Posted 1 month ago

Chrome Apps I/O Bytes Video: The Extras

This video was lots of fun to prepare and record. But to be honest, when your main goal is to talk about your teammates’ accomplishments, it’s always going to be fun!

François Beaufort linked to the video on Google+, and in the comments I promised to list all the products and technologies shown or used during production. There is a lot of paperwork involved in getting the permission and rights to explicitly reference other people’s products in a Google-produced video, but there’s nothing wrong with using them in the video, so that’s what I did! Here’s the list.

  • Slide deck produced in Google Slides.
  • Almost all photos were cropped and color-balanced in Pixlr.
  • Slide 4: Google+ Photos Chrome App running on a Dell Chromebook 11. All the backgrounds are the ones included with stock Chrome OS. I selected different ones to provide good contrast for different photos.
  • Slide 5: Sparkfun RedBoard, mounted on Adafruit plastic mounting plate, driving a SainSmart 1.8 ST7735R LCD using the Adafruit ST7735 Arduino library, with the sample app altered to say “Hello I/O 2014!” Dell Chromebook 11 in background, running the Serial Monitor Chrome App from Glen Arrowsmith.
  • Slide 6: Acer C7 Chromebook. One of the few Chromebooks with a built-in Ethernet port.
  • Slide 7: Looks like WeVideo won the carousel spin-off. I took a bunch of pictures for this slide, and because the carousel rotates, many different apps were in the background.
  • Slide 8: a fairly standard Chrome App Launcher pane on the Dell Chromebook. Pinned apps include Secure Shell, Caret, Happynine, ScanQR, and Keep. There’s also a not-very-visible icon for Spark, which was the code name for the just-unveiled Chrome Dev Editor. Those are some of the apps I personally use, so that’s why they’re on my shelf!
  • Slide 9: Google Now. There’s also an out-of-focus fire pit in the background. It’s in my yard.
  • Slide 10: Chromebook Pixel. Also a Nexus 5 phone. If you look very carefully along the right lengthwise side of this phone, you’ll notice the frame is bent. I destroyed that phone while go-karting. But it’s still good as a photo prop.
  • Slide 13: The blog post announcing the launch of the Chrome Apps platform.
  • Slides 14-22: Code and doc snippets rendered using a slightly customized version of François’s Marmoset Chrome App. I changed the app to move the camera position so that the text appeared in the proper place on the slide, and I changed the color to match the slide theme.
  • Slide 23: Chrome Apps & Extensions Developer Tool.
  • Slide 24: Spark, again.
  • Slides 27-28: Same shelf of apps, but also a reference to the very cool Sunrise Calendar Chrome App.
  • Slide 30: An Akai MPK mini, which I use when I pretend to produce music.
  • Slide 31: My wife’s JayBird BlueBuds X Bluetooth headphones. Continuity flaw! These headphones aren’t BLE — they’re Bluetooth 2.1. I didn’t have any hardware at home that was both genuine BLE and generic-looking enough that it wouldn’t look like a product endorsement, so I chose the headphones as the lesser evil.
  • Slide 32: JavaScript Promises on html5rocks.
  • Slide 33: A Beaglebone Black.
  • Slide 35: Alex Russell’s Service Worker explainer.
  • Slide 37: How Many People Are In Space Right Now? One of many amusing websites found on /r/internetisbeautiful.
  • Slide 38: Toshiba Chromebook, model CB35. I don’t know whether there’s a difference between the CB30 and CB35.

That’s it for slide content. I’ve gotten a lot of questions about the photography. It’s a Canon DSLR with a 50mm f/1.4 prime lens. This lens is tricky to use because the depth of field is very narrow for many closeups, but if you can manage to focus the specific part of the subject you want to highlight, then you get a lot of bokeh for free, whether you like it or not.

Posted 4 months ago

How to play Minecraft on a Chromebook

First Time

  1. Get your Chromebook into Developer Mode.
  2. Install Crouton. This guide will assume the installation command you use is sudo sh -e ~/Downloads/crouton -t unity -r saucy and that when you are asked for a new username/password, you enter user/user.
  3. sudo apt-get install gnome-terminal (to avoid going crazy)
  4. python-software-properties software-properties-common
  5. sudo add-apt-repository ppa:minecraft-installer-peeps/minecraft-installer
  6. sudo apt-get update
  7. sudo apt-get install minecraft-installer
  8. Just to be sure you start from a good place, reboot your Chromebook at this point.

Each Time

  1. Power up your Chromebook.
  2. Type Control-D at the scary screen or wait 30 seconds.
  3. Sign in as yourself or guest or whoever. Doesn’t matter.
  4. Control-Alt-T to get into crosh (or better install the Crosh Window utility and use that).
  5. shell
  6. sudo enter-chroot
  7. startunity
  8. Click on the Ubuntu circle in the upper-left and start typing minecraft. The icon should appear. Click on it.
  9. Play Minecraft.
  10. To switch back and forth between your Linux and ChromeOS environments, use control-alt-shift-back/forward (where back/forward are either the keys between esc and refresh on your Chromebook keyboard, or else F1 and F2 on your standard PC keyboard).
Posted 8 months ago


Supercapacitor + incredibly high efficiency LED. The light switch is actually an inductive-charging receiver. To switch on the light, you place your phone near the switch. The phone charges the supercapacitor, and the light stays on for a reasonable amount of time.

Application: a picture frame, hung on the wall, where you want to be able to provide spot lighting for the picture but don’t want to run wires to it.

Posted 10 months ago
Dad, you smell like science.

— My four-year-old daughter

(Perhaps my proudest moment as a parent. She said this after I’d been working with etching chemicals for a few hours.)

Posted 10 months ago

Generating elliptic-curve keys in OpenSSL

  • Generate a key: openssl ecparam -name prime256v1 -out new-ecdsa-key.pem -genkey -noout
  • Show the key just generated: openssl asn1parse -in new-ecdsa-key.pem
  • Generate the public key corresponding to the given private one: openssl ec -in new-ecdsa-key.pem -pubout -text -noout
Posted 11 months ago

paSSSphrase: safely store secrets for your successors

My latest GitHub project, paSSSphrase, was inspired by a recent Instructable about electroetching digital assets.


The basic idea is to split a strong passphrase among multiple shares according to Shamir’s Secret Sharing algorithm, then generate an inverted/mirrored image of the shares as QR codes. The image transformations make for an easy electroetching stencil.

So far I haven’t actually done this process for a secret I care about. But I thought electroetching was interesting enough to want to spend a few evenings working on it. I wrote up what I learned from my experience in the project README.

If you try this, let me know! (But don’t send me pictures, please, unless you want to share your secrets with me.)

Update: The poor man’s version is lines=( $( LC_CTYPE=C </dev/urandom tr -dc ‘[:alnum:]’ | head -c32 | ssss-split -t3 -n5 -Q ) ) ; for line in “${lines[@]}”; do qrencode -o share-${line:0:1}.png $line; done. This version just spits out the shares as individual PNGs that you can print on regular paper. You can verify the results even if you don’t have a QR-code scanner with zbarimg —raw share-*.png | ssss-combine -t3 -q.

Posted 1 year ago

Ten Things I Believe About Bitcoin

  1. Bitcoin is not anonymous. The sooner everyone accepts this and stops saying otherwise, the better. Bitcoin is like cash, except every person you ever do business with writes down the serial numbers of each bill in a ledger that’s available to everyone forever. That’s not what most people would call anonymous.

  2. Bitcoin will not stick it to The Man. It’s romantic to think that Satoshi invented a parallel world where we can lead normal lives by day and rent nuclear-powered tax-free hookers at night. In the real world, MP3 singles are 99 cents, which represents 15 years of progress in the music industry. Bitcoin is probably the end of Western Union and money orders. It will lead to a day of reckoning for Mastercard/Visa,, and PayPal. It is not, however, the harbinger of your libertarian utopia.

  3. The final number of Satoshis is numerically capable of representing the amount of all the wealth in the world, in U.S. dimes. It is also true that I can write a personal check for $999 billion if I write narrowly enough in the little box. These are useless facts. Stop repeating them. The currency has more than enough precision for any practical purpose. If it doesn’t, it’s easy to fix in code.

  4. If Bitcoin represents just 1% of 1% of the total world’s wealth, each Bitcoin will be worth about $1,000. And if the novel I’m writing gets finished, then gets published, then makes it to the Amazon Top 100, I’ll make a pile of money. This is useless conjecture. Stop repeating it. For Bitcoin to succeed, it needs more time, more infrastructure, more acceptance, more smart people paying attention to it, and a huge amount of luck. This would be true no matter how big the world was.

  5. Bitcoin will be responsible for at least one suicide in the next five years. This is an evocative way of saying that end users are not capable of managing private keys. Even users that are capable enough sometimes have shit happen to them. The penalty in either case should be something less than irrevocably losing their entire life’s savings. Solving this problem is possibly the largest Bitcoin startup opportunity today.

  6. Bitcoin will be responsible for at least one murder in the next five years. This is an evocative way of saying that irrevocable transactions are not appropriate for every situation. Banks, credit-card companies, and many other entities in the financial industry exist in order to allow customers to choose risk allocation (other than the default choices of zero and all). If you’ve ever disputed a credit-card charge, or stopped a bill payment, or reset your bank website password, or had a stolen ATM card replaced, or paid a penalty for overdrawing a check, then you’ve used the services that the financial industry provides you. And any of these — even if the fees for them were outrageous — is better than handling the matter directly with the other party to the transaction, if that’s even possible.

  7. Bitcoin is an interesting technology in the same way that TCP/IP is an interesting technology. The Internet could not exist without TCP/IP. Yet not a single Internet user in the world cares about TCP/IP. (Full credit to Brian Armstrong of Coinbase for sharing this analogy with me.)

  8. The early miners are wealthy in the same way that early Internet domain squatters were wealthy. Some of the domain squatters made amazing amounts of money with almost no intellectual work, and back in 1998, it was easy to feel like the gold rush was already over. But as with the Internet, the real wealth in Bitcoin will be created by people who figure out the right abstractions on top of Bitcoin that make an economy available, usable, and better than what we have today. Very few people are even close to doing this today. Who will be the Google of Bitcoin? Who will be its Cisco? Who will be its Akamai? Who will be its Facebook?

  9. If Litecoin or any cryptocurrency other than Bitcoin gains traction, then Bitcoin and all other cryptocurrencies will fail. No cryptocurrency today is sufficiently different from Bitcoin. If another of today’s cryptocurrencies succeeds, then smart people will realize that any modern cryptocurrency is subject to devaluation simply because it’s not the Flavor of the Week, and smart people will flee all cryptocurrency. Call this the weak version of the “Screw All This Coin Crap, I’m Selling” Theory. The strong version is that no cryptocurrency other than Bitcoin can succeed, because smart cryptocurrency believers will figure out the weak version on their own and avoid altcoins. This leaves only short-term speculators to put funds into altcoins, which means that altcoins are doomed to nothing more than spiky pump-and-dump cycles. Incidentally, this is at least one reason why Ripple will fail, which is too bad, because if they got rid of XRP and just made it a decentralized high-speed payment network and value store for Bitcoin, it might become an essential layer of the kind imagined in Things 5 and 6.

  10. Bitcoin might never take off in the United States, but it can still succeed. My country is busy chasing its tail over national health care, intellectual property theft, and rendition of domestic-spying whistleblowers, all and more in the name of fighting terrorism. Meanwhile, the world needs a currency to match the power of the Internet and ubiquitous mobile phones. A borderless currency is an essential ingredient to a worldwide information economy. Bitcoin can be that currency, even without uptake in the United States.

    In fact, that’s kind of the point. 

Posted 1 year ago

programming is terrible: Why your distributed social network will not work


Your post describes a ( ) protocol ( ) github repo ( ) manifesto ( ) kickstarter for a distributed social network.

Your idea will not work. Here is why it won’t work. One or more of the following flaws may apply to your particular idea.

( ) You think “if you build it, they will come”
( ) All of…

Posted 1 year ago

SSH keys on Git

Long ago on a Q&A site I used to frequent, I asked why GitHub didn’t let me associate a single SSH public key with two accounts. I had a work account and a personal account on GitHub, I wanted to use them both on one computer, and it’s a pain in the neck to get Git to use the right one of multiple SSH keys to connect to a single host. (It’s solvable; you have to change your ssh configuration to define different Hosts, each with a different key, that resolve to the same hostname, and then tell Git to connect to a Host rather than a hostname.) I imagined that GitHub should be able to say that if I’m connecting to Repository X with Key A, I’d be recognized as Person M, but I’d be recognized as Person N with the same key in Repository Y. Why couldn’t GitHub do this?

I got a perfectly reasonable answer right away on the Q&A site that GitHub uses SSH to tell who you were, so it can’t be done from a technical perspective. I found the answer wanting, though — why did GitHub use SSH? Why couldn’t the SSH identity map to a different concept? Wasn’t this SSH-owns-identity thing a big price to pay?

I got the answer while reading Pro Git. It turns out that Git doesn’t know anything about authentication, and SSH is the only practical wrapper protocol that allows write access to a repository. (The other protocols are local file access, the completely anonymous Git protocol, and HTTP, but none easily allows authenticated access.) So it’s likely that on a given server, the git process is running as “you” (whoever you are who ssh’ed into the server), and the sysadmin has set up standard Unix permissions on the .git repo directory to control who has read/write access. Thus Git read/write operations are automatically permitted or not without a single line of code in Git. Very Unix-y.

Does this mean that my original feature request (SSH Key A means you’re Person M in Repo X and Person N in Repo Y) is impossible? No; there is probably a way to map an SSH user to a specific machine user based on contextual clues like the directory you’re trying to access. But the way it is today, where SSH Key M means you’re Person M only and nobody else, is a lot easier from the perspective of someone hacking together a young service like GitHub and making a bunch of shell scripts that set access properly across repositories. Moreover, it avoids the edge case where Person M joins Person N’s company and now has access to Repo Y, so the already-weirdish heuristic to determine who you are breaks down. The higher-level solution GitHub came up with, Organizations, solves the problem more elegantly without requiring (or allowing) a single person to assume multiple identities on the system.

Posted 1 year ago

Serial console on Raspberry Pi

If you have a CP2102-based USB-to-serial adapter, it’s very likely to use 3.3-volt logic levels that are safe for your Raspberry Pi. I reviewed the datasheet for the chip, and any normal circuit using it would use the internal 3.3-volt regulator powered by the 5-volt USB bus, meaning that the I/O levels will be relative to Vdd (i.e., 3.3 volts).

A recap of an excellent tutorial explaining how to get a serial console on your Pi:

  1. Hold your unplugged Pi so the GPIO header is close to you on the right side of the board, pointing up.
  2. Connect the TXD pin of your adapter to the fifth pin from the right on the closest row to you.
  3. Connect the RXD pin to the fourth pin, right next to the other one. So when you look at your Pi, you should see the yellow RCA jack in the middle, then to the right of that eight empty pins, then TXD, then RXD, then three empty pins.
  4. On your real computer, fire up a serial terminal and connect at 115200 bps. On my Mac, that’s screen /dev/tty.SLAB_USBtoUART 115200.
  5. Plug in your Pi, but read this whole step first. I powered mine from my desktop computer’s USB port, so I knew both machines were sharing ground. If you’re plugging in your Pi from another power source, there’s a chance it won’t work because the two machines will have a different ground.
  6. You should see the kernel boot output appearing on your terminal. After a bit you’ll get the Pi’s login prompt, almost as if you were sshing into it.

Update: If you make it as far as the login prompt but see inverted diamonds with question marks and can’t type in the username, you probably have the flow-control settings wrong. According to, the default UART settings use no flow control. To fix this on Ubuntu, I installed minicom, then navigated to its serial-port settings and turned off hardware flow control (which was on). This fixed things for me. You can probably use stty to change the settings without using minicom.