Stavros' Stuff

Angry rants of programming and other things.

Perfectly secure Bitcoin wallet generation

Generate your own Bitcoin wallet without a computer! Never mind

EDIT: I have been informed that BIP39 derives the last word from SHA hash of all the others, and thus needs a computer to generate the seeds. Thus, this post is moot and useless. I will leave the post here as a mahnmal, in the hope that someone will find something in it useful.

EDIT 2: After the initial failure, I decided to do the next best thing, and write a short program for the ESP8266 that will generate a random seed every time it boots up and print it to a screen. That should be a good compromise, scroll down to see it.

Being the geek that I am, I find Bitcoin fascinating (if only everybody focused on something other than the price!), and hardware wallets doubly so. If you haven’t heard of them, hardware wallets are small, flash-drive-sized devices that usually connect to a computer’s USB port and hold your wallet keys. That way, even if the computer you’re trying to send bitcoins from is riddled with viruses, you remain very secure and nobody but you can pay on your behalf. Unsurprisingly, I bought one! I was between the Trezor and the Ledger Nano S, but I decided on the Nano S in the end, as their platform looks more exciting, more secure and I was quite satisfied from the two HW1s I had bought for cheap at a sale.

However, since I’m in it for the technology and cryptoparanoia, rather than for any practical purpose, I find that hardware wallets have a few issues. For a short primer, a hardware wallet’s main advantage is that the keys are generated on the device and never, ever leave it, as whoever has the keys can spend your money. Since the keys never leave the device, though, you’re screwed if you ever lose it. To avoid that, wallet designers usually allow you to do a one-time export of the keys (many devices have a screen they show you the keys on), right after creating them. The export is usually a Bitcoin standard called BIP39, and is usually in the form of 12 or 24 everyday words, which you write down on a piece of paper, store it in your safe, and that’s all that’s needed to retrieve your keys if you lose the hardware wallet. No computer ever touches the keys, and you can sleep peacefully.

The problem

My problem, though, is that

Continue reading…

3D-printed breakthrough gives blind cat eyes

Meanwhile, cure for clickbait titles remains elusive

I have a cat! I’ve had her for a while. She kind of imposed herself on me when I saw her on the street one day when she was a one-month-old stray kitten (we have a lot of those here), and her eyes were closed, so I figured I’d take her home for a few minutes, wipe her eyes open and release her again, sight restored and able to fend for herself.

When I wiped the gunk away, it turned out she had no eyes! She had tricked me, and I couldn’t leave her on the street to die, so now I’m responsible for a damn cat. Apparently, cats can get chlamydia (did you know that? I didn’t), which can cause macular degeneration (did you know that means the eye literally melts? I didn’t), which she had.

She also had epilepsy, because of course no good deed goes unpunished. This is her:

Continue reading…

The Bus Stop Bus

The wheels on the bus get cut off to make room for a USB port.

A few years ago, I came across a post by John Graham-Cumming, in which he had used a router to run a bus arrival time display that basically showed the time that the next bus would be arriving at the bus stop closest to his house.

I thought that was a fantastic idea, and I especially liked the unorthodox choice of a router as a controller. The project stayed in the back of my mind, and it resurfaced recently, as I started dabbling in hardware. Since I’ve been looking for fun little projects to do, this one was quick and easy enough, so I started looking into it.

(By the way, this post uses Expounder, so if you want an explanation on words with a dashed underline, click on them)

Of course, if you’ve been reading my posts, you’ll know that my microcontroller of choice tends to be the ESP8266, and usually not a router. The ESP8266 is a microcontroller (basically a tiny computer with CPU, RAM, storage, the works) that includes a comfortable amount of memory and storage, is tiny, doesn’t need much power and has built-in wifi, which is extremely useful.</span> This was the obvious choice for this project as well, so I bought a small OLED screen from eBay and started

Continue reading…

Spamnesty: Waste spammers' time

Artificial Intelligence finally used for evil.

Have you ever received a spam email? If not, I would definitely recommend getting your own email address, the positives usually outweigh the negatives. For the rest of us, who have had an email address for more than two minutes, spam is a real problem. I’ve found myself wanting to reply to spam messages many times, just to see what would happen, and to waste spammers’ time a bit.

That’s why reading Brian Weinreich’s post Two years spamming spammers back resonated with me. The summary is that he built an app for his personal use which would reply to spammers and engage them in a dialog of canned responses, trying to string them along for as long as possible, leading to some pretty funny exchanges. That struck me as a brilliant idea, and I wanted to use it, but he had built it for his own use and it wasn’t well-suited for use by other people.

To that end, and because I had a free Saturday, I decided to rewrite the service and make it freely accessible to anyone, and so

Continue reading…

How to deploy Django with Docker

Finally, Django, with Docker, on production!

I finally managed to deploy Django in a Docker container on production! I’ve been trying to switch to a full Docker development/production model since Docker came out, but only recently did the ecosystem mature enough to allow me to easily use Docker both for development (where it excels, in my opinion) and on production (where it’s pretty okay and quite useful).

In this post, I will quickly give you all the relevant details and files you need to go from a newly checked-out repository to a full development environment in one command, and to deploy that service to production. As a bonus, I’ll show you how to use Gitlab (which is awesome) to build your containers and store them in the Gitlab registry.

Let’s begin!

Development

Continue reading…

Turning everything into a mobile phone: Redemption

Just puttin' phones in things that don't have phones in them.

If you have been following my erudite writings, you will know that I find great pleasure in taking things that don’t have computers in them and putting computers in them. I put a computer in a doorbell so I can order food, in a LED strip so I can play games better, an RC car so I can map out my living room, a room fragrance sprayer so… I can spray my room with fragrance, etc.

You will, of course, remember the iRotary, an old rotary phone that I turned into an amazing rotary mobile phone. You don’t? Well here it is:


You will also remember the irrigation controller that has the potential to revolutionize agriculture more than the Mesopotamian dude who said “I wonder what will happen if I put a bunch of seeds into the ground” 20,000 years ago but then was too lazy to do it. It probably won’t revolutionize it as much as his brother, who actually did it, but I’ll take what I can get.

Anyway, the problem with those two projects is that they use an Arduino, which is ancient 2014 technology, so they might as well be using a piece of flint on a stick. The iRotary prototype, more specifically, is a bunch of wires that I literally duct-taped on the Arduino because I figured I might want to use the GSM shield again (possibly to make an irrigation controller), so I’ve always wanted to improve on the two.

The obvious improvement would be to design a custom, extensible GSM PCB that I can program and easily solder to other things to make GSM-enabled devices, but who has the will, knowledge or time to do something huge like this? Well, I do, damnit, because I went and learned all these things while somehow managing to trick my girlfriend into believing that yes, I am spending enough time with her.

After the long and excessively meandering introduction, I am ready to take you through the detailed journey of how I made just that: A custom-built, programmable, GSM-enabled PCB, wrote the software for it and now make it available to you for free so you can make your own crap.

Let’s start!

The requirements

Continue reading…

A WiFi-enabled RGB LED strip controller

Ever wish your house lights could flash along with your game? Now they can.

A while ago, two unrelated things happened: I got one of those cheap RGB LED strips from Ebay, and I became interested in hardware hacking. If you aren’t familiar with the LED strips, they’re basically a long string of LEDs connected to a controller that usually supports an infrared remote control, which can be used to set the color and intensity of the lights.

When I started tinkering with hardware, I noticed a change: I started looking at common, everyday things around the house and thinking “I bet I could put a controller in that and write an API for it”. This led to a button that orders food when pressed, a rotary mobile phone, a wifi-enabled room fragrance sprayer (I haven’t written that one up, it was too simple), a self-driving RC car

Continue reading…

Provisioning your computer with one command: awesome

Seriously do this right now, it's amazing.

This post is about how I wrote a fantastically useful script. If you have multiple computers, you will be thanking me by the end of it. Bold words, but what I’m going to describe here is that good.

The problem

The problem is that, like many of you, I have multiple computers. I have two desktops and two laptops (I just like keeping my old computers, they work), and installing a program on one was always a hassle, because I’d then have to remember to install it on the others and configure it the same way. Not only that, but, when I sometimes had to reformat (for performance, or to solve a problem, or whatever), I had to spend ages getting all the programs and their preferences working just the way I wanted them again.

I needed a better way to do this, and this is the post where I describe that way and how you can do it too. Here it is:

Continue reading…

Building a cheap home sensor/controller

Sense light and motion in every room!

After designing my first PCB, I went on a designing spree. It turns out that making PCBs (printed circuit boards, basically a piece of plastic that includes all the connections of your components in it. It helps make your project smaller and cut down on the amount of wires floating around) is so enjoyable, I’m PCBing all the things! The next victim for PCBfication is a circuit I had originally built on an Arduino and subsequently migrated to an ESP8266.

The circuit is a home sensor and controller. It can sense light, temperature, humidity and motion, and includes an RF controller (at 433 MHz) and an infrared LED so you can control your TV and other home devices. In this post, I’ll go into some detail about the build and how it connects to other sensors and controllers around the house.

This post is also a test of my new Expounder concept library. Throughout the post, various terms will be underlined like this (with a dashed underline), and you can click on them if you’re unfamiliar with the underlined term. After clicking, some text will expand and explain the term.

Let’s continue to

Continue reading…

Open letter to Mozilla: Bring back Persona

What do we want? Mozilla Persona. When do we want it? None of your business!

It was on the news this mroing, Mozilla will stop developing FirefoxOS phones, and the top Hacker News comment really resonated with me. Sure, IoT is the future, and it would be great if we had more nifty stuff there (shameless IoT privacy plug), but these headlines make the bad taste that I’ve had in my mouth ever since Mozilla shuttered Persona stronger, and I can’t stay silent any more.

What Persona was

For those of you who don’t know, Persona was a private, decentralized authentication protocol that Mozilla developed. It’s pretty much those “Log in with Facebook” buttons that you see on some sites, except that, instead of Facebook, you just log in with your email provider. So, if you enter a Gmail address, you’ll be redirected to Gmail and be asked to allow the site to see your address, and you’ll be logged in, without Gmail ever knowing which sites you are logging in to.

Put all your eggs in one basket and stick the basket in Fort Knox.

This means that you’ll ever only have one password for all websites and applications. Many people point to this as a flaw, as someone with access to your email account can log in to any site you have an account on, but they miss the fact that that’s the case today. Anyone with access to your email account can simply reset any password on any site. The right solution is to make your email account very, very secure. As security people like to say, “put all your eggs in one basket and stick the basket in Fort Knox”.

Persona was (and still is) a great idea all around, and I would like to officially (that’s right, it’s official) urge Mozilla to reconsider its stance on shuttering Persona, because reasons. Reasons will be explained after a brief retrospective:

Continue reading…