Which FalseCrypt is the true Crypt?

technology 2015-04-07
TrueCrypt is pretty dead. We need some options here, and as far as I can see, there are only two three: * CipherShed. Currently a vanilla fork of TrueCrypt. * VeraCrypt. A fork of TrueCrypt with some fixes and improvements. * Keep using TrueCrypt. Neither of the two alternatives has had an official source code audit or anything. They are both open source. I will give a quick summary of the facts on both forks, concluding that I have no clue and will probably flip a coin roll a D3. Whether these facts are pro or con is up to your discretion.

CipherShed Facts

  • They are on github.
  • They seem dedicated. Meaning, the information on their homepage sounds like they thought this through.
  • Not much has happened yet, they only forked TrueCrypt.
  • There is only a pre-alpha version available, which I won't touch.
  • They do not have any licensing information at all.
  • Longterm Plans are a bit fuzzy, according to their wiki they want to
    • Secure the code through audits, simplification, and a secure architecture.
    • Migrate towards a OSI-approved licensed codebase
    • Work closely with existing efforts such as OpenCryptoAuditProject, LUKS, GELI, and tc-play.

VeraCrypt Facts

  • According to the author in this thread, VeraCrypt was first published on June 22nd 2013, so it has already aged a bit.
  • In fixing some of the security flaws in TC, they break backwards-compatibility. There is a conversion tool available.
  • They are on CodePlex and the software is under Microsoft Public License.
  • Binaries are available for download, cross-platform.
  • Most relevant longterm plan is the ability to encrypt Windows system partitions/drives on UEFI-based computers (GPT).

So. If you have additional information, let me know in comments or by eMail. I am rattled beyond my usual level of confusion as to what I should do. Currently, I will probably give the VeraCrypt binaries a test ride on some machine.

A nonzero polynomial with infinitely many zeros over a commutative ring

mathematics, remark 2015-02-09
Let $R$ be a ring and $f\in R[X]$ a polynomial with infinitely many zeros in $R$. You might think that $f$ is the zero polynomial, but that is not true if $R$ is not commutative, as this example of the quaternions shows. What about if $R$ is commutative? I didn't find a counterexample online, but it's easy to give one, and I found this somewhat enlightening. Consider the field $\mathbb{F}_2=\{0,1\}$ with two elements. The polynomial $f=X^2-X\in\mathbb{F}_2[X]$ has two zeros, namely $0$ and $1$. Now consider the Ring $R=\mathbb{F}_2^{\mathbb{N}}=\{ \mathbb{N}\to\mathbb{F}_2\}$. We can think of elements of $R$ as sequences $(0,1,1,0,1,\ldots)$. Now clearly, any such sequence is also a zero of $f$. So $f$ actually vanishes everywhere on $R$, which has infinite size, but $f$ is not the zero polynomial. The statement is of course true if $R$ is a commutative integral domain.

Ask Questions!

mathematics 2015-01-26
It has come to my attention that Mathematicians don't like to ask questions. The main reason seems to be that they are afraid of looking stupid. It has annoyed me for quite some time and it has several severe disadvantages for the field of Mathematics: * Students don't ask questions in class because it's very important to appear as though you have completely grasped and understood everything immediately. As a result, students learn less and get educated more slowly. Because in the end, it won't help you to only pretend you understood math. * Many fellow PhD students do not use their real name on pages like math.se and mathoverflow because they fear intellectual persecution if people were to associate their name with completely stupid questions. As a result, it's harder to get in touch and find out who is working on similar problems. Anonymity is fine, I am a big fan. However - if it's out of shame for intellectual curiosity that you remain anonymous, then something in that society needs changing. I believe that these are symptoms of a severe sickness that has spread in Mathematics and which is causing a chronical occlusion to our metaphorical vascular system of information flow. (more…)

How to publish ancillary files on the arXiv

mathematics, remark 2015-01-25
Hello, fellow applied mathematicians and computer scientists, hello also to all the brave physicists who use the [arXiv](http://www.arxiv.org/). Did you know that you can [publish source code and other ancillary files on the arXiv](http://arxiv.org/help/ancillary_files), along with your preprint? If you didn't, this must be great news for you. However, if you ever tried to actually do this, you *might* have been just as confused as me. It's actually quite likely that you were, because as soon as this blogpost has vanished from the front page, I am pretty sure that a google search is what led you here. > Ancillary files are included with an arXiv submission by placing them in a directory anc at the root of the submission package. If you are a novice to uploading files to the arXiv, like me, this might be confusing. What is the *submission package*? I only ever submitted a single $\KaTeX$ file! Well, let me put it straight for you. - In the directory with your .tex file(s), make a directory called anc. - Place all your source code and stuff in that directory. - Make a zip file containing all your LaTeX sources and the folder anc. - Upload that zip file to the arXiv. Trust me - everything will be fine.

g2Play sold my eMail

remark 2015-01-22
As simple as that. I registered at the website g2play.de some time back to buy a computer game cheap, and since I use fresh eMail addresses for each service where I register, I can say without a doubt that somehow, g2play leaked the eMail address I provided. I received targeted spam to that particular address today and there is no way this eMail address could have gotten into the hands of that spammer by any other means. Shame on you, g2play.

Binary Determinantal Complexity

code, mathematics 2014-11-11
My good friend and colleague Christian Ikenmeyer and I wrote this cute preprint about polynomials and how they can be written as the determinant of a matrix with entries equal to zero, one and indeterminantes. Go ahead and read it if you know even just a little math, it's quite straightforward. The algorithm described in section 3 has been implemented and you can download the code from my website at the TU Berlin. Compilation instructions are in ptest.c, but you will need to get nauty to perform the entire computerized proof.

Switching the switching of Keys!

code, technology 2014-11-03
I recently lamented about switching two keys on my new Lenovo Yoga. Big problem: In my office, I attach that notebook to a docking station and to that docking station I attach a keyboard. On that keyboard, all keys are precisely the way I want them to be. Therefore, I do not want to switch the Insert and End keys when I am docked. I ended up writing a little batch script based on this nice google code wiki entry for the registry update and this stackexchange answer to elevate the batch script: 
@ECHO OFF
NET FILE 1>NUL 2>NUL
if '%ERRORLEVEL%' == '0' goto run 
powershell "saps -filepath %0 -verb runas" >nul 2>&1
goto eof
:run
REG QUERY "HKLM\SYSTEM\CurrentControlSet\Control\Keyboard Layout" ^
 /v "Scancode Map" >nul 2>&1 
IF '%ERRORLEVEL%' == '0' goto remove
<nul set /p ="> adding scancode map "
REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Keyboard Layout" ^
 /v "Scancode Map" /t REG_BINARY /f ^
 /d 00000000000000000300000052E04FE04FE052E000000000 >nul 2>&1 
IF '%ERRORLEVEL%' == '0' goto success
goto fail 
:remove
<nul set /p ="> removing scancode map "
REG DELETE "HKLM\SYSTEM\CurrentControlSet\Control\Keyboard Layout" ^
 /v "Scancode Map" /f >nul 2>&1 
IF '%ERRORLEVEL%' == '0' goto success
goto fail
:fail 
echo failed.
pause
goto eof
:success
echo succeeded.
pause
Sadly, it always requires a reboot for the changes to take effect.

Bit Twiddling Hacks

code, mathematics 2014-10-04
I recently implemented an algorithm that has to perform checks on all subsets of some large set. A subset of an $n$-sized set can be understood as a binary string of length $n$ where bit $i$ is set if and only if the $i$-th element is in the subset. During my search for code to enumerate such bitstrings, I found the greatest page in the entire internet. If anyone can explain to me how computing the next bit permutation (the last version) works, please do.

Scott McKenzie all the way

mathematics, remark 2014-08-31
Even though this does not really constitute a post with substantial content, this is a blog after all, so I thought I'd let the 8 people who read it know that for the next six weeks, I will be attending a special semester on Algorithms and Complexity in Algebraic Geometry at the Simons Institute for the Theory of Computing in Berkeley. So. If you happen to be in the bay area, give me a shout.

Switching Keys!

technology 2014-08-25
The university supplied me with this really cool yoga 2 pro notebook and even though I have grown to like it, it does have some serious design flaws. I will not go into detail on all of those, but one problem is that they decided to put the End and the Insert key onto the same button, and to press End you have to simultaneously hold the function key, which is on the opposite side of the keyboard ((I am talking about the German Keyboard layout by the way. I realize now that I am quite possibly the only person on the planet with this problem.)). I personally need to press End quite frequently while typing text or code, while Insert is only required occasionally. To make a rather boring story short at the very least, I got myself SharpKeys, an open source tool which alters a registry key that is able to re-map keys as you see fit. It's quite awesome. Apparently, some people use it to turn off the capslock key. WHY THE HELL WOULD I WANT TO DO THAT?

Simple WordPress Update Script

code, technology 2014-08-07
I need to update this wordpress install every once in a while. There are lots of bash scripts on the internet that perform this task, and they are complicated beyond reason. This is what I use: 
function cfg {  
    grep $2 $1/wp-config.php | awk 'BEGIN {FS="[, )\x27]*"}; {print $3;}'
}

echo "> backing up database."
mysqldump --user=$(cfg $1 DB_USER) \
          --password=$(cfg $1 DB_PASSWORD)  \
          --host=$(cfg $1 DB_HOST)          \
          $(cfg $1 DB_NAME) > backup.database.sql

echo "> backing up website."
tar -cjf backup.files.bz2 $1
    
echo "> retrieving latest wordpress."
wget -q https://wordpress.org/latest.zip
unzip -qq latest.zip

echo "> updating wordpress."
rm -r $1/wp-includes $1/wp-admin
cp -r wordpress/* $1/

echo "> cleaning up."
rm -r wordpress
rm latest.zip
It takes a single argument, which is the name of your wordpress root directory. It backups your database to the file backup.database.sql and backups the files to backup.files.bz2, then it simply proceeds as described in the wordpress codex for updating manual. I do not see what all the fuzz is about.

Fresh Windows 8.1 Install on OEM Laptop

technology
When you have a Laptop with Windows 8.1 preinstalled, then you will find yourself having a hard time installing a clean copy of Windows 8 on said Laptop. That, however, might be desirable for various reasons and so I am telling you how it's done. In my case, I am doing it with the firm intention to encrypt the system partition with TrueCrypt Setup 7.1a, which requires me to have an MBR rather than a GPT. There are probably ways to change this in-place, but there's really no point because I want a clean install of Windows anyway. (more…)

Member Variables in Python

code 2014-07-27
Member variables in python are horrible. They are not visible in the layout of the class which is instantiated, but instead the __init__ function of a class creates certain member variables for the instance. I have never liked this about python, to be honest. For a recent project, I devised the following solution. Assume you would want this behaviour: 
>>> class test(Base):
...     # Variables
...     number = 4
...     string = "hodor"
...     # Functions
...     def stringmult(self):
...         return self.number * self.string
...
>>> test().stringmult()
'hodorhodorhodorhodor'
>>> test(number=2).stringmult()
'hodorhodor'
>>> test(string="Na",number=8).stringmult() + " - Batman!"
'NaNaNaNaNaNaNaNa - Batman!'
>>> 
>>> test(end="Batman!")
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ctypes.ArgumentError
>>>
In other words, any class that inherits from Base can be constructed with keyword arguments who must match exactly the correct class variables which you specify. This one does it: 
from ctypes import ArgumentError
class Base(object):
    def __init__(self, **kwargs):
        # "given" is the list of keyword arguments passed to the constructor
        # of this object, "needed" is the list of class variables which belong to  
        # the base class of the object which is being created, which do not end 
        # with two underscores and which are not a function. Trust me, we do not 
        # want to meddle with those.
        given = list(kwargs.keys())
        needed = [attr for attr in dir(self.__class__) if attr[-2:] != '__' \
             and type(self.__class__.__dict__[attr])!=type(lambda:0) ]

        # Check if keyword arguments have been provided which are not among the
        # required arguments and throw an exception if so. Remove this check for
        # a less restrictive base class. I wouldn't recommend it.
        if not set(given) <= set(needed):
            raise ArgumentError()

        # First, initialize the attribute dictionary of the object being created
        # with a list of default values, indicated by the values of the class 
        # variables. Then, update the attribute dictionary again with the values
        # provided to this constructor.
        self.__dict__.update({k: self.__class__.__dict__[k] for k in needed})
        self.__dict__.update(kwargs)
I personally like this approach a lot and hereby dare you to tell me even a single reason not to do this, in the comments.
Authors have copyrights. People say these things in footers.
All Hail the Great Yawgmoth, Father of Machines.