I've been obsessed with neuroscience as of late. What follows are just a few points I found remarkable in my reading of <ahref="https://mitpress.mit.edu/books/altered-states-consciousness">Altered States of Consciousness - Experiences Out of Time and Self</a> by Marc Wittmann.
I've been obsessed with neuroscience as of late. What follows are just a few points I found remarkable in my reading of <ahref="https://mitpress.mit.edu/books/altered-states-consciousness"target="_blank"class="link-primary">Altered States of Consciousness - Experiences Out of Time and Self</a> by Marc Wittmann.
In a life or death situation, it's quite blurry whether people truly experience time in slow motion, or if they only remember their emotionally-charged event that way. It's a difficult phenomenon to replicate in a laboratory setting for obvious reasons. Witmann's theory, however, is that precisely this "perception of bodily processes is connected to time consciousness". Their mind is fully-engaged and recording every detail of these precious moments. [p.11]
@@ -34,7 +34,7 @@ Together, all three influence how the others are perceived. [p.48]
The "experienced moment" is best illustrated by the time it takes for the mind to switch perspective of the "necker cube" optical illusion.
Whittmann also presents a good bit of evidence that mindfulness meditation gives rise to time expansion, along with improved working memory. The theory is that if you are more aware of the moment, you remember more of your experienced moments, and thusly subjective time expands. [p.55] Most notably, experienced meditators can hold a perspective of the Necker Cube for longer, and were found to <ahref="https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4294119/">feel that the past few weeks/months passed more slowly compared to a control group</a>.
Whittmann also presents a good bit of evidence that mindfulness meditation gives rise to time expansion, along with improved working memory. The theory is that if you are more aware of the moment, you remember more of your experienced moments, and thusly subjective time expands. [p.55] Most notably, experienced meditators can hold a perspective of the Necker Cube for longer, and were found to <ahref="https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4294119/"target="_blank"class="link-primary">feel that the past few weeks/months passed more slowly compared to a control group</a>.
The mystical experience of "Timelessness" might perhaps be the experience of pure _urimpression_, untouched by preconceptions. Neither protention nor retention remains. No guide for the past or future. The self dissipates. [p.72]
Alright, it's near the end of 2019. We've had plenty of time to figure out how to get rid of passwords. But we haven't. They're still here. So it's about time we admit that they're here to stay, and that we must better acquaint ourselves with them.
I'm here to make the case for _you_ to change a few of your digital habits. You will no longer <ahref="https://en.wikipedia.org/wiki/Password_fatigue"target="_blank">release an exasperated sigh</a> when you see the dreaded "Sign Up" button for Yet Another Website. Your friends will no longer need to spend 15 minutes wrestling with your foggy memory to figure out your WiFi password, or perhaps your Netflix credentials, you dirty account-sharing lawbreakers. You will no longer need to hit the "Forgot Password" button for every site you only use once in a blue moon. Your hair will grow back and its color regain vibrancy. Your friends will respect you, and your enemies will fear you. Some of your friends will also fear you, but that's okay. They were always afraid.
I'm here to make the case for _you_ to change a few of your digital habits. You will no longer <ahref="https://en.wikipedia.org/wiki/Password_fatigue"class="link-primary"target="_blank">release an exasperated sigh</a> when you see the dreaded "Sign Up" button for Yet Another Website. Your friends will no longer need to spend 15 minutes wrestling with your foggy memory to figure out your WiFi password, or perhaps your Netflix credentials, you dirty account-sharing lawbreakers. You will no longer need to hit the "Forgot Password" button for every site you only use once in a blue moon. Your hair will grow back and its color regain vibrancy. Your friends will respect you, and your enemies will fear you. Some of your friends will also fear you, but that's okay. They were always afraid.
How random do you think you are?<ahref="#ref0">[0]</a>
How random do you think you are?<ahref="#ref0"class="link-primary">[0]</a>
On the surface, randomness seems pretty straight-forward. But it gets messy pretty quick once you try to pin down what it actually _is_. But before we dive down that <ahref="#philosophy">philosophical rabbit hole</a>, let us first take a gander at this little t-shirt:
On the surface, randomness seems pretty straight-forward. But it gets messy pretty quick once you try to pin down what it actually _is_. But before we dive down that <ahref="#philosophy"class="link-primary">philosophical rabbit hole</a>, let us first take a gander at this little t-shirt:
@@ -20,7 +20,7 @@ It used to be illegal to wear this shirt outside of the States. The math which w
<pstyle="text-align: center"><imgsrc='/imgs/cryption_graph.png'style='display:block; margin: 0 auto;'/><spanstyle="font-size: x-small;">A real-world example of military-grade encryption put to good use.</span></p>
The usefulness of such technology in a military setting should be obvious. Conversely, it is obviously in our militant government's best interests that only they can use this technology - everyone else, both citizen and enemy, should ideally not have the ability to encrypt their messages. This way their communications can be intercepted, and any espionage may be thwarted. None of this technology is new; mankind has been utilizing encryption for as long as our written record can remember<ahref="#ref1">[1]</a>. The only difference with the situation today is that our communications are nearly instantaneous, and the encryption is much tougher to break.
The usefulness of such technology in a military setting should be obvious. Conversely, it is obviously in our militant government's best interests that only they can use this technology - everyone else, both citizen and enemy, should ideally not have the ability to encrypt their messages. This way their communications can be intercepted, and any espionage may be thwarted. None of this technology is new; mankind has been utilizing encryption for as long as our written record can remember<ahref="#ref1"class="link-primary">[1]</a>. The only difference with the situation today is that our communications are nearly instantaneous, and the encryption is much tougher to break.
### A Bit Too Random
@@ -41,23 +41,23 @@ This is almost _always_ the type of randomness you want, because it just seems s
### Bits Byte Back
And so back to the military we go! One of the oldest and most commonly-known methods of encryption is called the <ahref="https://www.xarg.org/tools/caesar-cipher/">Caesar Cipher</a>, named after Julius Caesar, who apparently used it for military matters. It was likely that his enemies were illiterate or would think his gibberish was a foreign language, so it was secure enough. Otherwise, it takes only 25 tries to guess the message correctly if you knew the methodology. Essentially, you'd choose a number, and then offset every letter in your message by that number. So if you chose 3, then all A's would become D's, all B's would become E's, and so on. Not only was it easy to figure out the number you offset everything by, but just like most other old-school ciphers, it quickly breaks under frequency analysis: some letters are used much more often than others in the English language, and some letters are much more likely to be found before/after certain letters (like 'u' following a 'q'). So once you see that the gibberish has a lot of H's and S's, you could try swapping those with perhaps A's, E's, or T's, and figure out the rest from there.
And so back to the military we go! One of the oldest and most commonly-known methods of encryption is called the <ahref="https://www.xarg.org/tools/caesar-cipher/"target="_blank"class="link-primary">Caesar Cipher</a>, named after Julius Caesar, who apparently used it for military matters. It was likely that his enemies were illiterate or would think his gibberish was a foreign language, so it was secure enough. Otherwise, it takes only 25 tries to guess the message correctly if you knew the methodology. Essentially, you'd choose a number, and then offset every letter in your message by that number. So if you chose 3, then all A's would become D's, all B's would become E's, and so on. Not only was it easy to figure out the number you offset everything by, but just like most other old-school ciphers, it quickly breaks under frequency analysis: some letters are used much more often than others in the English language, and some letters are much more likely to be found before/after certain letters (like 'u' following a 'q'). So once you see that the gibberish has a lot of H's and S's, you could try swapping those with perhaps A's, E's, or T's, and figure out the rest from there.
<spanstyle="font-size: x-small;">After reading this, your mind will notice how many e's are in this article.</span></p>
We didn't really get too fancy with encryption until we could build machines to automate it all for us. Encryption was simply a lot of scrambling of words/letters, and making sure your recipient knows the trick to undo those operations. This then brings us to the legendary <ahref="https://en.wikipedia.org/wiki/Enigma_machine">Enigma Machine</a>, whose algorithm was first broken only due to operational errors, and was used with great success by Nazi Germany in WWII. Up until the era of the Enigma, cracking ciphers required mainly only linguistic and literary prowess. These machines and their increasingly complex algorithms took us deep into the mathematical realm as they resisted our older methods of <ahref="https://en.wikipedia.org/wiki/Cryptanalysis">cryptanalysis</a>, like the aforementioned frequency analysis. This developed into a theory called <ahref="https://en.wikipedia.org/wiki/Confusion_and_diffusion">Confusion and Diffusion</a> which details the two properties ciphers must have to be impervious to pure cryptanalysis. It should be noted that we're still using the same techniques of scrambling & substituting letters like in Ye Olden Days - machinery simply allows us to do many more complex patterns without too much work on the recipient's end to undo it.
We didn't really get too fancy with encryption until we could build machines to automate it all for us. Encryption was simply a lot of scrambling of words/letters, and making sure your recipient knows the trick to undo those operations. This then brings us to the legendary <ahref="https://en.wikipedia.org/wiki/Enigma_machine"target="_blank"class="link-primary">Enigma Machine</a>, whose algorithm was first broken only due to operational errors, and was used with great success by Nazi Germany in WWII. Up until the era of the Enigma, cracking ciphers required mainly only linguistic and literary prowess. These machines and their increasingly complex algorithms took us deep into the mathematical realm as they resisted our older methods of <ahref="https://en.wikipedia.org/wiki/Cryptanalysis"target="_blank"class="link-primary">cryptanalysis</a>, like the aforementioned frequency analysis. This developed into a theory called <ahref="https://en.wikipedia.org/wiki/Confusion_and_diffusion"target="_blank"class="link-primary">Confusion and Diffusion</a> which details the two properties ciphers must have to be impervious to pure cryptanalysis. It should be noted that we're still using the same techniques of scrambling & substituting letters like in Ye Olden Days - machinery simply allows us to do many more complex patterns without too much work on the recipient's end to undo it.
### Speak 'Friend', Press Enter
Which finally brings us back to that t-shirt I showed you earlier! Basically, some smart dudes in the late 70's came up with the <ahref="https://en.wikipedia.org/wiki/RSA_(cryptosystem)">RSA algorithm</a>. Its security is based on the fact that it's really difficult to figure out <ahref="https://en.wikipedia.org/wiki/Factoring_problem">what two numbers constitute a very large composite number</a>.
Which finally brings us back to that t-shirt I showed you earlier! Basically, some smart dudes in the late 70's came up with the <ahref="https://en.wikipedia.org/wiki/RSA_(cryptosystem)"target="_blank"class="link-primary">RSA algorithm</a>. Its security is based on the fact that it's really difficult to figure out <ahref="https://en.wikipedia.org/wiki/Factoring_problem"target="_blank"class="link-primary">what two numbers constitute a very large composite number</a>.
<spanstyle="font-size: x-small;">Don't worry if this looks confusing. Just know that RSA's got maths.</span></p>
This algorithm gives you a public key which you can show to everyone, and then a private key which you keep only to yourself. Now if you wanted to talk to your homie Rivest, you'd look for his public key and use it to encrypt your message to him. Rivest then receives this encrypted message, and thanks to some unique mathematical properties of RSA, his private key is able to decrypt your message!
With sufficiently large RSA keys, it takes literally thousands of years for computers to crack it<ahref="#ref2">[2]</a>. It's not just how long it takes to crack an RSA key that makes it so groundbreaking; we've had things like the <ahref="https://en.wikipedia.org/wiki/One-time_pad">One-Time Pad</a>, which is truly uncrackable. No, it's the fact that you don't need to give your intended recipient a key beforehand. Imagine that your public key is essentially your house address, and everyone on the planet can now talk to you with complete security by simply looking you up on Yellow Pages.
With sufficiently large RSA keys, it takes literally thousands of years for computers to crack it<ahref="#ref2"class="link-primary">[2]</a>. It's not just how long it takes to crack an RSA key that makes it so groundbreaking; we've had things like the <ahref="https://en.wikipedia.org/wiki/One-time_pad"target="_blank"class="link-primary">One-Time Pad</a>, which is truly uncrackable. No, it's the fact that you don't need to give your intended recipient a key beforehand. Imagine that your public key is essentially your house address, and everyone on the planet can now talk to you with complete security by simply looking you up on Yellow Pages.
## Cracking The Code
@@ -73,28 +73,28 @@ The importance of this number is that it allows us to easily figure out how crac
<spanstyle="font-size: x-small;">We're under the UPPER + lower + 0-9 column. Scroll down to 10 for our password length. Now to the right, you can see how much time it takes to crack, on average, depending on how many guesses the attacker can make per second.</span></p>
So if you can make 100 billion guesses per second, then on average, you can crack this password in somewhere between 33 days and 4.4 months. That's not too shabby. If you have access to the database <ahref="https://haveibeenpwned.com/">(which is much more common than one might think)</a>, and they didn't use a good hashing algorithm to slow you down, then your target doesn't have much time to change their password before you can get into their account. Not only that, but people are prone to re-use passwords, so you can likely try your newly obtained username & password on different services your target might be using. Great work, black hat!
So if you can make 100 billion guesses per second, then on average, you can crack this password in somewhere between 33 days and 4.4 months. That's not too shabby. If you have access to the database <ahref="https://haveibeenpwned.com/"target="_blank"class="link-primary">(which is much more common than one might think)</a>, and they didn't use a good hashing algorithm to slow you down, then your target doesn't have much time to change their password before you can get into their account. Not only that, but people are prone to re-use passwords, so you can likely try your newly obtained username & password on different services your target might be using. Great work, black hat!
Now let's make more sense of these numbers. This 10 character password of ours could be in 1 of 839,299,365,868,340,200 possible states (i.e., 62 possible states per character, raised to the power of 10 for our password length). This means that, on average, you will need to try about half of those possibilities before you finally stumble across the correct one<ahref="#ref3">[3]</a>. If you have a handful of Nvidia GTX 1080 GPU's working on the same password, then <ahref="https://gist.github.com/epixoip/a83d38f412b4737e99bbef804a270c40">it can be cracked pretty much instantaneously</a> (with exceptions for databases using <ahref="https://auth0.com/blog/hashing-in-action-understanding-bcrypt/">newer hashing algorithms specifically designed to thwart the parallelization of GPUs</a>).
Now let's make more sense of these numbers. This 10 character password of ours could be in 1 of 839,299,365,868,340,200 possible states (i.e., 62 possible states per character, raised to the power of 10 for our password length). This means that, on average, you will need to try about half of those possibilities before you finally stumble across the correct one<ahref="#ref3"class="link-primary">[3]</a>. If you have a handful of Nvidia GTX 1080 GPU's working on the same password, then <ahref="https://gist.github.com/epixoip/a83d38f412b4737e99bbef804a270c40"target="_blank"class="link-primary">it can be cracked pretty much instantaneously</a> (with exceptions for databases using <ahref="https://auth0.com/blog/hashing-in-action-understanding-bcrypt/"target="_blank"class="link-primary">newer hashing algorithms specifically designed to thwart the parallelization of GPUs</a>).
To put RSA into perspective, data encrypted with 1024-bit RSA can be in 1 of ~3.2317 × 10^309 possible states. It took two years for researchers with many, many computers to <ahref="https://thehackernews.com/2017/07/gnupg-libgcrypt-rsa-encryption.html">crack one of those keys</a>. For the curious, you can try out <ahref="https://test.silentsilas.com/passgen/">my password generator</a> to interactively test the cracking speeds of various lengths/types of passwords. If it took a team of researchers two years to crack 1024 bits of entropy, imagine how fast you could crack it if you had the power of Big Brother in your hands!
To put RSA into perspective, data encrypted with 1024-bit RSA can be in 1 of ~3.2317 × 10^309 possible states. It took two years for researchers with many, many computers to <ahref="https://thehackernews.com/2017/07/gnupg-libgcrypt-rsa-encryption.html"target="_blank"class="link-primary">crack one of those keys</a>. For the curious, you can try out <ahref="https://test.silentsilas.com/passgen/"target="_blank"class="link-primary">my password generator</a> to interactively test the cracking speeds of various lengths/types of passwords. If it took a team of researchers two years to crack 1024 bits of entropy, imagine how fast you could crack it if you had the power of Big Brother in your hands!
### Randomness Is Tricky
Alright, so all this encryption stuff is cool and all. But let's tie this back in to the concept of randomness. You see, to generate keys for RSA and the like, we need to feed the key-generating algorithms strings of "randomness". It doesn't matter if you have 1024bit RSA keys if your attacker knows you always use the same numbers to generate them. In the real world, using a flawed number generator to produce keys will result in the encrypted data to not be as random as it should be; attackers can predict the output because the number generator has a few patterns that the attackers have picked up on.
And so to be a <ahref="https://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator">cryptographically-secure random number generator</a>, it only needs two properties:
And so to be a <ahref="https://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator"target="_blank"class="link-primary">cryptographically-secure random number generator</a>, it only needs two properties:
<spanstyle="font-size: large; font-weight: bold;">Uniformity</span> - each number is equally-probably to appear next. It's not more likely for a "7" to appear next compared to a "4", for instance.
<spanstyle="font-size: large; font-weight: bold;">Independence</span> - Each number generated tells you nothing about any previous or future values. If a "7" appears, then that shouldn't mean there was definitely a "4" before it, or a non "7" number after it.
To determine if your number generator has these two properties, you run it through what is called the <ahref="https://en.wikipedia.org/wiki/Next-bit_test">Next-Bit Test</a>. You'd have your number generator spit out 1's and 0's (which is what we call bits). If an attacker knows every bit that you've generated, it passes the test if they can't determine the next bit it generates without more than 50% accuracy. They should be wrong about half the time on whether it spits out a 1 or 0.
To determine if your number generator has these two properties, you run it through what is called the <ahref="https://en.wikipedia.org/wiki/Next-bit_test"target="_blank"class="link-primary">Next-Bit Test</a>. You'd have your number generator spit out 1's and 0's (which is what we call bits). If an attacker knows every bit that you've generated, it passes the test if they can't determine the next bit it generates without more than 50% accuracy. They should be wrong about half the time on whether it spits out a 1 or 0.
<spanstyle="font-size: x-small;">My money is on 1; 0 hasn't been doing too well this season.</span></p>
Ideally, you wouldn't want your source of randomness to come from a number generator at all. If the attacker knows your algorithm, and <ahref="https://en.wikipedia.org/wiki/Random_seed">which values you first inputted into that algorithm</a>, then they can determine _every single number it generates_. Instead, you'd want to rely on getting your random values from chaotic systems outside of the computer. This could be the noise generated by the fan, your exact mouse movements, the times at which you press certain keys, and so on. It's hard to get tons of random values from these sources, since they're limited by time. So in the real world, we use a hybrid method to generate keys. First you get "truly random" numbers from outside the computer, and then use those numbers to initialize your number generator. This way, it's very difficult for an attacker to know which values you started with, and you're free to generate as much randomness as your transistors desire.
Ideally, you wouldn't want your source of randomness to come from a number generator at all. If the attacker knows your algorithm, and <ahref="https://en.wikipedia.org/wiki/Random_seed"target="_blank"class="link-primary">which values you first inputted into that algorithm</a>, then they can determine _every single number it generates_. Instead, you'd want to rely on getting your random values from chaotic systems outside of the computer. This could be the noise generated by the fan, your exact mouse movements, the times at which you press certain keys, and so on. It's hard to get tons of random values from these sources, since they're limited by time. So in the real world, we use a hybrid method to generate keys. First you get "truly random" numbers from outside the computer, and then use those numbers to initialize your number generator. This way, it's very difficult for an attacker to know which values you started with, and you're free to generate as much randomness as your transistors desire.
<spanid="philosophy"></span>
@@ -102,18 +102,18 @@ Ideally, you wouldn't want your source of randomness to come from a number gener
I could go on and on about randomness. Hopefully it's apparent that we need separate words for the different types of "random" that we use in life. In fact, all of the randomness I've spoken about thus far are technically "quasi-random." They're simply larger and larger levels of complexity. There's no such thing as truly "random," at least for anything we'll come across in our day-to-day lives. I'm not a physicist, but the following is my current understanding of how quantum mechanics plays into the matter.
True randomness can be derived from an indeterministic system, but we've yet to prove whether such a <ahref="https://en.wikipedia.org/wiki/Indeterminism">system can exist</a>. Heisenburg's <ahref="https://www.britannica.com/science/uncertainty-principle/media/614029/216617">Uncertainty Principle</a> is probably our best argument that quantum mechanics is an indeterministic system. It states that, at the subatomic level, "the more precisely the position of some particle is determined, the less precisely its momentum can be known, and vice versa."<ahref="#ref4">[4]</a> Therefore it's impossible for us to know the state of every particle in the universe and "predict" the future. We could perhaps figure out a pretty likely future, but <ahref="https://en.wikipedia.org/wiki/Chaos_theory">chaos theory</a> throws a wrench in that plan. The implications of this Uncertainty Principle <ahref="https://en.wiktionary.org/wiki/God_does_not_play_dice_with_the_universe">freaked Einstein out</a>. He insisted that quantum mechanics is simply missing a local<ahref="#ref5">[5]</a> hidden variable, and upon knowing that variable, we can then accurately predict quantum interactions. But it wasn't long before we hit another <ahref="/imgs/epr_paradox.PNG">roadblock</a> with <ahref="/imgs/bells_theorem.PNG">Bell's Theorem</a>, whereby no theory with local hidden variables can reproduce quantum mechanic's predictions. This means there's either something that can <ahref="https://en.wikipedia.org/wiki/Tachyon">travel faster than the speed of light</a> to influence these particles, or the underlying laws of the universe are truly indeterministic. I won't be <ahref="/writes/wanderlust/">making any bets</a> on the matter. But in the meantime, we're good to use quantum (radioactive decay in particular) to generate random bits so long as it's undetermined whether quantum mechanics is indeterministic.
True randomness can be derived from an indeterministic system, but we've yet to prove whether such a <ahref="https://en.wikipedia.org/wiki/Indeterminism"target="_blank"class="link-primary">system can exist</a>. Heisenburg's <ahref="https://www.britannica.com/science/uncertainty-principle/media/614029/216617"target="_blank"class="link-primary">Uncertainty Principle</a> is probably our best argument that quantum mechanics is an indeterministic system. It states that, at the subatomic level, "the more precisely the position of some particle is determined, the less precisely its momentum can be known, and vice versa."<ahref="#ref4"class="link-primary">[4]</a> Therefore it's impossible for us to know the state of every particle in the universe and "predict" the future. We could perhaps figure out a pretty likely future, but <ahref="https://en.wikipedia.org/wiki/Chaos_theory"target="_blank"class="link-primary">chaos theory</a> throws a wrench in that plan. The implications of this Uncertainty Principle <ahref="https://en.wiktionary.org/wiki/God_does_not_play_dice_with_the_universe"target="_blank"class="link-primary">freaked Einstein out</a>. He insisted that quantum mechanics is simply missing a local<ahref="#ref5"class="link-primary">[5]</a> hidden variable, and upon knowing that variable, we can then accurately predict quantum interactions. But it wasn't long before we hit another <ahref="/imgs/epr_paradox.PNG"class="link-primary">roadblock</a> with <ahref="/imgs/bells_theorem.PNG"target="_blank"class="link-primary">Bell's Theorem</a>, whereby no theory with local hidden variables can reproduce quantum mechanic's predictions. This means there's either something that can <ahref="https://en.wikipedia.org/wiki/Tachyon"target="_blank"class="link-primary">travel faster than the speed of light</a> to influence these particles, or the underlying laws of the universe are truly indeterministic. I won't be <ahref="/poetry/wanderlust/"class="link-primary">making any bets</a> on the matter. But in the meantime, we're good to use quantum (radioactive decay in particular) to generate random bits so long as it's undetermined whether quantum mechanics is indeterministic.
## Footnotes
<p><spanid="ref0">[0]</span><ahref="https://www.expunctis.com/2019/03/07/Not-so-random.html">This interactive site</a> has you repeatedly press left or right, while the computer guesses what moves you make. There's also a button to have a pseudo-random algorithm choose for you, and it will assuredly fare better than you (unless you really know your math and feed it a <ahref="https://en.wikipedia.org/wiki/De_Bruijn_sequence">6-gram De Bruijn sequence</a>)</p>
<p><spanid="ref0"class="link-primary">[0]</span><ahref="https://www.expunctis.com/2019/03/07/Not-so-random.html"target="_blank"class="link-primary">This interactive site</a> has you repeatedly press left or right, while the computer guesses what moves you make. There's also a button to have a pseudo-random algorithm choose for you, and it will assuredly fare better than you (unless you really know your math and feed it a <ahref="https://en.wikipedia.org/wiki/De_Bruijn_sequence"target="_blank"class="link-primary">6-gram De Bruijn sequence</a>)</p>
<p><spanid="ref1">[1]</span> You can even find encryption tips in an <ahref="https://en.wikipedia.org/wiki/Mlecchita_vikalpa">ancient Hindu text</a> on sexuality. It seems that all is `****` in love and war.</p>
<p><spanid="ref1"class="link-primary">[1]</span> You can even find encryption tips in an <ahref="https://en.wikipedia.org/wiki/Mlecchita_vikalpa"target="_blank"class="link-primary">ancient Hindu text</a> on sexuality. It seems that all is `****` in love and war.</p>
<p><spanid="ref2">[2]</span> It should be noted that it's still unproven whether RSA's math is truly difficult to solve. Any day now, someone may come up with a mathemetical technique to quickly factor large numbers. Or we may develop a quantum computer with enough qubits to blow through every possible solution in a moment.</p>
<p><spanid="ref2"class="link-primary">[2]</span> It should be noted that it's still unproven whether RSA's math is truly difficult to solve. Any day now, someone may come up with a mathemetical technique to quickly factor large numbers. Or we may develop a quantum computer with enough qubits to blow through every possible solution in a moment.</p>
<p><spanid="ref3">[3]</span> If you're doubtful that anyone is out there trying to crack your password in particular, then let <ahref="https://hashes.org/leaks.php">this site</a> be a sobering wake-up call; It's an entire community dedicated to cracking passwords from database leaks, including the most recent & legendary <ahref="https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/">Collection #1</a> leak. It's very, very likely that you have credentials in one of these leaks. You can see for yourself with Troy Hunt's <ahref="https://haveibeenpwned.com/">Have I Been Pwned</a> service. It's a safe site; Troy Hunt is a well-known security researcher, and this service of his is built-in to the amazing 1Password app.</p>
<p><spanid="ref3"class="link-primary">[3]</span> If you're doubtful that anyone is out there trying to crack your password in particular, then let <ahref="https://hashes.org/leaks.php"target="_blank"class="link-primary">this site</a> be a sobering wake-up call; It's an entire community dedicated to cracking passwords from database leaks, including the most recent & legendary <ahref="https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/"target="_blank"class="link-primary">Collection #1</a> leak. It's very, very likely that you have credentials in one of these leaks. You can see for yourself with Troy Hunt's <ahref="https://haveibeenpwned.com/"target="_blank"class="link-primary">Have I Been Pwned</a> service. It's a safe site; Troy Hunt is a well-known security researcher, and this service of his is built-in to the amazing 1Password app.</p>
<p><spanid="ref4">[4]</span><ahref="https://en.wikipedia.org/wiki/Uncertainty_principle">The Uncertainty Principle</a> - Should also be noted that this differs from the <ahref="https://en.wikipedia.org/wiki/Observer_effect_(physics)">Observer Effect</a>, wherein the act of observation disturbs the state of the particle (since the light we must use to observe the state interacts with it). Heisenburg himself originally thought his Uncertainty Principle was the mathematical explanation of the observer effect, but it's actually a mathematical explanation of how much information can be gleaned from the particle-wave duality, which we can now experientially test.</p>
<p><spanid="ref4"class="link-primary">[4]</span><ahref="https://en.wikipedia.org/wiki/Uncertainty_principle"target="_blank"class="link-primary">The Uncertainty Principle</a> - Should also be noted that this differs from the <ahref="https://en.wikipedia.org/wiki/Observer_effect_(physics)"target="_blank"class="link-primary">Observer Effect</a>, wherein the act of observation disturbs the state of the particle (since the light we must use to observe the state interacts with it). Heisenburg himself originally thought his Uncertainty Principle was the mathematical explanation of the observer effect, but it's actually a mathematical explanation of how much information can be gleaned from the particle-wave duality, which we can now experientially test.</p>
<p><spanid="ref5">[5]</span> Local, in this context, means it can only be influenced by its immediate surroundings. Nonlocality scares Einstein, because it means that _something_ can travel faster than the speed of light, breaking the theory of relativity. For more info, look up "Spooky Action At A Distance".</p>
<p><spanid="ref5"class="link-primary">[5]</span> Local, in this context, means it can only be influenced by its immediate surroundings. Nonlocality scares Einstein, because it means that _something_ can travel faster than the speed of light, breaking the theory of relativity. For more info, look up "Spooky Action At A Distance".</p>
Hey there! Welcome to <ahref="/writes/silent-silas/">Silent Silas</a>. I write code during the day, and poetry at night. This is my playground.
Hey there! Welcome to <ahref="/poetry/silent-silas/"class="link-primary">Silent Silas</a>. I write code during the day, and poetry at night. This is my playground.
This section in particular is where I'll discuss my terrible opinions on life, the universe, and the <ahref="https://pastebin.com/raw/QUMSr4q5">objectification of humanity</a>.
This section in particular is where I'll discuss my terrible opinions on life, the universe, and the <ahref="https://pastebin.com/raw/QUMSr4q5"target="_blank"class="link-primary">objectification of humanity</a>.
For the web developers out there, this was built with <ahref="https://kit.svelte.dev/">SvelteKit</a> via the <ahref="https://threlte.xyz/">Threlte Framework</a> so that my web experiments that rely on ThreeJS can be hosted here. It'll eventually use <ahref="https://github.com/GoogleChromeLabs/sw-toolbox">Service Workers</a> so that the entirety of the site is available offline.
For the web developers out there, this was built with <ahref="https://kit.svelte.dev/"target="_blank"class="link-primary">SvelteKit</a> via the <ahref="https://threlte.xyz/"target="_blank"class="link-primary">Threlte Framework</a> so that my web experiments that rely on ThreeJS can be hosted here. It'll eventually use <ahref="https://github.com/GoogleChromeLabs/sw-toolbox"target="_blank"class="link-primary">Service Workers</a> so that the entirety of the site is available offline.
As with most computer scientists, I stand on the <ahref="/imgs/cs_abstraction.jpg">shoulders of giants</a>.
As with most computer scientists, I stand on the <ahref="/imgs/cs_abstraction.jpg"target="_blank"class="link-primary">shoulders of giants</a>.
The code is on <ahref="https://github.com/Poeticode/silentsilas.com">Github</a> under the MIT license (while the poetry is under a restrictive Creative Commons license).
The code is on <ahref="https://git.silentsilas.com/silentsilas/playground"target="_blank"class="link-primary">Git</a> under the MIT license (while the poetry is under a restrictive Creative Commons license).
Tea is filled to the brim with a rich history spanning several millenia. We have historical documents which show that tea was produced and appreciated as early as 1,100 BC in southwest China<ahref="#ref1"class="footnote-link">[1]</a>. And according to legends, it's believed that in 2737 BC, the servants of the mythic emperor Shennong were boiling water to remove its impurities for him to drink. A dead leaf from a tea bush fell in, and was presented to the emperor with its brownish color gone unnoticed. The emperor took a liking to the taste, and thus tea was born.
Tea is filled to the brim with a rich history spanning several millenia. We have historical documents which show that tea was produced and appreciated as early as 1,100 BC in southwest China<ahref="#ref1"class="link-primary">[1]</a>. And according to legends, it's believed that in 2737 BC, the servants of the mythic emperor Shennong were boiling water to remove its impurities for him to drink. A dead leaf from a tea bush fell in, and was presented to the emperor with its brownish color gone unnoticed. The emperor took a liking to the taste, and thus tea was born.
<pstyle="text-align: center; padding: 16px 0px;"><atarget="_blank"href="/imgs/lithograph.jpg"><imgsrc='/imgs/lithograph.jpg'style='display:block; margin: 0 auto;'/></a><spanstyle="font-size: small;">Photo-lithograph of the Huayang Guozhi—Bazhi, the oldest document to mention tea</span></p>
@@ -36,19 +36,19 @@ Deep into thoughts of ages past.</blockquote>
## Types of Tea
The most crucial aspect of harvesting tea, and what differentiates a green tea from a red tea (which is what the West calls black tea<ahref="#ref2"class="footnote-link">[2]</a>, but will be refered to here as red tea from henceforth), is how long the leaves are oxidized. When the tea leaves are plucked and exposed to oxygen, their cell walls break down and gradually blacken in color. Through this process, the bitter polyphenols, catechins, are converted into less bitter polyphenols, tannins, which are richer and astringent, often giving a malty or fruity taste.<ahref="#ref3"class="footnote-link">[3]</a>
The most crucial aspect of harvesting tea, and what differentiates a green tea from a red tea (which is what the West calls black tea<ahref="#ref2"class="link-primary">[2]</a>, but will be refered to here as red tea from henceforth), is how long the leaves are oxidized. When the tea leaves are plucked and exposed to oxygen, their cell walls break down and gradually blacken in color. Through this process, the bitter polyphenols, catechins, are converted into less bitter polyphenols, tannins, which are richer and astringent, often giving a malty or fruity taste.<ahref="#ref3"class="link-primary">[3]</a>
Once the leaves reach the desired level of oxidization, they are heated up to stop the oxidization process, usually by steaming or roasting which has its own impact on how the tea will taste. Japanese green teas are generally steamed, which helps retain its green hue and vegetal taste, while Chinese green teas are roasted imparting a toasty flavor and a more yellow hue. Red teas are gently dried in the sun to reach the highest levels of oxidization without it going stale. A fun outlier is lapsang souchong, a chinese red tea roasted over a fire of pine, resulting in a very smoky aroma and taste.
<pstyle="text-align: center; padding: 16px 0px;"><atarget="_blank"href="/imgs/tea_process.png"><imgsrc='/imgs/tea_process.png'style='display:block; margin: 0 auto;'/></a><spanstyle="font-size: x-small;">There are quite a lot of steps before tea makes it to your cup.</span></p>
<p><atarget="_blank"rel="noopener noreferrer"href="https://wendigotea.com/products/bigfoot-tea">Red</a> teas are the most oxidized (80% - 95% oxidized). They are rolled upon plucking to damage them, speeding up the oxidization process. They can have the widest range of flavor, as less bitter catechins remain to mask the flavors picked up from their environment.</p>
<p><atarget="_blank"rel="noopener noreferrer"href="https://wendigotea.com/products/bigfoot-tea"class="link-primary">Red</a> teas are the most oxidized (80% - 95% oxidized). They are rolled upon plucking to damage them, speeding up the oxidization process. They can have the widest range of flavor, as less bitter catechins remain to mask the flavors picked up from their environment.</p>
<p><atarget="_blank"rel="noopener noreferrer"href="https://wendigotea.com/products/wendigo-green-tea">Green</a> teas are the least oxidized (1% - 3% oxidized), and are heated up immediately after they're plucked. They taste vegetal and grassy, and are steeped at a lower water temperature to extract less of the bitter catechins.</p>
<p><atarget="_blank"rel="noopener noreferrer"href="https://wendigotea.com/products/wendigo-green-tea"class="link-primary">Green</a> teas are the least oxidized (1% - 3% oxidized), and are heated up immediately after they're plucked. They taste vegetal and grassy, and are steeped at a lower water temperature to extract less of the bitter catechins.</p>
<p><atarget="_blank"rel="noopener noreferrer"href="https://wendigotea.com/products/king-dragon-oolong">Oolong</a> teas have the broadest range of oxidization (10% to 80% oxidized). Consequently, their flavor widely varies. A less oxidized oolong will taste more vegetal and floral like a green tea, while one on the higher end of oxidization might be rich and malty like a red tea.</p>
<p><atarget="_blank"rel="noopener noreferrer"href="https://wendigotea.com/products/king-dragon-oolong"class="link-primary">Oolong</a> teas have the broadest range of oxidization (10% to 80% oxidized). Consequently, their flavor widely varies. A less oxidized oolong will taste more vegetal and floral like a green tea, while one on the higher end of oxidization might be rich and malty like a red tea.</p>
<atarget="_blank"rel="noopener noreferrer"href="https://wendigotea.com/products/skunk-ape-aged-oolong">Black</a> tea (again, not what the West calls black tea) brings an entirely new element to the mix. It's not determined by its level of oxidization, but whether the leaves are fermented. Microbes break down compounds in the leaves, altering their flavor profile. There are two different methods to age the tea. Raw black tea refers to the traditional method where you simply stow the tea away to slowly ferment over the years, peaking at roughly 50 years before the leaves begin to degrade. Ripe black tea refers to a new technique discovered in 1973, where the leaves are stored in large piles in a humid environment and splashed with water, turning them every other day for up to a month. They're then stowed away like a raw black tea, but peak in quality in only 20 years. These fermented teas tend to have a musty smell and taste earthier as the years go by. They are the aged wines of tea, and can be just as expensive.
<atarget="_blank"rel="noopener noreferrer"href="https://wendigotea.com/products/skunk-ape-aged-oolong"class="link-primary">Black</a> tea (again, not what the West calls black tea) brings an entirely new element to the mix. It's not determined by its level of oxidization, but whether the leaves are fermented. Microbes break down compounds in the leaves, altering their flavor profile. There are two different methods to age the tea. Raw black tea refers to the traditional method where you simply stow the tea away to slowly ferment over the years, peaking at roughly 50 years before the leaves begin to degrade. Ripe black tea refers to a new technique discovered in 1973, where the leaves are stored in large piles in a humid environment and splashed with water, turning them every other day for up to a month. They're then stowed away like a raw black tea, but peak in quality in only 20 years. These fermented teas tend to have a musty smell and taste earthier as the years go by. They are the aged wines of tea, and can be just as expensive.
<pstyle="text-align: center; padding: 16px 0px;"><atarget="_blank"href="/imgs/black_tea.png"><imgsrc='/imgs/black_tea.png'style='display:block; margin: 0 auto;'/></a><spanstyle="font-size: small;">Pu-erh is fermented tea from Yunnan, China</span></p>
@@ -62,24 +62,24 @@ Sunlight exposure has its own chemical reaction that influences the taste of the
There will also be differences in tea by their location, due to the climate they're grown in and which varietal of tea plant species they are. For example, teas grown in India generally produce a stronger red tea than those grown in the various provinces of China. There's even a relatively new varietal grown in Kenya called Purple Tea, named for their vibrant purple leaves.
And of course, the tea to water ratio, steeping time, and water temperature<ahref="#ref4"class="footnote-link">[4]</a> are integral to getting the perfect cup of tea. Red teas are tougher due to their high oxidization and thus can be steeped at a boiling temperature for 3-5 minutes, extracting the most out of the leaves. Oolong can generally handle 190 - 200f, with green tea the most sensitive at 170 - 180f. If they're steeped for too long, more of the bitter catechins will be extracted and take over. This is also why it's important to be sure to filter out any small particulates of the leaves to prevent oversteeping. High quality leaves will have less "dust" you need to filter out due to their freshness and tenderness; the leaves turn more brittle as time passes.
And of course, the tea to water ratio, steeping time, and water temperature<ahref="#ref4"class="link-primary">[4]</a> are integral to getting the perfect cup of tea. Red teas are tougher due to their high oxidization and thus can be steeped at a boiling temperature for 3-5 minutes, extracting the most out of the leaves. Oolong can generally handle 190 - 200f, with green tea the most sensitive at 170 - 180f. If they're steeped for too long, more of the bitter catechins will be extracted and take over. This is also why it's important to be sure to filter out any small particulates of the leaves to prevent oversteeping. High quality leaves will have less "dust" you need to filter out due to their freshness and tenderness; the leaves turn more brittle as time passes.
## Gongfu Cha
To get the most out of your finest red or black tea, you can also try your hand at gongfu cha. It essentially means skillful brewing of tea, and is an artform in itself. Instead of the traditional Western method of brewing a teaspoon of tea in a cup's worth of water for a few minutes, you brew ~1.5 teaspoons of tea in half a cup of water and let it steep for only a few seconds<ahref="#ref5"class="footnote-link">[5]</a>. This first steep opens up the leaves to bring out more flavor, but the liquor will be weak and unimpressive. It's only used to warm up your teaware before finally pouring it out. You then heat up the water again and steep the leaves for ~10 seconds, adding 10 to 15 seconds with each subsequential steep. You will be able to taste the different flavor profiles of the tea with every steep until you tire out the leaves and the strength of the flavors weaken.
To get the most out of your finest red or black tea, you can also try your hand at gongfu cha. It essentially means skillful brewing of tea, and is an artform in itself. Instead of the traditional Western method of brewing a teaspoon of tea in a cup's worth of water for a few minutes, you brew ~1.5 teaspoons of tea in half a cup of water and let it steep for only a few seconds<ahref="#ref5"class="link-primary">[5]</a>. This first steep opens up the leaves to bring out more flavor, but the liquor will be weak and unimpressive. It's only used to warm up your teaware before finally pouring it out. You then heat up the water again and steep the leaves for ~10 seconds, adding 10 to 15 seconds with each subsequential steep. You will be able to taste the different flavor profiles of the tea with every steep until you tire out the leaves and the strength of the flavors weaken.
<pstyle="text-align: center; padding: 16px 0px;"><atarget="_blank"href="/imgs/gongfu.png"><imgsrc='/imgs/gongfu.png'style='display:block; margin: 0 auto;'/></a><spanstyle="font-size: small;">A slotted tray for gongfu cha, to capture the first discarded pour and any accidental spills.</span></p>
There's a lot more to be said on the production and preparation of tea, but hopefully this whets your appetite to dive into the world of loose leaf teas! If you're interested in giving it a try, I use this <atarget="_blank"rel="noopener noreferrer"href="https://wendigotea.com/collections/teaware/products/lucidity-brew-in-cup-with-stainless-infuser-lid-12-oz">single-serve cup infuser</a> on a daily basis.
There's a lot more to be said on the production and preparation of tea, but hopefully this whets your appetite to dive into the world of loose leaf teas! If you're interested in giving it a try, I use this <atarget="_blank"rel="noopener noreferrer"href="https://wendigotea.com/collections/teaware/products/lucidity-brew-in-cup-with-stainless-infuser-lid-12-oz"class="link-primary">single-serve cup infuser</a> on a daily basis.
## Footnotes
<pclass="footnote"><ahref="#"id="ref1"class="footnote-link">[1]</a> Found in the Huayang Guozhi—Bazhi - A local gazetter from ~350AD in southwest China consisting of biographies of various rulers, including King Wu of the Zhou Dynasty and his 1066 BC expedition against eight principalities, whereby tea was used as tribute offerings.</p>
<pclass="footnote"><ahref="#"id="ref1"class="link-primary">[1]</a> Found in the Huayang Guozhi—Bazhi - A local gazetter from ~350AD in southwest China consisting of biographies of various rulers, including King Wu of the Zhou Dynasty and his 1066 BC expedition against eight principalities, whereby tea was used as tribute offerings.</p>
<pclass="footnote"><ahref="#"id="ref2"class="footnote-link">[2]</a> The East classified their teas by the color of the liquid after it's brewed. It's thought that a simple mistranslation between western and eastern traders resulted in the West believing the distinction was based on the color of the leaves. To add to the confusion, red teas in the West are now associated with rooibos tea. And finally, there's debate on how oolong got its name (literally "black dragon"), but it's likely referring to the color and shape of the leaves, breaking the usual system of classification.</p>
<pclass="footnote"><ahref="#"id="ref2"class="link-primary">[2]</a> The East classified their teas by the color of the liquid after it's brewed. It's thought that a simple mistranslation between western and eastern traders resulted in the West believing the distinction was based on the color of the leaves. To add to the confusion, red teas in the West are now associated with rooibos tea. And finally, there's debate on how oolong got its name (literally "black dragon"), but it's likely referring to the color and shape of the leaves, breaking the usual system of classification.</p>
<pclass="footnote"><ahref="#"id="ref3"class="footnote-link">[3]</a> Heavier polyphenols, known as tannins, taste less bitter than lighter ones like catechins. The reason for this is still a mystery to this day!</p>
<pclass="footnote"><ahref="#"id="ref3"class="link-primary">[3]</a> Heavier polyphenols, known as tannins, taste less bitter than lighter ones like catechins. The reason for this is still a mystery to this day!</p>
<pclass="footnote"><ahref="#"id="ref4"class="footnote-link">[4]</a> It's also very important to use clean purified/spring water. You will notice a night and day difference in taste using filtered water versus unfiltered tap water. The hardness of tap water will simply make it taste funky.</p>
<pclass="footnote"><ahref="#"id="ref4"class="link-primary">[4]</a> It's also very important to use clean purified/spring water. You will notice a night and day difference in taste using filtered water versus unfiltered tap water. The hardness of tap water will simply make it taste funky.</p>
<pclass="footnote"><ahref="#"id="ref5"class="footnote-link">[5]</a> The ratio of tea to water actually varies by the shape of the tea leaves and whether it's compressed (which is common for fermented teas as they are stored this way), but these measurements should get you in the right ballpark. Ideally you should use a scale to measure the tea's weight, as teaspoons are unreliable to determine how much tea is in your cup.</p>
<pclass="footnote"><ahref="#"id="ref5"class="link-primary">[5]</a> The ratio of tea to water actually varies by the shape of the tea leaves and whether it's compressed (which is common for fermented teas as they are stored this way), but these measurements should get you in the right ballpark. Ideally you should use a scale to measure the tea's weight, as teaspoons are unreliable to determine how much tea is in your cup.</p>
The information above is just a small snippet of your browser's fingerprint. It's the data that websites can collect about the device you're using. (They're also able to <spanid="geolocation"style="color: #3cdc3c;cursor: pointer;">access your GPS</span> if you're silly enough to let them.)
The information above is just a small snippet of your browser's fingerprint. It's the data that websites can collect about the device you're using. (They're also able to <spanid="geolocation"class="link link-primary">access your GPS</span> if you're silly enough to let them.)
At first glance, the data looks pretty innocuous. Who cares if people know what browser you're using, or what plugins you've installed? Is it the end of the world if they know that you're a Mac user?
@@ -22,13 +22,13 @@ Well, individually, the data _is_ indeed innocuous. The original purpose in givi
Once you put all of the information together, however, there's a potential for misuse. It's very easy to be the only person on the digital planet running that exact version of browser on that exact OS with those exact plugins/fonts installed, et cetera.
Using this information, it's possible to <spanid="uuid"style="color: #3cdc3c; cursor:pointer; overflow-wrap: break-word;">derive a Unique User Identification Number</span>[0] and use it to track you across the internet, regardless of where you're connecting from.
Using this information, it's possible to <spanid="uuid"style="overflow-wrap: break-word;"class="link link-primary">derive a Unique User Identification Number</span>[0] and use it to track you across the internet, regardless of where you're connecting from.
An advertisement network will check if they have this identification number. If they do, then that means that they already have a list of sites the user has previously visited, along with any other data they've determined about the user. This is then used to display ads relevant to your assumed interests.
This type of invasive tracking, on the other hand, is also used to flag suspicious activity with your online accounts. I'm sure you've encountered sites that require you to click a link in your email to verify that a new device was indeed you. This is a great and highly effective service to thwart malicious login attempts[1].
But it's hard to know what goes on behind the curtains. Those sites providing these security services could also be using that same personal information in many other ways. The EU's <ahref="https://www.eugdpr.org/">GDPR</a> is supposed to ensure companies are transparent about what's done with such information, but it's difficult to enforce and easy to evade.
But it's hard to know what goes on behind the curtains. Those sites providing these security services could also be using that same personal information in many other ways. The EU's <ahref="https://www.eugdpr.org/"target="_blank"class="link-primary">GDPR</a> is supposed to ensure companies are transparent about what's done with such information, but it's difficult to enforce and easy to evade.
[0]: You put all the information together and run it through a 'hashing algorithm'. The same information will always result in the same string of numbers and letters. A slight change in this information (like if the user updates their browser) will result in a vastly different string, so additional work has to be done for this tracking to be effective.
<br/>
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
