On the Road Again, part 2: Security Matters

As the winter of 2010-2011 fulfills its promised severity, we are out in it, travelling cross-country for family and business matters.  We set out from Chaos Central in mid-November, headed east to Montana to deliver finished quilts to our long-arm quilting customers, then through the storms across the Dakotas and Minnesota to Wisconsin for Thanksgiving with family.  Mindful of the recent issues with easy sniffing of wireless web traffic, the infamous FireSheep browser addon, we crafted (after some Internet searching and a tip from SophosLabs) a secure proxy scheme to enable us to safely compute our way across the country.

Since we run the SSH-tunneled proxy on our network at Chaos Central, through our DSL connection, we weave a tangled web to do so.  The phone company doesn’t guarantee a fixed IP address, so the first step is to set up a job on a local server to monitor the DSL public IP address and report any changes to our web hosting accounts.  When we connect at a coffee shop, motel, or public library, we grab the latest IP address via SSH, then open a secure connection to the server at home, starting the proxy server and forwarding the port to our laptop.  Finally, we open a browser that is set up to use the proxy.  A short script simplifies the process, and we have a terminal window showing that we are, indeed, routing traffic securely.

On the way back from Wisconsin, the Unix Curmudgeon got dropped off at the client site in Montana for a two-week hands-on session, while the Nice Person continued on to Washington to tend to her fiber arts business.  Computers travel well: sewing machines and looms do not.  As we still are recession-stalled in our house sale, the Curmudgeon is comfortably (relative to homelessness) installed in a mostly-empty house, with minimal furnishings and intermittent Internet access, dependent on when the neighbors, who have kindly shared their wireless connections, are on-line.

Transportation is yet another issue: the Curmudgeon has stashed his trusty 1979 Fuji Gran Tourer at the Montana location, but winter has set in early and clamped down hard–for more than a week, icy roads too treacherous to walk on have kept him off his wheels, though cyclists with fat-tired steeds and possibly studded tires have braved the slick roads.  But, the feeble winter sun does eventually dissipate the ice film and auto tires wear away the packed snow and ice,  so he is once again mobile for the weekend.

The other peril of a month on the road dependent on wireless network access is keeping up with system security updates.  The exigencies at work have required getting wired access, so it has finally been possible to update the operating system version, but kernel updates on wireless invariably take down the wireless drivers.  Manufacturers long accustomed to the closed-system world of Microsoft do not release their driver code, so Linux users are forced to add drivers in after the fact–the rules of open source forbid bundling commercially-licensed code with open source.  So, in addition to the ritual of setting up an encrypted tunnel to a proxy for un-encrypted web traffic, the Linux user needs to have the tools pre-positioned to build and install kernel drivers after a kernel update in order to get back on the Internet at all.  But, once that is accomplished, the wireless connectivity tools provided with the latest versions of Ubuntu and other Linux distributions make it easy to establish and reconnect to wireless points.

Now, to plot the long trip home.  Bus service is available between Missoula (50 miles away) and Olympia, and many inter-city bus lines now have on-board wireless, but we’re hoping the weather will hold and the Nice Person will brave the roads for retrieval.