Categories
Computers

First impressions of Filecoin

I’m an interested user of many novel technologies, some examples being cryptocurrencies and IPFS. One technology that I was keeping an eye on was at the intersection of that two: Filecoin (it’s using blockchain and built on IPFS by the people who made IPFS). It aims to be a decentralized storage network, where nodes are rewarded by storing users’ data, in a programmatic and secure way. After a long wait, the Filecoin repositories just opened up a few days ago (see also the relevant Hacker News discussion). This allowed everyone to give the newly deployed development chain (devnet) a spin, and try out one possible “future-of-storage”. Since the release, I’ve spent a decent handful of hours with Filecoin, and thus gathered a few first impressions.

These are very early stages for the technology, so take all my comments with that nurturing point of view. I’m glad they release stuff at their version 0.0.2 as it happened, even if a lot of things are in flux. Also, I’ve spent a bunch of time with IPFS, a lot of parts of the experience with Filecoin (or rather with the initial implementation of go-filecoin is not as surprising (more familar) to me than likely to someone for the first time a project made by this team. More on this later. Now, in hopefully somewhat logical order...

Getting started

The first thing is obviously getting and installing the binaries for the project. The initial implementation is go-filecoin, which is not totally surprising, one of the two main IPFS implementations is also go-ipfs (the other, for the curious, is js-ipfs, but filecoin does not have a Javascript implementation just yet). As there are no binary releases for go-filecoin just yet, we’ll need to install from source. The project relies on pretty recent Go (1.11.1 or 1.11.2, it’s not clear from the docs and the code…), as well as pretty recent Rust (1.31.0, which is about 2 months old). If the combination of the two is surprising, it’s because some of the heavy lifting libraries was implemented in Rust, for performance reasons (that I think used in the proving that a node actually stores the data that it said it did, without sending the whole data for inspection – aka, the secret sauce of Filecoin).

Categories
Programming

How not to start with machine learning

I’m a technical and scientific person. I’ve done some online courses on machine learning, read enough articles about different machine learning projects, I go through the discussions of those projects on Hacker News, and kept a bunch of ideas what would be cool for the machines to actually learn. I’m in the right place to actually do some project, right? Right? ūüö® Wrong, the Universe says no…

This is the story of how I’ve tried one particular project that seemed easy enough, but leading me to go back a few (a bunch of) steps, and rethink my whole approach.

I bet almost everyone in tech (and a lot of people beyond) heard of AlphaGo, Deepmind’s program to play the game of Go beyond what humans can do. That has evolved, and the current state of the art is Alpha Zero, which takes the approach of starting from scratch, just the rules of the game, and applying self-play, can master games like Go to an even higher level than the previous programmatic champion after relatively brief training (and beating AlphaGo and it’s successor AlphaGo Zero), but also apply to other games (such as chess and shogi). AlphaZero’s self-learning (and unsupervised learning in general) fascinates me, and I was excited to see that someone published their open source AlphaZero implementation: alpha-zero-general. That project applies a smaller version of AlphaZero to a number of games, such as Othello, Tic-tac-toe, Connect4, Gobang. My plan was to learn by adding some features and training some models for some of the games (learn by doing). That sounds much easier to say than to do, and unravelled pretty quickly (but probably not as quickly as it should have been).

Categories
Admin

Continuous integration testing of Arch User Repository packages

I maintain a couple of ArchLinux user-contributed packages on the Arch User Repository (AUR), and over time I’ve built out a bit of infrastructure around that to make that maintenance easier (and hopefully the results better). The core of it is automated building of packages in Continuous Integration, which catches a number of issues which otherwise would be more difficult.

This write-up will go through the entire packaging process to make it easily reproducible.

Categories
Computers Thinking

I’ve learned this about hacking, inspired by Mr. Robot

The second season of Mr. Robot¬†has just finished last week. While it’s one of the most amazing thing I’ve ever seen, it is also held as the TV show with the closest depiction how computer hacking works for real (see for example Quora¬†or Reddit). Looks like ¬†it inspired a lot of people to “try out” the tools the characters use on the show (adding to the popularity of Kali Linux, or the¬†Wickr¬†chat app¬†for example), which does feel a natural way to relate to your favorite characters, in a geek way.

I couldn’t resist either, and tried to dig a bit deeper, learning some geek (ie. not professional) lessons about how hacking works, party from the events in the show directly, partly by following for a few steps what were done in the show, and deconstructing the results.¬†Here’s what I’ve collected so far:

Social engineering¬†is likely a big part, a crucial enabler of most “successful” hacks. The show works with characters¬†so it might be¬†biased towards human actions, but it makes sense that social engineering¬†can open door where the “bits” are closed. All the shows main hacks I remember included social engineering (not going to spoil here anything). This also made me a lot more aware in life, for example when talking with my bank online, or trying to get official things done in a way that it involves trust. Very much seems to me, that social engineering vulnerabilities and “opportunities” are really abound, and that makes me a lot more careful. For example, when calling to the bank, my verification data is three pieces of information that is available online or relatively easy, and I think of how I’ve seen such situation abused (in fiction, mind you), then I get a little jumpy. Not sure how other countries are like, but it feels like so many weak points in Taiwan, that she is just protected by the language barrier from western hackers/scammers – but sure that doesn’t deter another hostile nation. So yeah, my lessons is trying to improve on things, be mindful of trust-based situations encountered, while do be more confident to get things done better (in a non-malicious way of course), as confidence is one of the key ingredients of social engineering as well.

Categories
Computers Life Taiwan

Taiwan Citizen Digital Certificate

Taiwan has a very interesting attitude towards technology (for better or worse), and it is fun to try out anything new that comes up here (for a certain definition of “fun”). When the news hit late last month, that the National Immigration Agency opens Internet ID application to foreign residents, I was there to get mine as soon as it was available. The “Internet ID” refers to a “Citizen Digital Certificate”, also called MOICA, a smart card that supposed to make a lot of services available through a web browser or other government-produced software (e.g. filing taxes online). For Taiwanese citizens MOICA seems to be available at least since 2003 (according to the news report I’ve managed to dig up), but this is the first time it available for us foreigners living here.

In this rather graphic post I try to summarize the process of getting a MOICA card as a foreigner in Taiwan, setting it up, and some (opinionated) lessons to learn from it.

The Process

The process of getting and setting up the card is outlined in this leaflet that I’ve picked up.

MOICA Application English
Click to see large scan. Wow.

Though – not surprisingly – in practice everything is a lot more complicated than these 8 bulletpoints.