Siu Lun

Introduction

I was tweaking with the development process today at work by incorporating SVN and trac. SVN allows me to version control the web development while trac allows me to set goals and specification to the project as well as provide a user guide wiki to end users.

As I was doing so, I remember back in my old post I wrote something about building a program to syncronise documents such as bookmarks across different OSes and computers which would work on a memory stick, then I also remember seeing a post somewhere, where someone used CVS to keep their documents, which’ll allow for version control as well as universal access via CVS (so basically any computer that has access to the internet) while using PGP to encrypt those files in order to keep any sensitive data secure.

Obviously it’s not anything new, but it’s not very well known either – amougst those who’re not as up-to-date as your best news source. So I’ll write something about it here in the hopes that people would find it a useful way to keep track and keep control of their eletronic documents while having the most portability and security.

prerequisite

You’ll need
A PGP file encryption software – such as GNUPG
A Subversion(SVN)/CVS server – SVN is recommended as it is built above CVS

What To Do

Follow the instructions of your chosen software.
Once installed
familiarize yourself with how to encrypt & decrypt a file
familiarize yourself with how to make a repository to upload/download from your CVS/SVN server

Once you know how to do the above, the rest is really self-explantory, you encrypt a file you’d like to make accessible and secure, then commit the file to your CVS/SVN server. Whenever you need access to that file, just log into your repository (hopefully you’ve made it accessible by username & password on the web!) download it to your current location, and decrypt the file using your PGP key, and viola.

Tips

• Keep your PGP key on your USB drive keyring or “E-Key” – eletronic key to unlock your life
• Keep your repository data(not the files in your repository but the config files) on your USB drive keyring – so that you can access your repository using a CVS/SVN software instead of logging on the web if it isn’t avaliable.
• Password protect your CVS/SVN repository – while your files would be encrypted, it’s still better to password protect the repository so that even if someone got hold of your “E-Key” or manage to steal your PGP key, they can’t decrypt anything without knowing your username and password for your repository

Problems you may encounter

Q: Everything in your link seems to be in Linux/Unix? – Does it work on Windows?
A: GNUPG has a windows implementation while there is a tool called CVSNT that allows CVS on Windows, Subversion has their own pre-compiled binaries for Windows avaliable at their site.

Q: How do I get a Subversion/CVS server?
A: You can either setup a computer – like a HTPC that is connected to the net all the time as a server by finding tutorials on the net on how to setup SVN/CVS on your computer, or you can find a web host that would allow you to setup a SVN/CVS server. For normal users – those who don’t deal with web design and don’t need a web host – I would suggest you to use a low power computer – such as an HTPC as a server. note# you ought to have broadband

Playing games is such a hassle now a days, when you buy it from the retailers you always have to put the disc into the disc drive to play it. On a console it’s ok, but on a PC it just makes life so hard . I play a lot of games, hence I’ve got a lot of discs my room is a mess as it is, I’d like to stack my games in a box and just leave it in a cupboard, that’s why I find disc image making program so good to use.

Disk space is relatively cheap and for me it’s great to just adjust a few things in software rather than trying to find the disc I left at the bottom of around 300 games. Why can’t developers understand this point? By increasing security on their games, to me, they’re telling me that they’re obviously not gamers themselves and judging from quality of gameplay that games have today compared to the quality of gameplay 10 years ago, I’d say I actually enjoy playing games much more 10 years ago and so that really reinforces my point that today’s developers, publishers and designers, whoever put the security on are too narrow-viewed and not responding to what the market wants and hence from this I conclude that they’re not really worth the money I paid.

But back to the topic, I completely understand one of the major push on security on games is for elminating pirates, but here is a view from another way of life:

I’m a website developer and designer, the website is for an educational institute, now then, my target audience is anyone who wish to learn, whether they’re disabled or not should not hinder the way anyone can gain information from the website but as a website I need to push hard on promoting everything about the institute and therefore visual effects is a great way to push it towards the people who have no sight disability. Unfortunately today’s internet technology is weak and increasing visual effects usually becomes a trade off to people who uses screen readers, but that does not change the fact that I do cater for everyone therefore I have to find ways around it.

I’m not sure if people can see it in my point of view, the point here is I’m basically saying, security should be increased not at the expense of usability of the media. The only difference between the two ideas that I’ve presented is that I’m by law obliged to make a site that does not discriminate, perhaps from the developers point of view it is a hassle because there will be more time needed to develop applications that balances usability and security but the thing is, the extra bit of money spent on developing may well be covered by the increased revenues due to a more accessible product.