[Follow-Up] Removable eUICCs

April 12, 2025 - 4 mins read

It’s been a long time since my last post about eUICCs. A lot things have changed since then. Major changes 5ber.eSIM has gone bankrupt and it’s said that their employees’ insurance was in debt for months before the entire company went collapsed. However, the technical team has started a new company called XeSIM. It’s fundamentally the exact same thing as original 5ber.eSIM, same solution, same card manufactured by Eastcompeace. DON’T BUY IT.

Secretly Generating Keys

January 16, 2025 - 5 mins read

Generating cryptographic keys is the most important* part in the cryptography world. Why and How? random numbers I’m not going to talk about the theories and principles of cryptography, but there’s one thing you need to know that, for asymmetric cryptography, the keys are everything. Your private keys take the responsibility of authenticating, decrypting and signing etc. Therefore, there are mainly two important parts. The first one is to safely generate your keys.

2024 Final Review

January 1, 2025 - 5 mins read

Wow it’s been another year. This year, a lot of things have changed. Life This year, I’ve finally reached my age of 16! I’ve gone to Nanjing twice, visited a lot of places of interest; I’ve also met some of my friends which we originally met online offline :), which is a big step forward towards my relationship circle. There aren’t really many things to be written about my life, cuz there’s really nothing important happening :(.

Removable eUICCs...

August 27, 2024 - 9 mins read

This post has some updates! Available at: here eSIM, aka embedded SIM cards, a new form of SIM cards. The traditional SIM cards are essentially a Java Card with customized applet on it. You need to use this card in order to connect to the cellular network. But as time goes by, these little plastic SIM cards seem to be out-of-fashion. That’s when eSIM comes into play. You can straight download your carrier’s profile onto your phone and enable it.

S/MIME Signatures on Git

July 24, 2024 - 2 mins read

S/MIME, our old friend, usually used to sign and encrypt emails. Essentially it’s a standard to ensure the authenticity and security of your communications, especially emails. However, it can also be used to sign regular data. You guessed it, we are going to use it to sign Git commits. The difference between PGP signatures and S/MIME signatures is that the latter requires a central organization to ensure the certificate is trustworthy, and thus it’s popular among corporations.

Using OpenSSL to Sign Data (Simple Guide)

July 2, 2024 - 8 mins read

OpenSSL, a tool which accompanies us all the time but often being ignored by everyone. OpenSSL is currently the most powerful tool in the cryptographic industry. With that said, OpenSSL itself is not easy to use and rather complicated and confusing. This guide focus on signing & encrypting data in a simple way, utilizing a pair of Elliptic Curve keys. My OpenSSL version: OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.

How Do I Organize My Storage Today

May 28, 2024 - 9 mins read

data
storage

Wow, it’s been 2 years since I wrote the last storage-related posts (and that was actually my first blog post ever, learn more) So, two years have passed, and it’s time to write another one. Briefly introduction Despite that I started to focus on privacy and security, the cloud storage is still my main storage medium. But don’t panic just yet, I now have decent amount of local storage as well, and thanks to the magic of moden cryptography, any data stored on the cloud is safe and sound.

Vanity GPG Keys

March 24, 2024 - 6 mins read

If you haven’t known what a GPG key is, please close this tutorial. As we all know, GPG keys have their IDs, they are essentially 40 hexadecimal characters that are used to identify your keys. Your ID may look like this. 9684 79A1 AFF9 27E3 7D1A 566B B569 0EEE BB95 2194 // GitHub web-flow signing Usually we just memorize the last 16 characters because it is enough in most cases.

How to Create a Self Signed Certificate Authority

March 16, 2024 - 7 mins read

If you have a lab like me, you will probably need to serve some of your services through Web. And speaking of web, we cannot ignore one critical aspect – Security. The easiest way to secure your websites is to use TLS. However, most easy-to-get certificates for websites are meant for public domains, not for IPs, not to mention internal IPs. Furthermore, you might not feel comfortable exposing your service to your CA.

Why Did I Use OpenBSD for My Remote File Server

February 18, 2024 - 6 mins read

hardcore
bsd

So, many of you may know that I am a long-time Linux user. However, recently many of my friends tried REALLY HARD to convince me to try BSD-based systems. At first glance, my opinion was a solid NO. I mean, one of the most important thing for me is software ecosystem. Of course, Linux (GNU/Linux) absolutely crushed most operating systems in terms of ecosystems. Later, as I was looking for a way to configure my remote file server, I decided to give it a try.