today i’m listening to “prelude” by “the noisy freaks”, the first track in the album “straight life”. (ha.)

there’s a quiet piano opening, and like, that’s always going to elicit a response from me. for most of my life, piano has been a really big thing. there’s almost always been one in my house, wherever i’ve lived. there was a short time between moving out of my family’s house when i was 18, and then spending my first pay cheque on a digital piano. maybe 3 months. i’ve taken that piano with me ever since, so literally 3 months in 27 years have i been without a piano at my disposal.

it’s .. wistful music? it makes me feel reflective. there’s some synth stuff going on, the key isn’t happy or sad so much as contemplative. the energy picks up, for sure, but it mostly propels my thoughts along the same lines rather than changing tracks. again, i’m drawn to expressing how i’m neither happy nor sad nor neutral, but in a different place; maybe a different time, as my thinking reaches into the past.

even the name “prelude” evokes something. on the one hand, it’s the first track of the album. the last track is called “outro (bonne nuit)”. it’s not exactly difficult to work out what’s happening. but in terms of my relation to the music .. well, it’s talking about a beginning, right? and so while it encourages me to think into the past, the best thing you can do with that is to take what you’ve learned and apply it to the future. in this sense i feel like this kind of music is preparatory, consolidatory (is that a word? it is now.), asking you to grow up, to accept your mistakes, and to not repeat them.

it may be that these feelings the music evokes are unique to me; like the piano opening, instruments and samples used throughout bring me back to earlier times in my life, automatically drawing my thoughts across the span of time from then until now. it’s a vaguely retro/90’s-themed album, though, so maybe that’d hold for a bunch of people my age who had similar interests to me.

there’s something haunting about it. maybe reflection is always haunting, revealing the indefatigability of time itself, how we can never wind it back, how there’s no turning away from the future. damn it, i really cannot help but be morbid, even with a perfectly lovely piece of music.

but perhaps it’s not morbidity so much as radical acceptance of what life is, and with that comes the ability to hold a greater appreciation for every little moment.

i got a lotta feelings about my apartment, folx.

when i think about it, i first and foremost think of all the other people who have passed through it. as you know, i’m a people-centric kinda girl.

there was kairi, whom i moved in with first. then hazel. then imogen.

y’know, that’s not actually that many.

of course, a lot of bad shit has gone down here. more than one suicide attempt, but one in particular that will stay with me forever. the incredible tension that has existed within these walls when things weren’t working out with me and a partner. (fucking pro-tip to ashe: do not live with a partner. not for a long time. it does not work.)

but there’s been a lot of good too. excluding those already-mentioned, i’ve had five other partner(?)s stay the night, and it usually has been mostly just relaxing together, listening to music and enjoying each other’s company. it’s almost always been pleasant. i’ve worked at github since before moving here, so it’s always been my place of work, which has for the most part been a steady and stabilising part of my life. i’ve had friends over to play games and have food. friends with their animals, sometimes. i cat-sat milton here. it wasn’t that long after moving here that i started therapy with my current therapist and finally got past the worst of my panic disorder.

there’s been a lot of self-discovery. a lot of self-implosion, too, and that’s always hard to face. there’ve been sleepless nights and more restful ones. some nights where i’ve felt hollow to the core, and some days where i’ve felt like life was full of meaning and wonder.

i don’t know what’s to come. i struggled to reclaim this space as my own after everything with imogen earlier this year, but the last week has seen me go from hermitude in the study to spending time all over the apartment again, and enjoying it. i’ve let go of something. i still don’t know if i’ll want to remain here by year’s end when the lease expires. joni’s suggestion was that moving might itself be unsettling, and i can sympathise with that view point. on the other hand, a fresh start might be valuable.

we’ll see how i’m feeling then.

it’s time for some “twinings pure green tea”. i made it with 98° water.

the mug is really pleasantly warm. it’s a little cool inside and i’m wearing my fingerless gloves, so i can cup it in both hands and feel the heat radiate. steam’s rising from the cup, and that’s an impossibly relaxing thing to see and feel as it brushes your face.

as it steeps the lightly stringent aroma begins to develop. my neck or throat is a little sore so taking that first sip is a little more difficult than i’d have expected. it’s still steaming hot, maybe 90-ish degrees, and the flavour barely comes through. at times like this, all you can do is keep smelling the roses. or the camellia sinensis, as the case may be.

blow a bit on the tea and the steam rushes to fog up your glasses.

i’m still struggling to taste it, and i don’t think it’s because it’s too hot. my taste buds might be a little out of it today. but one thing never fails: you let the tea flow into the back of your mouth — not yet swallowing, but letting it sit there and stimulate the taste buds at the back of your tongue. the bitter notes come out. works every time. the more bitter the tea, the more i love to do this — it’s like finally getting the full experience. (in reality, what’s probably happening is that it’s just stimulating more of your taste buds. the taste bud “map” suggests the bitter ones are at the back of your tongue, but that’s been thoroughly debunked.)

my throat is really getting quite sore by this point, and the tea isn’t something i’m very much able to focus on, or be mindful of. but it’s worth trying; when the going gets tough, etc. etc. it’s cool enough now (probably 70°) that i can take a relatively big sip and just hold it, swish it around my mouth. the temperature difference is really wonderful. it reminds me of a hot shower.

the blanket on top is red, soft, velvety. i don’t know what it’s made of. it’s the kind of material that isn’t especially thick, but feels warm. too warm under it and you sweat easily for some reason.

i think it came from kairi, it rather, that she brought it with her with belfast and then didn’t want to take it with her when she moved out. almost everything like that i’ve gotten rid of, donated, given to a friend. but not this. not because it reminds me of her. it’s just a really nice blanket.

there’s a purple blanket underneath it. same size, purple not red, and just a slightly different material. i’ve been snuggled up in it in many different places; couches, chairs, beds. it doesn’t mean anything specific. it’s just a nice blanket.

under that, a sheet. i had no idea you were “supposed” to sleep under a sheet for most of my life. i didn’t understand the concept of flat sheets whatsoever; fitted ones worked better, so why did they exist? it’s microfibre or some fancy word like that, which is another way of saying $20 at woolworths.

this place feels like something i’ve slowly reclaimed.

hypomania: “a mood state characterized by persistent disinhibition and elevation (euphoria). […] According to DSM-5 criteria, hypomania is distinct from mania in that there is no significant functional impairment; mania, by DSM-5 definition, does include significant functional impairment and may have psychotic features.”

this is kinda a thing that keeps occurring to me on and off, as you’re aware. i wanted to try to describe the subjective experience. because it’s a mood state defined by a set of symptoms, i’ll do so according to the list of criteria.

pressured speech: i’m fucking talkative lately. i can’t stop expressing myself. i tweet a lot and i talk a lot, but inside my head when i’m alone it’s like a freight train. the thing is, it feels good. it feels like i’m putting together some unified theory of the world and psyche and essentially every damn thing i’m talking about, like it All Makes Sense™. the desire to keep talking and theorising is fuelled by this sense that i’m making sense of things, and that if i keep doing so, i’ll have made sense of everything.

inflated self-esteem or grandiosity: my self-image is really good lately. this isn’t a bad thing in itself, but it contrasts to my baseline of “this is fine”. i feel much more associated with my body, much more accepting of it, and i’m much more willing to express the idea that i’m good or even excellent at certain tasks. similarly, i have less qualms with putting myself out there.

decreased need for sleep: this is pretty simple. lately i’ve not been tired, have had trouble falling asleep if i’ve gone to bed early (e.g. with you), and still not been tired in the morning when i wake up.

flight of ideas or the subjective experience that thoughts are racing: see ‘pressured speech’. it feels like everything is related.

easily distracted and attention-deficit: this one hasn’t hit me as much, subjectively, though i have struggled to accomplish much work-wise lately.

increase in psychomotor agitation, or occasionally in some, increased irritability: maybe.

hypersexuality: from ace to 8 hours of fucking in 48 hours. yeah.

involvement in pleasurable activities that may have a high potential for negative psycho-social or physical consequences: yes. there’s the whole 8 hours of sex with someone you just met thing, but i’m willing to excuse that as simply queer life sometimes. but we didn’t use any protection! hello disinhibition. :/

i need “elevated mood” plus three of those for the DSM-IV-TR definition. i have elevated mood plus six, so …

today i’m looking at my laptop. it’s covered in a variety of stickers and there’s a lot of history recorded in them.

honestly, i’m not a fan of keeping history around; i don’t mean “delete or trash everything a day after it’s gone” — i like to hold onto things for as long as they’ve held their relevance. but in a habit i picked up from marie kondo, once something has served me in life, i appreciate it one last time and then move on.

i used to hang onto everything. starting from when i was 12, i’d hang onto every text document i wrote or acquired, every picture i downloaded, every project i worked on, every piece of music, everything. when i’d get a new computer or reinstall an OS, i’d collect them all into a folder (usually called “old” or “archive”), and stick in my new, empty documents folder. next time, i’d do the same. up until last year you could go through the onion layers of “old” folders, reaching further and further into my history, right back to when i was 12.

preserving this was an effort, because i’ve had how many new computers, how many reinstalls in the last 15 years? but it felt like something had to do to, like throwing that away would violate a sacred principle i lived my life by. turns out that principle was OCD.

so, this laptop. the cats in the top-left corner were sent to me by my coworker aaron. he’s kind of a Big Deal in the ruby and rails communities, so when he tweeted about sending these to anyone, i DM’d him on slack and was like “omg would you??” and he just mailed me out an envelope full of them. i was ecstatic, so they went straight on my laptop. (there’s one in the front cover of my diary too.) now it’s kind of surreal that we’re “friends” who video call every week.

there’s a variety of work related stickers without much backstory: the four big octocats along the middle line, the vinyl octocat covering the apple logo, the pride octocat. they are what they are. this is a work laptop and it seemed appropriate. same with the git and the datadog (purple woofer up top) stickers.

there’s a bunny sticker on opposite corners. they were from a sticker set i got to give to kairi. there were others but i removed them because of all the negativity they were associated with. but i couldn’t bare to drop the bunnies.

the bottom-right corner is the logo of my favourite band, school food punishment, now disbanded. it came with a limited-edition cd release.

“gender is not binary” is actually from a member of parliament in nsw (!). she sent them and a bunch of other stickers out. that was pretty cool.

idk why i have the slack pride one. whatever. more rainbows on a laptop is always good.

there’s two stickers from github constellation, an event held last november in melbourne where i attended as staff. they were handing those stickers out. one is the octocat “constellation” on the bottom of the laptop. the other was a grim reaper (!?), which i’ve covered with the “invasion day” sticker. i covered it because it was actually really grim: that night was the one i was raped. a bit too much to leave a literal grim reaper sticker from that night on there, y’know? whereas i support indigeneousx on patreon.

“be pawsitive”. cute furry artist put these together. my keys have a little charm of the same design on them.

finally, the bunny girl drinking a milkshake. it’s from a LINE sticker set i used with emma a lot.

there’s a lot i’m ready to move on from with this laptop. it kinda documents the last 2 years of my life, the 2 years i’ve had it. i’m giving it to a friend when my replacement laptop arrives, which is pretty soon.

There’s my diary on the desk. It didn’t start out that way; it was a bullet journal originally. It’s a Moleskine, since those are the fancy diaries with the dotted grids suitable for bullet journals. I think the covers are leather. Oh well. I bought this years ago. At a guess it has .. 180, 200 pages? I’m up to page 158 right now. I number them myself. I’ve only ever used two different types of pens in it, both made by the same Japanese pen company, Zebra. I can’t say I know for sure why I’ve chosen that pen company as “my” pen company, but I have.

It has a little tassel attached to it to use as a bookmark. I keep the current day marked.

The paper is slightly yellowed, with a grid of light dots, maybe 8mm apart in both directions. It’d probably be good for playing grid-based paper games, but that’s not what I use it for. At a guess I’d say it was 70~80gsm. Good, strong paper, without being bulky.

For a while I maintained an index on the first page, in true bullet journal fashion, with page references for months, and a yearly overview for each year as it happened, three months to a page. Turns out that wasn’t actually useful to me. Likewise, it was purely a daily todo list and short bullet points on things that happened in a given day, if I felt it was exceptional enough to mark it.

The beginning was November 2016. I wasn’t doing too well then. “Diazepam helped alot.” “Fucking chill.” “chill” “relax about life a little” “Feeling a bit underappreciated” (NB. this was almost certainly the understatement of the year.) The tone is rarely positive, and when it is, it feels fabricated. There’s a lot of self-reassurance that things will be okay, and reminders to try to provide reassurance to my partner that things will be okay. “Panic attack all morning.” “Didn’t get any work done.” Sometimes there’s an upturn. “Feel better as the day has gone on.” Then there’s a downturn. “Last night she was very suicidal.”

If I jump 60 pages ahead, the tone has changed significantly. “Sun feels so good!! aaaaaaaaaaa” “GOD I LOVE BUNNIES” “feeling pretty fine w/ new hair”. The style of the journal has changed, and it is much more a diary. Short dot points of a day’s events give way to entire pages of solid prose, feelings I can now express.

Further months pass and days wax and wane, grow thicker and thinner. Sometimes it’s thin because I’m too busy to write, other times because I’m too depressed to. Sometimes it’s thick because I have too many negative emotions, other times too many positive events to detail.

A lot happens in 158 pages.

Note: this is a pretty long article which does a deep dive into breaking some amateur crypto. I go on for quite a bit. Make a cup of tea before reading, and get ready to read some code!

introduction

Everyone knows it. Rolling your own cryptography is a terrible idea. Here’s Bruce Schneier writing about it in 1999. Here’s an excellent answer on the Infosec Stack Exchange about why you shouldn’t do it. Here’s another Scheiner post with an excellent opening sentence.

This, then, is a post about a broken homegrown cryptosystem; namely, that used in CodeIgniter, pre-2.2. This version was current until the release of CodeIgniter 2.2, on the 5th of June, 2014, and you can still find sites on it today.

The attack described in the post depends on a lot of things to go right (or wrong, if you will); it’s not just that they used a bad cipher, but also the fact that they rolled their own session storage, and implemented a fallback, and a dozen other things. This is probably typical for most bugs of this class; a bunch of bad decisions which aren’t thought through find their logical conclusion in complete insecurity.

Let’s get into it!

I use Snapchat. It’s an app where you can take a photo or short (< 10 second) video and send it to your friends who use the service; they’ll then be able to see it, once, before it disappears forever.

Ostensibly, the app is for sexting, because there’s no fear that your photo will get spread around (no forwarding/etc.) or retained for longer than you’d like, but it seems like it’s not as much a sexter’s hangout as the media might want you to think.

My circle of friends use it basically as an extension of weird Twitter – most snaps I send and receive are strange angles of weird objects; the completely mundane but somehow therapeutic (7 seconds of the camera pointed outside the window of a tram, pointed at the ground moving below); or just closeups of Curtis Stone’s face, wherever we see him.

Of course, the promise that they won’t get retained is just that: a promise. Since your phone receives this image and shows it to you at some point, it must be downloaded by your phone. If it can be downladed by the phone, it can be downloaded by something else. We decided to find out how.

As programmers, we spend a lot of time just carting data from one place to another. Sometimes that’s the entire purpose of a program or library (data conversion whatevers), but more often it’s just something that needs to happen in the course of getting a certain task done. When we’re sending a request, using a library, executing templates or whatever, it’s important to be 100% clear on the format of the data, which is a fancy way of saying how the data is encoded.

Let’s do the tacky dictionary thing:

encoding (plural encodings)

1. (computing) The way in which symbols are mapped onto bytes, e.g. in the rendering of a particular font, or in the mapping from keyboard input into visual text.

2. A conversion of plain text into a code or cypher form (for decoding by the recipient).

I think these senses are a bit too specific—if your data is in a computer in any form, then it’s already encoded. The keyboard doesn’t even have to come into it.