Very Secure

GPG Over Analog - Hardware Device for Secure Voice Communications

October 7th, 2023

I. Concept

The goal is to allow communications over an unsecured audio channel. The gizmo needed is a headset connected to a little computer which is connected via a long wire to an audio jack.1 This gizmo captures the audio signal, encrypts it, and passes the encrypted audio signal over an analog channel. To the sender’s and recipient’s untrusted device, the cypheraudio is nothing more than noise. And so unless the recipient has the corresponding gizmo + key, they will only hear static.

The beauty is that this gizmo will work with any device normally used for phone calls.2 You can plug it into any computer or dumbphone. Your correspondent can plug his into whatever shitware he is using.3

II. Implementation

What are the hardware requirements to encrypt/decrypt fast enough for a real-time phone call?

Most microphones sample at 44.1kHz with a 2 byte depth. Let's be safe and leave room for header information, so say we need to encrypt at 100KBps. My Mac’s (2.3GHz processor) GPG 1.4.23 can encrypt 100KB in about .015s and decrypt the same in about .02s. So the napkin calculation seems to show that this device is feasible without adding much latency to comms.

It would also be possible for the gizmos to use one time pads. The correspondents would ‘charge’ their gizmos with an OTP key before making a phone call.4 This would greatly reduce the computational load and complexity on the hardware device itself. It also allows for more transparency. Creating a verifiable device5 that can perform asymmetric public private key encryption seems quite difficult. But creating a device that simply takes an OTP key and performs the necessary XOR’s seems doable. 6

III. Prototyping

The tool can be simulated in software.7 The data flow in one direction is GIZMO -> Untrusted Device -> Network -> Untrusted Device -> GIZMO. All data passed over the various connections has a chance of corruption, especially over the network. So the first step in realizing this product is to create a pipeline with simulated data loss and create the encrypt/decrypt protocol that mitigates that data loss to a reasonable degree.

  1. The audio jack could be a USB, USBc, or whatever port Crapple is forcing upon its users at the given moment []
  2. This is why the long wire is important. You need to be far away from the untrusted device’s own microphone. One could place the untrusted device next to a source of white noise for extra protection. []
  3. Whatscrap, Noise- I mean Signal, and Shillegram promise end-to-end encryption, but even if you trust their software (only God knows why you would) they still run on top of devices backdoored by Crapple, Goolag, and perhaps a 3rd party hacker as well. []
  4. A 16 GB Key would give 22 hours of comms 16,000,000,000 / (60 * 60 * 100,000 * 2). []
  5. Like FUCKGOATS []
  6. The puzzle becomes - how do you sync up the encrypting and decrypting devices?

    One way to do this this is to break the audio signal into fixed sized packets with headers. The first part of the header contains the index into the OTP used to decrypt the rest of the packet. How do we ensure that this index is faithfully transmitted and what do we do with dropped bits within packets? I still need to work out some of these questions. []

  7. The hardware device can be prototyped without any special equipment. Ideally, one would have two computers and two cables - each cable connecting to the audio out of one device and to the audio in of the other device. []

Posted in Combat | 4 Comments »

The long-overdue review of JWRD's training course

October 3rd, 2023

Earlier this year I had the pleasure of taking JWRD’s operator course with sstacks. I was incredibly happy with the instruction provided by jfw. JWRD seems to have found a balance between being thorough and being practical when it comes to imparting their knowledge of how to guard one’s bitcoins onto their customers.1

The course consisted of ~17 weeks of instruction, one class per week and one office hour session per week.2 Needless to say, jfw was always on time and prepared with a good lesson.

The homework each week ranged from very easy to moderately difficult depending on previous experience programming computers. IMO they could improve the course by having different questions based on prior level of knowledge.3 At the moment, the beginning of the course seems geared towards someone completely unfamiliar with the command line. With that said, it certainly didn't hurt to review some basic concepts.

There are two more suggestions I have. The first, is I think jfw could pre record a 15 minute lecture for each class. The students would watch this video prior to class.4 This would save time for jfw and increase the amount of interaction during class.

The next suggestion has to do with the wording of some of the questions for the homework and warm-ups. Some of the questions are not real questions but instead a word association fill in the blank. For example this was one of the warmup challenges:

The ps and top commands display running ____.

I think the answer is less but it's not entirely clear what's being asked for. I would rewrite the question as

What command line program Is used to display the output of the ps and top commands?

There are many examples of these throughout their warm-ups and homework questions. It's a pet peeve of mine, and I certainly think it would be worth the effort to go through and change the questions to remove ambiguity.

Apart from those points I can't really do anything but praise the course. JWRD have no competitors, they're the only option if you want to learn how to secure your btc. The amount of groundwork they've done with their hardware decisions, software development, etc. Is quite frankly unbelievable. The price they're charging is low for what they offer.

Here's how you can calculate if the class is worth it for you.

EV = P(You lose your btc) * YOUR_BTC_INVESTMENT - COURSE_PRICE

So if you have fewer bitcoins than the price of the course, then the course may not be worth it. The more you have, the more it's worth it.

What if you have more coins than the price of the course but not substantially more? Well I am going to go out and say that P(You lose your btc) is pretty fucking close to 1 for most people. The USG successfully duped the ~entire market into using a fake version of bitcoin. If you have your coins in a bc1 or 3 address, JWRD’s course is worth it as long as you have 1 more satoshi than the course’s price.5 But even if somehow you managed to have the wherewithal to keep your coins in a legacy aka real bitcoin 1 address there are still many ways you can go wrong. You need a professional team to help you manage your wealth and JWRD is the only one up to the task.

  1. They also teach other topics such as secure networking and how to create digital backups. []
  2. I did not take advantage of the office hours to the extent that I should have. jfw has an incredible wealth of knowledge for all things related to cryptography, bitcoin, computers, etc. To anyone taking the course I recommend you pick his brain as much as possible.

    I should also note here that they were kind enough to switch the office hours to a video call format which was a great help for me on account of my hands. []

  3. It's possible that JWRD never had a customer before me with the same amount of experience that I have. But JWRD has a huge number of potential customers that will have prior linux command line experience. For example, all the people who followed along #trilema stand to gain a lot from the course, but for some of them the beginning lessons may not be challenging enough. There is also a potential customer base from people working in/escaping the ‘tech’ Industry in Silly Con Valley and they too will get little from some of the starting material. []
  4. Ideally there would also be a transcript of this video. []
  5. Plus a transaction fee, of course. []

Posted in Bitcoin Beginner, Reflection | No Comments »

Mistakes from my dives on September 17

October 3rd, 2023

On one dive to 20m I was unable to equalize at 17m. I was in freefall and accidentally went a little deeper then I had anticipated, putting painful pressure on my eardrum. I have to be very careful once I get to negative buoyancy to ensure that I don't fall if I can't equalize. I could prevent this by doing free immersion until I can comfortably equalize at my target.

On another dive, I tried to equalize on my way back up. I am very lucky I did not have a reverse barotrauma from attempting this. You should not voluntarily equalize when you return to the surface. It happens automatically.

Posted in Apnea | No Comments »

RSI Next Steps

October 3rd, 2023

Although I've been dealing with chronic pain for two years and the situation looks pretty bleak, I am determined to fix my hands.

Here are the key steps I'm taking.

Resting. I try to avoid doing anything forceful or bearing weight on my hands. For example, when carrying small grocery bags I slip the handles up my shoulder instead of holding them in the palm of my hand. There're tons of little tricks like that to reduce the load.

Doing physical therapy for surrounding muscles. I'm strengthening the neck, shoulders, and back muscles. My forearms and hands are too delicate right now, working them out just puts me at risk for reinjury. Strengthening the supporting muscles helps me maintain better posture. It also gives the body an easier time when doing compensation movements.

Staying constantly hydrated. The problem may be due to cellular health and the fix may come from providing the right environment for tissues to regenerate. So I am drinking coconuts all the fucking time! I also may look into examining my blood work more closely and keeping an even stricter diet.

Wearing wrist splints at night. From what I've learned it seems that restricting movement can be quite dangerous when it comes to these type of injuries. However, at night time I know that I can put my wrists in horrible positions and then fall asleep on them.

Stretching Lengthening.1 The idea is that being more flexible means there is less tension in muscles. This may help alleviate any nerves that are constantly being squeezed.

Learning. Unfortunately this one has been neglected recently, but it's imperative to learn as much as I can about the human body and the anatomy of the hands. My problem is too complicated for doctors to figure out in their routine 20 minute check, so I'm kind of on my own here.

Technique retraining. I'm working on changing the way I type and fixing my workstation to accommodate for my crippled nature. At the moment this mostly means using speech to text.

The future sometimes looks grim but I'm not going down without a fight.

  1. The word choice emphasizes the gentle nature. []

Posted in RSI | No Comments »

Speech to Text

September 20th, 2023

Using speech to text is painful. Nevertheless, the tool is a blessing. Without speech to text, I would be unable to write these articles.

I am currently using some program that comes built-in with the Mac OS. The error rate is about one word per sentence. So, I have to constantly edit everything I right.1

To edit, I have to use the keyboard. So my process is far from hands-free. However, I am able to take off a huge load on my hands. This prevents me from having a flare up the following day after writing.

I would like to get back to programming, but there are a lot of difficulties that I foresee using speech to text for coding. The tool as far as I can tell is more useful for writing prose.

The other problem with speech to text is that I have to use either a Mac or Windows program. As far as I know, the open sores versions of speech to text are absolute garbage. At least that was my experienced with Talon. This means I will have to program on my Mac.

But these are hurdles that I simply may have to overcome. Programming has more thinking and planning involved than actual typing anyways. Perhaps the severe limit I have on my ability to make inputs into the computer could help me write better software.

  1. I'll leave that misspelling there so you can see what I'm dealing with. []

Posted in RSI, Reflection | No Comments »

Once again into the deep

September 18th, 2023

On September 17 I returned to the ocean. I was nervous about the idea of going free diving again. The thought crossed through my mind that I'm already very lucky to have the experience of being 24m deep. I could quit freediving now with a cool notch on my belt without having to put myself at more risk. Why did I need to dive again?1

I had every reason not to go. Hiring a pro cost 80 bucks, I have to drive for an hour each way, I have to then take a 30 minute boat ride (which usually leaves me seasick), and then I have to hold my breath until my diaphragm starts automatically contracting. Seriously, why the fuck would anyone want to do that? I asked myself this question over and over again as I was packing my bags and getting ready to go.

Well I realized why I needed to dive when I arrived at 15m below sea level. I floated there at zero gravity, an experience known only to divers and astronauts. And I heard the most beautiful noise, the calling of whales welcoming me to my home, the ocean. I floated there experiencing incredible bliss as I gave a thumbs up to my safety diver. I didn't have the slightest urge to breathe at any point during the dive.

Poseidon left me a parting gift - after diving, my hands were feeling much better! And although it may just be a fantasy, I have a reason to believe that freediving may help cure my RSI. Let me explain.

To do so, I must inform you about the most important aspect of the physiology of freediving. The astute reader of footnote 1 may be asking themselves how is it possible for freedivers to go to incredible depths of 100 plus meters? Wouldn’t their lungs shrink to a point, causing their rib cage to collapse?

The idea that one's rib cage would implode at a certain depth was a widely held myth for a long time. No one dared to test it. Legend has it that a drunkard dispelled the myth by doing the impossible in a public stunt dive to 50m. That his corpse would float to the top, or rather sink to the bottom, was a reasonable expectation. But who could have predicted that human mammals have a mechanism to pump the lungs with blood in order to prevent the rib cage from implosion under high water pressure? The drunkard was probably just a dumbass who got lucky as shit. His reckless stunt showed the world that free diving to great depths is possible.

The physiological phenomenon preventing the death of freedivers is called blood shift. It occurs as part of the mammalian dive reflex. When we submerge ourselves into deep water, blood rushes from the peripheries into our lungs so that the lungs can retain a rigid structure.2 it is undeniable that humans have aquatic roots.

Now to circle back to how this is connected with RSI. I have read that forms of tendinitis are caused because of restricted blood flow in the veins (i.e. - its an outflow problem). This causes swelling as the blood is unable to properly return home, possibly creating thick tendons that put pressure on nerves. Draining this blood may be an imperative.

I know it may be a fantasy, but could it be possible that blood shift from freediving can reduce some swelling that is causing pains my hands? I have a bit of evidence that this is the case, and I plan to explore that evidence further.

  1. Freediving is relatively safe compared to other extreme sports. There has only ever been one death in a freediving competition. Also, 24m is not deep for a competitor. People sometimes learn to free dive to 30m on the first day they try. With that said, at 24m the pressure is ~3.4 ATM. This means that your lungs are roughly one third the size that they would otherwise be due to Boyle’s inverse gas law. This is barring any effects due to blood shift which I will get to explaining later.

    So idk man, I think freediving is pretty fucking gnarly! []

  2. Unlike gas, liquid cannot compress into smaller volume no matter how much pressure is applied to the liquid's containing body. []

Posted in Apnea | No Comments »

Who is your daddy and what does he do?

September 17th, 2023

I remember BingoBoingo used to ask this question to newcomers in the old bitcoin assets channel. Somehow this seemed to offend people. It was rarely, if ever, answered directly. People are bothered by the idea of manifest destiny. They have difficulty accepting that their environment shapes who they are.

Well I am my father’s son, and there's no denying that I inherit a lot of traits from him. So without further ado let me answer the question.

My dad is Ronald Haack, a retired pro bridge player. He invested all his energy into a card game. He often procrastinates and struggles to get the important things in life done. But when it comes to the card game bridge, there are very few that can match his intelligence and energy.

So what exactly is this card game bridge? Why is it played by a small group of fanatics and a bunch of wealthy old people? Why did my dad dedicate his life to this card game?

It is the most interesting way to make use of 52 cards. The appeal of bridge comes from the unraveling of a mystery with every hand. Through the bidding and play of the cards, a story is told. You and your partner must collaborate to piece that story together and play your cards accordingly.

Bridge1 imitates life. Sometimes you’re dealt a good hand, sometimes you’re dealt a shit hand. In any event, you must always make the best of what you got. You must make decisions with imperfect information and adjust any inferences you've made as more information becomes available.

Ultimately, bridge is a fascinating triviality. And this fascination with trivialities is something that I inherited from my father. Almost all of my effort gets spent on games and pleasure. And now, just like my father, I've begun to invest an incredible amount of time playing bridge. It's not something I'm exactly proud of, but nevertheless it's part of who I am.

  1. Bridge has fallen out of popularity in the last 50 years. Bridge requires honor. It is a beautiful game, but it does not work if you cannot trust your opponents to not cheat. It takes an active effort to make sure that the only way you communicate your hand to your partner is through your bidding and your play of cards. []

Posted in Reflection | 2 Comments »

Remarks on Ulnar Nerve Compression

July 3rd, 2023

Control of the hand is provided to the brain via the radial, median, and ulnar nerve. The default keying position compresses the ulnar nerve.

The ulnar nerve runs through an area called the cubital tunnel in the elbow. This area is colloquially referred to as the funny bone.

A nerve can be modeled as an electrical cable with rubber insulation. Whenever you pinch the rubber tube its internal conductivity reduces. The tube usually quickly expands back to its normal circumference. But if you squeeze that tube over and over and over and over and over for years eventually it will deform permanently.

When you are keying you are almost certainly compressing the ulnar nerve. Stop now before it's too late.

There are two primary reasons why the ulnar nerve is being compressed while keying. The first is that your elbows often need to bend at an acute angle so your hands can reach the keyboard. This is especially true if your keyboard is placed on a high table. You need your elbows to be at an angle closer to 135 degrees. The second reason the ulnar nerve is compressed is that in order to use a normal keyboard one needs to pronate their forearms.1

Let's address how to reduce this bad posture in an ideal manner. The best thing you can do is to cut your keyboard in half and place each half on the outside of your knee. Each half of the keyboard would be rotated 90 degrees from a normal position so that the keys are facing away from one’s body. With the keyboard in this position, your hands can naturally fall into the home row without you having to pronate or bend your elbows.2

You can approximate this by getting a split keyboard with tenting (the ability to tilt them) and getting a keyboard tray - ideally one that also can tilt away from you. For the keyboard I currently use a Kinesis Freestyle Pro 2. I have yet to install a keyboard tray for myself.

If you don't have a keyboard tray nor a split keyboard one tip is to place the keyboard on your lap. It is a decent way to prevent your elbows from bending too much, especially if your desk/table Is too high. If you don't have a split keyboard, there is nothing you can do to prevent the pronation while you type other than hunting and pecking with the outside of your pinkies. (yes I type like that now when I have to.) What you can do is remove your hands from the keyboard and supinate back to resting position constantly to prevent prolonged pronation.

There you have it, some keys to healthy pinkies.

  1. I can reliably reproduce paresthesia simply by putting myself in the naive keying position of bent elbow, pronated forearm. []
  2. Another way to think of this is where would you put the keyboard so that your fingers would be in a good position to strike if your hands were relaxed and in the position they are in during a normal gait. []

Posted in RSI | No Comments »

The RSI Saga Continued

July 2nd, 2023

I've been thinking about what topic I should break the silence with. I ask myself what would be most useful for me and my readers?

The obvious answer is writing about my condition. There are not so many first-hand (pun intended) accounts written about RSI for obvious reasons. It is frustrating for someone with the condition to have to watch videos or listen to audio recordings in order to hear about the experience of other people who have suffered the same ailment.

Although mostly via subpar mediums, there exists lots of information about RSI. So I plan to focus on my specific experience so that I can be a unique data point rather than an echo. I will still mention what I consider the most important information I've learned from other sources.

I urge the reader to deeply consider everything I write in this series if they make a living with the use of their hands.1 I have reason to believe more people are affected by this condition than is reported. It is possible that people have nerve damage in their hands without having pain and paresthesia. It is also possible that people who have symptoms for RSI don't speak about it publicly for fear of losing their job or because they assume it's normal pain.

Take the warning seriously. I never thought “this could never happen to me” however I did erroneously believe my ergonomic chair and my ergonomic Microsoft keyboard were actually ergonomic. There are easy steps to take to reduce the load on your hands, and not doing so may come at a huge cost.

  1. i.e.everyone who doesn't play football. FOOTball. []

Posted in RSI | No Comments »

Block Explorer PSA

February 19th, 2023

It has come to my attention that my block explorer is constantly getting stuck and falling behind the chain tip. This happens because my trb bans nodes that send unrecognized commands. Since the network is 99.7% hijacked by heathens, this means that my node isolates itself from the network. Therefore I plan to patch my bitcoind to include jfw's permissive mode.

Posted in Bitcoin | 1 Comment »

« Older Entries
Newer Entries »