The Story of a Persistent Companion

I am a fan of science fiction books and I rarely go toward other genres. I mean, why bother with dark present (or dark past) when you can read about dark future? But, I occasionally do read things that contain no aliens. And one of the alien-deficient authors I like is John Green.

If that name sounds familiar, it’s probably from his Crash Course World History. I watched that darn series with my kids multiple times and, even though there was some growelling, it was an overall enjoyable experience. My first notion of him as an author was Looking for Alaska, a book that I am definitely too old for but one that I enjoyed immensely. Suffice to say that, if he writes something, it’s highly probable I will eventually read it. Maybe not immediately (again, not enough aliens in his work), but I will get around to it.

This time I actually jumped early on his literally train by actually preordering Everything Is Tuberculosis back in 2024 (31st December still counts as 2024!). After reading many of his books, I felt sure enough that book would be readable enough. Book did arrive on time, but then spent a few days just sitting around because I had no time for it.

But, when I got to it, I didn’t let the darn thing go. As often happens with good books and my poor writing skills, I cannot really tell you what made it such a good read. Maybe it was John’s voice playing in my head as if I was listening to one of his Crash Course series. Maybe it was vivid stories about impact of tuberculosis to the real human beings. Maybe it was as simple as me and my personal experiences. It doesn’t really matter, this book touched something that hasn’t been tickled in a while.

I won’t go directly into book content. Not due to spoilers - tuberculosis is quite an old story. Reason is that you can watch John’s own The Deadliest Infectious Disease of All Time video where you’re essentially given the highlights. But, as good video is, book is so much more. It really brings you along for a trip.

If you are going to read one book this year, it might as well be this one.

Enter QMK Bootloader By Holding a Button

As Framework 16 has QMK keyboard, of course I was tempted to mess with it. But here lies the problem - to update the keyboard, one has to get into the boot mode. And to get into the boot mode, one has to simultaneously press both Alt keys while plugging the keyboard in (or 2 and 6 key for the Numpad). That gets old really quickly. So, for my first modification, I decided to make this a bit easier.

Dedicating a key for the boot functionality was out of question. I wanted to have a full keyboard experience and not to sacrifice any keys. And that goes double for the Numpad as there isn’t too many keys there to start with. So, I needed a key to serve its normal function during the day and to turn into the bootloading villain during the night. One way to signal such intent would be a long press.

But which key is unlikely to be long pressed on my keyboard you might ask. While there are couple of candidates, there is only one villain among them - CapsLock. Rarely used intentionally, and even when used, never held for long. Oh, and look at that, we have a parallel key on the Numpad - NumLock.

With keys decided upon, it was time to modify the firmware. Fortunately, we don’t need to start from scratch as Framework already did the hard part of the job. Unfortunately, there is so many branches and the most obvious one (framework16-keyboards) is not matching the production hardware. The last tag, v0.2.9 as I’m writing this, seems to match the hardware I have so I started from that.

So, how do we change it? Well, it’s easy as adding a few lines to the process_record_user function in keymap.c. Something like this:

...
bool process_record_user(uint16_t keycode, keyrecord_t *record) {
+    static uint16_t bootloader_key_timer = 0;
+    static bool bootloader_other_key_recorded = false;  // track if any key other than CapsLock has been pressed
+    if (keycode != KC_CAPS) { bootloader_other_key_recorded = true; }
+
     switch (keycode) {
+        case KC_CAPS:  // enter bootloader if CapsLock is held for 5 seconds
+            if (record->event.pressed) {
+                bootloader_key_timer = timer_read();
+                bootloader_other_key_recorded = false;  // start tracking other keys
+            } else {
+                if (!bootloader_other_key_recorded) {  // only go to bootloader if no other key has been pressed
+                    if (timer_elapsed(bootloader_key_timer) >= 5000) {
+                        bootloader_jump();
+                    }
+                }
+                bootloader_key_timer = 0;  // reset timer counter on release so it can be used for tracking if CapsLock is pressed
+            }
+            break;
+
         case FN_LOCK:
...

This code will start timer as soon as CapsLock is pressed and then just track if any other key has been pressed while CapsLock is still down. If yes, it will just behave as it normally would (i.e., no bootload function). However, if there was no other keypresses and key has been held down for 5 seconds, upon releasing the CapsLock, you will go into the bootloader mode without having to disassemble your input modules.

Not strictly necessary modification but it makes QMK development so much easier.

PS: Or you can download code from my repo containing a few additional changes (e.g., NumLock changing background level for the Numpad).

80386

One always remembers their first love. For me, that was i386DX running at screaming 40 MHz.

So, why am I having this senior moment remembering things from my youth? Well, Ken Shirriff decided to spend a bit of time, some acid, and a lot of patience in order to reverse engineer i386 processor logic cells. It’s a fascinating read.

So, for all i386 afficienados, here are a few of his articles to read (in order of my choosing):

• Reverse engineering standard cell logic in the Intel 386 processor
• Examining the silicon dies of the Intel 386 processor
• Inside the Intel 386 processor die: the clock circuit
• Two interesting XOR circuits inside the Intel 386 processor
• Reverse engineering the barrel shifter circuit on the Intel 386 processor die

Comic Code and the Panose Category

Most people overlooking my coding are puzzled. Hey, isn’t that Comic Sans? And no, I don’t code in Comic Sans. What kind of animal you take me for?!

I use Comic Code. It’s a monospace variant of Comic Sans. A completelly different beast. :)

Honestly, after moving through many monospaced fonts over the years, this is the one font I found most comfortable to use. And yes, it’s not free. However, if you get it directly from Toshi Omagan, you’ll probably get a decent discount; I know I did. And no, there is no free alternative that supports Unicode properly.

Once I got the font via email, I started using it in VS Code, Visual Studio, Notepad++, Putty… Wait! It doesn’t work in Putty? Yep. My font of choice was not in the list. Uff. I had to select support for variable pitch fonts. Well, no biggie. And then I tried to change it for my Windows Console only to see there was no way to set it at all.

In search for a solution, and after learning way more than I needed (darn Wikipedia is black hole), I zeroed onto Panose classification and its Proportion category. Yep, Windows uses this category to decide which fonts to show in its classic dialog box when application asks for a fixed-spacing.

Fortunately for me, there is an excellent tool called Panosifier that allows changing any Panose setting without going far into the binary. I just ran it with --proportion 9 argument and, voila, my Comic Code was now visible even in Windows Console.

If you too decide to use this beautiful font, don’t worry. Its author has adjusted Panose since so font you receive should have it already set.

Post-Quantum Cryptography - The Last Round

See also round 1 and round 2.

Well, after a long time, NIST announced the first four quantum-resistant cryptographic algorithms.

Both of my StarTrek inspired favorites are actually in. CRYSTALS-Kyber is the one selected for a key exchange purposes and I fully expect to see it in some future OpenSSH version. Since dealing with ED25519 would require a quantum computer much bigger than currently available, eliptic curves are still probably the best default choice. However, you don’t want to wait the last moment to switch. Considering there are still some system that only support RSA (yes Mikrotik, I’m talking about you), switch will take a while.

CRYSTALS-Dilithium, a part of the same family, got selected as one of three suggested digital signature algorithms. From practicality side, it will rarely, if ever, be used alone as its signature output is literaly larger than a KB. That said, there are a few suggested modes (e.g., Dilithium3-AES) keeping the reasonable key size AES provides while retaining quantum assurances of a lattice algorthm.

FALCON was also selected despite difficulty of a correct implementation and a huge potential for side-channel attacks. I guess a small memory footprint and impressive performance in embedded applications were enough to ensure its place among finalists.

Lastly, a SPHINCS+ came out of blue (at least for me) to take its place as the last of the finalists. Since it is slower and larger than either of the other two finalists, it’s hardly a first choice. Regardless, using a different math approach compared to other two finalists was valuable enough to get it in.

NewHope, one of the round two finalists and already used by Chrome ended up like the recent Star Wars sequels. An early succes but ultimately not good enough to pursue.

Rabbit Managed

One of my first vivid memories when it comes to having fun while programming definitely contains me implementing RC4 encryption in QBasic. Algorithm was perfect. It worked on per-byte text, was simple enough to have at least basic understanding what the heck was happening, and it gave me a bit of “el bandito” feeling as algorithm was leaked. Going over RC4 encouraged me to reinvent the wheel and was a direct cause of my love into creating own encryption algorithms. And I’ve created quite a few…

In time I learned a bit more about encryption. Or at least enough to understand why “rolling your own” is generally a bad idea. With time my beloved RC4 got its ass kicked by cryptoanalysis to be finally deprecated in 2015. My focus meantime went toward block algorithms, most notably Twofish and later AES version of Rijndael. My mind decided to go block cipher route but my heart still longed for good old stream cipher times.

As someone following crypto-world as a hobby, I was surprised I missed a whole stream cipher competition - eSTREAM. At this time it’s already an ancient news but results of that competition are still available in the form of 4 secure software stream ciphers: HC-128, Rabbit, Salsa20/12, and SOSEMANUK. All these eSTREAM finalists are still secure, completely free, and really nostalgia inducing for those with a soft spot for stream ciphers.

One that immediately drew my attention was Rabbit. As name suggests, this one was really fast. Additionally, it has quite understandable method of operation, uses no “exotic” operations, it has a reasonably small state (513 bits), and it’s specified in RFC4503. The only thing I couldn’t find was a C# implementation wrapping it into a SymmetricAlgorithm so it can be easily used with CryptoStream. Well, now there’s one…

If you want to use the Rabbit from C#, take a look at my RabbitManaged class. It derives from SymmetricAlgorithm and exposes ICryptoTransform interface so it can be used with CryptoStream. While it uses 128-bit blocks internally, it also allows usage without padding (i.e. more like a traditional stream algorithm). It also allows for all standard paddings.

Considering wide prevalence of AES, its usage will be limited at best but I believe into not having all eggs in one basket and you might find usage for it still. But damn, it was fun to implement this little gem.

PS: For nostalgia, I also have a SymmetricAlgorithm implementation of RC4.

Turning Off Narrator in Windows 10

My problem started with a cat. She loves enforcing my laptop breaks and having some laptop time herself. Whenever that happens, I lock my laptop and let her be for 5 minutes. Without fail she’ll manage to turn off wireless and enable the darn Windows Narrator. And no, turning off the Narrator shortcut doesn’t help.

Issue here is that lock screen works under completely different environment and permanently disabling narrator shortcut for your user will do nothing. No, solving this requires a bit more interaction and the easiest way I found is through registry editing.

To turn off the Narrator, there is a well documented WinEnterLaunchEnabled registry value. For our user we can find this at HKEY_CURRENT_USER\Software\Microsoft\Narrator\NoRoam but for logon user this hides at HKEY_USERS\S-1-5-18\Software\Microsoft\Narrator\NoRoam. Setting this DWORD value to 0 sorts the issue even without going for restart.

However, since my cat also plays with touchpad, I decided to remove the whole Ease of Access portion to ensure erroneous touchpad movements as cat lays down cannot turn anything on. For this we need the [BrandingNeutral](https://docs.microsoft.com/en-us/windows-hardware/customize/desktop/unattend/microsoft-windows-embedded-embeddedlogon-brandingneutral) value. This can be found at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Embedded\EmbeddedLogon. Setting DWORD value to 8 followed by a restart sorts out that issue.

Those full of trust can download registry file with these settings here and import them automatically while others can do the registry changes manually. In either case Windows 10 will become a bit more cat friendly.

Using Proper NTP on Android Phone

As a time connoisseur, I really get really pissed off when my phone’s time is off by a second or two. Considering phone receives time from the radio network, one would expect this not to happen. However, for some reason, it seems no USA network provider actually cares to have their radio time straight. The solution to this problem would be using an NTP server instead of the time provided by the network. However, with an Android devices that’s not as straightforward as one would expect. But it is possible…

Before starting anything, we first need to turn on Developer Options (usually tapping Build Number 7 times). Once this is enabled, we need to enable USB Debugging (Settings > System > Advanced > Developer Options > USB debugging). With this done, we can finally download Platform Tools and check if our device is visible:

adb devices
 List of devices attached
 0A281JCCBA0317  device

Once connectivity is tested, we can immediately go onto setting the NTP server followed by a reboot:

adb shell settings put global ntp_server ^^time.medo64.com^^
adb reboot

Once device has rebooted we can check the value:

adb shell settings get global ntp_server 
 time.medo64.com

And that’s it. Now your device will use the defined time server instead of the unreliable network time.

Segmentation Fault Using Threads With Static Compile

I was playing a bit with threads in C++ and all was going well. For the final compile I wanted a static binary (don’t judge me, I have my reasons ;)). Compile passed as expected but executing program resulted in Segmentation fault (core dumped) error:

g++ -pthread -static test.cpp
a.out
 !!Segmentation fault (core dumped)!!

Well, these were definitely not the droids I was looking for.

Strangely enough, issue was with my thread.join() statement. Something that shouldn’t cause any issues.

It took me some time (in addition to helpful GCC ticket and StackOverflow answer) to finally come to the following compilation line:

g++ -static -pthread -D_GLIBCXX_GTHREAD_USE_WEAK=0 -std=c++0x \
    -Wl,--whole-archive -lpthread -Wl,--no-whole-archive test.cpp

And now my static binary worked happily ever after.

APIs Are a Fair Use

It took just 10 years but we finally know for sure: copying API is a fair use.

There’s a really detailed analysis of Supreme’s court decision at TechDirt for those wanting details.

Despite result matching what I believe is right and better for industry, it’s really heartbreaking it took 10 years and millions in lawyers to clean this up.