Viktor Hachmang has an artistic genius that’s equated only by his inability to manage a proper online portfolio of his work.

Tyler Gaw has written an excellent post on the new possibility of writing completely native Mac OS X apps in JavaScript. This is new to OS X Yosemite, and as Tyler says:

I’m excited about this because I think it has a lot of potential. Here’s how I’ve been thinking about it. When Yosemite is available, anyone that installs the OS will be able to sit down and write a native application. They will be able to do so using one of the most ubiquitous programming languages that exists. They won’t need to download or install anything extra. You don’t even have to install or open Xcode if you don’t want to. That removes a massive barrier to entry. It’s incredible.

This actually follows in Windows 8’s footsteps. Close observers will notice that Windows “Modern UI” applications can be written in JavaScript — and according to leaks, Windows 9 will greatly expand on this.

JavaScript is the future. Its already top-of-the-line portability is only getting bolstered, and its immense community support makes it the number one language to master.

It’s incredibly awesome that such a functional, simple and beautiful language is garnering such universal portability and support. (If you’re interested in investigating how it’s possible to compliment JavaScript while maintaining intellectual integrity, I suggest checking out Douglas Crockford’s latest talk on the subject.)

Thoughts on Apple’s iOS8 Encryption and the FBI’s Reaction

For my thoughts on the FBI’s aggressive reaction to Apple encrypting all iPhone device data by default to be beyond the reach of even government court orders, look no further than this Toronto Star article, in which I was extensively quoted (along with Matt Blaze, cool!)

But encryption expert Nadim Kobeissi said law enforcement critics are exaggerating the potential impact on their work and will still have access to the same data.

“They’re making much ado about nothing because they’re scared of the general trend, where companies are starting to stand up for consumer privacy,” Kobeissi said on Friday.

Kobeissi, a Montreal-based programmer, designed open-source encrypted chat program Cryptocat and works with the World Wide Web Consortium — the organization that sets global Internet standards — on online cryptography.

“We shouldn’t be operating in a mentality where increasing consumer safety is a bad thing for law enforcement. This is the mentality with which the FBI is approaching this, and it’s not a democratic mentality,” he added.

Even with the new encryption standards, law enforcement will still be able to access most — and in many cases, all — information stored on cellphones by requesting it from wireless carriers or companies such as Apple.

Kobeissi noted that, as the recent iCloud hack of nude celebrity photos demonstrated, many iPhone users also allow their phones to automatically upload photos and other data to Apple’s backup cloud service, which police can still access.

Police can also still tap a suspect’s phone, track their calls and text messages or track their phone with GPS or cell tower triangulation. “Your own refusal to unlock your phone is now guaranteed, but that doesn’t mean they don’t have this immense set of tools,” Kobeissi said. Kobeissi added that the new encryption standards are among several introduced since media reports revealed large-scale surveillance of phone and Internet data by American intelligence agencies.

“The three-letter agencies know that it’s their responsibility that this has happened in the first place,” said Kobeissi, referring to organizations such as the FBI, the Central Intelligence Agency (CIA) and the National Security Administration (NSA). “If they weren’t so overly aggressive in using their surveillance tools and exploiting surveillance laws, people wouldn’t have been so panicked.

“A lot of people in the security community are saying, ‘Cry me a river, FBI — you are responsible for this.”

Surface Pro 3 Sleep/Hibernate Problems and Solution

My current main computer is a Microsoft Surface Pro 3. It’s an excellent machine for my personal needs.

However, I recently ran into an issue where the sleep function completely disappeared, and the computer would only hibernate once the lid is closed. Hibernation is a far slower and more expensive process whereupon RAM contents are saved to disk so that the computer can be completely powered off so as to use zero power during hibernation. Sleep is the more common and much, much faster standby mode in which the computer remains minimally powered on for quick session resumption once you reopen the lid.

After some research I finally discovered that the reason this occurred was due to installing Windows Phone development tools, which in turn enabled the Hyper-V client-native hypervisor, which is used for running virtual machines during development operations. It seems that computers equipped to run Hyper-V cannot, for some reason, access the sleep function.

In order to re-obtain sleep, you must disable the Hyper-V hypervisor. This is possible through the following steps:

  1. Run the optionalfeatures command either in the Windows Run dialog or in a command-line.
  2. Find and deselect the “Hyper-V” feature.
  3. Restart your computer.

After restart, you should be able to select Sleep as a default action in your power management settings for once the computer lid is closed, etc.

Steve Hauschildt - Uncanny Valley
from S/H
112 plays

"The uncanny valley is a hypothesis in the field of human aesthetics which holds that when human features look and move almost, but not exactly, like natural human beings, it causes a response of revulsion among some human observers."

Incredible electronic music discovery I made yesterday. Who is Steve Hauschildt?

Source: noirlac

Letter to the Mayor of Montreal Regarding Fighter Jet Parade

Fighter jets flew over Montréal today without warning in order to promote a football game. They were extremely, extremely loud and frightened pretty much everyone I know. I am sending this letter via snail mail to the Mayor of Montreal and posting it here as an open letter as well:

Dear Mr. Coderre,

I write to you today in good faith as a proud citizen of Montreal and as one of your constituents.

I must express my deep disapproval and personal shock at Montréal’s decision to deploy fighter jets over the city today as some sort of aesthetic show to support a local football game.

Montréal residents were given no warning of the fighter jets and the entire city seems to have been rendered half-deaf by how loud they were. I’ve heard from a handful of people panicking and wondering about the fighter jets.

But more importantly, fighter jets are not a happy image, or something to display as a point of pride. Fighter jets are instruments of war used exclusively to deliver deadly payloads. They are a realist self-defensive necessity at best, and generally just are instruments towards such a deeply grim end that a culture should be ashamed to have the depravity of using them as a parade to raise people’s spirits. If Canada has fighter jets it should not be proud of them, it should tuck them away as an unsightly but necessary evil.

I understand the necessity of fighter jets as a pillar of Canadian defence and deterrence. I believe that Canada is justified in owning these jets. However, parading them as a point of pride is morally depraved. They are like prisons: a necessity, not something to be proud of. Many of my friends in Montreal share my concerns. I urge you to take our collective concerns seriously and to do your utmost to make sure this does not happen again.

With my sincerest regards and thanks for your service towards our city,

Nadim Kobeissi

On Cryptography and the Golden Age of Islamic Civilization

The following is a beautiful excerpt from Simon Singh’s The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography:

Between the appointment of Abū Bakr in 632 to the death of the fourth caliph, Alī, in 661, Islam spread until half of the known world was under Muslim rule. Then in 750, after a century of consolidation, the start of the Abbasid caliphate (or dynasty) heralded the golden age of Islamic civilization. The arts and sciences flourished in equal measure. Islamic craftsmen bequeathed us magnificent paintings, ornate carvings, and the most elaborate textiles in history, while the legacy of Islamic scientists is evident from the number of Arabic words that pepper the lexicon of modern science such as algebra, alkaline and zenith.

The richness of Islamic culture was to a large part the result of a wealthy and peaceful society. The Abbasid caliphs were less interested than their predecessors in conquest, and instead concentrated on establishing an organized and affluent society. Lower taxes encouraged businesses to grow and gave rise to greater commerce and industry, while strict laws reduced corruption and protected the citizens. All of this relied on an effective system of administration, and in turn the administrators relied on secure communication achieved through the use of encryption.

As well as encrypting sensitive affairs of state, it is documented that officials protected tax records, demonstrating a widespread and routine use of cryptography. Further evidence comes from many administrative manuals, such as the tenth-century Adab al-Kuttāb (“ The Secretaries’ Manual”), which include sections devoted to cryptography. The administrators usually employed a cipher alphabet which was simply a rearrangement of the plain alphabet, as described earlier, but they also used cipher alphabets that contained other types of symbols. For example, a in the plain alphabet might be replaced by # in the cipher alphabet , b might be replaced by +, and so on.

The monoalphabetic substitution cipher is the general name given to any substitution cipher in which the cipher alphabet consists of either letters or symbols, or a mix of both. All the substitution ciphers that we have met so far come within this general category. Had the Arabs merely been familiar with the use of the monoalphabetic substitution cipher, they would not warrant a significant mention in any history of cryptography. However, in addition to employing ciphers, the Arab scholars were also capable of destroying ciphers. They in fact invented cryptanalysis, the science of unscrambling a message without knowledge of the key. While the cryptographer develops new methods of secret writing, it is the cryptanalyst who struggles to find weaknesses in these methods in order to break into secret messages . Arabian cryptanalysts succeeded in finding a method for breaking the monoalphabetic substitution cipher, a cipher that had remained invulnerable for several centuries. Cryptanalysis could not be invented until a civilization had reached a sufficiently sophisticated level of scholarship in several disciplines, including mathematics, statistics and linguistics. The Muslim civilization provided an ideal cradle for cryptanalysis, because Islam demands justice in all spheres of human activity, and achieving this requires knowledge, or “ilm”.

Every Muslim is obliged to pursue knowledge in all its forms, and the economic success of the Abbasid caliphate meant that scholars had the time, money and materials required to fulfill their duty. They endeavored to acquire the knowledge of previous civilizations by obtaining Egyptian, Babylonian, Indian, Chinese, Farsi, Syriac, Armenian, Hebrew and Roman texts and translating them into Arabic. In 815, the Caliph al-Ma’mūn established in Baghdad the Bait al-Hikmah (“ House of Wisdom”), a library and center for translation. At the same time as acquiring knowledge, the Islamic civilization was able to disperse it, because it had procured the art of papermaking from the Chinese. The manufacture of paper gave rise to the profession of warraqīn, or “those who handle paper,” human photocopying machines who copied manuscripts and supplied the burgeoning publishing industry. At its peak, tens of thousands of books were published every year, and in just one suburb of Baghdad there were over a hundred bookshops. As well as such classics as Tales from the Thousand and One Nights, these bookshops also sold textbooks on every imaginable subject, and helped to support the most literate and learned society in the world.

We’ve all been there, but none of us remember. As we develop into fully self-aware beings, our subjective experience of the world shifts dramatically. Once we leave infanthood behind, that early window on the world – and what it’s like to look through it – is closed to us.

Emeralds - Candy Shoppe
from Does It Look Like I'm Here?
193 plays

Probably the best single track by electronic music band Emeralds. The blending of electric guitar is really great. Worth sharing.

Music video for the title track from Lusine’s new Arterial EP.


miniLock was released this Monday on the Chrome Web Store after making it through the peer review and public review periods. The contributions made during the two weeks of public review were truly something to make the open source cryptography community proud. People were wonderfully productive, and individuals like Dmitry Chestnykh, Trevor Perrin and Jenna Fox contributed deeply valuable ideas to improve the protocol design as well as the general usability of the project.

Here’s miniLock in a nutshell, from the website:

miniLock lets you encrypt any file quickly and easily, and share it securely with any friend that has a miniLock ID.

Open miniLock and enter your email and passphrase. miniLock uses your passphrase to generate a miniLock ID. You can then send your miniLock ID to friends and they will be able to encrypt files and send them to you. You can send files to your friends once you have their miniLock IDs.

miniLock IDs are very small and easy to communicate. They fit inside a tweet, business card or text message. Entering your passphrase on any computer with miniLock installed will immediately give you the same miniLock ID.

miniLock’s also received very positive press coverage, and the reception on Twitter has also been great. Of all the articles written about it this week (and there are many), the one by PC World struct me as the one most worth reading. Ian Paul did a really thoughtful comprehensive review of miniLock, check out his article here.

Also, my miniLock talk at HOPE X in mid-July went quite well. You can watch it on Vimeo, but keep in mind that this talk was given before the public review period began, so some aspects of my describing miniLock’s design are out of date.

Oh, and my miniLock ID is quBSaJLXKsRiaSrhgkPnswKocth711H29ZamMi1H9j4Mb.

This standard has a future. I’ll keep improving it.

"Hacker Nadim Kobeissi is showing off a prototype tool, miniLock, at a hacker conference this weekend. The tool is a free, open-source browser plug-in that will let users easily encrypt just about anything." f

I made a website that gathers information from the Gaza Health Ministry to display statistics and names regarding Palestinian deaths in the current July 2014 palestinian conflict.

Upcoming Cryptography Work

Fast Company has published an interview with me that covers recent advancements with Cryptocat, my design rationale for a lot of Cryptocat work, and also the current Cryptocat Kickstarter that’s trying to raise $45,000 for the project.

I’m also traveling to New York City this weekend to attend HOPE X, where I plan to present my next encryption software project, miniLock. WIRED published a preview of miniLock last week.

miniLock will make use of some interesting and original file encryption and file sharing techniques using elliptic curve cryptography. I’ll post the slides for my talk right after it’s given on Saturday, and will also be releasing miniLock with a full, peer-reviewed design specification, unit test kit, third-party cryptographic audit, API, reference implementation and more.

Here’s a good excerpt from the Fast Company interview:

Why the focus on the general public?

Cryptography is my main research interest and I’ve always had the opinion that you have to focus on practical, applied cryptography. I see a lot of research being done on really theoretical cryptography. But I don’t like that approach because it’s a very Ivory Tower, academic approach. I really want to focus on the kind of cryptography that has practical benefits to regular individuals in the world. Everything I’ve done related to cryptography has I think embodied the belief that if you want to do cryptography research it’s much more valuable to do stuff that’s related to practical or applied cryptography.

Why is it important for you that Cryptocat is free and open source software?

First this is an argument that I believe in at the engineering and programming level. I think that encryption software can’t afford to not be open source. I think that in order to evaluate the research and security of any cryptographic software, you need to adhere to , which has been a staple for cryptography for many decades. The principle is simply that you cannot obtain security via obscuring your practices. You have to obtain your security via assuming that the adversary already knows all aspects of the system and nevertheless the system is still secure.

So how does that principle play out with Cryptocat?

The way I enforce this is not only by making Cryptocat open source software, but by making it free software under a permissive license. We document the software and the cryptographic specification and we open up our development process. We hire auditors to do biannual audits and release those audits for the public to examine. It’s a very transparent approach to doing cryptography research. Unfortunately it’s resulted in the misconception that Cryptocat is more broken than other tools because we keep talking about how many different bugs we find and fix. But the real reason for that is because no other software has this level of transparency.