On Trust

There has been a fair amount of effort on UCAN (User Controlled Authorization Networks), and other types of ‘decentralized credentials’ over the last couple years. These efforts perpetuate the same control structures that exist today, with delegated trees of hierarchical control. This is in contrast to a personal or ‘decentralized’ trust we might hope for… Continue reading On Trust

Unlocking North Korean Karaoke

I recently got the opportunity to understand what was going on with a Tianchi android KTV console with north korean content loaded on it. A description of the encryption and evolution of DRM protections associated with the device is published on the North Korea Tech blog.

Messaging Threat models

I talked yesterday at Bornhack about the current state of secure messaging and the different primitives and threats that groups are working to address. The talk is on youtube. The slides are on this site, as are the directions for dogfooding the talek system.

First-party Google Analytics

Third party analytics services are suffering from the growing prevalence of ad blocking, tracking protection, and the trend of minimizing connections and requests. However, from a site owner perspective, receiving usage information remains important for measuring site growth. My expectation is that we are already on the curve where ads and tracking software will be… Continue reading First-party Google Analytics

Clock

A topic of conversation recently has focused on the practicality of Decimal time. Days would have 10 hours, each with 100 minutes. I recently completed a side project of converting an old clock to use decimal time. (If you aren’t willing to switch to decimal time fully, there’s an web version as well.)

Stunning

I’ve started to dive once again into the mess of connection establishment. Network address translation (NAT) is a reality today for most Internet users, and poses a significant hurdle in creating the user-user (or peer-peer) connections. NAT is the process used by your router to provide multiple internal (192.168.x.x) addresses that are all only visible… Continue reading Stunning

Another year, another dive into what’s changed in running a web server. This VM is now basically up-to-date, and supports most of the shiny new web transport improvements, like HTTP/2 and OCSP stapling. Hopefully nothing broke too badly in the process.

SP3

I started running a public sp3 server today. It’s a small side-project I’ve hacked together over the last couple weeks to make it easier for people to play with packet spoofing. The server works similarly to a public proxy, but with the trade-off that while it won’t send high-volumes of traffic, it will allow you… Continue reading SP3