September 2018. You see your user ID listed as having its login compromised in a recent hack. You know you need to change your password but don’t don’t want to (or just can’t) remember yet another different one. Everybody is talking about password managers as the way to go, but you also heard about password generators, which make passwords on the fly rather than store them. You suspect that’s better than a conventional password manager. Read More
SynthPass released
Chances are you, like me, have a collection of logins, each with their separate requirements for password strength and lifetime, user ID, and so forth, and your memory has already reached the saturation point. Since writing them on a piece of paper is a no-no, you may have resorted to a password manager. There are many good ones, even free ones, but you still wonder if things could be a little easier. If you are thinking this, SynthPass is for you. It does not work like the other password managers, which store your logins more or less securely, but rather gets around the whole problem by not storing your passwords.
Intrigued? Read on… Read More
PassLok Image Steganography released as extension
Hot on the heels of this article explaining how the image steganography capabilities of PassLok and URSA work, the algorithm has been released as an extension for Chrome and its derivatives, and as an add-on for Firefox. This has a couple advantages that I explain below. Read More
Encrypt into an image
About a year ago, I added to PassLok and its derivatives a very secure algorithm for image steganography. It was presented at the ForenSecure 2017 conference on cybersecurity and forensics, but I just dawned on me that I didn’t post anything about it on this blog, for those who may not have attended that conference. I believe that, one year later, this method is still the reigning world champion for image steganography. This article explains how it works, hopefully in a form that is easy to understand, and includes a sample program and some sample results. Read More
Are electric cars really better?
You’ve been hearing seemingly forever that electric cars are the future, that they are inevitable because they solve so many problems, and probably feel guilty to be driving an old, dirty, gasoline vehicle. Leaving aside the fact that there is a quite high-tech combustion technology coming down the pike, this article hopefully will help put things in context and filter out much of the propaganda you’re being bombarded with by considering some physical facts that anyone has access to. Read More
Try this trick to accompany any song
Let’s face it, a lot of chords on the guitar are quite hard. Take, for instance F on the guitar, equivalent to Bb on the ukulele, which requires a barre and a lot of pressure on all strings. What’s worse, F is a very frequent chord in the very common keys of C and F. In this post, I tell you a trick that professionals use (well, at least the Beatles did) but don’t talk much about. Read More
How to pick a pick for a ukulele
You’ve heard it many times: “It’s not in good form to use a pick for a ukulele.” Well, here’s my awful disclosure: I use a pick. And you know why? Because it does sound better, as least for a beginner like myself. It allows me to strum loud, fast, and consistent. If you look at YouTube videos, you’ll see that a lot of semipros also use picks. I haven’t asked them, but I presume it is also because it does sound better. Picks are pretty much a must for steel strings, and they are quite helpful on plastic strings. But you’ve got to pick the right pick. Read More
Find more ukulele chords
A year and a half after I took up the ukulele, I’m calling myself an intermediate player. Now, an intermediate should be able to do a little more than strum a few open chords with a felt pick, so here’s a chart that is helping me to find chords up the neck (I still strum with a pick ;-). Hopefully you’ll find it useful too. Read More
PassLok and EFail
This May 14th, a group of German security researchers revealed EFail, a successful attack against PGP (short for Pretty Good Privacy), and S/MIME, the leading methods for end-to-end encrypted email nowadays. You can read their shorter post here, and their full paper here. I’ve contacted a number of people who wrote about it to tell them about PassLok and its immunity to the EFail attack. This post adds more details to what you may shortly found printed elsewhere. Read More
Cheapest MIDI guitar
For quite a while, I’ve been interested in making a guitar or ukulele sound like other instruments. The way a guitar sounds when strummed appeals to me, since it blends so well with singing to make a song, but I get bored quickly with things always sounding the same. This is while I’ve built a number of ukuleles in the last few months and my collection now counts some 15 units. There is this device called “MIDI guitar controller” that you play like a guitar but can sound like anything else, since what it does is get real-time note information from your performance, which can then be fed to a hardware or software instrument. Most MIDI guitars, however, are either discontinued or very expensive. I was resigned to never using one until I ran into the “Rock Band 3 Fender Mustang guitar controller pro” (whew!), which is now selling (new) for a tad over $50. This article expounds how this relatively cheap device compares with much more expensive devices. Read More