I’ve recently decided to go and look at recumbent trikes, and fell in love with a Catrike Pocket when testing it out at RecumbentPDX here in Portland. It rode amazingly smoothly, didn’t hurt my back or my knees (or any other parts, but that’s a story for another time, if ever) and I believe if I were to take it home, I’d have no trouble climbing the hill to get here. When I ride home from work, it’s all uphill. It’s not too steep, but for someone who is getting used to riding a bike again after 15 or so years of not having touched a bike, it’s daunting, and a good way to run out of breath. I can do it, and haven’t failed yet to make the hill, but it’s not as easy as it once might have been. I’m getting older, and really think a recumbent trike would suit me better, and I would be able to use it to get all around town, not just back and forth to work, as I am doing now with the bike. The climb is getting easier, and over the last month of being back on the bike, I’ve made noticeable improvements in being able to climb the hill, but my back and knees pay for it every time. I hate getting old[er]. 🙂

 

A note about RecumbentPDX — They were very nice, and easy to talk to, and were helpful beyond measure. If you’re ever in Portland looking for a recumbent trike, I can’t recommend them highly enough. They knew that I wasn’t able to pick up a trike, when I went in there to test the Pocket out, yet they still answered all my questions and were respectful and friendly. I immensely enjoyed the visit there. 🙂

Fair warning, this is going to be a long post…

Steve Gibson of GRC.com has created yet another masterpiece of technology. His “Off the Grid” paper-based password generation system is amazing and once printed out, amazingly low-tech, even to the point of being effectively no-tech, as it requires only a piece of paper with the specially generated and one-of-a-kind grid printed on it (I would suggest laminating it with something that is friendly to dry-erase or erasable markers/highlighters). You trace out the path of, to use his example, ‘amazon’ to shorten the URL of amazon.com, using a finger, or something else convenient and which won’t mark-up your grid (thus my suggestion of laminating it).

Here’s one of the unique grids that his system generates:

a grid generated by Steve Gibson's GRC.com secure paper passwords generator
One of a monstrously huge number of possible grids

Now, seeing that somewhat daunting image above, you’re probably thinking “How the hell do I use that?”. I know at first-glance it is daunting. But, if you follow the directions given HERE (I can’t give clearer instructions than the guy who invented it, so I am not going to try), you’ll pick it up quickly. Go ahead, I’ll wait 🙂

Now that that’s done… You DID go and look at that site, right?… We can go through and look at what happens when we take ‘amazon’ as an example on the grid above.

First, we go across the top set of blue letters and look for the ‘a’  (note that we’re ignoring the letter’s case, for now), finding that, we go vertically to the letter ‘m’, then horizontally to another letter ‘a’, then vertically to the ‘z’, horizontally to ‘o’, then lastly, vertically to ‘n’. No changes here so far, right? Right.

Here’s what we have so far:

What we have so far.

Next, we’ll go through and spell out ‘amazon’ again, also ignoring case, but paying attention to the case of the letters that we capture after we find our key letters. For example:

The encryption path, not including 'overshoot'.

Now, what you see above is not including what Steve refers to as ‘overshoot’ zones. These are the ‘key’ (probably a pun intended there) to the encryption process that he recommends. I’ll show those below:

Grid with both paths, and overshoot for encryption.

Now here’s the fun part. Based on what we have done so far, by pathing this out as we have, is we’ve developed a key for ‘amazon’. What is the key? Follow with me through the grid above, along the green path, pay attention to how the overshoot is read, it’s read according to what you cross first for each one. For example the first ‘a’ in ‘amazon’ has the letters ‘vh’ after it, and read in the order of encounter… I’ll explain further in the next step.

Continuing on to the letter ‘m’ in the green path we see the letters ‘dI’ following it, again note the order that we read those, it’s important for later where I add to this scheme.

Now, if you keep going and following the green path and reading the overshoot letters properly, you’ll get the following results: ‘vhdIKWMpFRLr’. I’ll break that into pairs for you: ‘vh-dI-KW-Mp-FR-Lr’.

Now, using just what we’ve done so far, you already have a very strong encrypted password for use on amazon.com.

What I’ll be presenting from here on is an additional layer to that encryption scheme, using the password that we just generated as the key to that. We can use this additional layer as ‘salt’ for the password, or as a kind of substitution code for the password that we have already.

Here’s how what I have in mind works:

Take each pair of letters as broken down above as a set of coordinates. For example, we’ll take ‘vh’ as the first set, since that is what it is. Then we plot those coordinates using the first row of blue letters on the grid as the X axis, and the first column of blue letters on the grid as the Y axis. We should get the following:

I’ll post each path result separately, so that you can follow my logic and reasoning for this idea. Be ready for a lot more images: 🙂

Grid with vh coordinates plotted.

As a result of plotting out ‘vh’ on the grid above, we get the letter “Q” as the output. Write that down below where you have ‘vh’ written on your paper, if you do.

Now, let’s do the same with the next set ‘dI’:

dI coords plotted out.

Note that for our purposes, the initial coordinates are ignored as to case, this is ok, since the 26×26 grid can’t cover both upper and lower case. We DO want to maintain case sensitivity if using the password as-is without these additional steps. We also want to keep them case-sensitive when using with these additional steps when we go to finally add the ‘salt’, which we’re in the process of generating, to them.

Now, I’ll go ahead and give you the remaining grids, next is KW:

Grid with KW coords plotted.

Now for Mp:

Grid with Mp coords plotted.

Next is FR:

Grid with FR coords plotted.

Finally, we have Lr:

Grid with Lr plotted.

Now that we have all the letters that we need, we need to do something with them…

Remember the password that you originally generated using the grid? No? Well, here it is again: “vh-dI-KW-Mp-FR-Lr”, also we have the results of our salt generation using the password as a set of coordinates: “Qyqcnp”.

What can we do with the salt? We can append it to our password: ‘vhdIKWMpFRLrQyqcnp’

We can replace every other letter of the password with a letter from the salt, to further obfuscate the password we originally generated:  ‘vh-dI-KW-Mp-FR-Lr’ becomes ‘vQ-dy-Kq-Mc-Fn-Lp’.

We can try any number of other alternatives, which I leave to you to discover.

Thank you for reading this and I look forward to any feedback on this little variant I have on Steve Gibson’s amazing ‘Off the Grid’ paper password generation system.

Until next time, surf safe 😉

Brian

Well, I had a nice little video of some stars and planets to scale, but they were hosted on Google Video, which is now dead and gone. So, the video that was here is gone along with it.
UPDATE:
Here’s an update to replace the old video. I have to say that this one is even better than the old one… Enjoy 🙂