September 29th, 2012
This sounds familiar:
What is CryptoParty? Interested parties with computers, devices, and the desire to learn to use the most basic crypto programs and the fundamental concepts of their operation! CryptoParties are free to attend, public, and are commercially non-aligned.
I don’t have time these days to set something like this up for Rochester, but if someone does end up doing so, please ping me.
June 8th, 2012
Well, this is cool:
Cryptocat lets you instantly set up secure conversations. It’s an open source encrypted, private alternative to other services such as Facebook chat.
Messages are encrypted inside your own browser using AES-256. Encrypted data is securely wiped after one hour of inactivity.
Cryptocat also runs as a Tor hidden service (http://xdtfje3c46d2dnjd.onion) and works on your iPhone, Android and BlackBerry.
It’s not the most secure means of doing encrypted communication, but it is the most accessible that I’ve seen so far.
I Dislike DotNetNuke
April 20th, 2012
Lance McNearney nails it on Stack Overflow:
Welcome to developing for DotNetNuke, where the official website provides zero documentation and everything is learned from experimentation, blogs, forums and sites attempting to sell you something.
Promotion For New Freelance Clients
December 30th, 2011
I’m offering new freelance clients 50% off my regular rates on the first 10 hours of work that I do. If you need software or web development work done, take a look at my resume, then contact me if you like what you see. If you know someone who needs work done, feel free to send them my way!
PGP: Migrating Away from SHA-1
May 9th, 2009
The SHA-1 hash that PGP and GnuPG use by default is now looking even
less secure than previously thought. It’s recommended that users begin
using SHA-2, and generate new keys to replace their 1024-bit DSA keys
which are dependent on SHA-1:
If you understand the instructions in the link above, you should
probably follow them soon. If you don’t understand them, don’t worry
too much, as your keys and signatures are still mostly safe for now,
they’re just not future-proof. You’ll probably want to wait until new
versions of your software are released with updated default settings,
and then generate new keys.
I’ve generated a new key for myself, which I’ve signed with the old key
and will be using from now on.
Firefox Portable + GnuPG + FireGPG = CryptoFox
May 5th, 2009
I’ve been talking about this for a while, but I finally got around to doing it. I’ve put together a software package consisting of Firefox Portable, GNU Privacy Guard, and FireGPG. I’m calling it “CryptoFox”. You can download it here.
The idea behind this is to lower the barrier to entry for using PGP encryption. If you want to communicate privately with someone, instead of having to guide them through the install process for 3 different components, you can just have them download CryptoFox and run it. No installation is required.
It’s also a little tricky to set FireGPG and GnuPG up to function portably. If you want to run them from a USB stick on any computer, I’ve already done the hard part for you.
NoScript Firefox plugin secretly disables Adblock Plus
May 1st, 2009
Apparently Giorgio Maone, the developer of the NoScript extension for Firefox, has been indulging in some borderline-malware tactics in order to make sure the ads on his site don’t get blocked by the (excellent and popular) Adblock Plus extension. This is a shame, because NoScript is a genuinely useful tool, but I no longer feel comfortable using it.
Details are available at this post on the ABP blog.
Debian and Back Again
April 28th, 2009
I decided a few days ago that Xubuntu was just too sluggish on my old, ailing laptop. I’d heard that Crunchbang was a bit faster, so I tried it out, but X just segfaulted on startup. The same thing had happened on Xubuntu 8.10, so I’d been sticking with 8.04. I tried Arch next, hoping that something not based on Ubuntu would fare better.
Arch seems like a neat distro, but it didn’t solve my problem with X. After much digging (including a couple sessions with gdb), I found out that the newly-rewritten PCI access code in Xorg 7.4 was trying to initialize my laptop’s broken PCMCIA hardware, causing the segfault. Someone on the #xorg-devel IRC channel also pointed out a patch that fixes the problem. The patch did fix the segfault, but after all that fucking around, I still couldn’t get X to actually start. Even with the basic VGA driver, it would immediately drop me back to the command line without giving any errors at all.
Yesterday, I finally gave up and decided that Arch was too bleeding-edge for my poor broken laptop. I ended up going back to Debian, the first Linux distro that I ever used. I’d originally stopped using it because the “stable” version was too conservative (and the “unstable” and “testing” versions too prone to breakage), but in this case that seems like a good thing.
In order to keep the machine running at a decent speed, I’m just using a basic window manager in X instead of a full desktop environment. I’m giving xmonad a try right now. I think I’d need a higher-resolution screen to really take advantage of the “tiling window manager” concept, but I do like how it’s almost exclusively keyboard-controlled, and how it lacks space-wasting window decorations. I’m also trying the Vimperator plugin in Firefox (or rather, Iceweasel), allowing me to cut down significantly on my mouse usage.
I still need to delve into xmonad’s configuration, set up the status bar, find a decent xterm replacement, and install ProFont.
Rochester OpenPGP Users Mailing List
April 20th, 2009
The keysigning party on Saturday went well. We decided to create a mailing list to keep in touch and discuss ways to promote PGP use locally. From the list’s description:
This group is for PGP/GnuPG users in Rochester, NY to:
1) Discuss ways of promoting the use of OpenPGP encryption
2) Arrange keysignings in order to expand the local web of trust
3) Get help with using PGP, GnuPG, and related programs
If you’re interested in joining, you can do so here.
Math for Programmers
April 1st, 2009
I bookmarked a blog post called “Math for Programmers” years ago on one of my random “scratch space” wiki pages, and just rediscovered it tonight. I figured I’d share:
The right way to learn math is breadth-first, not depth-first. You need to survey the space, learn the names of things, figure out what’s what. [...]
I think the best way to start learning math is to spend 15 to 30 minutes a day surfing in Wikipedia. It’s filled with articles about thousands of little branches of mathematics. You start with pretty much any article that seems interesting (e.g. String theory, say, or the Fourier transform, or Tensors, anything that strikes your fancy.) Start reading. If there’s something you don’t understand, click the link and read about it. Do this recursively until you get bored or tired.
My timing on this is interesting. Over the past few days I’ve started playing a bit of poker (Texas hold ‘em, against computer players in PokerTH), in lieu of my usual habit of compulsively playing quick games of FreeCell at random moments. For the sheer nerdy fun of it, I want to write a program to calculate the exact odds that I have a better hand than all of my opponents, given the cards that are visible at any particular time (pre-flop, flop, turn, and river).
I’m sure it’s a solvable problem, but I’m having trouble simplifying the staggering number of permutations involved. For example, assuming you’ve got your two-card hand, there are 1,225 possible hands that a single opponent could have from the remaining 50 cards. If you have six opponents, there are approximately 9×1017 possible combinations of hands that they could have. We only care about the best hand among our opponents, so I think we can simplify things by assuming that the math is the same for six opponents as it is for one, except that any given hand is six times more likely to occur.
Anyway, I’m thinking of reading up on combinatorics. I got a bit from my discrete math and probability & statistics courses in college, but I feel like I’m missing something here. I’ve always been interested in probability and permutations in games, so it seems like a good subject to pursue.