Aaruni's Blog v 3.0

Authentication

Authentication is any process that verifies and validates the identity of a client. Any login process is a type of authentication. Traditionally, authentication is done via a username and a password.

Multi Factor Authentication

Multi factor authentication (MFA) uses multiple factors to establish identity, instead of a single one, as in the classical case. These factors can be

• Something you know (e.g., password)
• Something you have (e.g., a phone)
• Something you are (e.g., biometrics)
• Somewhere you are (e.g., GPS coordinates)

With a sane setup, for the vast majority of daily activities, 2 Factor Authentication (2FA) is sufficient.

One Time Password

A One Time Password (OTP) is, as the name suggests, a single use password. It is most frequently used as a second factor in a 2 Factor Authentication scheme. It provides the “something you have” factor: the device providing the password.

Time based One Time Password

A Time based One Time Password (TOTP) is a One Time Password which uses the current time to generate the One Time Password. This means that TOTPs do not need a working network connection, and can still make a valid OTP on demand. Mathematically, a TOTP is just a function which takes two inputs, a seed, and the time. If the seed is shared ahead of time, as a pre shared secret, TOTP can be, and is used, as a complete and secure replacement for classical forms of OTP.

7.1 Headphones!

You just got an new headset. Its expensive and brilliant and it says 7.1 surround sound on the box, and you swear you can hear the difference. Unfortunately for you, that’s not how this works. That’s not how any of this works!

The numbers in the surround sound standards refer to the number of physical channels there are for the sound output. 7.1 means you have 7 channels for sound, and a subwoofer for base. The channels in this setup are Front-Left (1), Front-Center (2), Front-Center (3), Surround Left (4), Surround Right (5), Rear Left (6), Rear Right(7), and a low frequency subwoofer (.1). Your fancy new headphones, on the other hand, only have two physical channels: left and right. But what about the stark difference you swear you can hear v/s your previous set of cans? All of that is software magic.

Tail-what?

Tailscale is a project by Tailscale Inc which creates a mesh network of your devices. It allows all the devices on your tailscale network, the “tailnet”, to talk to each other direclty, in a peer to peer manner. It does not matter if your devices are separated by the internet, or a NAT, or even a CGNAT: tailscale can break through and create a functional tunnel between each of your devices. It works by employing Wireguard behind the scenes to create a tunnel from each device, to every other device in your tailnet. For 9 devices, that means 90 tunnels have to be created and maintained, and without tailscale, this operation would be MANUAL! The full breakdown of exactly how Tailscale works can be found here.

As part of my work, I’m heavily using ostree. Ostree is a git like content addressed store for filesystem trees. Its a really cool technology for distributing software, and is used by many major players in the industry : GnomeOS, rpm-ostree, flatpaks, and so on. While ostree has capability of deploying entire OS trees (hence the name), it can also be used in “user mode” (as opposed to “host mode”), where it manages only a target user repository, instead of the entire host. (Fun fact, ostree has the ability to juggle between different versions of the OS, or even different OSs!)