From 26478e2add2402a3aae9a16296e8668459cb02e6 Mon Sep 17 00:00:00 2001 From: Michael Zhang Date: Mon, 7 Feb 2022 16:41:38 -0600 Subject: [PATCH] I don't want to be loweercase anymore... --- config.toml | 2 +- content/_index.md | 2 +- content/about/_index.md | 8 +------- content/posts/2018-02-01-my-new-life-stack.md | 2 +- content/posts/2018-02-25-cleaning-up-your-shell.md | 2 +- content/posts/2018-04-23-fixing-tmux-colors.md | 2 +- content/posts/2018-05-28-web-apps.md | 12 ++++++------ .../2018-10-26-twenty-years-of-rsa-attacks.md | 10 +++++----- .../2019-02-01-magic-forms-with-proc-macros.md | 10 +++++----- content/posts/2019-03-04-server-analogy.md | 2 +- content/posts/2020-04-01-password-managers.md | 2 +- content/posts/2021-06-17-tracking-links.md | 2 +- .../posts/2021-07-05-https-request-from-scratch.md | 2 +- ...2e-encryption-useless-without-client-freedom.md | 14 +++++++------- content/posts/_index.md | 2 +- content/projects/_index.md | 2 +- layouts/home.html | 4 ++-- 17 files changed, 37 insertions(+), 43 deletions(-) diff --git a/config.toml b/config.toml index b381f39..2db8a33 100644 --- a/config.toml +++ b/config.toml @@ -1,6 +1,6 @@ baseURL = "http://example.org/" languageCode = "en-us" -title = "michael's blog" +title = "Michael's Blog" enableGitInfo = true [taxonomies] diff --git a/content/_index.md b/content/_index.md index 0243813..9363053 100644 --- a/content/_index.md +++ b/content/_index.md @@ -9,7 +9,7 @@ distributed systems. [SIFT]: https://www.sift.net/ -## contact +## Contact - Email: `b64d(bWFpbEBtemhhbmcuaW8=)` - PGP Key: [`925ECC02890D5CDAE26180D4BDA47A31A3C8EE6B`][PGP] diff --git a/content/about/_index.md b/content/about/_index.md index 35fcd56..3b2615a 100644 --- a/content/about/_index.md +++ b/content/about/_index.md @@ -1,5 +1,5 @@ +++ -title = "about" +title = "About" weight = 2 [cascade] @@ -27,12 +27,6 @@ I'm also an avid rhythm game player and beatmap creator, mostly involved with the free-to-play game [osu!][3]. Check out some of my beatmaps on my [osu! userpage][4]. -## contact - -- Email: `mail` @ [this domain] -- PGP Key: [`925ECC02890D5CDAE26180D4BDA47A31A3C8EE6B`][10] -- IRC: `mzh` on [libera.chat][5] - [1]: https://keybase.io/michaelz/pgp_keys.asc?fingerprint=925ecc02890d5cdae26180d4bda47a31a3c8ee6b [2]: https://git.mzhang.io/explore [3]: https://osu.ppy.sh diff --git a/content/posts/2018-02-01-my-new-life-stack.md b/content/posts/2018-02-01-my-new-life-stack.md index 0f43239..3368bac 100644 --- a/content/posts/2018-02-01-my-new-life-stack.md +++ b/content/posts/2018-02-01-my-new-life-stack.md @@ -1,5 +1,5 @@ +++ -title = "my new life stack" +title = "My new life stack" date = 2018-02-01 tags = ["arch", "linux", "setup", "computers"] +++ diff --git a/content/posts/2018-02-25-cleaning-up-your-shell.md b/content/posts/2018-02-25-cleaning-up-your-shell.md index 8c480ab..2a4253c 100644 --- a/content/posts/2018-02-25-cleaning-up-your-shell.md +++ b/content/posts/2018-02-25-cleaning-up-your-shell.md @@ -1,5 +1,5 @@ +++ -title = "cleaning up your shell" +title = "Cleaning up your shell" date = 2018-02-25 tags = ["computers", "linux", "terminal"] languages = ["bash"] diff --git a/content/posts/2018-04-23-fixing-tmux-colors.md b/content/posts/2018-04-23-fixing-tmux-colors.md index 8fd0e1a..a7b6f60 100644 --- a/content/posts/2018-04-23-fixing-tmux-colors.md +++ b/content/posts/2018-04-23-fixing-tmux-colors.md @@ -1,5 +1,5 @@ +++ -title = "fixing tmux colors" +title = "Fixing tmux colors" date = 2018-04-23 tags = ["computers"] +++ diff --git a/content/posts/2018-05-28-web-apps.md b/content/posts/2018-05-28-web-apps.md index 0308b6a..f0d3c2c 100644 --- a/content/posts/2018-05-28-web-apps.md +++ b/content/posts/2018-05-28-web-apps.md @@ -1,5 +1,5 @@ +++ -title = "web apps" +title = "Web apps" date = 2018-05-28 tags = ["computers", "web", "things-that-are-bad"] languages = ["javascript"] @@ -7,7 +7,7 @@ languages = ["javascript"] The other day, I just turned off JavaScript from my browser. "fucking neckbeard", "you'll turn it back in 2 weeks", "living without JavaScript is like living without electricity" were some of the responses I got. And they might be right. But let's see why things are the way they are and what we can do about it. -## what is the purpose of the web? +## What is the purpose of the web? Well, the answer's pretty obvious, right? So you can surf it. But what does that even mean anymore? In the past, surfing the web meant viewing websites. You'd open something like your favorite news website, and it'd show you some of the latest updates. Or maybe you'd open the website for some company to find out their telephone so you can contact them. In other words, it was a channel from which you could receive information. @@ -15,7 +15,7 @@ If you wanted to do anything more complicated or that required more interaction, Things aren't that way anymore. For some reason, the web browser has become the all-in-one client for every service. Instead of simply acting as a HTTP client, your browser is now also capable of running full-blown 3D games, chat rooms, real-time word processors, and [full x86 emulators, apparently](http://copy.sh/v86/). What the hell happened? -## spoiler alert: javascript happened +## Spoiler alert: Javascript happened JavaScript happened. That little _scripting_ language invented to, you know, make some hover animation on your page or have dropdowns on your menu bar. Thanks to the introduction of JavaScript (and jQuery especially), developers stopped viewing webpages as Word documents that you can share, and more like canvases. Hover animations are cute and dropdowns are useful. Sure. But when this _scripting_ language starts turning into a _systems_ language (for lack of a better term), you have a problem. When's the last time you used Perl to write an operating system? @@ -25,7 +25,7 @@ On top of that, look at these huge frameworks that almost every company is hirin Look at Facebook's home page. Just from regular use, that webpage itself can use over 4 gigabytes of RAM. It makes large amounts of network calls for data that's all just being stored in memory. And everyone who opens the Facebook website (for the first time) must download _all_ of that JavaScript. The website has its own tabs (within the page, yes) for chat windows, games, advertisements, embedded video players, and much more I probably didn't even know about. Why are we running full-blown apps in our browser? -## ok but what can i do +## Ok but what can i do There's a number of things that can be done to turn this state of the web down a different path. Here's some ideas for users: @@ -38,9 +38,9 @@ For developers: - Consider the impact of every library you include. Can you do without it? What if you just wrote something from scratch instead of importing a full framework to do it? - Write more non-JavaScript software/libraries. Developers have only turned towards sticking JavaScript everywhere because it's easy to use, and libraries are readily available through npm. -## ok but what can you do +## Ok but what can you do -I'm helping with a project called flubber, which originated as an IRC bouncer, but is slowly turning into a general messaging protocol. All-in-one messengers exist (and a particular one exists by that name exactly), but they all work by opening a browser view and just loading the page within it, so it's no different from just opening tabs in a browser. Flubber will communicate with these services through APIs, and then expose a uniform interface to clients which makes it easy to bring all into a single view. Check out my progress [here](https://github.com/iptq/flubber). Other than that, I'm also working on making my websites as light as possible in general, including this one (which, by the way, has 0 JavaScript content). +I'm helping with a project called flubber, which originated as an IRC bouncer, but is slowly turning into a general messaging protocol. All-in-one messengers exist (and a particular one exists by that name exactly), but they all work by opening a browser view and just loading the page within it, so it's no different from just opening tabs in a browser. Flubber will communicate with these services through APIs, and then expose a uniform interface to clients which makes it easy to bring all into a single view. Check out my progress [here](https://github.com/iptq/flubber). Other than that, I'm also working on making my websites as light as possible in general, including this one which has no required Javascript (some pages use Katex for displaying math elements but are still readable without). And of course, I've disabled JavaScript in my browser. diff --git a/content/posts/2018-10-26-twenty-years-of-rsa-attacks.md b/content/posts/2018-10-26-twenty-years-of-rsa-attacks.md index e57bc94..c5a50d0 100644 --- a/content/posts/2018-10-26-twenty-years-of-rsa-attacks.md +++ b/content/posts/2018-10-26-twenty-years-of-rsa-attacks.md @@ -1,5 +1,5 @@ +++ -title = "twenty years of attacks on rsa with examples" +title = "Twenty years of attacks on rsa with examples" date = 2018-10-26 toc = true tags = ["ctf", "crypto"] @@ -16,7 +16,7 @@ paper, but using examples with numbers in them. That being said, I _am_ going to skip over the primer of how the RSA cryptosystem works, since there's already a great number of resources on that. -## factoring large integers +## Factoring large integers Obviously this is a pretty bruteforce-ish way to crack the cryptosystem, and probably won't work in time for you to see the result, but can still be @@ -56,12 +56,12 @@ original message! (you can find the modular inverse function I used [here][3]) And that's it! Now let's look at some more sophisticated attacks... -## elementary attacks +## Elementary attacks These attacks are related to the _misuse_ of the RSA system. (if you can't tell, I'm mirroring the document structure of the original paper) -### common modulus +### Common modulus My cryptography professor gave this example as well. Suppose there was a setup in which the modulus was reused, maybe for convenience (although I suppose with @@ -165,7 +165,7 @@ True We've successfully recovered $p$ and $q$ from just $N$, $e$, and $d$! -### blinding +### Blinding This attack is actually about RSA _signatures_ (which uses the opposite keys as encryption: private for signing and public for verifying), and shows how you can diff --git a/content/posts/2019-02-01-magic-forms-with-proc-macros.md b/content/posts/2019-02-01-magic-forms-with-proc-macros.md index 2c6cd02..14d9a44 100644 --- a/content/posts/2019-02-01-magic-forms-with-proc-macros.md +++ b/content/posts/2019-02-01-magic-forms-with-proc-macros.md @@ -1,5 +1,5 @@ +++ -title = "magic forms with proc macros: ideas" +title = "Magic forms with proc macros: Ideas" date = 2019-02-01 tags = ["computers", "web"] languages = ["rust"] @@ -22,7 +22,7 @@ It occurred to me that this feature can also be useful for generating code for r In this post I'm going to outline some of the ideas I have for a wtforms-ish library for handling forms in Rust. -## code generation +## Code generation Ideally, we should be able to use this library like this: @@ -65,7 +65,7 @@ This should generate the following HTML: I realize this is probably not very flexible, since you'd really only be able to use this form in a specific context. But in reality, how much do you really lose by redefining that form? -## validation +## Validation You've already seen the `validators` attribute used above. This defines a set of validators that we'd like to verify the form against. Suppose you receive an instance of the form that looks like (in pseudo-y Rust): @@ -79,11 +79,11 @@ let instance = RegisterForm { then calling something like `instance.verify()` should run all those validators we've defined on the fields and return a list of errors that go along with each of the fields. For this instance, for example, we should at least get an error that states that the password provided was way too short. -## other interesting features +## Other interesting features - If a form fails during validation, the user is presented with the errors and a chance to retry the form. At this point, the HTML generated should fill in the values for the fields that passed the validation so the user doesn't have to fill it out again. You see this behavior on web forms sometimes. -## conclusion +## Conclusion This project is a work in progress! You can see how far I am [on Github](https://github.com/iptq/wtforms). diff --git a/content/posts/2019-03-04-server-analogy.md b/content/posts/2019-03-04-server-analogy.md index 5559c09..c9e75d0 100644 --- a/content/posts/2019-03-04-server-analogy.md +++ b/content/posts/2019-03-04-server-analogy.md @@ -1,5 +1,5 @@ +++ -title = "accept server analogy" +title = "Accept server analogy" date = 2019-03-04 tags = ["computers"] +++ diff --git a/content/posts/2020-04-01-password-managers.md b/content/posts/2020-04-01-password-managers.md index 43908e6..17185b9 100644 --- a/content/posts/2020-04-01-password-managers.md +++ b/content/posts/2020-04-01-password-managers.md @@ -1,5 +1,5 @@ +++ -title = "password managers" +title = "Password managers" date = 2020-04-01 tags = ["computers", "things-that-are-good", "privacy"] +++ diff --git a/content/posts/2021-06-17-tracking-links.md b/content/posts/2021-06-17-tracking-links.md index eaee11e..0afdd9a 100644 --- a/content/posts/2021-06-17-tracking-links.md +++ b/content/posts/2021-06-17-tracking-links.md @@ -1,5 +1,5 @@ +++ -title = "email tracking links" +title = "Tracking links in email" date = 2021-06-17 tags = ["email", "computers", "things-that-are-bad", "privacy"] +++ diff --git a/content/posts/2021-07-05-https-request-from-scratch.md b/content/posts/2021-07-05-https-request-from-scratch.md index 0143e8e..f972826 100644 --- a/content/posts/2021-07-05-https-request-from-scratch.md +++ b/content/posts/2021-07-05-https-request-from-scratch.md @@ -1,5 +1,5 @@ +++ -title = "sending https requests from scratch" +title = "Sending https requests from scratch" date = 2021-07-05 draft = true toc = true diff --git a/content/posts/2021-10-31-e2e-encryption-useless-without-client-freedom.md b/content/posts/2021-10-31-e2e-encryption-useless-without-client-freedom.md index e345d3c..a5827f9 100644 --- a/content/posts/2021-10-31-e2e-encryption-useless-without-client-freedom.md +++ b/content/posts/2021-10-31-e2e-encryption-useless-without-client-freedom.md @@ -1,5 +1,5 @@ +++ -title = "end-to-end encryption is useless without client freedom" +title = "End-to-end encryption is useless without client freedom" date = 2021-10-31 tags = ["computers", "privacy"] +++ @@ -14,7 +14,7 @@ be absolutely meaningless. > Otherwise, I'll start the story all the way back to how computers talk to > each other. -a game of telephone in a noisy room +A game of telephone in a noisy room --- Computer networks essentially operate like a bunch of people yelling at each @@ -34,7 +34,7 @@ the first place. But in order for the middlemen to pass on the message, they'd have to hear the message, so now my lunch has become a public gathering known to everyone who's heard or passed on the message. -encryption saves the day +Encryption saves the day --- That's where **encryption** comes in. Encryption lets me change the message to @@ -62,7 +62,7 @@ encryption to make sure no one steals my identity while I'm sending it, and encryption _at rest_ to make sure someone breaking into Google won't be able to just pull the hard drive out and read the files off it. -two halves don't equal a whole +Two halves don't equal a whole --- It turns out just putting together these two types of encryption isn't enough. @@ -92,7 +92,7 @@ then decrypts it offline. [Signal][signal] famously provides end-to-end encrypted chat, so that no one, not even the government[^1], will be able to read the messages you send if they're not the intended recipient. -it's still not enough {#not-enough} +It's still not enough {#not-enough} --- End-to-end encryption seems like it should be the end of the story, but if @@ -141,7 +141,7 @@ run services is insufficient, it's safe to say that trusting companies to make client software that act in the interest of their users is just as useless as trusting companies to make services that act in the interest of their users. -what can i do? +What can i do? --- Although inconvenient, trusting different vendors for different pieces of this @@ -171,7 +171,7 @@ multiple apps and servers, and servers can federate with each other using an open protocol. I would strongly recommend people who are interested in privacy to consider it. -conclusion +Conclusion --- Why care? This might just seem to be some superficial political concern by diff --git a/content/posts/_index.md b/content/posts/_index.md index bcc96a4..42545d4 100644 --- a/content/posts/_index.md +++ b/content/posts/_index.md @@ -1,5 +1,5 @@ +++ -title = "home" +title = "Blog" weight = 1 [cascade] diff --git a/content/projects/_index.md b/content/projects/_index.md index bdea140..5d507a0 100644 --- a/content/projects/_index.md +++ b/content/projects/_index.md @@ -1,5 +1,5 @@ +++ -title = "projects" +title = "Projects" type = "projects" layout = "single" +++ diff --git a/layouts/home.html b/layouts/home.html index 3e6aaf9..f68aa28 100644 --- a/layouts/home.html +++ b/layouts/home.html @@ -2,11 +2,11 @@
-

michael zhang

+

Michael Zhang

{{ .Content }}
-

recent blog posts »

+

Recent Blog Posts »

    {{ $posts := where (.GetPage "/posts").Pages "Draft" false }} {{- range first 3 $posts -}}