I’ve been sitting here this morning, poking around in Amazon, looking at the pile of devices on my desk, and thinking dark thoughts.
This is what’s on my keychain right now. The black gadget is a compact microSD reader, the silver one is a 64GB thumb drive, and if you look closely at the white device you’ll see it says Identiv - it’s a U2F key, the next step beyond 2FA apps like Authy.
Further back you see a daisy chain of USB-A to USB-C adapters, which I’ve used much less than I imagined I would when I got them. There are a pair of large, top performance microSD cards, one laying out, one in an adapter. There used to be Raspberry Pi4 around here, but they got handed off to someone who would use them more than me. The lamp stand has several USB-A thumb drives, a USB-A/C microSD/SD card reader, and a USB-A CAC card reader.
This is my Amazon cart this morning. Bottom to top, every USB-C device I have is getting a Magsafe style connection. The thumb drive is a USB-A/C hybrid. The Yubikey will work with Android, iOS, Linux, and Mac. The magnetic key boxes will have USB-A thumb drives in them and they’ll be tucked away in a couple public places.
That last bit is an object lesson related to What Hunts You? If you buy a couple of those little boxes and some thumb drives, nobody needs to know you even have them, until you are directing someone else to their location to retrieve them. My situation is such that broadcasting that I’m using them actually makes me more secure, not less, but let’s get a full accounting of potential hazards that shape what I am doing today.
Crispy brown wildlands are literally my back yard, and fire season is now April to January in these parts.
Strong arm robberies are a reality in this neighborhood and I’m not going to fight over my backpack and wallet as if my life depends on it.
I know a couple people who’ve had a burglary, without anything tangible being missing, that’s a crystal clear “We’re watching you” message, and equipment stripping could be an option in my case.
There’s a non-zero chance I’ll face a “burglars with badges” situation, recall that I have an ongoing OIG complaint against the Dallas FBI field office.
The real bother here is the U2F key, and that’s an even bigger problem than the loss of one’s primary Authy mobile device. If my budget would allow, I’d buy five of them, three to accompany thumb drives in the key holders, one for my desk, and one for my pocket. I don’t just theorize about Continuity Planning - any untested plan is just a theory. I’ll log out of all the things, put my backpack in the living room with my key ring in the side pocket, sit down at my desk, and see if reality matches my creative visualization.
The next big step is a review of securing data on these devices, so it won’t matter who has physical possession. I’ve been using age (say ah-zhay) encrypted archives for a while, but I think it’s time for those little bags of bits to live on a portable encrypted file system aka Veracrypt. But this post is long enough, and that topic deserves a treatment of its own, so we’ll call it quits for the moment.