🪅 40 years of GNU 40 years ago, Richard Stallman announced a Free Unix, that was to be named "GNU" which stands for "GNU Not Unix". The golden rule required that, if a dyne likes a program, the dyne must share it with other dynes who like it. No dyne can in good conscience sign a nondisclosure agreement or a software license agreement and thus be restricted from letting everyone benefit from the goodness. 🔗 https://www.gnu.org/gnu40/ 🔨 Luddites A dyne brings the word of the good Doctorow Cory to the chat. It talks about luddites, you know those brainless, terrified, thick-fingered vandals who smashed machines and burned factories because they didn't understand them. Well turns out they might not be what they seemed. They might even be ODs from way back (Original Dynes). There's no doubt that there is overlap between dynes and luddites. But then again, history tends to be written by the winners. And the machines are good at this game! Image from 🔗 https://thenib.com/im-a-luddite/ 🎹 Moog goes east Is late-stage capitalism failing? It often seems so. Yet, as Mark Fisher puts it: It's easier to imagine the end of the world than it is to imagine the end of capitalism. Is there any real success in global capitalism? Maybe the entire meaning of the word "success" needs to be tuned and the metrics to measure it revisited. Moog, the brand making delicious sounding synthesizers since the dawn of electronic music, are laying off a big bunch of the staff and might go east. It is hard to say what this means for music, probably not much to be honest. But dynes feel for the dynes that have suddenly found themselves without a stable income. Fight the system and thank you for the fish! 🍄 Be weird And now, a message from our sponsor, the Outergalactic Mycelium Network ✊🏾 Empodera LIVE, 2023 The event was a success, and if you missed out on the live feed, here it is for your viewing pleasure: An interesting side effect is that during that event some cool connections where made, and some dynes have started using Nostr. Be weird, but don't be a stranger! 🪤 Trapped in a database The American health system is weird. It has inspired a TV-show, where a high-school teacher turns to producing industrial quantities of methamphetamine just to pay his medical bills. One dyne comes with a surprising piece of information showing that the American market for Narcotics also is connected to databases in unexpected ways. More specifically how we all got trapped in them. RIP, Hank. 🔑 I got the keys to your Bimmer! As the great poet Beenie Man once said: Sim Simma, who got the keys to my Bimmer? Turns out some dyne from a neighboring galaxy has created a tool that allows any dyne to make a copy of your Bimmer keys! Great news for car-sharing and couch-surfing! 👼🏿 When EU saves the children Who doesn't love children? With their cheeky little cheeks, their pranks and loud noises! They're adorable in every way, but weak and therefore they need protection. The EU also loves children. Or so they say... One dyne shares an important investigative piece debunking the network behind the CSAM proposal in Europe! The proposed EU regulation "against child sexual abuse" will break basic privacy rights beyond repair, and is “influenced by companies pretending to be NGOs but acting more like tech companies”. “Groups like Thorn use everything they can to put this legislation forward, not just because they want to combat child sexual abuse, but also because they have a commercial interest in doing so.” 🤱🏽 Parental confusion Big papa Goggole continues to treat all dynes like children in its patriarchy. But so are many webshits doing. One dyne brings attention to the fact that parenting measures on Discord are similar to what Big Papa Goggole sees about dynes’ usage of Signal. But that's no biggie for a dyne. They all know privacy is beyond leveraging an app. If it ever was an app. Privacy is a type general digital hygiene. 🏜️ Rust never sleeps Rust thrives, so don't rest too long on those laurels. 👑 Sovereign Patreon Dynes like being sovereign. One thing that has always been hard to achieve in a sovereign way are digital tip-jars. A group of dynes from a neighboring planet that used to build a blogging tool have pulled off a great system to self-host a digital tipping-jar. And it looks amazing! Even some Big Papa-Data use it. Maybe you should too? ⛓️ Blockchain explorers Blockchain explorers are cool, some of them anyways. But they can be daunting to set up. There are cool and FLOSS solutions out there that pack everything you need to explore a blockchain. But what if you don't want all the bells and whistles? What if you just want a CLI tool to query a node or it’s corresponding but sensibly sized database, for all the good stuff inside the blockchain? A couple of dynes start conspiring about ncurses which naturally leads to some hacking action. You might want to watch this space. 0️⃣ Webp 0-day A 0-day in webp has been discovered. Patches are being deployed as the dyne typing this is typing. A good reminder that the digital realm is still a very wild west web. Stay safe in cyberspace, fellow dyne! 🔞 CERN has an onlyfans! This one is too NSFW for a description. Hold your hat, and click this link with caution: it is HOT... or... is it cool? Well... figuratively hot hot hot anyways. 🔗 https://onlyfans.web.cern.ch/ That’s it for this weeks retrospect of everything going down on Planet Dyne. Join us for the co-creation of next episode and as always: Don't forget to hike and subculture! 🗨️ Matrix 🗨️ Telegram 🗨️ Discord (These services are bridged: join your favorite one to access them all!) 📢 Mastodon 🎬 Peertube 📢 Twitter 📸 Instagram
Read all🪪 A trip to the moon Over 120 years have elapsed (1902) since George Méliès first took audiences on a journey to the moon in his groundbreaking film "Le Voyage dans la Lune," which also happens to be the very first science fiction film ever screened. Fully available 🍿 here 📽️ 10min worth it! The plot has a lot of analogies to how the working group of the The European Digital Identity Wallet is acting: Reluctant scientists say dynes can't go to the moon. When finally some pioneers are able to get there, they are sent. But once arrived they kill all the Selenites, just like the rights of European citizens to have their identity preserved are being slayed. 🎉 Empodera 2023 The 15th edition of Empodera LIVE is around the corner! This is the type of dyne-stuff that goes straight up the alley of any dyne: Digital Citizen Sovereignty: Under Construction 📅 September 26th and 27th 📍 Teatro Echegaray. Málaga, Spain Don't miss out on your seat! It's free so be quick! 👉 Register here 👈🏿 As any leading event in Civic Technology would do, they've asked one dyne to come check the mic one-two with some powerful message. The dynes that aren't going can't wait for the videos to be uploaded. Check out their mad video editing skills! You'll be able to catch the same dyne in Rome at Web3privacy in October. But don't worry, we'll blow the horn about that again! ⚰️ Tomb 2.10 In this episode, Tomb 2.10 gets an update alert💥 Fixes, updates, and a game-changing addition: Argon2 KDF support to safeguard passwords from brute-forcing. Plus, the brand new Tomb website is up and running. 🪀 1 hour sleep, 23 hours play Play is vital to dynes. Most dynes call it "hacking", but it is essentially the same thing. If you are unfamiliar with play, think of it as doing something that makes you feel good and gives you purpose, over and over again! A couple of dynes explore the possibilities of play with a funky tool. It looks like a toy, sounds like a synth and acts like a computer. What more can a dyne possibly desire from the material world? 🐌 Measuring molluskosity The giant moneyslug's tantrums are echoing louder across the world. And like most beings in this galaxy, dynes are on the hunt for a new place to organize on a grassroots level. As usual with software and webshits, there's a plethora of options. Some more free than other, all with percs and problems. One of the popular options is to collectively ride on the back of a mammoth. It is getting so common that even the tiny Swiss are adopting it for their government. There's a sense of pride and fear seeing governments boarding on a FOSS platform. Pride because "FINALLY!". Fear because governments have a tendency to turn. 🌏 Dyne is a Libre Planet A neighboring planet is making a call for papers. A super cool event will go down in March 2024, and you should apply now! Community really is like a garden, it needs to be cultivated. 👉🏽 Go here 👈🏾 🌉 Influx The previous episode of Planet dyne triggered an influx of dynes. All channels get a bump in joy and happiness. And probably you are reading this now thanks to that! Well met, fellow dyne! It's nice to see you. Dynes acknowledge how hard it is to find community on the Interwebz. Well, there are plenty of communities, many very excellent. But places where humanity and robots can gather in all their beauty and flaws are rare. And on this planet, even the robots are totally human! ❓How to include it all You can’t. There’s too much out there and at some point, an episode has to end. But the good news is that the next episodes are lining up, thanks to the contribution of dynes like you! So join us for the co-creation of next episode and don't forget to hike and subculture! 🗨️ Matrix 🗨️ Telegram 🗨️ Discord (These services are bridged: join your favorite one to access them all!) 📢 Mastodon 🎬 Peertube 📢 Twitter 📸 Instagram
Read all🐱 It was the cat! Some neighbouring planets are busy releasing Llama's and farting cats. It's a mess out there, but the potential is undeniable. Dynes explore ways to have a sentient Daemon running on their own computer instead of that of the corporate overlord. No perfect solution has been found yet, but the sum of all dimly lit rooms where hacking is going on adds up to the brightness of a supernova. Thanks for reading Planet Dyne! Subscribe for free to receive new posts and support my work. 🏃 What is a runlevel? Some questions are simple, others are hard. The best questions are those that are still unanswered. They provide the "AHA" for everyone. 💩👑💩 The Emperor looks Fat Dublin will have a dyne to represent in this intriguing event by Friends of Europe (and therefore our friends). Your own personal Jaromil will remind everyone of the most obvious but least listened lesson we get from the Internet: tech is political, and we need ethical hacking. He has also promised to write more about the topic after a very successful intervention held at the opening of the Italian chapter of the Berggruen institute. History will tell if this is just wasted time or the big shots are really listening! 🏛️ Residing in the Byzantine Dynes are planning creatures. They have so many plans! In case anyone is planning to do digital art on byzantine subjects (WHY NOT), one dyne recommends a residency in Verga, Messenian Mani, Peloponnese, Greece 👉🏽 Apply here 👈🏿 📻 Camp Radio Redux Chaos Communication Camp Redux on Freifunk Radio with dyne guest Adam chewing the fat over the highlights, including an impromptu Devuan meeting & his workshop on DNSSEC related freakery. Freak of the weak Weeks belong to the freaks. But what do the freaks get for that? Reading between the lines of the dynes, it would appear that they are about to get some holiday. One that could disrupt the concept of holidays. Imagine a holiday for freaks, but an entire week. A week of the freak! GNU/Linux on MOS6502? Boot up the latest attempt to port Linux to the Motorola 6502 arch, and your maxed out Commodore64 with an unfeasibily large paged memory expansion kit should finish booting "in about a week". If you decide against spending quality holiday time with family & friends whilst waiting for that shell prompt, a more lightweight and possibly more useful 6502 posix *nix was developed some 20 years ago (approximately the same time takes for this latest port to load firefox). Names, Numbers & Trust as a Service Brought to you by the letters DNSSEC and the number 13: This week the geek-sec dns overlords over at Verisign announced their roll out of elliptic curve DNS zone signing beginning with the .edu TLD. Co-incidentally, in the last few months mozilla foundation dev Dana Keeler inexplicably ended 12 years of dev excuses & discomfort over why keeping open the feature request to support DANE standards in firefox really just hurts their feelings (and not the trust control they hold with the browser root certificate store). No DANE in the googleplex browser either. It hurts their feelings if you don't use Chrome browser and their humungous blockchain-adjacent Certificate Transparency datastore as your source of truth for all cert-related issues. Of course, there is no secret CABAL of web browser developers and certification authorities in the CA/B Forum. They are out in the open, have no feelings to hurt, and invest in a business model to provide a "community service" of announcing who is trustworthy. And without DANE, you are certainly not on that list - that's what you pay them for. The only way we're aware of to get DNSSEC integrity visible on the chrome browser is via a plugin that used a binary side-car strategy to bypass restrictions or lack of chrome & android APIs. Similar frustrations with Firefox. So much so that keeping up with increased restrictions in both browser environments prompted them to give up further development. Freak of the Week: Modern wisdom for crypto developers? "I’ve never fell off a big chimney. You only fall off one of them once." Touching wood War. Dyne's are not in charge of the universe, and they are quite thankful for that. But those who are in charge have lost their marbles. Luckily a neighbouring planet has experience with war that it is possible to learn from. Maybe this will be the last one? Imagine if a war was started and no one went to fight it... War is waged on the mind, too. Take care of your mind, fellow dyne! What sauce goes with a Tech Barbecue The best of course. That's what Planet Dyne is bringing to Copenhagen in September. It happens between 13th and 14th in 2023, and the panel will be about Privacy. 👉 More info here 👈🏾https://techbbq.dk/speakers-2023/ To spiritual or not to commune? The deepness of last episode opens up for introspection. Where is the limit between doctrine and spiritual guidance. Dynes turn their best cheek and accept each other. Thanks for that! 🤖 Skynet day Only a few days after Outernational skynet day, reports come in that the robot is already wrecking havoc on a small scale Meanwhile, at a secret offline XR resistance camp, the training continues... You too, fellow dyne, can take part in the saga. Come co-create the next episode in our channels. And don't forget to hike and subculture! 🗨️ Matrix 🗨️ Telegram 🗨️ Discord (These services are bridged: join your favorite one to access them all!) 📢 Mastodon 🎬 Peertube 📢 Twitter 📸 Instagram Thanks for reading Planet Dyne! Subscribe for free to receive new posts and support my work.
Read all🔐 Zen news enter the chatroom The week had just begun and the dust from the poll in Episode 33 had settled, when the news broke out: the Zenroom webinars would be held in Episode 35! 🗓️ Attend here 2023-08-30 10:00 CEST: Starters/Signroom/DIDroom 11:00 CEST: Zenswarm, EVM SC interop 2023-08-31 17:00 CEST: Starters/Signroom/DIDroom 18:00 CEST: Zenswarm, EVM SC interop All the info (including the calendar files to help you remember) were shared on the Event page of Zenroom. The thing is happening on Zoom. For the dynes who are keen to keep their computers of the corporate networks, the stream will be relayed live and direct to the dyne Peertube channel. 🧠 Consciousness, and the spirit of a dyne Soon thereafter, dynes where invited to strap on, erhm... in! exurb1 had dropped their latest vid. For good and worse, the relationship between robots and dynes is a passionate one. But what do the robots dream about? Will they want to come visit planet dyne? Will they want coffee? Do they even have a will? Being a bit of a hive-mind, when one dyne plants a seed of curiosity, others come help grow it horizontally. There are many speculations. Maybe dynes and robots aren't so different after all. Or maybe there's a universe separating them? What is consciousness and does it read it’s email? Is it a symptom of the soul, subtle material entities? Or is it objectively reduceable to an orchestra of tooting saxophones? The universe is full of secrets, and that's a nice thing. So much unknown beauty, planets to explore and dynes to meet. There's a lot to unpack but dynes are shining in their most curious self, sharing their wisdom and contemplating that of others. 💩 The intellectual properties of Piero Manzoni While Argentinian hackers are building beautiful custom midi controllers, the AI world is growing. In this world art belongs to everyone. Or does it? On planet US of A, some old person in a robe has decided that AI shall be altruistic. Well, a dyne can wish anyways! This gives the passion sparked by exurb1 a new turn. What happens if AI is massively adopted in remixing, but copyright attribution only is possible to the "original" works? Maybe it is the "original" sin? If Shannon defines information as the capacity of a system of symbols to surprise you, to tell you something you don’t know, and is proportional to a system's (cultural?) entropy - then remixing allows for lower entropy through existing cultural referents, without which maybe it goes unnoticed, closer perhaps to cultural gray goo. One thing is for sure, if nothing is normal, then Piero Manzoni might very well have been a dyne. And some of the mysteries of the universe can be found right under our nose. 🤫 Rage quitting the algorithm Suddenly, dynes in the European Union are logging on to a quiet revolution on mainstream social networks. A new law let them silently rage quit the algorithm. Meanwhile, open source is catching up in the race to create the perfect coding bot. With a 34 billions parameters model, it is getting better at coding then the 2 trillions parameter OpenAI models. The party goes on in Planet Dyne, like a swarm of peers seeding a game on a local-first framework. Then again dynes are great at throwing parties! Especially online. And you're invited to come co-create the parties going down in the next episode! So don't forget to hike and subculture! 🗨️ Matrix 🗨️ Telegram 🗨️ Discord (These services are bridged: join your favorite one to access them all!) 📢 Mastodon 🎬 Peertube 📢 Twitter 📸 Instagram
Read allNostalgia from the present It’s 2023 and the UX space is full of experts. This has led our phones to be very smart and the buttons to be very shiny and placed exactly where you expected it. Except of course if you’re blind or left-handed. But there was a time before that, around 1998-2002, where UX was a like the wild west. Even in the east! Dynes remember fondly. Although to be fair, dynes tend to have pretty good self-governance over their user-space. On the beautiful morning of the Monday, one dyne shared a couple of time-traveling pills, and the nostalgia levels went through the roof. It became clear that if the Internet was a landscape, it would be called Netscape and all the music would be OGGs neatly sorted into folders. While there’s still no one who can agree if Hiphop stand on it’s own or if it should be a sub-folder of “Electronic”, some dyne somewhere in a neighboring planetary system has clearly understood the purpose of BigData. They’ve used it to sort Rappers by the size of their vocabulary. The future of Decentralization, AI, Computing and everything Right now there is a lot of FUD (Fun, Understanding and Debates) surrounding these topics. One dyne suggests that the planet have a look at the Decentralization Summit at UC Berkley. Surprisingly, it doesn’t create a lot of fuzz. But that could also just mean that many dynes lack the means to travel to the United States of so-called America. One can dream of electric sheep, dreaming is still better than being a Goggles, who is having difficulties with spelling. On the bright side, this means that a dyne now stands a chance at scrabble against monolithic internet corporations. Eat this! But what is a goggle to a torrent? Many dynes are expert at torrenting. They know everything about seeding and leeching and caring, so they share! A collective effort is put in place to make sure the new release of Devuan 5.0 Daedalus is properly, equally and socially distributed. It flows from peer to peer, through the air, the wires and all the fluffy clouds (computers that belong to other dynes) that comprise our beloved Internet. Some dynes are less expert, others are mega experts. This cooperation is carried out with the right amount of hippie-music at hand! A refrain is coming out of the humming: Praise the user-friendly ISP.s They giveth protection for the monies. Birth of a meme Scrubbing is not fun, but so is often the case with chores. One dyne finds a way to amalgamate fun with scrubbing. It remains unclear how this mythology spawns but it has something to do with a certain Sploogy’s dad and an obscure niche of infomercials from a dimension where they went through the whole NFT bonanza in the late 80s To be fair, the NFT bonanza is long past on planet dyne too. Instead of blaming themselves or others for some Internet’s weird choices in investment of their life-savings, many dynes have moved on to blame it all on the furniture instead. Chaos Communication Champs It is a highly sought after stage in a dyne’s life to attend the Chaos Communication Camp. So it is nothing but normal that the dynes that get to go, share images and videos with the dynes that can’t. This year’s edition is no exception. In fact some dynes are meeting up and collectively entered their greatest form of Devuanistas! About time! They immediately got to work with a Daedalus Pi and a string of DMX stage-lights to guarantee good mood at the Devuan after-party! Talk about redundant efficiency! plentyn & vortex discussed further Devuan events and meetups, with a potential Devuan presence at fosdem next February. There was even some discussion about a small batch of Devuan swag, but you’ll have to stay tuned until it passes the council of the wise ones. What we can reveal to you today, is that this event established for a fact that Lemons enjoy tattoos, and that they have excellent taste in motives. Holidays on Planet Dyne Episode 33 unfolds during holidays. If you don’t know what Holidays are, think of it as a weekend with many days. This means that dynes, who are usually found hacking, are hacking on something else. And also they share a lot of incredibly interesting content. One corner that never stops though, is Zenroom. The dynes over there make an opportunity of the moment. Since the other dynes have to paused to reflect, Zenroom dynes submit a poll. They query everyone on which webinar they would most like to see. 4 options are submitted. Zenswarm blockchain oracle: call a generic EVM smart contract BBS (zero knowledge proofs) - examples in apiroom.net PVSS (Publicly Verifiable Secret Sharing) - examples in apiroom.net Starters/Signroom/Didroom: signatures and identity wallet (see: https://fokbomb.solutions ) (Pssssst… The answer should be given at any moment now, come find out in the dedicated channel on Telegram, Discord or Matrix.) Meanwhile, all the other channels are accelerated: reports of beef in the Old Skool Warez Scene break out! Somebody from a neighboring planet has built a Turing-Complete CPU in Sunvox! Caturday is celebrated (a holiday strictly reserved for cats). Rumors that Dyne:Bolics has a telegram channel emerge. Incredibly powerful news from Asia hits the planet. Huge news even, it becomes possible the hear the floor trembling all the way from the hellish planet Wallstreet. The fluxus goes on, and on, and on, and on, and on and it is now crystal clear, that the best way for you to measure the depth, variety and relevance of what is happened on Planet Dyne Episode 33, is to become an integral part of the next Episode! So don't forget to hike and subculture! 🗨️ Matrix 🗨️ Telegram 🗨️ Discord (These services are bridged: join your favorite one to access them all!) 📢 Mastodon 🎬 Peertube 📢 Twitter 📸 Instagram
Read allBreakfast of champions Who said Monday mornings can't be thrilling? In the last episode, some dynes resurrected the mailing list and it was possible to hear the chanting through the firewall. The spam machine was getting hot, dropping links like a b52 with a paint-job. It could explain why you are here now, dyne. But what matters is that it's good to see you! This spot has been kept warm for you. Make yourself comfy! One dyne with a smooth but quite funny voice is reaching for you: "WB! what's bussin? Seen anything that made you want to hack lately?" Thanks for reading Planet Dyne! Subscribe for free to receive new posts and support my work. Encyclopedia Paywalls, paywalls, paywalls. One dyne feeds everyone with a paywall. Nobody gets angry because it can happen. It’s no dyne’s fault if some website decides to enshittify itself. Luckily a snippet is quickly pirated for every dyne’s participation. "Wikipedia has simply become crib notes for the establishment, at least for any topic remotely political. And even Larry Sanger, one of the two co-founders of Wikipedia in 2001, who coined the name, agrees, saying his creation had “become an establishment mouthpiece”. — The Australian Younger dynes find out that maybe there was a reason why teachers warned against using Wikipedia as an information source for writing school projects. Could also be because the mainstream still doesn't understand the religious virtues of copy-pasta… Wikipedia remains enjoyable for many things, but in some topics well known by dynes, it can look a bit shabby. Even wrong. Some chapters of Wikipedia are definitely monitored by groups that do not have the purest intentions. Monitored very closely at that. Sometimes the wisdom of the crowds is not very wise. If it was, would there really be a page for the Hawaiian Pizza? And why does Wikipedia detect mobile devices and redirects them to the mobile version, but doesn't detect desktops to redirect back? SLM (Smol Language Models) Dynes are smol language models contained inside a bag of meat. Individually they work OK, but together they shine. This might sound trivial, but it explains why this opinion piece by Pablo Chavez resonates in some dynes. The world is full of competition, but where is the collaboration? Mood gets a bit gloomydoomy, but a dyne can cope. After all, being a space punk has its percs at times. Plus, the dynes over at the Zenroom chat break the news that forkbomb has a new website. And it’s looking like amazing bizniz! Also there's a lot of potential fun packed in the Large Language Models. Like feedback loops! Has anyone actually taken the output of any of the LLMs and just run output to input to output to input over and over, like those xerox art projects, where you end up with a sheet of gray noise? Will LLMs will create the equiv. of Drexler's "gray goo", but in text? https://en.wikipedia.org/wiki/Gray_goo — @tomjennings@tldr.nettime.org Zapoy in CCCamp Do dynes dream of electric sheep? Maybe sometimes. But we know for sure that many dream about going to CCCamp. One lucky dyne is actually going to hold a workshop about name, autonomy and innovative ways with dynamic sig(0) keypairs for secure DNSSEC updates. They’re most likely going to connect with some wise ones from Devuan and maybe you? Another dyne that is going too, is looking into holding a Zenroom workshop. This sparks a conversation about artificially generated natural language. You see, albeit Virtual, Zenroom is a mad juicy machine built by dynes. And because dynes care about dynes (including those who can't code), they built this virtual machine so that you can tell it what to do, WITHOUT all the funky computer characters and stuff. See this snippet of Zencode for reference (Zencode is slang for "Speak nerdy to me"): Scenario 'ecdh': Encrypt a message with the password Given that I have a 'string' named 'password' Given that I have a 'string' named 'header' Given that I have a 'string' named 'message' When I encrypt the secret message 'message' with 'password' Then print the 'secret message' Zenroom can read LUA but it likes when you Zencode it. Seeing how the robot-overlord can now write natural language too, wouldn't it be cool to let it lose on the dataset of examples written in Zencode? The dynes then disappeared from the chat, so it is likely that some hacking went down. But before leaving they put out a reminder: Zencode might be something easy to write for an AI, but what dynes really love about it is the determinism and also that human dynes can easily review it. One day, perhaps, the robot and dynes will communicate on the same dimensional level. And there will peace upon the galaxy. And the bonfires will be epic! 808 day By now it’s only Tuesday (in the saga of course, relax! If you are unsure what day it is while reading this, here's a very useful tool). Low and behold: It’s also outernational 808 day! This means that Roland, some synthesizer dude with many birthdays, is celebrated. Some dynes prefer to celebrate the 1st of January, others are looking forward to the 9th of September. But everyone agrees that Roland makes kick-ass music machines. He certainly did not forget to put a replication limiting code to his synthesizers: the scarcity of 303s these days has led them to cost an arm and a half! Music on the other hand is cheap. At least in terms of Fiat currencies. It's cheap, but just like electronic waste, it's precious! In the last episode, dynes were a little reserved about what they were currently listening too. But that's OK, it's possible to take the experimental path instead and discover how GNU/HURD is striking back. The article confirms that it's 2023 and IRC is still the best option for chatting. Many dynes agree, even if most of them rarely log in to irc.dyne.org anymore. But that's a detail right now, because the dynes in Dark.fi have modified ircd to be encrypted and peer-to-peer. Only drawback is that it needs to run an ircd on each client, because e2ee is between daemons. Can it get more futuristic than this? Probably next episode, yes. Whip it like cream! One dyne comes in handy with DIY whips. It's never too late to crack a supersonic boom at the dystopian state of digital identity in some nations. How would Indiana Jones deal with corporations nesting in the space of dynes' identity? Being a colonialist looter, he would probably do what he does best: steal all the base. Maybe if the handle of the whip is built with a base-ball bat it's easier to kick some corporate ass? A sovereign solution is overdue. Although to be fair, many dynes have been working overtime to define an interoperable and customizable standard for DID. Things are still salvageable. If you embrace the dyne in you and participate in the next episode, who knows what could be achieved! Grandiosity for sure, dyne! Dog days Episode 32 unfolded in August, which is known as "Dog Days" in the northern hemisphere. It’s hella hot, so everything rots. But no bitrot happening on planet dyne. Instead it's time to clean up the infra. Some testing machines for Interfacer needs to go. But that's fine. Production machine is out on the world wild web already. Although chances are the Interfacer is still a secret to you. Would Keanu settle it with pinball? It remains unclear, but there's near consensus among dynes that Keanu is a worthy opponent to the church of emacs. It's likely he would use a font that contains the character "Ö" if he needed to anyways. There's a time for everything The now is volatile, but potentially a good moment to contemplate details. Corporate consolidation is one such detail: it's here, it's happening, but not obvious to everyone. Then again, the brands consolidate, but keep their name and logos, as if there was diversity. This creates an opportunity for one of the smallest dynes to generate political agitation through conceptual amalgamation. Naturally no one actually gets triggered. This corner of the internet is old enough now. Nice try though. Tactics & Practice Aksioma, a neighboring planet of dyne, releases a podcast! This is ground for celebration. Also it's Friday! Most dynes stop hacking to start hacking on something else for the weekend. But the podcast leave ripples. Tactics and practice of surveillance in the digitization discourse of the OECD is being transformed. A brief genealogy is shared. Federated breakfast on the beach The weekend gets wild. It's almost hard to follow. Ranging from dumpster diving to Bonfire releasing version 0.9.6, via Bluesky Federation Architecture, Graffiti art and desert islands to die for. DEFCON 31 is live revealing Veilid, an open-source, peer-to-peer, mobile-first networked application framework. It is conceptually similar to IPFS + Tor, but faster and designed from the ground-up to provide all services to dynes over a privately routed network. The network also enables dynes to develop distributed applications without a 'blockchain' or a 'transactional layer' at their base. Veilid can be included as part of dyne-facing applications or run as a standalone robot for power dynes who wish to help build the network. That's all for this recap of Planet Dyne the Think & Do tank, Season 2023, Episode 32! Come enhance the Fwonk of the next episode by simply joining and sharing! 🗨️ Matrix 🗨️ Telegram 🗨️ Discord (These services are bridged: join your favorite one to access them all!) 📢 Mastodon 🎬 Peertube 📢 Twitter 📸 Instagram Don't forget to hike and subculture! Subscribe now Thanks for reading Planet Dyne! Subscribe for free to receive new posts and support my work.
Read allSubscribe now A wild Monday appears! Señor Fish AKA Yoyo Bae, coder of goodness and Prince of bash. Planet Dyne.org is a collaborative world! A unique Think & Do tank, an online community that sprung to life in the year of 1999. It's a melting pot of artists, activists, and hackers, all with diverse backgrounds and united by their passion. Or, to put it in a nutshell: it's a place filled with peers just like you, yes, you! The magic that unfurls from the heart of Dyne.org, isn't just some mystical, cosmic event. Nah, it's the result of countless Dynes, just like you, orbiting around a shared passion to shape a universe where all non-private data (and the dynes behind it) can flourish, unshackled and accountable. Intrigued? Want to participate? Beam yourself over here! 🗨️ Matrix 🗨️ Telegram 🗨️ Discord (These services are bridged: join your favorite one to access them all.) 👽 7th Contact Picture this - you, a dyne in all your sovereign integrity, drifting through the webz, when boom! You stumble upon a neighboring planet with a breathable and livable atmosphere. Well, that planet is Antisoftware Software-Club – it's been around for a while but to planet dyne it comes as a breath of fresh air in the ever-expanding Internet. In their manifesto, they take a stand against the monster that's gobbled up our galaxy – software bloat. But instead of screaming into the void, they're biting back, just as a true dyne would! On their website there is a link to some of the best definition of "Big Data" available to this day. Of course it doesn't explain what Big Data is, but it promises a 50 French Francs reward to the person who finds the best way to explain BIG DATA. ©️ A buzzing start While the dynes in the code-chat are warming up for a productive week in Zenroom, the Think & Do tank is contemplating the DRM bonanza. Or as Aral Balkan puts it: It blows my mind that it’s 2023 and we still can’t have an anchor or a form carry out an HTTP PUT or DELETE request without using a library like htmx. But Web DRM? Sure, we’re working on that! *smh* #web #dev #hypermedia #html #http — @aral@mastodon.ar.al One dyne complains about a Voltaire book not being downloadable on the archive.org, only loanable for 14 days. What is going on? The discussion moves on to denial by design and Data Access Rights in Encrypted Infrastructures. 👾 User-submitted Vs. Authority-submitted feedback, round 1 A debate ensues regarding stats on social media. There’s a love hate relationship to them. Stats can be used in many ways. But no dyne is oblivious to the grip of the Coporate Networks' iron fist around them. Maybe Zero-knowledge is the key? If ZK-proofs get to a usability point where a dyne can see reviews from their circle without providing who exactly for their privacy, the Internet could become even more beautiful. As usual there are as many fragrances of opinions as there are dynes, but everyone hates spam (unless of course the spam isn’t spam) so some degrees of filtering is most likely desired. Dynes just wish these filters were the oposite of a black-box. 🎉 Milestone Planet dyne has a fediverse outlet that has finally crossed the 300 user threshold. It's a smol step of a dyne, but giant celebration for planet dyne. This is the type of stats a dynes enjoy, some of them anyways! 🫠 Favicon Controversy A website boy changes the favicon and <title> tag on their wildly popular website. The icon and name is a blatant rip off of the X Window system. Ripping stuff off is trending on the interwebz. Which is not a problem per se for dynes, it's the fact the the hipster-rippers don't share alike that is bothersome. In the hopes of creating a super intelligent machine, some robot-overlords are ripping off texts that many dynes have contributed to. Dynes generally chose their masters and gods (if any), so the prospect of being leveraged as a food for robots is entertaining no one. But on the bright side it appears that, for a robot overlord, writings produced by dynes have the same level of deliciousness as the writings of the Vatican and NASA! (Source to be determined). 🎹 MIDI-Age Crisis MIDI is 40 years this year! Many dynes enjoy using it. Some even swear by the giant spaghetti monster that it is the best protocole in the galaxy: such reliabilty, very Techno music, glory to MIDI! But 40 years really? Where did the time beam itself? One dyne decides that some meatbag-renovation is overdue and immediately proceeds to break a leg for good luck. Age is in the head and the dance anyways. Or so would the very telling and precise anecdotal data suggest. 📼 Frei0r and Kdenlive A new dyne tunes into the Frei0r discussion via Discord, appealed by the amazing video filter collection. They are wondering how to incorporate Frei0r into Kdenlive, a FOSS video sequence editor. Turns out that Kdenlive is so amazing that it ships official pre-builds with Frei0r already included. How cool is that? Did you know that Frei0r has a suit of filters for 360 (VR) video? It’s sweetissimo and you should try them today! 🙊 Quotes Macintosh isn’t very popular among dynes. However, one dyne cites Working Steve, (some marketing person that used to work at Macintosh). Here’s to the crazy ones. The misfits. The rebels. The troublemakers. The round pegs in the square holes. The ones who see things differently. They’re not fond of rules. And they have no respect for the status quo. You can praise them, disagree with them, quote them, disbelieve them, glorify or vilify them. About the only thing you can’t do is ignore them. Because they change things. They invent. They imagine. They heal. They explore. They create. They inspire. They push the human race forward. Maybe they have to be crazy. How else can you stare at an empty canvas and see a work of art? Or sit in silence and hear a song that’s never been written? Or gaze at a red planet and see a laboratory on wheels? While some see them as the crazy ones, we see genius. Because the people who are crazy enough to think they can change the world, are the ones who do. — Steve Jobs Working Steve gets a free pass on this one; it’s beautiful and the beatnik feel of the quote is strong. But it creates a good opportunity for dynes to remember that even douchebags can say interesting stuff at times and that quotes can be treacherous. Always look for context, fellow dyne! You will own nothing, and you will be happy — Siddhartha Gautama AKA Buddah (/s) 🏛️ The system One dyne finds the near perfect system. Turns out it was under every dyne’s nose the whole time and is called the “Soundsystem”. Also by now it is Friday on planet Dyne and these news are coming in with prefect timing. 🪅 End of the weak! As every dyne goes from hacking to hacking on something else, we are invited to take a look at the Local First Manifesto. It creates a big splash. This is something many dynes have also been working on for at least 2 decades but never really gained so much visibility... A Saturday celebration is given at the prospects that CRDT’s may be the next hype. That's all for this recap of Planet Dyne the Think & Do tank! Season 2023, Episode 31. Come co-create the next episode by simply joining and sharing! 🗨️ Matrix 🗨️ Telegram 🗨️ Discord (These services are bridged: join your favorite one to access them all!) 📢 Mastodon 🎬 Peertube 📢 Twitter 📸 Instagram Don't forget to hike and subculture! Thanks for reading Planet Dyne! Subscribe to receive new posts and support our work.
Read allThis week’s news is that The European Parliament has approved the European Cyber Resilience Act, and I believe it to be good news for us free and open-source developers. A lot was said prior to its approval, but much of it was dramatic and unhelpful in focusing on the positive aspects of this effort by the European Commission. Understanding the Act’s Core Points The Act aims to improve the EU’s ability to prevent and respond to cyber-attacks in a coordinated way. This is very important as cyber-attacks are the first line of contemporary warfare: Ukraine may be considered the first conventional cyberwar in the history of mankind, as our fellow Nicolas Brien argues. As much as I don’t like war and do not want this to happen, reality must be faced, and a coherent strategy must be chosen. As the title of this act suggests, resiliency is the way for Europe, and it is a wise choice that helps improve the synergy between member states. Delving into its text, I understood that, at its heart, the European Cyber Resilience Act is not simply about defence but also about fostering a fair environment for the digital industry dealing with data, information, and knowledge. It urges Member States to share information on cyber threats and promotes a collaborative approach to cybersecurity. It envisions a united front against cyber adversaries, where knowledge is power. A Victory for Open Source The inclusion of Open Source development in the Act is a significant win. Our model has long been overlooked in Europe, yet it is a potential powerhouse: it is well demonstrated that with our development methodology, we foster innovation, collaboration, and transparency. Open source software is a key enabler of innovation and economic growth. By promoting its use and development, the Cyber Resilience Act will help to ensure that Europe remains at the forefront of the digital revolution. - Neelie Kroes The act’s recognition of the importance of open-source is a groundbreaking moment in Europe’s digital history. In the USA, it has been fully assimilated for more than a decade, and businesses have shown the ability to build value around it. In the EU, however, there is still a lot of potential to be exploited, there is room to grow, but we are limited by cultural norms and business practices. Now the European Commission recognizes the model of free/open source software, open and collaborative, as a way to build the much-desired European digital sovereignty, as well to face mission-critical tasks. Silver lining the mega-corporations Most vocal criticism of the act came from open-source leaning mega-foundations which, today, hold the stewardship position of large-scale software stacks mostly built in the USA during the past 20 years. The best round-up of the criticism is published by the Apache foundation and it helps highlight the most salient point: how we determine when software becomes a liability for societies and needs to be regulated by the norms of the Cyber Resiliency Act. The act differentiates grass-root development and research from software exploited commercially at a large scale, even if both can be free and open source. It establishes that all norms need to be applied when the decision-making process on algorithms, what I call the algorithmic sovereignty, is de-facto in the hands of individuals working for commercial entities. I applaud this choice of the European Commission because today, after decades of open-source institutionalization by our colleagues in the USA, the open-source bazaar is dominated by a conundrum of mega-corporations (GAFAM) funding mega-foundations (Apache, Linux, Mozilla…) to dominate most choices made about software. Europe’s act establishes that it doesn’t matter what kind of institution takes the stewardship of software: it is not made by a community when a “benevolent dictator” steers decisions while being paid by a company exploiting the commercial values of software. Such individuals obviously listen to the requirements of their own constituency, to the point of becoming unresponsive to the needs and concerns of the community. Devuan GNU/Linux on Twitter: "On July 20th two years ago a "really bad" (cit. ZDNet) systemd bug allowing any unprivileged user to crash a Linux system was discovered. The bug was introduced in 2015 and it affected every machine running systemd for more than 6 years. https://t.co/mZNh2eKPFD #FactsMatter pic.twitter.com/hVhcmxm32p / Twitter" On July 20th two years ago a "really bad" (cit. ZDNet) systemd bug allowing any unprivileged user to crash a Linux system was discovered. The bug was introduced in 2015 and it affected every machine running systemd for more than 6 years. https://t.co/mZNh2eKPFD #FactsMatter pic.twitter.com/hVhcmxm32p Indeed, many of us who have embraced GNU/Linux in our infrastructure often feel like unwitting participants in a high-stakes tech experiment. It’s a sentiment I’ve dived deep into, particularly when exploring the complex scenarios of systemd, where a vulnerable software was knowingly deployed at large. Lead or follow? the dilemma of ICT industry for the coming decade Let us also consider that there are already thousand of companies out there adding barely 5% of code to huge community built software stacks. When these companies succeed in their plans to profit they just try to buy the control on the 95% of open-source commons by buying people in, else they fail to control what they depend upon. Solutions to dependencies are facilitated by open-source, but it will be not enough without the sort of norms this act states to regulate liabilities. The Heart of the Act The Act requires EU member states to establish a national cyber resilience strategy. One of the key points of the Cyber Resilience Act is the establishment of a European Cybersecurity Certification Framework. This framework will provide a common set of standards and certifications for all ICT products, services, and processes across the EU. This will help to ensure that all products and services meet a minimum level of cybersecurity and data protection requirements. Certifications have been a driving business model for the growth of big open-source companies such as Red Hat and its parameters and focus have been established by the biggest market players without taking into account the validation of the academic and public sectors. I like to think that in Europe we do this in a different way and this act is another big step in this direction. The Commission aims to lead Europe’s digital transition by example. With the new rules, the Commission will bring significant value to companies, start-ups, innovators, citizens and public administrations by open sourcing its software solutions. This decision will also spur innovation, thanks to publicly available Commission code. - Mariya Gabriel The beauty of the Free and Open Source model lies in its openness and collaboration. It’s not just about creating software but also fostering a community of innovation and learning, opening the field for European small and medium enterprises to play along clear rules and to work for the transparency and quality of systems. This is the blueprint for the much-desired European digital sovereignty. Community driven software development Forkbomb and Dyne.org: Pioneering Open Source At the Dyne.org foundation and our new sister the Forkbomb company, we’re proud to be pioneering this change. We work tirelessly with professional-grade open-source software, creating technology that is by the people, for the people. Dyne.org, a decade in perspective We embrace this new era of digital growth for Europe, confident that the liabilities we have always faced and taken responsibility for will be dealt with in a cooperative and faithful environment. Reflecting on our successful and outstanding decade-long journey working for the European Commission, our biggest problem has always been of cultural nature: the lack of understanding of the importance of the free and open-source software movement by the industry. This problem has never been and will never be solved by the industry or a proxy institution but by the sort of cultural and political shift Europe is promoting today. Open Source at the core of Europe: the Cyber Resilience Act was originally published in think-do-tank on Medium, where people are continuing the conversation by highlighting and responding to this story.
Read allIn this post you will see how to use Zenroom to make transactions on Ethereum, using both its main coin (ETH) and derivative tokens (ERC20). Have you ever heard about Web3? Nowadays, too often, blockchains are seen as the solution to almost every problem. The result is that many people see it as a scam. As usual, the truth is in the middle. It is important to remember the origins. When the concept of blockchain was first introduced, it solved a real problem: avoid double spending using a distributed ledger instead of classic double-entry bookkeeping. This is also defined as triple-entry accounting. Zenroom - crypto vm, end-to-end cryptography for multi-platform apps and blockchain Scripts in this article can be executed from Golang, Rust, Python and Javascript using Zenroom language bindings with zero dependencies! Gas: the fuel of Ethereum Ethereum works as a distributed computer: all nodes of an Ethereum network are guaranteed to see the same result when a smart-contract runs. What kind of smart-contracts can one run? Any, but there must be a way to stop a program that takes too long to reply. Gas is the price one needs to pay to run smart-contracts on Ethereum: it is a fee that has to be paid for each function executed. The transfer of coins is a function since the birth of distributed ledger technologies, so any network based on the Ethereum protocol requires the payment of Gas for computation. Hands on! Let’s roll up our sleeves. Using the Ethereum Mainnet for an experiment is not recommended and for this reason many “testnets” were born. I will use the one named “Goerli”. To run the scripts in this article one can use our online Apiroom.net IDE or download a Zenroom build and run it inside a terminal. It is really up to you and your skill level with one of the languages listed above: one can also use Python, Javascript, Rust or Golang. So chose your weapon! Embedding the Zenroom interpreter one can run Zencode scripts pretty much everywhere. And if any doubts arise a complete reference documentation of Zencode is available! Zenroom 📝 Documentation Create an Ethereum account The first step is to create an Ethereum account that we will use on the Goerli testnet. Scenario 'ethereum': Given nothing When I create the ethereum key When I create the ethereum address Then print data Then print the 'keyring' the result is a JSON in which you can identify mainly two values: { "ethereum_address": "aa177c956ef8ea01246481ae8a3441d6023f5f48", "keyring": { "ethereum": "18524df06977b3b8a4e43cd6983ce8ed514c97e6b5e2be6131db46e10b1a456f" } } The first one is an “ethereum_address”: the public identifier of your account. The second one is the secret key, a value named “ethereum” inside the “keyring”, which you have to keep secret as it is used to sign transactions from your account. Please note that Zencode does not print the secret keyring unless explicitly requested by the Then print the ‘keyring' statement. Now save the public address and the secret key. Then run the code again and note down the new result. At this point you have two different secret keys and addresses. Get some coins The next step is to get some coins. For this, you can use a Goerli faucet, at the time of writing this worked, or just search for one online. Once found use one of the Ethereum addresses in the text field and click OK. How to verify the faucet has given you coins? One can ask any node in the Ethereum network the balance of a known account. Just write this JSON query in a file balance.json { "jsonrpc": "2.0", "method": "eth_getBalance", "params": [ "0x<your ethereum address>", "latest" ], "id": 42 } Then use cURL (or any other http client) to query a node cat balance.json \ | curl -sH "Content-Type: application/json" -X POST -d @- \ https://rpc.ankr.com/eth_goerli The output is something like { "jsonrpc": "2.0", "id": 42, "result": "0x13edfe26e175e" } The resultkey contains the balance as an hexadecimal value (you can convert to decimal for example using a python interpreter). It can also be done using zenroom’s lua interpreter via zencode_exec(…) or the zenroom commandline tool: print( BIG.new( O.from_hex('0x13edfe26e175e') ):decimal() ) You will see the result is a decimal number. If this more than zero: congratulations! you have just received some crypto coins! Please know that 1 ether equals to 1000000000000000000 wei. Send coins from an account to another This part is a bit more difficult: the goal is to transfer Gas between the two accounts created before. The first step is to ask a public node of the Ethereum network two things: the current “nonce” value of your account (eth_getTransactionCount) the recommended price for the transaction fee (eth_gasPrice) We can obtain those information using cURL as we did for the balance. To get the nonce using eth_getTransactionCount write this JSON query into `getnonce.json` { "jsonrpc": "2.0", "method": "eth_getTransactionCount", "params": [ "0x<your ethereum address>", "latest" ], "id": 42 } Then send it for instance via curl: cat getnonce.json \ | curl -sH "Content-Type: application/json" -X POST -d @- \ https://rpc.ankr.com/eth_goerli For the transaction fee price use the following script. Please note this one shows how so use curl on the same line without creating a separated JSON query file and converting the value to decimal using the Python interpreter: curl -sH "Content-Type: application/json" -X POST --data \ '{"jsonrpc":"2.0","method":"eth_gasPrice","params":[],"id":42}' \ https://rpc.ankr.com/eth_goerli \ | jq '.result' | xargs | python3 -c "print(int(input(), 16))" Now you have the two values needed and converted them to a decimal number, you have to prepare the data input for Zencode in a JSON file transact.json filled with the values we know from previous scripts: { "keyring": { "ethereum": "<your secret key>" }, "ethereum_nonce": "<the nonce as decimal number>", "gas_price": "<the transaction fee gas price>", "receiver_address": "<the receiver address>", "endpoint": "https://rpc.ankr.com/eth_goerli", "amount": "500000", "gas limit": "50000" } In addition we see some new fields, they are: “your secret key” is the secret etherum keyring of the public address used to receive coins from the faucet: the one that has funds to transfer “receiver address” is the other public address that hasn’t been used yet “amount” is the number of coins you want to transfer measured in wei “gas limit” is the maximum units gas you intend to spend (each unit at the price of “gas price”) Then use this Zencode script passing it the data in transact.json Scenario ethereum: Given I have the 'keyring' Given I have a 'ethereum address' named 'receiver_address' Given I have a 'ethereum nonce' Given I have a 'gas price' Given I have a 'gas limit' Given I have a 'wei value' named 'amount' When I create the ethereum address When I create the ethereum transaction of 'amount' to 'receiver_address' When I create the signed ethereum transaction for chain '5' Then print the 'signed ethereum transaction' Then print data This can be done for instance using the zenroom commandline client and saving the Zencode script above in transact.zen : zenroom -a transact.json -z transact.zen Once executed the result will contain a lot of information, i.e: { "amount": "500000", "ethereum_address": "7d6df85bdbce99151c813fd1dde6bc007c523c27", "ethereum_nonce": "6", "ethereum_transaction": { "gas_limit": "50000", "gas_price": "29970423419", "nonce": "6", "r": "f1efbbf04d1c70326d875c749a57b8edbbb25bb1feff0b6ac180c69b30f6fc0d", "s": "51261997a3662b1a04016ebf99cf90c454a738b95e7ad2253aaf4eefa6b853ef", "to": "996b5a6d21a760f5c28a3ef58849d23060ab9b91", "v": "2d", "value": "500000" }, "gas_limit": "50000", "gas_price": "29970423419", "receiver_address": "996b5a6d21a760f5c28a3ef58849d23060ab9b91", "signed_ethereum_transaction": "f867068506fa605e7b82c35094996b5a6d21a760f5c28a3ef58849d23060ab9b918307a120802da0f1efbbf04d1c70326d875c749a57b8edbbb25bb1feff0b6ac180c69b30f6fc0da051261997a3662b1a04016ebf99cf90c454a738b95e7ad2253aaf4eefa6b853ef" } what interests you the most is the signed ethereum transaction value. This long hex sequence can be broadcasted by anyone in order to execute and move funds. Anyone could paste it into this curl command for instance: curl -sH "Content-Type: application/json" -X POST --data \ '{"jsonrpc":"2.0","method":"eth_sendRawTransaction","params":["0x<your signed ethereum transaction>"],"id":1}' \ https://rpc.ankr.com/eth_goerli When executed curl will return something like: {"jsonrpc":"2.0","id":1,"result":"0x284cf7390f60f5080b866b02f3db102b20a499666e7e68d75d43a70e924fdf7d"} The “result” value is a unique reference to our transaction and can be used to check its status: just paste it inside any blockchain explorer. Now you can use the script in the previous section to read your balance again. You may notice that the sender gave up more tokens than the ones to be sent: this is because the transaction fee requires gas to be executed. ERC 20: token built on top of Ethereum Using Ethereum one can build other tokens (maybe with some more complex logic) which are just smart contracts with a known interface, the most common is named ERC20. This section will show how to transact the standard ERC20 token named “WeenusToken” using Zencode, but any ERC20 token will work. WeenusToken has also a faucet that gives away free coins, but it is in the form of a smart-contract on the Goerli testnet. To receive funds from the fauces you should use the same contract shown in the previous section, but change the “amount” to 0 and the “receiver address” to aFF4481D10270F50f203E0763e2597776068CBc5 which is the WeenusToken faucet address. The following step is to verify that the we have received the tokens. We can use cURL as before, but we have to create the request beforehand, for example using zenroom and the following script (which can be entered on the command line using zenroom -ior in a file and then executing it) ETH=require('crypto_ethereum') print(ETH.erc20.balanceOf(O.from_hex('<your ethereum address>')):hex())} Write this JSON query into balanceerc20.json { "method": "eth_call", "params": [ { "from": null, "to": "0x<faucet address>", "data": "0x<result of zenroom ETH.erc20.balanceOf>" }, "latest" ], "id": 1, "jsonrpc": "2.0" } And run cURL cat balanceerc20.json \ | curl -sH "Content-Type: application/json" -X POST -d @- \ https://rpc.ankr.com/eth_goerli You should see that the result is something like {"jsonrpc":"2.0","id":1,"result":"0x00000000000000000000000000000000000000000000003635c9adc5de985ee0"} The last contract we analyze in this post is how to transfer, we can send some tokens to another address using a simple variation of the previous contract to send ETH. We won’t repeat how to get all the values, go watch the previous paragraph! Scenario ethereum: Given I have the 'keyring' Given I have a 'ethereum address' named 'receiver_address' Given I have a 'ethereum address' named 'faucet_address' Given I have a 'ethereum nonce' Given I have a 'gas price' Given I have a 'gas limit' Given I have a 'wei value' named 'amount' When I create the ethereum address When I create the ethereum transaction to 'faucet_address' When I use the ethereum transaction to transfer 'amount' erc20 tokens to 'receiver_address' When I create the signed ethereum transaction for chain '5' Then print the 'signed ethereum transaction' Then print data With data { "keyring": { "ethereum": "<your secret key>" }, "faucet_address": "aFF4481D10270F50f203E0763e2597776068CBc5", "ethereum_nonce": "<your nonce read before as decimal number>", "gas_price": "<the current gas price read before>", "receiver_address": "<the receiver address>", "endpoint": "https://rpc.ankr.com/eth_goerli", "amount": "500000", "gas limit": "50000" } As before the output should be something like { "amount": "500000", "ethereum_address": "996b5a6d21a760f5c28a3ef58849d23060ab9b91", "ethereum_nonce": "7", "ethereum_transaction": { "data": "a9059cbb000000000000000000000000996b5a6d21a760f5c28a3ef58849d23060ab9b91000000000000000000000000000000000000000000000000000000000007a120", "gas_limit": "50000", "gas_price": "15482240709", "nonce": "7", "r": "0a308b33f4869da8f5272aba57e245312c06ff37ef347cf8883255ab60666ffe", "s": "269aa2043e54f81b00e2b0b0c264b022f53215a1587606956b12528d0f33a3f2", "to": "aff4481d10270f50f203e0763e2597776068cbc5", "v": "2d", "value": "0" }, "faucet_address": "aff4481d10270f50f203e0763e2597776068cbc5", "gas_limit": "50000", "gas_price": "15482240709", "receiver_address": "996b5a6d21a760f5c28a3ef58849d23060ab9b91", "signed_ethereum_transaction": "f8a90785039ad03ec582c35094aff4481d10270f50f203e0763e2597776068cbc580b844a9059cbb000000000000000000000000996b5a6d21a760f5c28a3ef58849d23060ab9b91000000000000000000000000000000000000000000000000000000000007a1202da00a308b33f4869da8f5272aba57e245312c06ff37ef347cf8883255ab60666ffea0269aa2043e54f81b00e2b0b0c264b022f53215a1587606956b12528d0f33a3f2" } We can broadcast the transaction from the command line to make the actually happen. We have already seen how to do this curl -sH "Content-Type: application/json" -X POST --data \ '{"jsonrpc":"2.0","method":"eth_sendRawTransaction","params":["0x<your signed ethereum transaction>"],"id":1}' \ https://rpc.ankr.com/eth_goerli Finally, you are welcome to query your WeenusToken ERC20 balance to verify that the transfer has happened. Conclusions Adapting the examples in this tutorial to your case, you can do basic transactions of coins both on the Ethereum Mainnet and on ERC20 compatible tokens. Zenroom can use both types and the instructions are slightly different. Is this all we can do with Zenroom on Ethereum? No! If you are interested then clap this article and get in touch with us on the Zenroom Telegram Chat or any other way shown on our Dyne.org website. We have implemented more methods of the ERC20 standard for instance transferFrom which lets a user delegate a fund transfer, as well we have Zencode to use NFTs with ERC721. Happy hacking! Easy Ethereum transactions with Zenroom was originally published in think-do-tank on Medium, where people are continuing the conversation by highlighting and responding to this story.
Read allFrei0r — the free and open-source video effect preservation project This story is about 19 years of development on the most extensive collection of free and open-source video plugins made to share video effect inventions and knowledge on how to develop them. Before I start telling you this story, let us skip forward to the news! Frei0r version 2 is freely available with 16 new transitions and a bunch of new filters, plus we now ship it ready to use on Windows and Mac/OSX. This preservation project is about keeping our collection alive and interoperable so everyone can run it into any application. I am frei0r’s “upstream” maintainer, and I’ll continue by telling a bit of frei0r’s history, personal motivations and why I think it is a notable project. Interoperability is a community process And all community processes have a story that is worth to be told. The history of frei0r goes back to 2003. I was in the first batch of people invited to the Piksel.no festival in Bergen and managed to convince the director to welcome many more people from different free and open-source projects. Running a sort of “parasitic gig” inside this yearly festival between 2003 and 2005 (don’t call me a curator), I intended to have some time together to agree on a standard plugin specification to share code among our projects. Among the early participants were: Andraz Tori (Cinelerra/CVS), Daniel Fischer (Pakt/GStreamer), Gabriel “Salsaman” Finch (LiVES), Kentaro Fukuchi (EffecTV), Niels Elburg (VeeJay), Øyvind Kolås (Gegl/Babl/Gimp), Tom Schouten (PDP/PureData), Carlo Prelz (MøB/BEK), Georg Seidel, Martin Bayer and Phillip Promesberger (Gephex) along with our FreeJ team with me, Mr Goil and Silvano “Kysucix” Galliani. FreeJ developers in Bergen, Norway (2005) It is notorious that community processes are also messy; this was no exception. We spent a lot of time trying to accommodate everyone’s needs by adding features, which is usually a flawed approach to the problem. Eventually, the Gephex team had some harsh criticism about the working drafts we had. Then they pushed forward a simple “header-only” approach which they aptly dubbed freiør, as a homage to our Scandinavian hosts. Developers meeting at Piksel.no The frei0r proposal did not make everyone happy, especially non-linear editors at that time, but it worked, as minimalist approaches usually do well for most people. Folks are still asking me about the name, so I will be more precise about where I think it comes from: the Gephex crew was German and “free” in their language is spelt “Frei”: add a Viking touch to it and there we go. Frei, or? Stewardship in 3 words: slowly make space At the Piksel festival, no one thought the initiative of a video plugin standard for free and open-source applications was of any value. In the 2006 edition and the ones following it, frei0r never found any space in this yearly initiative. In 2005 I was lucky to move to Amsterdam and join the team at Montevideo/Time Based Arts (later dubbed NIMK). I worked with colleagues like Ramon Coelho, Wiel Seuskens and Gaby Wijers, developing the Syncstarter software and other amenities. Back then, I was thrilled to work on many significant artworks needing advanced and precise video techniques. Through 7 years of employment, I worked on installations by Marina Abramovich and Erwin Olaf and even the ten years memorial of the 9/11 tragedy at the Upstate New York museum. During this period, I dedicated myself to being a steward of the frei0r plugin collection, among other free and open-source projects, thanks to the opportunity to settle in part-time but somehow “stable” public-sector employment. And I learned how The Knowledge Commons need stewards to make space for contributions that nurture them. And stewards are better at it when they move slowly, avoid breaking setups people already depend upon and make everything as visible and understandable as possible. Institute of Network Cultures | Video Vortex Reader II: Moving Images Beyond YouTube It may sound like a tedious process, and perhaps it even is, but it helps make space for more people to join and prevents the project from becoming a moving target for those who rely on it. Through the years, valuable contributions to frei0r kept coming, most notably the excellent work by Richard Spindler (Open Movie Editor) and Dan Dennedy (Media Lovin’ Toolkit/Shotcut) made frei0r the practical standard that it is today. My role as a steward has been minimal: marking releases, updating documentation, fixing very few bugs, and putting people at ease. Meanwhile, frei0r kept growing its plugin collection up to almost 150 plugins, thanks to many contributors. Frei0r is in a lot of places When we look at frei0r today, we can find frei0r in many places. https://medium.com/media/ac9cd336176d4df7835a5c86e85317ea/href A search on youtube will yield some funny results, and on the wave of the social-video boom (tiktok etc.) it may be multiplying its presence across some funky software applications which, we hope, will keep being open-source. I like to think that the first and best video made with frei0r was the one made with LiVES by Salsaman, and I’m not the only one thinking so, recently Internet artist Marko Deinterlace also put some sound on it https://medium.com/media/ce0d771781f88095c8967d48437b5c7e/href Frei0r is already pretty much everywhere since Stefano Sabatini built support to use our plugins from FFMpeg, which is the most used media library in the world. Also a famous swiss-army knife for streaming, the Liquidsoap language prominently features frei0r as a fun thing to play with when doing video. Here is the one I like the most, The Anonymizer, if you ever need to stream or record a video with face covered and voice doctored: https://medium.com/media/0a85826643efdbe5447a3029d9ea3275/href There is also a fantastic setup for VJing using OSC to control frei0r inside Liquidsoap, which turns out to be easier done than told: https://medium.com/media/74535298328723bf145c8deb01076ac2/href At last IOhannes “umlaeute” Zmölnig regularly maintains a frei0r Debian package and wrote a VJ tool using frei0r in Pure Data. Someone I never met build a software to turn any image folder into a video using frei0r for slideshow transitions. For the geeks around, here is a list of frei0r packages maintained in various distributions: FreeBSD https://www.freshports.org/graphics/frei0r OpenBSD https://openports.se/multimedia/frei0r-plugins NetBSD https://pkgsrc.se/multimedia/frei0r GNU/Linux frei0r* — frei0r-plugins* — ocaml:frei0r* Mac/OS frei0r Brew formula Why frei0r is so cool I used to be a demo-scener and wrote a few compos myself; the heritage of this digital subculture movement is vast; there is even a documentary about it https://medium.com/media/227b3177b6b30f85ec5d14a745d3f06a/href The idea of archiving and preserving the algorithms behind the video effects created by that generation of people (at least those written in C) gives me a happy feeling. It makes me feel like I have been part of something that won’t be forgotten. Preserving all this wealth in plain and portable C code leaves a trail that new generations can use to learn to do the magic. Beyond entertainment Video effects are not just about entertainment: their application is helpful in many different fields. As mentioned previously, once upon a time, I was developing FreeJ: one of the ancestor applications to the frei0r specification. We used it to run workshops, VJ gigs and even do some live coding in theatre pieces. One day someone contacted me to let me know they were using it in a hospital to customize a video filter: it helped them to create custom visualizations for medical analysis in a unique way that no other proprietary software could ever do. Once again, this was only possible because the software is free and open source but also because algorithms are in simple and readable C language used to describe video transformations. Ultimately this is all you need: buffer in, hack, buffer out. Get involved Join our frei0r chat group or break the ice in our new discussion space. Show your appreciation and sponsor this project. Group with friends and colleagues and book a workshop. Video experts are welcome to contribute new plugins. And, of course: happy hacking! ❤ Frei0r — the free and open-source video effect preservation project was originally published in think-do-tank on Medium, where people are continuing the conversation by highlighting and responding to this story.
Read allQuantum-Proof Cryptography made easy – with Zenroom Whether or not the “Post-Quantum Encryptogeddon” is actually coming, it might be good to boost your defenses. Here is how. Imagine waking up tomorrow, and reading in the news that someone has managed to build a quantum computer with enough qubit to destroy modern public-key cryptography (RSA, ECDH, DSA, ECDSA, …). You would think that cryptography is dead, and that you and your data are no longer safe. Let me reassure you: for the time being, you are not in danger. On one hand, quantum computers are still far from being capable of such actions; on the other, many cryptographers all over the globe are busy developing software resistant to quantum attacks – including us at dyne.org! All our work on quantum proof safety has been kindly supported by NLNet Foundation and the NGI Assure project. The National Institute of Science and Technology (NIST) has been leading an effort to define cryptographic standards for new asymmetric encryption algorithms and digital signatures, capable of withstanding foreseeable attacks made with quantum computers. Post-Quantum Cryptography | CSRC | CSRC Nevertheless, there is still a major real threat: the so-called “capture now, decrypt later” attack. An attacker could steal your encrypted data today, and manage to decrypt it later with the powerful tools that might be available in the future. It is best to start using Quantum-Proof Cryptography as soon as possible! And of course, our crypto software “Zenroom” already does this. Zenroom is a tiny secure execution environment that can be integrated into any platform and application, even on a chip or a web page. It can authenticate, authorize access and execute human-readable smart contracts for blockchains, databases and much more. Zenroom’s version 3 is including quantum-proof cryptography from its inception. Using Zenroom, you can easily create programs that use quantum proof signatures just like any other signature scheme that is already supported and well documented. Keep reading this article for a step-by-step guide. In the following examples, we are going to use Zenroom’s on-line playground Apiroom.net. Don’t worry: you can easily try it in your browser, no installation required! Refer to this documentation for a quick introduction to Apiroom. Now let’s dive into Zenroom’s Quantum-Proof features! Signature In the cryptographic world, signatures play a fundamental role to ensure the origin and authenticity of a message. The current standardized signature algorithm, that can be used also in Zenroom, is ECDSA, but this algorithm is not Quantum-Proof! To overcome this issue, the Dilithium2 signature algorithm has been implemented in Zenroom. It is a lattice-based digital signature scheme, whose security is based on the hardness of finding short vectors in lattices. Dilithium How can we use it, you might ask? It’s easier than you think, and you can do it by following the steps below. In a heartbeat, you will have signed your message! Create a private key As first step, you have to create your own personal Dilithium private key. To do that, once you have opened the Apiroom.net website, click on the ‘Examples’ button in the top left corner, and scroll down until you see ‘QP Dilithium generate key’. The last thing that you need to do is to press ‘Run’ in the top right corner, and you will have generated your Dilithium private key, which will be printed on the right side of your screen in base64 format. The code is: Scenario ‘qp’ : Create the dilithium private key Given I am ‘Alice’ When I create the dilithium key Then print my ‘keyring’ In the given phase you declare who you are, so feel free to substitute “Alice” with your name, but make sure to remember it for later. In the when phase, you compute the Dilithium private key that is saved in your keyring. In the then phase you simply print your keyring. Generate the public key The public key can always be created by starting from the secret key, so we can generate it on the fly every time we need it instead of storing it. To generate the dilithium public key click on the ‘Examples’ button, then on ‘QP Dilithium generate public key’ and finally on ‘Run’. If you want to use the Dilithium private key that you have generated in the previous step, you can simply copy the output of the previous code and paste it in the ‘Keys’ section, substituting what is present there. The code is: Scenario ‘qp’: create the dilithium public key Given I am ‘Alice’ Given I have my ‘keyring’ When I create the dilithium public key Then print my ‘dilithium public key’ In the Given phase, firstly state who you are and secondly upload your Keyring. If you are using your keyring, change “Alice” with the name used in the previous script. In the When phase the dilithium public key is computed. In the Then phase the dilithium public key is printed. Sign a message To sign a message you will need two things: the message to be signed and your secret key. The message can be of any kind, like a simple string, an array or a dictionary. To sign, click on the ‘Examples’ button, then on ‘QP Dilithium create signature’ and finally on ‘Run’. If you want to use the Dilithium private key that you have generated in the first step then, as before, you can substitute the keyring in the ‘Keys’ section with your keyring. The message that will be signed is the one present in the ‘Data’ section, so feel free to modify it. The code is: Scenario ‘qp’: Alice signs the message Given I am ‘Alice’ Given I have my ‘keyring’ Given I have a ‘string’ named ‘message’ When I create the dilithium signature of ‘message’ Then print the ‘dilithium signature’ Then print the ‘message’ In the given phase you state who you are, then upload your keyring and finally upload the message to be signed. If you are using your keyring, change “Alice” with the name used in the first script. In the when phase the dilithium signautre of the message is computed. In the then phase the dilithium signature and the message are printed. Now we can send the dilithium public key (generated in the previous step), the dilithium signature and the message to the receiver, and he or she will be able to verify the authenticity of the message. Since the public key can be always created starting from the private key, instead of computing and storing it, you can compute the dilithium public key along with the dilithium signature and send all the output to the receiver, storing nothing more than the dilithium private key. The code will be as follows: Scenario ‘qp’: Alice signs the message Given I am ‘Alice’ Given I have my ‘keyring’ Given I have a ‘string’ named ‘message’ When I create the dilithium signature of ‘message’ When I create the dilithium public key Then print the ‘dilithium signature’ Then print the ‘message’ Then print my ‘dilithium public key’ The output of this code contains all that the receiver will need to verify the authenticity of the message. Verify the signature The last step is to verify the message’s dilithium signature. You will need three things: the message, the dilithium signature and the signer dilithium public key. To verify a signature click on the ‘Examples’ button, then on ‘QP Dilithium verify signature’ and finally on ‘Run’. If you have created your dilithium public key, message and dilithium signature and you want to verify it, then you can simply remove everything that is present in the ‘Keys’ and ‘Data’ sections and then copy and paste the output of the modified signature code in the ‘Data’ section. The code is: Scenario ‘qp’ : Bob verifies Alice signature Given I have a ‘dilithium public key’ from ‘Alice’ Given I have a ‘string’ named ‘message’ Given I have a ‘dilithium signature’ When I verify the ‘message’ has a dilithium signature in ‘dilithium signature’ by ‘Alice’ When I write string ‘Verification of Dilithium signature succeded!’ in ‘verification’ Then print the ‘verification’ In the Given phase you upload the signer’s dilithum public key, the message and the dilithium signature. If you have changed “Alice” with your name in the previous steps, then do the same here. In the When phase Alice’s dilithium signature of the message is verified. If you are using a different name, substitute “Alice” with the name you are using here as well. In the Then phase, if the verification succeeded, the string “Verification_of_Dilithium_signature_succeeded!” will be printed. Key encapsulation mechanism Key Encapsulation Mechanisms (KEM) are used to secure the exchange of symmetric key using Public-Key Algorithms. In Zenroom there is the possibility to choose between two different types of Quantum-Proof KEM algorithms: Kyber512 and Streamlined NTRU Prime 761. Kyber Kyber is a lattice-based KEM whose security is based on the hardness of solving the learning-with-errors (LWE) problem over module lattices. NTRU Prime: Intro Streamlined NTRU Prime security is based on the NTRU Key Recovery problem. Moreover, the last version of OpenSSH (9.0) uses the hybrid Streamlined NTRU Prime + x25519 key exchange method by default. The following zencode examples will use Kyber, but if you want to try using Streamlined NTRU Prime then this can be simply done by changing the term kyber with ntrup. Create the private and public key This is equivalent to Dilithium. On the Apiroom.net website, click on the ‘Examples’ button in the top left corner, then on ‘QP Kyber generate key’ or ‘QP Kyber generate public key’ to create respectively the private and the public key. Private key: Scenario ‘qp’ : Create the kyber private key Given I am ‘Alice’ When I create the kyber key Then print my ‘keyring’ Public key: Scenario ‘qp’ : Create and publish the kyber public key Given I am ‘Alice’ Given I have my ‘keyring’ When I create the kyber public key Then print my ‘kyber public key’ Create the KEM Now, anyone who has access to your kyber public key can create a shared secret and the corresponding ciphertext for you. To create this pair, simply click on the ‘Examples’ button, then on ‘QP Kyber create kem’ and finally on ‘Run’. The code is: Scenario ‘qp’ : Bob create the kyber kem for Alice Given I have a ‘kyber public key’ from ‘Alice’ When I create the kyber kem for ‘Alice’ Then print the ‘kyber secret’ from ‘kyber kem’ Then print the ‘kyber ciphertext’ from ‘kyber kem’ In the given phase you upload Alice’s kyber public key. In the when phase the Kyber pair {Shared-Secret, Ciphertext} is computed and saved under the names kyber secret and kyber ciphertext and grouped inside a dictionary named kyber kem. In the then phase the kyber secret and the kyber ciphertext are printed. The kyber secret is the symmetric key that will be use later to exchange information encrypted with some symmetric cipher. Thus you have to keep it secret, and send over the channel only the kyber ciphertext. Alice will need nothing more to retrieve the kyber secret. Retrieve the secret The last step is to retrieve the kyber secret from the kyber ciphertext; in this case, Alice will also receive the kyber secret. We are doing this only to compare it with the secret that was recreated and show that the two objects match. This will not happen in real life applications. To recreate the kyber secret, click on the ‘Examples’ button, then on ‘QP Kyber recreate secret from ciphertext’ and finally on ‘Run’. The code is: Scenario ‘qp’ : Alice create the kyber secret Given that I am known as ‘Alice’ Given that I have my ‘keyring’ Given I have a ‘kyber ciphertext’ Given I have a ‘base64’ named ‘kyber secret from Bob’ When I create the kyber secret from ‘kyber ciphertext’ When I verify ‘kyber secret from Bob’ is equal to ‘kyber secret’ When I write string ‘Verification of kyber cyphertext succeded!’ in ‘verification’ Then print ‘verification’ Then print ‘kyber secret’ In the given phase, declare who you are, upload your keyring, the kyber ciphertext and the kyber secret computed by Bob in the previous step. In the when phase the kyber secret is retrieved from the kyber ciphertext and a check is performed to see if it matches the secret computed by Bob. In the then phase the kyber secret is printed. Benchmarks So far we have talked about the security of these cryptographic primitives, but security never comes without a cost. As you have seen before, the first downside is the length of the keys, signatures and ciphertexts. Sizes of private and public keys in bytes. Dilithium2 generates a 2420 bytes signature and, in order to encapsulate a 32 bytes secret Kyber512 and Streamlined NTRU Prime 761, creates a ciphertext of 768 and 1039 bytes respectively. Now we will investigate the time and memory consumed by each of these Quantum-Proof algorithms, and compare them to ECDSA/ECDH. The results you will see are obtained running the tests that you can find here for the signature scheme and here for the KEM schemes. Signature The signature is composed of four main parts: the generation of the private key, the generation of the public key, the signature and the verification. For each of them I have performed 10.000 tests and took the mean time and mean memory consumed. Time (µs) and memory (B) consumed by Dilithium2 and ECDSA, computing the private and the public keys. As you can see, the key generation time and memory are not very different between the two algorithms, even if the Dilithium2 keys are much longer. The test on signature and verification is done on different message lengths: 100, 500, 1000, 2.500, 5.000, 7.500 and 10.000 bytes. For each length, the test has always been performed 10.000 times. Time (µs) and memory (B) consumed by Dilithium2 and ECDSA singature and verification. Also in this case, the time and memory consumed by the two algorithms are really close to each other. In order to have a better view of the time consumed, you can have a look at the following graphs: So, the only downside of the Dilithium2 signature scheme seems to be the length of the keys and of the signature! Key Encapsulation Mechansim The KEM algorithm is composed of four main parts: the generation of the private key, the generation of the public key, the encapsulation/encryption and the decryption. For each of them I have performed 10.000 tests and took the mean time and mean memory consumed. Time (µs) and memory (B) consumed by ECDH, Kyber512 and Streamlined NTRU Prime computing the private and public keys. In the above table, we can see that kyber512 is even faster than ECDH in the computation of private and public keys, while Stremlined NTRU Prime takes a lot more time to compute the private keys, but it is faster than Kyber512 in the generation of the public key. Looking at the encapsulation part, ECDH simply encrypts a message so, in order to have a fair comparison, we encrpyted a 32 byte random string. This because the secret exchanged using Kyber512 or Stremlined NTRU Prime is composed of 32 bytes. Time (µs) and memory (B) consumed by ECDH, Kyber512 and Streamlined NTRU Prime encapsulation/encryption and decryption. The results shows that, also in this case, Kyber512 is faster than ECDH, while Stremlined NTRU Prime is a little bit faster than ECDH in the encryption part, while it is slower in the decryption part. Thus, also for these algorithms, we find that time consumption and memory usage are not an issue, with the private key generation of Streamlined NTRU Prime schemes being the exception. Conclusion Even if the theory behind Qunatum-Proof cryptography is really complex and hard to understand: in practice, as you have seen, it is not difficult to use! Moreover, it is as fast as modern cryptographics and also the memory used is amost the same. So, what are you waiting for? Download Zenroom and start using quantum-proof cryptography to keep your data safe! Credits: Many thanks to the NLnet Foundation for believing in this project and supporting our work on quantum proof safety; as well to the Dyne.org team, especially Alberto Lerda, Denis ‘Jaromil’ Roio and Andrea D’Intino, for all their precious help and teamwork. Quantum-Proof Cryptography was originally published in think-do-tank on Medium, where people are continuing the conversation by highlighting and responding to this story.
Read allOn our website we state that we are free to share code and we code to share freedom. But coding is not the only thing we do! so here we go with our substack account, where we are free to share news and we write to share freedom. Subscribe now
Read allAt the brink of a war starting on the eastern front of Europe I like to share a 23 year old pledge by ethical hackers that should interest policy makers today, especially those in charge of taking difficult decisions as the financial-war move of cutting Russia off the SWIFT network. Please bear with me for a moment through this brief historical digression. INFO PEACE — Keep the networks of communication alive. “We strongly oppose any attempt to use the power of hacking to threaten or destroy the information infrastructure of a country, for any reason. Declaring “war” against a country is the most irresponsible thing a hacker group could do. This has nothing to do with hacktivism or hacker ethics and is nothing a hacker could be proud of.” We are all concerned about the fate of Ukraine and Europe through this conflict and it is hard to control emotions for many of us, but please lets focus on the fact that escalating war never leads to winners. On the other hand, to achieve peace access to information is vital for everyone who cares about democracy. The information infrastructure that connects people is what allows us to share stories, stay united, watch over human right violations and support people in danger in many ways. War to the contrary is made of isolation, fear, lack of communication and unfathomable uncertainty. Just like our fellow hackers two decades ago, I believe that people standing for democracy today need to focus on keeping communications alive, faithful to the understanding that what really can cross borders is cultural hegemony, as Antonio Gramsci (not the english wikipedia) once defined it . What Putin Fears Most | Journal of Democracy Democracy is the worst fear of the aggressor Culture and democracy are the best weapons we have and communication channels are the only useful vectors that can let us drive a counter-offensive to the very heart of an anti-democratic empire. Just like we did in Baghdad back in 2006, we need civil societies to share solidarity across the front of war, we need a distributed peace force armed by the hegemony of culture. An adventure in Iraqi freedom with Streamtime and FLOSS - Linux.com The best we can do is help many voices to exist, not shut them down. And also today what will really make a difference in this difficult situation is not yet another cyberattack seeding chaos in Russian society, but a steady channel of communication to vehicle empathy, solidarity and information. Today I’m not just talking about hackers and not just about the Internet. Europe should not cut Russia off the SWIFT network We need to maintain viable connections across the borders of this conflict and grant people a connection that can resist crisis, that can show resiliency and can be trustworthy even in the worst situations. What we call Russia today is a vast territory, the Russian people are many and very diverse. To black-out such a huge and resourceful connection during a conflict is like burning a bridge that leads into enemy’s territory. Also let me argue that such a move will not hurt Russia, but Europe the most. Russia has long overcome various bans and depreciations in the past decade. It would be foolish to think they haven’t prepared a response, because SWIFT is not technically difficult to reproduce and innovate, it is an old and clunky architecture. SWIFT is a world-wide standard in finance because of its industrial placement, an advantage that would be lost in a second if the balance shifts towards new systems. And believe me when I say new systems are ready to roll in Russia and China, with many new features that can be appealing to more industries in the world. A big advantage of SWIFT is adoption, by cutting off adoption the leap needed for technological supremacy is EASY. Chart showing relations between the Wikileaks financial blockade and Bitcoin’s raise. What I’m predicting today is very similar to what happened with Bitcoin and Wikileaks: if you cut one head of the Hydra, another will pop up immediately. Perhaps the aggressor is waiting for this to happen. Peace cannot be achieved by black-out. To the contrary, black-out is a condition of war. Addendum (27 February 2022) Lesson to be learned from the SWIFT black-out in Iran: “The Iran sanctions regime is a terrible model. It has had severe documented effects on millions of innocent civilians, while helping a small circle of corrupt government-linked elite benefiting from the sanctions-circumvention ecosystem. Sanctions have also helped nearly destroy Iran’s civil society and exacerbated domestic repression against any form of dissent. This is more of a feel-good policy for politicians in Washington, to appear tough on the Iranian government, while in reality helping crush average Iranian citizens. Also the humanitarian exemptions to sanctions are not working. Food and drugs, especially life-saving medicine for patients with special diseases, have been impacted by these financial sanctions. Again hurting innocent civilians while the elite have access to high quality services and resources.” — @negarmortazavi The Iran Podcast: Humanitarian Impact of Sanctions on Apple Podcasts Insights on measures taken by Europe Despite news media outlets report the sanctions as “SWIFT block”, by going in detail we can be relieved that the current strategy taken is that of intervening on specific banks and account. Here relevant press releases: Press corner Verbündete schließen russische Banken aus SWIFT aus TL;DR: certain number of (big) RU banks cut from SWIFT stop Russian war chests, paralyzed assets from central banks prohibit Russian oligarchs to use assets in foreign countries Two relevant paywalled articles Opinion | America’s Other Forever War — The New York Times (nytimes.com) Russian Sanctions: Wall Street Counsels Washington Against Ban From SWIFT — Bloomberg Sancionar a los oligarcas, no al pueblo Sancionar a los oligarcas, no al pueblo INFO PEACE was originally published in think-do-tank on Medium, where people are continuing the conversation by highlighting and responding to this story.
Read allSome kind souls are blessing Europe — the souls of reality hackers and change agents. In this post I’ll talk about our international foundation based in Amsterdam, Dyne.org, and share an update that is long-due for all the fellow travelers who have met us along the paths — Die Holzwege. Lets start with a reference to our Magna Carta Libertatum published on the 8/8/8, because it is very actual today in these times of syndemic crisis, reminding us the dreams and utopias that move us. The Weaver Birds (english version) — Gli Uccelli Tessitori (italian version) Who and where are we For more than 20 years now fellow hackers around the world kept encouraging and helped us to go forward and maintain our concrete example of alter-institutional turn. We are developing a lot of software as well facilitate communities doing their distributions and we even mentor young ventures. By reading further you may learn that nerds are everywhere, even if we don’t insist signaling our presence and do not compete with mainstream narratives: our voice and essence ultimately doesn’t belong to propaganda. We are not the establishment, but we are a friendly fleet in an open “digital Archipelago” and we are open to alliances. We are here to witness that it exists a way to develop technology for the social good and it can be sustainable. Facilitators of community development Through the past 7 years we have been facilitating the growth of a splendid community around a base distro named “Dev 1” (written Devuan) which has released its 4.0 “Chimaera” version this year as usual with press coverage worldwide. Welcome to devuan.org | Devuan GNU+Linux Free Operating System Today Devuan is not just a first choice distro but also an underground meme (just search “devuan” on youtube) for its resistance to failing corporate bloat in GNU/Linux, but also for the flourishing grassroot community that populates places like dev1galaxy.org or several channels on Libera chat (RIP freenode). Our distro is now placed 2nd in the DistroWatch worldwide Top10 by user ratings. We knew forking Debian was worth the effort for the many people who still want to rely on its package base for security and stability, but we would never imagine Devuan would be so successful. This success is the merit of a community we love to facilitate and keep alive for many years to come. At last, contrary to Winslows 11, our latest release does not require you to buy a new PC, but it runs on old ones as well has a record speed on RaspberryPi boards. https://medium.com/media/5da5f401016ca373fe7dff57ec5f1ebf/href Mentors for social innovation Our short but intense experience working in research and development projects for the European Commission, even leading one of them to flagship status, made us involved in writing a cascade funding plan for “human centric solutions” that ran for the past 3 years with some outstanding results. The Venture Builder for Human Centric Solutions We organized our team around the daily activities of technical mentorship for a multiplicity of different solutions and lead to results we can be proud of. While doing so we also learned that many organizations and the EC itself are talking about free and open source, but still need to learn a lot about its development methodologies, its language and its sustainability models. Most funded initiatives in Europe still do not share social goals nor human values, do not adopt open source licensing and are too myopic to see the impact of open source software and hardware on technological independence, competitiveness and innovation in the EU economy. Our colleague Mihaela is now working on a set of tools and methodologies for the reliable implementation of funding programs and their coordination, something that is closely inspired to open source community models and our own ethos, which we intend to share with everyone operating in this field. Meanwhile our funding program today is not just an achievement for the “Next Generation Internet” initiative, but it is a starting point for all the beneficiaries that have completed the program. There is so much to do and so many people to wake up with our call. We need to pack our success and tell more institutions and companies in Europe that another way of doing sustainable development is possible, and its here to stay. https://medium.com/media/495de3f78a6172a8b66ea2003511d248/href Critical engineers for circular economies The notion of “circular economy” is underpinning the urgent and intense effort of making European societies evolve into environmentally sustainable systems. This notion is rooted in the critical thinking of brilliant people like Nicholas Georgescu-Roegen or Ernst Friedrich Schumacher whose theories have been clearly ignored by the industrial development of the past century. To make circular the economy of today is hard work and takes a good dose of critical thinking as well critical engineering. This is something we have been dedicated a lot in the past years leading technical developments for the REFLOW project. Circular Resources - REFLOW Our focus has been in improving the way information about recyclable materials circulates and is made available. We have applied a new paradigm to simplify the complexity of logistics by adopting a Resource Event Agent model (REA) and the Valueflows vocabulary. Today we can share with all of you a new crypto model to authenticate graph database entries into “digital product passports” as well several free and open source software codebases to host related services and integrate into the wider scale European infrastructure. Reflow crypto: material passports for the circular economy Our next step in 2022 together with the Fabcity network in Hamburg will be to bring this technology to adoption also for e-commerce and logistics applications, as an effective tool for the industry 4.0 and the democratization of the designer role in its growth. Experts in computer heritage and restoration Our knowledge of information systems comes from a passionate study of their history. We support the community effort of two musea in the south of Italy: the Museo dell’Informatica Funzionante (MUSIF) and the Museo Interattivo di Archeologia Informatica (MIAI). If you are a geek you can’t miss hanging our 2022 calendar in your lab: Memorandom - Calendario 2022 MIAI/MusIF We are doing our best to leverage the incredible experience and knowledge accumulated by these initiatives in the framework of new European heritage projects, as it happens already in cooperation with the ZKM institute of Karlsruhe for the restauration of the Zuse, the most ancient computer in Europe. We are also producing very successful exhibitions in public places like city archives and libraries, in conversation with an audience of all ages about the values we give to our physical and digital interaction, the importance that memory has for our culture and what does it means to rely uniquely on digital supports in order to preserve it and share it. We do all this to share the wealth of knowledge, relationships and financial resources we manage to gather through our research and development activities and in fact this, together with the publication of free and open source software for social purposes, is what makes us most proud and joyful for the continued existence of the Dyne.org foundation. The Next Layer for Democracy We embarked an ambitious journey, equipped with the experience from the Decentralized Citizen Engagement Technologies project guided by Francesca Bria, which saw Dyne.org working for the first time in 2012 as research organization for the European Commission. Francesca Bria on Decentralisation, Sovereignty, and Web3 D-CENT In 2021 we accepted the challenge of the Italian Democratic Party and prepared a customized setup of DECIDIM, made it ready to roll in 2 months to withstand the load and attention of a nation-wide party at the lead of the government coalition. We decide. With free and open source technology It wasn’t easy, our colleague Puria lead the whole process in cooperation with the good folks at platoniq and of course the involvement of young and smart people working with the party secretary. The results are becoming visible as we speak, 6 months and thousands of participants later, it will likely be an experience we want to continue as well repeat for more organizations around the world. The European Blockchain Infrastructure It’s not anymore a dream, but a concrete opportunity to have Europe rely on a fully free and open source software infrastructure for many notarization tasks needed by an initial number of 24 members states adhering to the initiative of the European Blockchain Services Infrastructure (EBSI). Also in the institutional space we decided to take a community development approach and formed a consortium with 2 excellent partners: RIDDLE&CODE and Infocert. We are working to equip Europe with its Blockchain Services Infrastructure We are at a very good point building and testing a software stack based on DECODE technology (Zenroom) and that provides a consensus-based oracle network that can serve and link multiple distributed ledger technologies while keeping the whole framework blockchain agnostic. And the good news came in just recently: we passed the second round of selection and we are now among the 5 organizations in Europe asked to demonstrate their prototype to the European Commission! European Blockchain Pre-Commercial Procurement Success means growth I won’t hide that the past two years of syndemic crisis rocked our boat, but we managed to stay afloat and deliver even more than we hoped. Our collective at the core of Dyne.org operations kept compact and focused, rowed high through difficult waters and obtained outstanding results. We have achieved all you see without the help of any venture capital and without running any crypto-coin scam. As much as we believe in the idea that Small is Beautiful, we came to a point in which it is healthy to grow beyond our foundation and clearly make a distinction between what we do for research passion and interest and what we do as capable people hired by public and private ventures needing our help. Forkbomb | LinkedIn Today I am proud to announce the birth of a new company ready to work with you and help you build software products and services that stand out for the quality, passion and attention to details we all put into what we do. Forkbomb.eu Starting in 2022 you are welcome to contact the Forkbomb Company whenever you need us to work on your project and according to your schedule, write to info@forkbomb.eu and get to know our fresh CEO Andrea D'Intino. Dyne.org, a decade in perspective was originally published in think-do-tank on Medium, where people are continuing the conversation by highlighting and responding to this story.
Read allThis post explains in brief how to create a secure and minimalist Bitcoin wallet that stores all keys off-line (cold storage) and is in your complete control: the private key will never be known to any software connected to the network. This setup does not enforce strong privacy for your transactions, but is useful to prove the origin of Bitcoin transactions. We rely on the use of small and powerful software: Zenroom - crypto vm, end-to-end cryptography for multi-platform apps and blockchain Zenroom can be used off-line to generate a “master key” and a public address. This software is smaller than 2MB that has zero external dependencies: it is designed without capabilities to connect to the network or write to a disk. Following this tutorial the master key of our wallet will never be exposed to the network: Zenroom is the only application asking this key and it forgets it when it quits. Also interesting to know for the developers reading is that Zenroom can be easily embedded in your own application: everything you are learning here can be done using library calls passing it Zencode and JSON just like in the examples below. Bindings exist for Android, Apple/iOS and various languages like Javascript (also React-Native) as well Go, Rust and Python. Now let’s get started! if you are doing this for real, make sure no-one is looking above your shoulder, since your keys will appear on the screen. https://medium.com/media/f3e22ff2ae8768958e64820b65459280/href Setup your working environment This tutorial assumes the use of a Secure off-line PC that is used to generate the wallet key and store it when needed to sign new transactions. It is recommended to perform network operations on any on-line PC and move downloads to it by means of a USB-key. First one should download the Zenroom command-line application from Zenroom.org: any platform is supported, typically you will want a MS/Windows or Apple/OSX or GNU/Linux binary; don’t worry about dependencies, library frameworks or DLLs since nothing else is needed, just one of these tiny binaries found on files.dyne.org/zenroom/releases/v2/. You can also preserve them in a safe place and be reassured they will still work in future: Zenroom is a zero-dependency C99 software released as free and open source by the Dyne.org foundation on https://github.com/dyne/zenroom. To have a future proof setup is very important: always ask yourself if the wallet application you are using will be able to store Bitcoins for the next 20 years and still work. Once you are able to execute the Zenroom application from a terminal, the only thing you need is a text editor: your favorite will do, even notepad.exe. The few on-line operations performed will be done manually, cutting and pasting data from the terminal to a browser. The following Zencode examples use the word testnet, to use it on the main network one needs to substitute that with the word bitcoin. To get straight away to a shell script example of this tutorial, please refer to run_offline_wallet.sh in Zenroom’s repository. Generate your secret key Key generation can be performed entirely off-line: create a plain-text file and call it something like keygen.txt and paste the following Zencode into it, including carriage returns (newlines): Given nothing When I create the testnet key Then print the ‘keys’ Then execute this with the command: ./zenroom -z keygen.txt You will see a sequences of characters and numbers appear on your screen: {“keys”: { “testnet”: “cMqN1QyWYZqAAw5qVH8AzFF3GVM9VQKyNEY7ZUQsPivVpVYWjzfx” } } This is the master key of your new wallet, store it safely! Do not save it on your desktop nor write it down in an visible place: anyone knowing this secret can steal your funds. This key is in WIF format and base58 encoded, it is compatible with any Bitcoin wallet, for instance it can be imported inside Electrum using the prefix ‘p2wpkh:’. Just take what is inside the brackets and quotes, without the first 2 words “keys” and “testnet” (or “bitcoin” if you are not running a test) and use: p2wpkh:cMqN1QyWYZqAAw5qVH8AzFF3GVM9VQKyNEY7ZUQsPivVpVYWjzfx Generate your public address Once you have a secret key you can use it to generate your main public address to receive funds. Having the result of the previous operation saved to a file, for instancekeys.txt then create a new Zencode file pubgen.txt: Given I have the ‘keys’ When I create the testnet address Then print the ‘testnet address’ Then run the command: ./zenroom -z pubgen.txt -k keys.txt This command will output your public address that you can give away to receive funds: { “testnet_address”: “tb1qc5wzp53l39v499nvycmcvu2aaqlu84xnkhq3dv” } This is your public address (in Segwit compliant format bech32 aka BIP0173 which will also save you mining fees) and you can publish it to receive bitcoins. Any bitcoin received on this address will be visible using public blockchain explorers and easy to trace! this may be an advantage if you are declaring your operations to authorities. Receiving bitcoins is now easy: just give away this address. Also checking your balance is easy: any blockchain explorer can be used, here for instance you see the current balance of the testnet address in this example. Make a transaction to send bitcoins Sending bitcoins requires a bit more attention especially because we want to make our procedure super-secure by signing transactions off-line. We need to make sure that our master key is never exposed to any software connected to the network. This is the only truly trust-less approach, in any other we have to trust the software developers. For this operation we will have 2 different personal computers (PC) both installed with Zenroom: The Secure off-line PC should have no network connection at all The Public on-line PC should have network and a web browser This setup requires some manual operations to be performed with: a USB-key to copy data between Secure and Public (format it once done!) (optional) a mouse to do copy and paste operations in the browser And of course we need an address that has received at least some Bitcoins, else we cannot send anything! the one in this tutorial is a testnet address we loaded using online “faucets” giving away free testnet coins. Here a diagram explaining the operations we will need to perform: We have seen how to generate a secret key and know its public address: these operations should all be done on the Secure PC. Then to complete the first 2 steps we will copy the public address to the Public PC using a USB-key. From the Public PC we will open the browser and download the “unspent transactions” using this URL: https://blockstream.info/testnet/api/address/.../utxo Substituting the dots (…) with our public address, for our example this is: https://blockstream.info/testnet/api/address/tb1qc5wzp53l39v499nvycmcvu2aaqlu84xnkhq3dv/utxo This will give us a longer text (JSON format) that we need to copy and paste into a new file, for instance save it inside a file called UTXO.txt example UTXO output from the blockchain explorer Then we need to create a file defining our transaction order: its recipient, amount and the mining fee we intend to pay. Let’s call it order.txt and write our will inside: { “satoshi amount”: “1”, “satoshi fee”: “141”, “recipient”: “tb1q73czlxl7us4s6num5sjlnq6r0yuf8uh5clr2tm”, “sender”: “tb1qc5wzp53l39v499nvycmcvu2aaqlu84xnkhq3dv”, Here we are sending one Satoshi (0.00000001 BTC) to a recipient address: we specify our sender address(the one in this example) and pay a mining fee of 141 Satoshi (minimum needed for good testnet speed at the time of writing). Then on the next line of this file we should paste the UTXO.txt contents inside a “satoshi unspent”: … } last element, in place of the … three dots. At this point we create the Zencode that will combine the order with the UTXO information we retrieved online, let’s call it maketx.txt and write: Given I have a ‘testnet address’ named ‘sender’ and I have a ‘testnet address’ named ‘recipient’ and a ‘satoshi fee’ and a ‘satoshi amount’ and a ‘satoshi unspent’ When I rename ‘satoshi unspent’ to ‘testnet unspent’ and I create the testnet transaction Then print the ‘testnet transaction’ Then execute this with ./zenroom -z maketx.txt -a order.txt and collect the output into a file we will call transaction.txt which is ready to be signed. Now we move transaction.txt to the USB-key and copy it to the Secure off-line PC, in the same folder where we have our keys and the Zenroom executable. Sign the transaction We are now on the Secure off-line PC and we have all what is needed to sign a transaction. Let’s create the Zencode file sign.txt inside the same folder we have Zenroom, our keys.txt and the transaction.txt and write into it: Given I have the ‘keys’ and I have a ‘base64 dictionary’ named ‘testnet transaction’ When I sign the testnet transaction and I create the testnet raw transaction Then print the ‘testnet raw transaction’ as ‘hex’ Then execute it with ./zenroom -z sign.txt -k keys.txt -a transaction.txt The output of this command will be an hexadecimal sequence consisting in the Bitcoin Raw Transaction (RAWTX) that we have signed and therefore ready to be sent. The last thing we need to do is inform everyone that we have transferred that amount from our wallet to the recipient: until the RAWTX is sent on-line the amount is not spent. Therefore the last thing we need to do is copy this output to a new file, for instance rawtx.txt and transfer it to the Public on-line PC via USB-key, then we can send it using a blockchain explorer like the one on https://blockstream.info/testnet/tx/push where we can just paste the RAWTX and push the “Broadcast transaction” button. Soon enough our transaction will be visible to everyone in Bitcoin and will start being validated, the link to this new transaction is usually returned by the blockchain explorer. In case you are doing a real transaction then the correct address to send is https://blockstream.info/tx/push there may be more online services doing this as well wallets like Electrum and Bitcoin Core can be used. Caveats There are a few things to keep in mind when using this wallet method: Every time the secret.txt file is written on a disk it may leave traces of your master key passphrase, even after deletion. It is recommendable to use a secure delete program like wipe on Linux or SDelete on Windows to remove it once done. After use the USB-key needs to be fully formatted and files on it deleted securely. The address this wallet produces can be reused for different transactions and is therefore easier to track: this setup is not really good at hiding the amounts one sends and receives with it. Credits Many thanks to Alberto Lerda for contributing the Bitcoin crypto primitives implementation inside Zenroom and to Andrea D’Intino for his coaching. Also kudos to the Orange Pill community and of course Max & Stacy for motivating the making of this tutorial ❤ If you need help to manage or develop your wallets: we have solutions! You are welcome to contact us at the Forkbomb company. Forkbomb.eu Bitcoin secure off-line wallet was originally published in think-do-tank on Medium, where people are continuing the conversation by highlighting and responding to this story.
Read allI am proud to announce that at Dyne.org we have joined forces with RIDDLE&CODE and InfoCert to empower Europan member states with strong and durable technology for blockchain notarization. Aus Dyne.org, RIDDLE&CODE und InfoCert bestehendes Konsortium beauftragt, EBSI auf die nächste Stufe zu führen - boerse.de This is big news: our consortium gathers unique know-how in free and open source community development, cryptography, security and identity management along with outstanding global market positioning. Here is the press-release, available in many languages all around the world: Dyne.org, RIDDLE&CODE and InfoCert's consortium appointed to take EBSI to the next level - InfoCert Down to the technical details, here a preview of the features we are implementing for the solution: Lean, portable and interoperable with any existing blockchain platform — running on any device from chips to browsers and cloud — Zenbridge lowers the complexity of decentralized and scalable edge-computing setups and can be managed without special technical knowledge: it can be programmed in human-like language! (Zencode) The Zenbridge network is a multi-layered and distributed computing environment. It’s core is Zenroom and allows smart-contracts to run on any device, including bare-metal, low-powered and legacy, as well cloud deployments in Kubernetes or Swarm. It will downsize the crypto to run even on bare metal and low-powered computing devices and can be retro-fitted to existing infrastructure. The “Zenroom” crypto-VM is the outcome of flagship European research What Can Open Science Learn and Use From DECODE's Blockchain Urbanism Research and Tech Stack? | GenR Now we plan to adopt Zenbridge in production for 2 initial use-cases: a Digital Product Passport powered by state of the art cryptography an IPR management system for free and open source software licenses The DPP is a very important component for Circular Economies EURACTIV Press Release Site And the licensing notarization will provide time-based evidence of software licensing adopted on hardware devices, for a transparent and consistent record of their changes across time, because we want right to repair in Europe! The applications will not be limited to these early use-cases, but extend to anything that can benefit from free and open source digital notarization systems, even to very important and urgent human-rights issues as those addressed by the Global Passport Project. Global Passport Project | Or to improve the management and use of energy with demand-side response services granting flexibility sharing and grid balancing like Hestia is doing. Now please wish us luck in this quest: while being among the 7 selected organizations to race in EBSI’s pre-commercial procurement, we are engaging this challenge with a consortium and we plan to be even more inclusive in future, opening a playing field with clear standards and sovereign technologies for organizations and SMEs in each European member state. The only way we can improve Europe is by sticking together ❤ We are working to equip Europe with its Blockchain Services Infrastructure was originally published in think-do-tank on Medium, where people are continuing the conversation by highlighting and responding to this story.
Read allLead or follow? this decade’s dilemma for GNU/Linux based ICT industry Reflections on the present turning point for us users and developers of GNU/Linux based systems. Context The major event I like to start from is the landmark acquisition of RedHat by IBM for 36 whopping billions of dollars in 2019. This event shall not go unobserved when debating about the future of GNU/Linux. It is plausible to think that the enterprise strategy of companies dealing with GNU/Linux technologies will evolve well beyond the business on certifications, and make bold steps into more aggressive exploitation of their huge “market”, something once was a community and has lost that status. Timeline 2018: IBM acquires Red Hat for 34 billion dollars, paying 190$ per share with a 63% premium on the current price. 2020: Red Hat announced the end of CentOS 8: CentOS Is Dead, Long Live CentOS. 2023: Red Hat has announced to fence RHEL access behind a paywall, in other words Red Hat is Shooting Itself in the Foot, Again. Strategic analysis https://medium.com/media/739647fe87720e09e236e1dffd077e14/href The big and ever-growing conglomerate of the IBM/Linux armada aims to seize the market with renewed dependencies. The strategy to form and consolidate dependencies around the needs of clients makes sense for an oligopoly that wants to keep its dominant position. For a big technology provider today the business of support and certifications is marginal when compared to the opportunity to lead research, standardization and the pace of innovation according to own interests. The one who can lead standards can also confine risks where he may please, and accelerate testing of own developments no matter how experimental. For example systemd builds a lot of dependencies with new untested software whose risk is delegated to… anyone using Linux. This is precisely what is happening as the big-tech industry establishes new core standards for its sector— systemd being a too-big-to-fail example — it offloads the risk of innovating strategies on user communities and small clients. https://medium.com/media/211370654c943c6e2dcaf48d657d4049/href Right after a successful trial on communities, the big-tech industry is now turning small clients into guinea-pigs to externalize risks attached to innovation strategies. This is evident through the strategic changes applied by this new RedHat, now lead by IBM, as we come to another landmark event for the ICT industry: the so called “death of CentOS”. CentOS Is Dead, Long Live CentOS The end of life of RHEL 8 and CentOS 8 has been announced, to be substituted by new “stream” releases that have de-facto buried CentOS original mission as a stable distribution and resurrected it as the new guinea-pig to join Fedora in the gratuitous “downstream cage” of experimentation. https://medium.com/media/cae1ec36c0ebe42662bbd80063b0c66e/href Lets be aware now that what comes “free as in beer” comes at a high cost in priorities and control. Opportunity https://medium.com/media/f212b66304a852c9df09db71464c05fc/href All things considered this is the perfect storm. We may free ourselves from the big and ever-growing conglomerate of the IBM/Linux armada before they entangle us with ever growing dependencies. Thanks to courage, a vibrant community of experts and some investments and donations today I can tell systemd has not been a problem for me, but an opportunity. To develop an alternative and facilitate a community around it took us about the same time required to adopt any new system imposed by RedHat or IBM in our operations. By choosing to lead rather than follow we gained not just superior security and efficiency for the past 5 years: we bootstrapped a community of valuable leaders as we all dared to fork of Debian. Today we rank #2 worldwide by user reviews on Distrowatch. Welcome to devuan.org | Devuan GNU+Linux Free Operating System But lets not look at the finger pointing at the moon: this is not just about the technical choice of an init system or a system administration framework. this dynamic will repeat in many forms and there will be gains for those who have the courage to lead rather than follow. Far from the systemd debacle, at the end of CentOS as we knew it, one of its founders started Rocky Linux to continue the original mission of delivering a free and stable enterprise grade distro based on RPM packaging. Rocky Linux What do we in common is that we are seizing the opportunity to develop an alternative or, even better, we are sharing an opportunity with everyone out there who dares to differ. The investments are coming and the market is growing: the space is there for those who dare to take it and the risks aren’t so high all things considered. Now is the time to break the chain of growing dependencies with IBM/Linux before it turns SMEs and public sector institutions into security nightmares. https://medium.com/media/9351c3f51536aa192b99acafcb18abd5/href What we will soon need for this alternative to be established is the trust from bigger players in public and private sectors, to rely on these efforts and fund them: this is in everyone’s interest, I argue, since our efforts will provide better quality and will lower costs and complexity of ICT infrastructure. The opportunity is in the hands of decision makers across the ICT industry: now is the time we can invest on the talent and future growth of alternatives. Early good signs are there: grants like DECODE (EU flagship project) have funded the development of Devuan for its deployment in decentralized networks, as well NLNET funding Maemo-leste a fantastic port of Linux (not Android) for embedded devices and mobile phones. Rocky Linux seems to catch up quickly with the enterprise market it aims at and has established a small round of SMEs adopters. I believe the opportunity is there for new players to take their place as leaders. Too-big-to-fail conglomerates have shown in the past to be a rather toxic presence for the ease of maintenance and reliability of systems. Paradoxically we aren’t even the alternative: we are the conservatives in a declining world of “fail fast fail often”. We are those who intend to ship stable systems to let all users enjoy a life made of less risks and more free time. For more background information about Devuan, see: The Debian fork original announcement Coverage by The Register Coverage by Heise My Ph.D thesis chapter about Devuan Devuan presented at FOSDEM 2019 https://medium.com/media/5da5f401016ca373fe7dff57ec5f1ebf/href Devuan® is the registered trademark of the Dyne.org foundation. Linux® is the registered trademark of Linus Torvalds. Lead or follow? the dilemma of ICT industry for the coming decade was originally published in think-do-tank on Medium, where people are continuing the conversation by highlighting and responding to this story.
Read allReflow crypto: digital product passports for the circular economy Today I feel light and grateful: light for finally publishing something I’ve worked on for the past 2 years and grateful because this is an outstanding achievement that could only be attained with the help of my colleagues at Dyne.org. A pre-print of our paper is freely available: “Reflow: Zero Knowledge Multi Party Signatures with Application to Distributed Authentication” Also mirrored at Arxiv and SAO/NASA ADS, versioned source on github/DYNE Reflow signatures are based on the work we did in the DECODE project with colleagues at UCL: we built a privacy-by-design signature scheme on top of Coconut credentials (yes, the stuff that got Facebook/Libra so interested). All Reflow crypto is fully implemented in free and open source code using Zenroom which makes it easy for mathematicians to review what is inside Zencode language statements as well for engineers to integrate it in existing applications. What REFLOW is for? The Reflow project is an EU Horizon 2020 innovation action running through 2019 and 2022 which aims to enable the transition of European cities towards circular and regenerative practices. NEWS UPDATE: Reflow has been nominated as SUCCESS STORY by the European Commission in 2022! Six European cities gear up for a more circular future More specifically, REFLOW uses Fab Labs and makerspaces as catalyzers of a systemic change in urban and peri-urban environments, which enable, visualize and regulate “four freedoms”: free movement of materials, people, (technological) knowledge and commons, in order to reduce materials consumption, maximize multifunctional use of (public) spaces and envisage regenerative practices. The project will provide best practices aligning market and government needs in order to create favorable conditions for the public and private sector to adopt circular economy practices. REFLOW is creating new circular economy business models within six pilot cities: Amsterdam, Berlin, ClujNapoca, Milan, Paris and Vejle and assess their social, environmental and economic impact, by enabling active citizen involvement and systemic change to re-think the current approach to material flows in cities. This paper and the free and open source software referenced sit at the core of the innovative developments in Reflow’s technical work-package and implement a novel signature scheme for material passports whose integrity, provenance and portability is granted by means of provable cryptography. We need this because if we want to recycle more we need to have a clear picture of material flows coming in and out of our cities, as well a way to track the life-span of each material. EU plans 'digital product passport' to boost circular economy Think of material passports as sort of “barcodes” that cannot be counterfeit and do contain the whole history of materials and components part of an object. Here we explain the material passport use-case a bit. What else can we do with Reflow crypto Well, quite a lot considering it is all quite modular and configurable. In the paper we analyze 4 base functions: Credential based and anonymous multi-signature and decentralized verification scaling up to thousands of participants. Need-to-know application for multiple participants to sign complex documents without distributing the entire document to everyone Advanced Disposable-ID scenarios augmented with multi-signature Last not least the material passport, more generally consisting of a system to authenticate fairly complex graph data structures And so Reflow crypto is a core building block for what we are envisioning to be the future of the so called Industry 4.0: Distributed Design | Fab City Hamburg In a not so distant future we’ll see objects being produced and marketed as the remixing of open and distributed design contributions: the main challenge for this market will be to fairly redistribute the wealth to all contributors while keeping track of them while respecting their privacy. A lesson about what can we do with crypto Its not a mystery that I’m involved in crypto since more than 10 years now Denis Roio on Twitter: "Hereby apologizing for the global warming caused pic.twitter.com/Qc0uy5c0gZ / Twitter" Hereby apologizing for the global warming caused pic.twitter.com/Qc0uy5c0gZ So let me conclude that I’m very proud today to present this work, which is not yet another coin to accumulate or mine, nor a system that needs a lot of energy to run (look at our benchmarks!) but a sincere and collective effort to use cryptography and math for the aims of a green and sustainable agenda. Reflow: Zero Knowledge Multi Party Signatures with Application to Distributed Authentication Reflow crypto: material passports for the circular economy was originally published in think-do-tank on Medium, where people are continuing the conversation by highlighting and responding to this story.
Read all