r1cebank's code & 🍗 & ✈️

Thinking last year I was hoping the pandemic will end this year, well it didn’t. Delta variant and now the Omicron variant has been sweeping through the globe. The pandemic control here at BC is close to none existent, we’ve seen cases jump from 400 to 2,000 but people still go about their daily lives.Things has been stressful at EA so I made a decision to leave, was able to make my own luck getting an offer at Microsoft. Achievements 成就 Reached 100K saved and invested Got in Microsoft Finish...

Its Christmas time again in the year, a lot people are preparing Christmas roast or some wonderful dinner with their families. I now have a wonderful beef stock recipe that should be perfect for anyone want to use as a base for a wonderfule Au jus or a soup. 牛肉高汤在很多圣诞节时期吃的菜都会用到，平时我会去超市直接买包装好的牛肉高汤，但是一直都觉得味道不好，有的比较咸，有的有一些怪味。今天我分享一个我发现的不错的牛肉高汤的做法，做完的高汤可以做成酱料或者是汤，用处还是蛮多的。 Ingredients 原料 Beef bone (neck, leg) 牛骨 Beef scraps or trimmings (preferred with fat) 牛肉边角料，如果有肥肉最好 Tomato paste 番茄酱（不是番茄沙司） C...

Earlier we talked about trying to hardening the USB Armory, but given all the information I have found online, I need to figure out some custom way of generating the image so the secure environment can be easily reproduced. Custom Kernel + initramfs (for pre-boot LUKS unlock) Seperate /boot partition (unencrypted but signed to unlock the rootfs) Makefile to create multi-partition images Makefile to create LUKS images Signed bootloader with the image Step 1. InitramfsThis is the hardest...

When I was in high school and starting to know about the danger of password being stolen, I started to change my password every 6 month. It got really crazy as I started to get more and more online accounts. During that time I have no list of all the online accounts and I often forget one of the account and I ended up forgot which pass password that account is using. The I realized using the same password for everything is not a good idea, also there are asshole websites that only allow you t...

Since last time I wrote about the USB Armory II, I have spent a considerable amount of time working on the device. I have to say it is a very capable device, able to support many tools that I want to run on it. But working with USB Armory with Secure Boot turned on, I have found some issues that is not documented in the wiki. ProblemThe secure boot process will only protect the initial boot process, validating the kernel, but its still easy to modify the filesystem and inject files in to the ...

While browsing Crowd Supply I found a very interesting device called USB Armory. Its a tiny security minded computer in the form factor of a tiny USB stick. The hardware specs is not very amazing but compared with similar device like Raspberry Pi Zero, its not that bad. Hardware SoC: NXP i.MX6ULZ ARM® Cortex™-A7 900 MHz RAM: 512 MB DDR3 Storage: internal 16 GB eMMC + external microSD Bluetooth module: u-blox ANNA-B112 BLE USB-C ports: DRP (Dual Role Power) receptacle + UFP (Upstream Facing Po...

It’s been a while since I have posted my findings about the Sega Nu machine. I was lucky enough to get another arcade machine for around 10,000 yen. My goal with this new machine is to carefully backup everything and then carefully make sure that I am able to get the recovery key for the bitlocker drives so I can do anything with it later on. If you haven’t read the part 1 yet, back up, back up, back up your drives! Before I was able to get the new machine shipped to Canada, I created a pla...

Is been couple month since I started working on the Sega Nu, this is the first arcade unit I have worked on. Working on the system has totally changed my understanding of how those system works. Before start working on the Nu, my experience with it is very limited. I started to have interest on this system after I learnt this is the system used for my favorite arcade game: Hatsune Miku: Project Diva Arcade Future Tone. I always wanted to own one of the cabinet and make it work offline in my f...

I’ve been building a self-contained server from an Intel Nuc, recently I decided to move my dropbox to self-hosted Seafile solution. One of the problem is, I did not encrypt the external storage when I did the system setup. When googled about encrypting existing partitions, I came up with a solution. Make sure you back up all of your data Shrink the partition using resize2fs (make sure calculate the new block size and leave around 32M) Run cryptsetup reencrypt --encrypt /dev/sdXY --reduce-de...

Recently I realized that the personal service server I built literally has every port accessible over LAN. I used docker-compose to build all the services I ran on the server and made sure ufw is enabled and only allow port 22 and port 443/80. During a test with a reboot lock down script,  I realized that even I disable all the ports from ufw, these ports are still accessible. After googling, I realized it has something to do with docker’s own iptables rule somehow will take precedent ov...