I've not made much progress this week

So in my last post I mentioned random numbers, and talked about needing to trade off between security, speed, and the randomness of the source of random numbers. I stand by the considerations that need to be made, but it was brought to my attention that I was looking at math/rand in go where they also have crypto/rand which makes using /dev/urandom much simpler. The trade offs are the same in practice, but the work was much easier to implement that way, so thank you Liam

posted at 02:11:00 PM on 7 Sep 2019 by Craig Stewart

Tags:project sysadmin golang location-finder 

A Comment on Random Numbers

I have nothing to show on the location app I’ve been building, but I’ve hit a hurdle that I felt warrants some discussion. I want to use two random strings that are unrelated to each other in order to make the app more secure. An ID for each location shared, and a key to prevent someone simply trying to enumerate all the ID’s. Because the key is a security device it is important that it is not derived from the ID, or from the same deterministic source as the ID. With this in mind I have been reading about the random number generator available in Go.

posted at 11:17:00 AM on 1 Sep 2019 by Craig Stewart

Tags:project sysadmin golang location-finder 

Making the app do something

So I have been making improvements to the location app I blogged about recently. The first cut of the app wasn’t really all that much of an achievement as I could have done the same with a file and a webserver, without needing an app written in go. Now in my last blog post I stated that I would build an API, and I have done so. I have also moved the default page, and created a new one. If you choose to look at the code you will notice a function for checking an id and key (which are both currently hard coded to “test”) this is to allow multiple locations to be shared (via a randomly generated ID) and also make it harder to enumerate the location ID’s that the system knows about by pairing that with a randomly generated key. The creation of these ID’s and keys is going to be what I work on next, as well as some optimisations to the code.

posted at 07:29:00 PM on 30 Aug 2019 by Craig Stewart

Tags:project sysadmin golang javascript location-finder 

The first steps in creating a location finding app

So in my previous blog post I said I was going to try and build a web app to find someone’s location using their smartphone’s location services. The first step in this is choosing a language and/or framework to build it in. I’ve decided to use Go, which a former collegue of mine tells me makes me a hipster.

posted at 03:33:00 PM on 25 Aug 2019 by Craig Stewart

Tags:project open-source sysadmin location-finder golang javascript