Emacs Hydra for Music Control

Hydra is a hugely powerful framework for setting up key bindings in Emacs. When I first learned of it, I didn't really understand the use case, but after having built a few hydras to manage daily tasks, it's starting to sink in. A hydra is basically an ephemeral key mapping with pre-defined conditions for termination. For example, one key might execute a command, but retain the key mapping, while another is designed to execute it's command and restore the previous key mapping. I use Hydra to manage all my programming and project key accelerators, but it's also great for quick tasks that can come up at any time, like controlling music. Here's a hydra to manage Bongo, my preferred music player.

(defhydra hydra-bongo (:color blue :hint nil)
Bongo control
_l_: library     _p_: pause/resume     _s_: stop
_b_: back 10s                        ^^_f_: fwd 10s
_B_: back 60s                        ^^_F_: fwd
  ("b" bongo-seek-backward-10 :color red)
  ("f" bongo-seek-forward-10  :color red)
  ("B" bongo-seek-backward-60 :color red)
  ("F" bongo-seek-forward-60  :color red)
  ("l" bongo)
  ("p" bongo-pause/resume)
  ("s" bongo-stop)
  ("q" nil "cancel"))

(global-set-key (kbd "C-c b")   'hydra-bongo/body)

The default keybinds for library, pausing and stopping are all terminal (blue) heads, while the commands to seek forward and backward are non-terminal (red) heads. Why use Bongo instead of a regular desktop music player? Partly because manipulating libraries, playlists and music playback is much easier and more customizable from within Emacs!

One of the things that makes Emacs so unique and powerful is that workflows like this are easy to create, and make working a pleasure, instead of a chore, since everything you use often can be accomplished with such ease. It's a lot of fun.

KISS Launcher (Android)

I've used Android since the TMobile G1 came out, and I settled of Nova Launcher for years; it really offers more customizability and power features than any other launcher I've tried. As an experiment, I decided to switch the (FOSS) KISS launcher last month, and to my surprise, I've stuck with it. It offers very few features: it simply allows you to execute a substring search for and app name to launch it. It also searches settings modules and contracts, but it's quite disciplined in it's constraint, and I suspect I'll stick with it for some time.

Android Wear on iPhone

This is a major engineering achievement. So far, Pebble has been going it alone with dual OS support in the smartwatch world, so this is a big change for the smartwatch scene.

Handling of the 2013 Bitcoin Blockchain Fork

Bitcoin (the blockchain, really) is one of the most significant advances in computer science in the last decade. This piece on Freedom to Tinker is a in-depth looking at how the 2013 blockchain fork was resolved. It's notable that a fundamentally decentralized system benefited significantly by both centralized decision-making and hashpower. The lesson may be that we should develop and use systems that afford federation, but allow for centralization.

New Chosen-Ciphertext Attack over Airgap

This new chosen-ciphertext attack on common encryption software is really impressive:

We successfully extracted keys from laptops of various models running GnuPG (popular open source encryption software, implementing the OpenPGP standard), within a few seconds. The attack sends a few carefully-crafted ciphertexts, and when these are decrypted by the target computer, they trigger the occurrence of specially-structured values inside the decryption software. These special values cause observable fluctuations in the electromagnetic field surrounding the laptop, in a way that depends on the pattern of key bits (specifically, the key-bits window in the exponentiation routine). The secret key can be deduced from these fluctuations, through signal processing and cryptanalysis.

via Schneier on Security

Surveillance Aircraft

At the beginning of June, the Associated Press broke a story about a fleet of small aircraft registered to fake companies that are being flown over U.S. cities on a regular basis. The planes were traced back to the FBI, which has been identified as running operations in at least 11 states using at least 50 aircraft, logging around 11 flights a month.The planes carry high resolution cameras that photograph continuously, and in some (rare) circumstances, an IMSI-catcher, which tracks all cell phones (in use or not) in the area visible to the aircraft as it flies (cell phones use line-of-sight frequencies, by and large).

When the story first broke, I wasn't sure what to think. Having just read Nothing To Hide and Data and Goliath, privacy issues were fresh in my mind. Today, I got the chance to listen to a RadioLab episode called Eye in the Sky, about a company called Persistent Surveillance Systems which flies small aircraft over urban areas. The episode gives rare insight into not only how the technology works, but also how citizens (and reporters) respond to it when they grow to understand it.

The technology was tested in in Dayton, OH, and the test went well, demonstrating that the planes could be useful in fighting crime. The subsequent town hall meeting that was held to discuss the adoption of the technology did not go very well, however. Some citizens of Dayton were concerned about being watched all the time, everywhere they went. As a result of that meeting the police in Dayton did not adopt the technology, but may in the future. But the citizens got a voice, and there was a discussion.

It would be surprising if the FBI were not using technology that is largely identical to what Persistent Surveillance Systems uses, though probably more invasive, given their use of IMSI-catchers. The fact that there has been no public discussion of the use of the technology, and that the FBI has taken extensive measures to hide their use of the planes as tools of mass surveillance over United States cities is concerning. It seems reasonable to expect that the citizens of a democracy should have a say in how law enforcement operates, and should not be intentionally deceived by law enforcement agencies.

If you're interested in this kind of stuff, be sure to give the RadioLab episode a listen.

Copyright, Music and the Internet

I wanted to pen a long post discussing Cory Doctorow's Information Doesn't Want to Be Free: Laws for the Internet Age and how it relates to Taylor Swifts two-day-old yet now-famous letter to Apple. As is often the case, Mike Masnick wrote up my thoughts better than I ever could. Although I only just started Cory Doctorow's book over the weekend, I am amazed by how well he articulates subtle issues surrounding copyright and the internet. I highly recommend giving it a read if you're interested in the subject matter.

Single Point of Failure

One argument against having the government develop dossiers on every citizen en masse is that it introduces a single point of failure: if that repository is breached, all data is compromised in one swift stroke. This phenomenon is nothing new. Insurance companies have detailed information about the insured, and those repositories have been targeted, as we saw earlier this year in the Anthem attack that compromised the information of 8.8 million people. The government also collects lots of information on workers that it gives security clearances to, naturally. The information is quite detailed for a Single Scope Background Investigation, and that information is compiled into an 127-page SF-86 form (pdf, if you're curious). It turns out those forms were compromised in the latest attack made by China on U.S. government databases. Decentralized systems are more robust because they avoid a single point of failure, and can still authorize parties to retrieve information as needed. One project that trends in this direction is Unhosted, which separates the concern of hosting the application from the concern of storing the data. ReadWrite has an explanation of the architecture.

Amazon CA

Looks like Amazon is going to be a CA, and not just for users of AWS or other Amazon services. Companies like Google and Yahoo have been taking bold steps to provide encrypted email, and Let's Encrypt looks like very promising project to provide free SSL certs to everyone. Apple's Tim Cook has publicly stated that encryption is vital, and was joined shortly thereafter by the UN. I'm excited to see Amazon joining in.