Enter QMK Bootloader By Holding a Button

As Framework 16 has QMK keyboard, of course I was tempted to mess with it. But here lies the problem - to update the keyboard, one has to get into the boot mode. And to get into the boot mode, one has to simultaneously press both Alt keys while plugging the keyboard in (or 2 and 6 key for the Numpad). That gets old really quickly. So, for my first modification, I decided to make this a bit easier.

Dedicating a key for the boot functionality was out of question. I wanted to have a full keyboard experience and not to sacrifice any keys. And that goes double for the Numpad as there isn’t too many keys there to start with. So, I needed a key to serve its normal function during the day and to turn into the bootloading villain during the night. One way to signal such intent would be a long press.

But which key is unlikely to be long pressed on my keyboard you might ask. While there are couple of candidates, there is only one villain among them - CapsLock. Rarely used intentionally, and even when used, never held for long. Oh, and look at that, we have a parallel key on the Numpad - NumLock.

With keys decided upon, it was time to modify the firmware. Fortunately, we don’t need to start from scratch as Framework already did the hard part of the job. Unfortunately, there is so many branches and the most obvious one (framework16-keyboards) is not matching the production hardware. The last tag, v0.2.9 as I’m writing this, seems to match the hardware I have so I started from that.

So, how do we change it? Well, it’s easy as adding a few lines to the process_record_user function in keymap.c. Something like this:

...
bool process_record_user(uint16_t keycode, keyrecord_t *record) {
+    static uint16_t bootloader_key_timer = 0;
+    static bool bootloader_other_key_recorded = false;  // track if any key other than CapsLock has been pressed
+    if (keycode != KC_CAPS) { bootloader_other_key_recorded = true; }
+
     switch (keycode) {
+        case KC_CAPS:  // enter bootloader if CapsLock is held for 5 seconds
+            if (record->event.pressed) {
+                bootloader_key_timer = timer_read();
+                bootloader_other_key_recorded = false;  // start tracking other keys
+            } else {
+                if (!bootloader_other_key_recorded) {  // only go to bootloader if no other key has been pressed
+                    if (timer_elapsed(bootloader_key_timer) >= 5000) {
+                        bootloader_jump();
+                    }
+                }
+                bootloader_key_timer = 0;  // reset timer counter on release so it can be used for tracking if CapsLock is pressed
+            }
+            break;
+
         case FN_LOCK:
...

This code will start timer as soon as CapsLock is pressed and then just track if any other key has been pressed while CapsLock is still down. If yes, it will just behave as it normally would (i.e., no bootload function). However, if there was no other keypresses and key has been held down for 5 seconds, upon releasing the CapsLock, you will go into the bootloader mode without having to disassemble your input modules.

Not strictly necessary modification but it makes QMK development so much easier.

PS: Or you can download code from my repo containing a few additional changes (e.g., NumLock changing background level for the Numpad).

80386

One always remembers their first love. For me, that was i386DX running at screaming 40 MHz.

So, why am I having this senior moment remembering things from my youth? Well, Ken Shirriff decided to spend a bit of time, some acid, and a lot of patience in order to reverse engineer i386 processor logic cells. It’s a fascinating read.

So, for all i386 afficienados, here are a few of his articles to read (in order of my choosing):

• Reverse engineering standard cell logic in the Intel 386 processor
• Examining the silicon dies of the Intel 386 processor
• Inside the Intel 386 processor die: the clock circuit
• Two interesting XOR circuits inside the Intel 386 processor
• Reverse engineering the barrel shifter circuit on the Intel 386 processor die

Comic Code and the Panose Category

Most people overlooking my coding are puzzled. Hey, isn’t that Comic Sans? And no, I don’t code in Comic Sans. What kind of animal you take me for?!

I use Comic Code. It’s a monospace variant of Comic Sans. A completelly different beast. :)

Honestly, after moving through many monospaced fonts over the years, this is the one font I found most comfortable to use. And yes, it’s not free. However, if you get it directly from Toshi Omagan, you’ll probably get a decent discount; I know I did. And no, there is no free alternative that supports Unicode properly.

Once I got the font via email, I started using it in VS Code, Visual Studio, Notepad++, Putty… Wait! It doesn’t work in Putty? Yep. My font of choice was not in the list. Uff. I had to select support for variable pitch fonts. Well, no biggie. And then I tried to change it for my Windows Console only to see there was no way to set it at all.

In search for a solution, and after learning way more than I needed (darn Wikipedia is black hole), I zeroed onto Panose classification and its Proportion category. Yep, Windows uses this category to decide which fonts to show in its classic dialog box when application asks for a fixed-spacing.

Fortunately for me, there is an excellent tool called Panosifier that allows changing any Panose setting without going far into the binary. I just ran it with --proportion 9 argument and, voila, my Comic Code was now visible even in Windows Console.

If you too decide to use this beautiful font, don’t worry. Its author has adjusted Panose since so font you receive should have it already set.

Post-Quantum Cryptography - The Last Round

See also round 1 and round 2.

Well, after a long time, NIST announced the first four quantum-resistant cryptographic algorithms.

Both of my StarTrek inspired favorites are actually in. CRYSTALS-Kyber is the one selected for a key exchange purposes and I fully expect to see it in some future OpenSSH version. Since dealing with ED25519 would require a quantum computer much bigger than currently available, eliptic curves are still probably the best default choice. However, you don’t want to wait the last moment to switch. Considering there are still some system that only support RSA (yes Mikrotik, I’m talking about you), switch will take a while.

CRYSTALS-Dilithium, a part of the same family, got selected as one of three suggested digital signature algorithms. From practicality side, it will rarely, if ever, be used alone as its signature output is literaly larger than a KB. That said, there are a few suggested modes (e.g., Dilithium3-AES) keeping the reasonable key size AES provides while retaining quantum assurances of a lattice algorthm.

FALCON was also selected despite difficulty of a correct implementation and a huge potential for side-channel attacks. I guess a small memory footprint and impressive performance in embedded applications were enough to ensure its place among finalists.

Lastly, a SPHINCS+ came out of blue (at least for me) to take its place as the last of the finalists. Since it is slower and larger than either of the other two finalists, it’s hardly a first choice. Regardless, using a different math approach compared to other two finalists was valuable enough to get it in.

NewHope, one of the round two finalists and already used by Chrome ended up like the recent Star Wars sequels. An early succes but ultimately not good enough to pursue.

Rabbit Managed

One of my first vivid memories when it comes to having fun while programming definitely contains me implementing RC4 encryption in QBasic. Algorithm was perfect. It worked on per-byte text, was simple enough to have at least basic understanding what the heck was happening, and it gave me a bit of “el bandito” feeling as algorithm was leaked. Going over RC4 encouraged me to reinvent the wheel and was a direct cause of my love into creating own encryption algorithms. And I’ve created quite a few…

In time I learned a bit more about encryption. Or at least enough to understand why “rolling your own” is generally a bad idea. With time my beloved RC4 got its ass kicked by cryptoanalysis to be finally deprecated in 2015. My focus meantime went toward block algorithms, most notably Twofish and later AES version of Rijndael. My mind decided to go block cipher route but my heart still longed for good old stream cipher times.

As someone following crypto-world as a hobby, I was surprised I missed a whole stream cipher competition - eSTREAM. At this time it’s already an ancient news but results of that competition are still available in the form of 4 secure software stream ciphers: HC-128, Rabbit, Salsa20/12, and SOSEMANUK. All these eSTREAM finalists are still secure, completely free, and really nostalgia inducing for those with a soft spot for stream ciphers.

One that immediately drew my attention was Rabbit. As name suggests, this one was really fast. Additionally, it has quite understandable method of operation, uses no “exotic” operations, it has a reasonably small state (513 bits), and it’s specified in RFC4503. The only thing I couldn’t find was a C# implementation wrapping it into a SymmetricAlgorithm so it can be easily used with CryptoStream. Well, now there’s one…

If you want to use the Rabbit from C#, take a look at my RabbitManaged class. It derives from SymmetricAlgorithm and exposes ICryptoTransform interface so it can be used with CryptoStream. While it uses 128-bit blocks internally, it also allows usage without padding (i.e. more like a traditional stream algorithm). It also allows for all standard paddings.

Considering wide prevalence of AES, its usage will be limited at best but I believe into not having all eggs in one basket and you might find usage for it still. But damn, it was fun to implement this little gem.

PS: For nostalgia, I also have a SymmetricAlgorithm implementation of RC4.

Turning Off Narrator in Windows 10

My problem started with a cat. She loves enforcing my laptop breaks and having some laptop time herself. Whenever that happens, I lock my laptop and let her be for 5 minutes. Without fail she’ll manage to turn off wireless and enable the darn Windows Narrator. And no, turning off the Narrator shortcut doesn’t help.

Issue here is that lock screen works under completely different environment and permanently disabling narrator shortcut for your user will do nothing. No, solving this requires a bit more interaction and the easiest way I found is through registry editing.

To turn off the Narrator, there is a well documented WinEnterLaunchEnabled registry value. For our user we can find this at HKEY_CURRENT_USER\Software\Microsoft\Narrator\NoRoam but for logon user this hides at HKEY_USERS\S-1-5-18\Software\Microsoft\Narrator\NoRoam. Setting this DWORD value to 0 sorts the issue even without going for restart.

However, since my cat also plays with touchpad, I decided to remove the whole Ease of Access portion to ensure erroneous touchpad movements as cat lays down cannot turn anything on. For this we need the [BrandingNeutral](https://docs.microsoft.com/en-us/windows-hardware/customize/desktop/unattend/microsoft-windows-embedded-embeddedlogon-brandingneutral) value. This can be found at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Embedded\EmbeddedLogon. Setting DWORD value to 8 followed by a restart sorts out that issue.

Those full of trust can download registry file with these settings here and import them automatically while others can do the registry changes manually. In either case Windows 10 will become a bit more cat friendly.

Using Proper NTP on Android Phone

As a time connoisseur, I really get really pissed off when my phone’s time is off by a second or two. Considering phone receives time from the radio network, one would expect this not to happen. However, for some reason, it seems no USA network provider actually cares to have their radio time straight. The solution to this problem would be using an NTP server instead of the time provided by the network. However, with an Android devices that’s not as straightforward as one would expect. But it is possible…

Before starting anything, we first need to turn on Developer Options (usually tapping Build Number 7 times). Once this is enabled, we need to enable USB Debugging (Settings > System > Advanced > Developer Options > USB debugging). With this done, we can finally download Platform Tools and check if our device is visible:

adb devices
 List of devices attached
 0A281JCCBA0317  device

Once connectivity is tested, we can immediately go onto setting the NTP server followed by a reboot:

adb shell settings put global ntp_server ^^time.medo64.com^^
adb reboot

Once device has rebooted we can check the value:

adb shell settings get global ntp_server 
 time.medo64.com

And that’s it. Now your device will use the defined time server instead of the unreliable network time.

Segmentation Fault Using Threads With Static Compile

I was playing a bit with threads in C++ and all was going well. For the final compile I wanted a static binary (don’t judge me, I have my reasons ;)). Compile passed as expected but executing program resulted in Segmentation fault (core dumped) error:

g++ -pthread -static test.cpp
a.out
 !!Segmentation fault (core dumped)!!

Well, these were definitely not the droids I was looking for.

Strangely enough, issue was with my thread.join() statement. Something that shouldn’t cause any issues.

It took me some time (in addition to helpful GCC ticket and StackOverflow answer) to finally come to the following compilation line:

g++ -static -pthread -D_GLIBCXX_GTHREAD_USE_WEAK=0 -std=c++0x \
    -Wl,--whole-archive -lpthread -Wl,--no-whole-archive test.cpp

And now my static binary worked happily ever after.

APIs Are a Fair Use

It took just 10 years but we finally know for sure: copying API is a fair use.

There’s a really detailed analysis of Supreme’s court decision at TechDirt for those wanting details.

Despite result matching what I believe is right and better for industry, it’s really heartbreaking it took 10 years and millions in lawyers to clean this up.

Toto Slice

As my son went about cutting a mega bread slice, I told him that was called a “Toto slice”. And then immediately went onto explaining what is the origin of that phrase and why the heck nobody uses it except me.

Well, story starts ages ago when I got my first dog. It was a black terrier and a spitting image of Toto from Wizard of Oz. And Toto slice wasn’t named after him because he didn’t like bread. He liked chickens. Our chickens.

So, within a month, Toto was pronounced incompatible with our yard and gone. Where? I am not sure as some secrets run deep in my family but official version is that he was sold to somebody else. Whether it was an upstate farm or a backyard, the end result was the same - I was dogless.

Some time after, a replacement arrived. It was a mix of a female Scottish shepherd and a male white terrier. Rumors are that conceiving happened due to the bet between owners of each in regards to the capabilities of terrier. If they are true, terrier was skilled enough and thus a few puppies became available soon after.

In any case, the new dog was completely white and would quickly grow close to the size of a (smaller) Scottish shepherd. And his name was Toto too. It was shame to throw away a good name despite this dog being as far as possible from the Wizard of Oz namesake being both white and large.

Life wasn’t always easy and, while my family never went hungry, there was no extra money for dog food. Toto ate what we ate - more precisely, he ate leftovers. When leftovers were sparse, he would get a huge thick slice of bread dipped in the melted lard. That became known in the family as a Toto slice (or “totovska šnita” in my native language).

And Toto slice wasn’t just for a dog. Whenever my sister or I wanted a large piece of (ideally warm) bread, we would use the same phrase. And that’s the phrase I kept using for years and well into my current 40’s.

This phrase might live on with my children along with a story. Or it might die off with me. Regardless, I find it really interesting how sometime words we personally take for granted might not be known even to those closest to us. And how private the language can be even in these global times.