic is in play with the term: “adulting”, which implies the “[husband/w]ife; children; house; everything. The full catastrophe.” Notions of needing to work 9-to-5, car payments, home ownership and so forth are as out of step with the modern work environment as believing in lifetime employment and pensions. Yet, this standard, which is just as bad as the materialist and consumer values of the Boomer generation, is how younger people — albeit in a seemingly joking manner — are encouraged to think of themselves, a social gaslighting designed to birth an imposter syndrome in the young. So, the use of the term is a bit of a crime against the language — being an adult has nothing to do with mortgages, but it’s really an example of the bad ideas mass culture propagates that harm everyone that comes into contact with them.

OpenBSD: Configuring mutt & gpg2

After spending some time configuring the mutt email client to use gpg2 in OpenBSD 6.1 and not finding a straight-forward explanation online, I thought I would document my process so other novice OpenBSD users would not have the same difficulties I had.

  • Install mutt and gnupg.

# pkg_add -i mutt gnupg

A series of options will display. Pick the current version of mutt-1.8.0v3-gpgme and gnupg-2.1.15p2.

  • Copy the system example gpg.conf file to your home directory.

$ cp /usr/local/share/gnupg/gpg-conf.skel /home/bedouin/.gnupg/gpg.conf

  • Add this text to the gpg.conf file.

# Enable gpg-agent
pinentry-mode loopback

  • Start the gpg-connect-agent daemon.

$ gpg-connect-agent

  • Import your secret and public keys into your keyring (see man if you need to make them new).

$ gpg2 –decrypt file.sec.gpg | gpg2 –import

  • After import, check to make sure the secret keys imported.

$ gpg2 -K

  • Copy example gpg.rc file from mutt into your home directory.

$ cp /usr/local/share/examples/mutt/examples/gpg.rc /home/bedouin/.mutt/gpg.rc

Then, change every instance of gpg to gpg2 in gpg.rc.

  • Create a file /home/bedouin/.gnupg/email-password.gpg with this text.

set imap_pass = “yourpassword”
set smtp_pass = “yourpassword”

  • Encrypt email password file.

$ gpg2 –encrypt /home/bedouin/.gnupg/email-password.gpg

  • Finally, create a .muttrc configuration file and add a line to decrypt your password, which also has the benefit of launching gpg-agent and saves your password for use in mutt. Example:

# email configuration

set ssl_starttls = yes

set ssl_force_tls = yes

set folder = imaps://

set spoolfile = imaps://

set postponed = +Drafts

set record = +Sent

set trash = +Trash

mailboxes = +INBOX

set hostname =

set from =

set smtp_url = smtp://

set postpone = ask-no

set delete = ask-yes

set editor = “emacs”

set visual = “emacs”

set noconfirmappend

# Email password
source “gpg2 -dq /home/bedouin/.gnupg/email-password.gpg |”


source ~/.mutt/gpg.rc

set pgp_sign_as =

set pgp_use_gpg_agent = yes

set pgp_timeout = 3600

set crypt_autosign = yes

set crypt_replyencrypt = yes

# Reduce polling frequency to a sane level
set mail_check=60

# keep a cache of headers
set header_cache=~/.hcache

# Display download progress
set net_inc=10

This should get you to a working set-up, and it helps make explicit a few points that took me a few hours to figure out, e.g., without gpg-connect-agent started, I had not imported my secret key into my key ring despite thinking I had. Good luck!

World-Wide Labyrinth Locator

The Labyrinth Locator has “[i]nformation about labyrinths you can visit, including their locations, pictures, and contact details, along with information about the many types of labyrinths found worldwide. Labyrinths occur in many forms, shapes, and sizes, and the Locator contains both historic and modern examples. Currently, the Worldwide Labyrinth Locator database contains more than 5400 labyrinths (including a few mazes) in more than 80 different countries around the world.”