Placing A Buffer Between Your Cell and The World

This might be a familiar problem for some people: I’ve had the same personal cell phone number for 15+ years. During this time I have used my number for personal, business, personal business, and the list goes on. Over the years the number of telemarketers has increased to the point where it is sometimes multiple calls per day. This has been annoying but I can usually deal with it by tapping decline on numbers I don’t know. However, about a year ago I started getting text/SMS spam and that is far more irritating to me. When this SMS spam reached the multiple per day I decided it might be time to get a new phone number, but I didn’t want the same problem to reappear. My solution is to make my own answering service and give out that number and never my cell. This covers the phone calls, but what about texts? I wouldn’t want to miss a legitimate message. Well both aspects can be accomplished by using Twilio

For those that do not know, Twilio is a programmable phone service with voice, SMS, Fax, and other features. Twilio has an API for several languages including Python, PHP, node.js, C#, Java, and Ruby. I already have a web server so for me it seemed easiest (quickest to setup) to use that to house some PHP and use Twilio to handle my automated voice and SMS messaging service.

So what does the end result look like? People (or automated telemarketers) can call my Twilio phone number and are greeted with a message of my choosing. Since I don’t want the automated calls leaving me messages I have created a phone (tree) menu that requires the caller to enter a specific number (extension) to leave me a message. Then for SMS, I have a PHP script set up that takes the message and sends a copy to my email then autoresponds and tells the sender that I’ll get back to them as soon as possible.

Lets start with the voice part as that is the more involved piece in this setup. In the Twilio web console, under the section titled “Voice & Fax” I have it set to “Webhook” and have a URL pointing to a specific URL on my webserver. The URL looks something like https://mydomain.com/twilio/main.php The contents of main.php is fairly simple:

<?php

header(“content-type: text/xml”);
echo “<?xml version=\”1.0\” encoding=\”UTF-8\”?>\n”;
$from = $_REQUEST[‘From’];
// email me the number every number that calls
mail(‘myemailaddress@gmail.com’, ‘Call System: call from ‘.$from, $from.”\n”, ‘From: myemailaddress@gmail.com’);
?>
<Response>
<Say voice=”woman” language=”en”>Hello. You may select from the following options.</Say>
<Gather numDigits=”1″ action=”main-handler.php” method=”POST”>
<Say voice=”woman” language=”en” loop=”1″>
To leave a message for Ron select one.
</Say>
<Pause length=”15″/>
</Gather>
</Response>

If the caller selects one they will be sent to main-handler.php, if they select anything else the message replays. In main-handler.php I have:

<?php

// if the caller pressed anything but these digits, send them back
if($_REQUEST[‘Digits’] != ‘1’) {
header(“Location: main.php”);
die;
}

header(“content-type: text/xml”);
echo “<?xml version=\”1.0\” encoding=\”UTF-8\”?>\n”;
?>

<Response>
<?php if ($_REQUEST[‘Digits’] == ‘117’) { ?>
<Say voice=”woman” language=”en”>Please leave a message for Ron. You may hang up when finished.</Say>
<Record maxLength=”90″ transcribe=”true” action=”ron-recording.php” transcribeCallback=”ron-recording-transcribe.php” />
<?php } ?>
</Response>

If the caller selects one, the flow gets sent to ron-recording.php:

<?php
header(“content-type: text/xml”); echo “<?xml version=\”1.0\” encoding=\”UTF-8\”?>\n”;
?>
<Response>
<Say voice=”woman” language=”en”>Thank you for leaving a message for Ron.</Say>
</Response>

If the caller leaves a message, transcription is handled by ron-recording-transcribe.php:

<?php
$from = $_REQUEST[‘From’];

// email me
mail(‘myemailaddress@gmail.com’, ‘Call System: message for Ron from ‘.$from, $from.”\n”.$_REQUEST[‘TranscriptionText’].”\n”, ‘From: myemailaddress@gmail.com’);

?>

That covers the voice aspect of my Twilio setup, the last piece is handling SMS. In the Twilio web console under “Messaging” I have it set to Webhook and the URL looks something like https://mydomain.com/twilio/incomingsms.php This handles all SMS text messaging that are sent to my Twilio number:

<?php
header(“content-type: text/xml”);
echo “<?xml version=\”1.0\” encoding=\”UTF-8\”?>\n”;
// email me
$from = $_REQUEST[‘From’];
mail(‘myemailaddress@gmail.com’, ‘Call System: SMS for Ron from ‘.$from, $from.”\n”.$_REQUEST[‘Body’].”\n”, ‘From: myemailaddress@gmail.com’);
?>
<Response>
<Message>I am busy right now but will try to reply to your message as soon as possible.</Message>
</Response>

When a text is sent to my Twilio number the contents of the text get sent to my email immediately and a message reading “I am busy right now but will try to reply to your message as soon as possible.” is sent to sender.

Well that covers my simple Twilio setup for handling voice messages and SMS texts. Hopefully it proves useful in the years to come with regards to reducing the amount of telemarketers and spam texts sent to my cell phone.

Advertisements

Creating Your Own Encrypted File “Safe”

I often think about, no scratch that – I often worry about what would happen if my laptop was stolen or fell into “evil” hands. I mean there isn’t a lot on any of my machines that could be misused as most things are locked down. My Internet-based accounts such as my Google account require two factor authentication, important files are backed up, etc. However, there are special files, and here I’m specifically thinking about SSH private keys, that should never be out of my control. My solution is fairly simple: create an encrypted file that can be mounted as a loopback device.

The first step is deciding how much speed we are going to need as we cannot directly resize our encrypted file once it is created. If we later need more storage (or less) our only option is to create a new one and copy the contents of the old (mounted) safe to the new one. I use mine to store my entire ~/.ssh, ~/.gpg, and a few other files so my needs are fairly small. All of my files together account for less than 100MB, but knowing that I might want to expand later I decided on 1GB.

If we are using ext2/3/4, xfs, and probably a few other filesystems we can use fallocate to reserve our disk space. I say probably a few others as I know of at least one it doesn’t work on which is zfs.

fallocate -l 1G safe.img

The next step is to create an encrypted device on our new blank image:

cryptsetup luksFormat safe.img

During this step you will be prompted for a password and this is really the only weak spot (bugs not withstanding) in the entire setup. Make sure your password is long enough to make brute force unreasonably long and make sure it cannot be aided with any of the known dictionaries floating around. I made mine 31 characters long because it is long enough to make brute force unprofitable.

Once the encrypted data is written, we can proceed to opening the device:

cryptsetup open safe.img

You will be prompted to enter your password each time you open it so make sure you are using a trusted keyboard (i.e. not wireless).

The next step is to create a filesystem on our new safe:

mkfs.ext4 /dev/mapper/safe

Now, finally, we can mount it and start using it!

mount /dev/mapper/safe /mnt/safe

At this point you should be able to add files into your safe as if were any other mounted device.

Once you are done using your safe, don’t forget to unmount it and close it so that no-one can access it:

umount /mnt/safe

cryptsetup close safe

So now we know how to create, open, and close the device, but what sorts of things are good for storing in there? Well as previously mentioned I store my entire ~/.ssh/ directory in my safe. I moved the directory into /mnt/safe/ and then created a symlink from there to ~/.ssh which allows me to use everything I normally would (ssh, mosh, scp, etc.) without having to reconfigure anything.

What to do next is up to you, but I do tot trust the quality of USB thumb drives out there these days. So I opted to stick my safe on my local hard drive and include it in my backup scheme.

Turning /etc Into A Git Repo With etckeeper

Whether it be for production or development purposes, it is often desirable to turn /etc into a file repository on our servers. There is a great tool named etckeeper that automates pushing changes to a repo for us. That is, once we have it set up and do an initial push. etckeeper supports several version control, but we only care about git.

Install using your package manager of choice, for Gentoo users make sure if you have ‘cron’ USE flag enabled.

If we are going to be pushing to a remote repo (recommended) we need to edit /etc/etckeeper/etckeeper.conf and modify the REMOTE_PUSH line to look like:

PUSH_REMOTE=”origin”

Now we need to instruct etckeeper to create an initial (empty) repository using /etc:

# etckeeper init -d /etc
Initialized empty Git repository in /etc/.git/

Next we will want to tell git/etckeeper where our remote repo is, but first we need to make sure we are in /etc:

# cd /etc

# git remote add origin https://USERNAME:PASSWORD@GITREPOHOST/DIR/repo.git

If that is successful there will be no output.

Now we want to do an initial commit:

# etckeeper commit “Initial commit.”
[master (root-commit) d918775] Initial commit.

<snipped>

Finally we need to push our changes:

# git push -u origin master
Branch master set up to track remote branch master from origin.
Everything up-to-date

We can check the status at any time in the normal way:

# git status
On branch master
Your branch is up-to-date with ‘origin/master’.
nothing to commit, working tree clean

Depending on your distribution there should be an automatic cron.daily job installed. On Gentoo, we can take it a step further and force changes to be committed during an emerge by editing (or creating) /etc/portage/bashrc:

case “${EBUILD_PHASE}” in
setup|prerm) etckeeper pre-install ;;
postinst|postrm) etckeeper post-install ;;
esac

That’s all there is for getting a basic setup going and you should start seeing commits when there are changes in /etc to the repo.