These are most of the books I read (and kept) from 2016. Skip Blockchain Revolution. It reads like a collection of headlines taken from blog posts.


Top three on the shelf are (in no particular order):

  1. Disrupted, Dan Lyons
  2. Eccentric Orbits, John Bloom
  3. A Burglar’s Guide to the City, Geoff Manaugh

Top fiction this year was:

  1. Version Control, Dexter Palmer
  2. Mister Monkey, Francine Prose (not pictured)

Petition to the White House on Strong Encryption

Recently, I signed a petition to the White House asking the President to publicly affirm his support for strong encryption. The official response was:

Thank you for signing the petition on strong encryption and speaking out on this important national debate. As the President has said, “There’s no scenario in which we don’t want really strong encryption.” It is critical that the government, the private sector, and other experts regularly engage to understand the impacts of encryption on national security, public health and safety, economic competitiveness, privacy, cybersecurity, and human rights around the world.

This conversation about encryption is also part of a broader conversation about what we, as a nation, can do to fight terrorism as it evolves online. That is why, in his address to the nation on Sunday, the President reiterated the Administration’s call for America’s technology community and law enforcement and counter-terrorism officials to work together to fight terrorism. American technologists have a unique perspective that makes them essential in finding new ways to combat it. They are the best and most creative in the world, and we need them to bring their expertise, innovation, and creativity to bear against the threat of terrorism.

This week, administration officials will sit down with the creators of this petition to hear directly from them about their priorities and concerns.

We also want to hear from you. Share your comments and questions here, and we’ll report back after the meeting.

This is a critical conversation, and we want to hear from as many voices as we can.

Thanks again for your participation in We the People.

Ed Felten
Deputy U.S. Chief Technology Officer

Michael Daniel
Special Assistant to the President and Cybersecurity Coordinator

This was my response:

My concerns regarding strong encryption are largely captured by the recently published “Keys Under Doormats” paper by Harold Abelson, et. al from MIT. I agree with their three main points that requiring a backdoor/weakening encryption is counter to the current trend in making the Internet more secure, adds complexity, and increases the potential for security breaches.

Encryption is an important tool to increase the security of data. With recent security breaches, such as the one from the Office of Personnel Management and other private companies, it’s evident that we as an industry and as a nation need to improve our security technology, not weaken it.

I recognize the claim by law enforcement that encryption is frustrating them. As “Keys Under Doormats” suggests however, there are many practical and technological reasons why weakening encryption is not the answer. I’d like to provide an additional moral one. As a Navy and Afghanistan veteran, I volunteered to serve this country because I believe in the core American values. By weakening our encryption technologies, we would not only cause damage to our our digital protection systems but we would compromise our core believe in freedom out of an understandable, but largely sensational, feeling of fear.

discerptor, n.

A person who pulls something apart; a person who divides or separates something.


Brit. /dɪˈsəːptə/ , U.S. /dᵻˈsərptər/
Etymology: Probably partly < post-classical Latin discerptor person who separates something (1748 in the passage translated in quot. 1854; already in 14th cent. in sense ’adversary’), and partly directly < classical Latin discerpt-, past participial stem of discerpere discerp v. + -or suffix.(Show Less)

Now rare.

Source OED.

I upgraded this blog’s theme to Hemingway Rewritten. It had been two years since I last changed it and I had been looking for a new theme. It’s a nice, minimalistic theme and plus when you scroll down there’s a nice bounce on the header image. 🙂

I have a few projects spinning and I’m trying to get caught up on my blog. The next post will be about upgrading the BeagleBone Black to kernel version 3.13. Also, much of my time has been spent preparing for the release of the CryptoCape. I’m hoping it’ll be ready by the Denver Maker Faire, at which I’ll be manning the Cryptotronix booth. If you are in the area, I highly recommend you check it out (and come by and say hi).

Hashlet version 1.0.0 released


I’ve released Hashlet version 1.0.0. Once Savannah updates the mirrors, you can download the release here. If that site is not live, the tagged 1.0.0 release can be obtained from GitHub.

The reason for the major version bump is that the i2c bus is no longer a required parameter. It is assumed to be /dev/i2c-1 but can be changed with the `-b option.

The biggest feature added is the ability to import keys onto another device. So, say you have one personalized hashlet and want to “clone” the keys onto another. When you personalize the second device, use the command: hashlet personalize -f keys.txt. (backup the ~/.hashlet file first!)

Now, you can run the mac command on one device and the check-mac on another for verification.

There are some features, that unfortunately, are only available for NEW hashlets (i.e. ones that have not be personalized). Due to…

View original post 69 more words

Helpful AVR Pocket Programmer Script


The CryptoCape has an AtMega328p and I’m working on getting the crypto library NaCl running on the micro-processor.  Peter and Michael, the authors of the paper, have been extremely responsive and helpful as I’ve been bugging them 🙂 I quickly realized that the AVR Pocket Programmer is a very nice way to flash a “naked” ATMega328p (or a full Arduino Uno).  But, when using various sketches, it’s nice to have a script with avrdude that is easily invoked from the command line.

I’ve added this blurb to my .zshrc:

Flash the sketch with pp Blink.cpp.hex.

Hardware Details

For the DIYers out there, I used the schematic from SparkFun’s Redboard for the wiring example.  The ISP-6 pin reference is below:

ISP 6 way pinout

Happy Hacking!

View original post

Atmel’s ATSHA204 helps secure the BBB

The Hashlet made the Atmel blog!

Atmel | Bits & Pieces

Hashlet – an authentication device embedded on a mini-cape – is specifically designed to secure the BeagleBone Black (BBB). 

Powered by Atmel’s advanced ATSHA204, the mini-cape functions as an external hardware random number generator, performs the SHA-256 algorithm in hardware and is capable of storing up to 16 256-bit keys in write and read protected memory.

Manufactured by Cryptotronix, the device is packaged with free software (GPLv3) that provides an easy to use Command Line Interface (CLI).

“The Hashlet is assembled and tested by Cryptotronix prior to shipping,” the Cryptotronix crew explained in a recent product post.
”Simply slip the board on the top of the expansion header and the device is ready. The device uses /dev/i2c-1, which is enabled by default so there are no device-tree files that have to be installed.”

Random numbers (data) are easily generated with a single line command, while creating and verifying a…

View original post 303 more words


The slides from my lunch-and-learn at SparkFun are now available on SpeakerDeck.  For those who missed the announcement, check out the news post on SparkFun.  There is a brief crypto primer, a detailed look at BeagleBone cape device trees, an introduction to the CryptoCape, and some submarine pictures. Submarine stories always go over well and kids and adults always ask the same questions: Where does the poop go? Are their windows? Do people go crazy onboard?

There are plenty of links to BBB cape resources and the mentioned YouTube videos are extremely helpful.

At SparkFun, I was working mainly on the CryptoCape, a BeagleBone Black cape that has numerous Crypto ICs and other building blocks. The part list is finalized and it will contain:

There is plenty of proto-space on the board to add additional…

View original post 140 more words

External hardware random number generator for the BeagleBone Black


The Hashlet software is scheduled for beta release on January 1st! It’s been a busy month preparing the software and hardware, but it’s finally coming together. I’m waiting until I have a releasable Beta before making the hardware available for purchase. The Hashlet is a secure authentication device that performs the SHA-256 algorithm in hardware. It also stores 256 bit keys in its EEPROM, which can’t be read once written. This enables a keyed hash ability with a Message Authentication Code (MAC), which provides message integrity and authenticity. In the rest of this post, I’ll walk you through how to personalize the device and how to use the hardware random number generator.

The Hashlet ships in a factory state, meaning that unique keys haven’t yet been loaded. This is important because I do not know your keys!. You should verify that the Hashlet is in its factory state upon…

View original post 264 more words

Upgraded to Creative Commons v4.0

Perhaps some don’t get that excited over a license upgrade, but I’m happy to announce that I’ve upgraded the license of my blog to version 4.0 of the Creative Commons license!  If you’d like to generate a license for you work, you can go to the CC license generator and get one.

Creative Commons licenses (copied from About Creative Commons):

provide a simple, standardized way to give the public permission to share and use your creative work — on conditions of your choice. CC licenses let you easily change your copyright terms from the default of “all rights reserved” to “some rights reserved.”

Creative Commons licenses are not an alternative to copyright. They work alongside copyright and enable you to modify your copyright terms to best suit your needs.

If you write, draw, paint, or create and want to share your work, consider a Creative Commons license and support free culture.