Use Mailvelope to send and receive encrypted email. Uses PGP encryption, the same method Edward Snowden used to reach out to reporters in 2013. When used properly, with the private key protected, there is no known successful direct attack against PGP. Most attacks focus on indirect methods such as stealing a password, keystroke logger or snooping over someone’s shoulder.
1) Install Mailvelope on Chrome or Firefox
2) Create a public/Private key for yourself
3) Share your PUBLIC key (NOT YOUR PRIVATE KEY)
4) Collect your friends Public key and import them to your Mailvelope Key ring.
5) Message away with complete privacy.
Always remember to lock your computer, and don’t share your private key or give anyone access.
I found an amazing website that does a brilliant job of using a a couple simple concepts to combine for an incredibly useful tool. OriginStamp.org is a true gift to the world by developers André Gernandt and Bela Gipp. In conversation with them they told me, “We started this project just for fun and didn’t expect so many people to use it.”
The site’s popularity doesn’t surprise me — it’s awesome! They have created a FREE service that allows anyone to prove they possessed any type of electronic file before a specific date. The electronic file could be as simple as a string of text, or as massive as a movie file.
I’ll dive into the technical details later, but consider a couple basic applications:
Someone has written an amazing script and wants to have it logged as their work, before sharing with a publisher.
Someone moves into a new rental property, and takes extensive video of the condition of the property, which they want to archive on the day of their move-in. By archiving the footage, the landlord cannot argue that the video was taken on the move out date.
Someone wants to log a text prediction. Example would be if I said, in 2015, “I, PG CodeRider, predict the Cubs will win the 2016 World Series in a game 7 thriller against the Indians!” it would be pretty impressive!
Without OriginStamp, creating verifiable proof of a file’s existence, before a certain date is difficult (having a “saved as” date with the file doesn’t count). Users would likely have to defer to a third party to provide proof of ownership. This lends itself to the following problems:
The third party site likely costs money.
The third party site may disappear.
The third party site may not remain credible to the rest of the world.
The third party site might experience a server crash, hack, or accidentally delete your file.
OriginStamp avoids all of these problems. The simplicity of their approach, combined with their robust method of validation, makes it truly an elegant creation. The site ingeniously leverages the bitcoin blockchain as a point of reference. Because the blockchain is a decentralized entity with literally thousands of people monitoring its integrity, it is impossible to manipulate historical entries. Additionally, due to this same decentralized nature of the blockchain, it is difficult to imagine a scenario where the Blockchain would suddenly cease to exist. Thus a user can rest assured knowing their claim is verifiable so long as the internet remains functional and Bitcoin continues to have even a small percentage of people using it.
How You Can Use This Tool (without actually understanding it)
For those of you that just want to “trust me” and believe this works, without understanding why, here’s a step by step guide of how you can use it:
1) Create a FINAL VERSION of a file or text that you want to verify. It is critical that not a single change occurs in your file, or it won’t be verifiable in the future. Example is if you write a million word novel, once you submit it, you can only reference that version you submitted. A change to a single character will make the entire file incapable of being proven to be your file at the time of the transaction.
I’m going to go through this process by validating a screenshot I created with my 2016 presidential predictions. Again, the “Final Version” is very key, and it’s easy to overlook how it’s possible to accidentally alter. In my case, I cannot simply post a copy of the JPG file of my prediction and maintain the integrity, because when a user downloads the file, certain attributes such as the “saved date” would be different than the original. Thus I have posted a zipped version of my jpg file, which if someone were to download and extract the jpg file, would ultimately be my FINAL VERSION.
It’s also important to note that you include something that references you as the creator in the file, so that no one else can claim it as their work. My file has my name in the screenshot.
In my example, the exact SHA-256 hash of my FINAL VERSION is: 3742fd0fcebd60f38995429e736a1e2f3f040ea367c21ce87cb1b9bcd89e5d89
If you aren’t certain you’ve hashed correctly from a 3rd party site, you could cross check with a single letter of text “a” which should result in: ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb
Make sure you have a copy of your hash, as well as the original copy of your file.
3) After submitting your file, you will get a notification saying your hash has successfully been created. Note that OriginStamp will not “submit” it to the blockchain until about 7PM East Coast time. They only submit free submissions once a day, to keep their costs down, and depending on how busy the blockchain is it may take up to 2 days to register. If you’re in a hurry to get your hash submitted, they offer a premium service to accomplish this where they wallop you with a colossal fee of $1 to get it in right away.
4) If you trust OriginStamp to remain in existence forever, you need not do anything further. When you need verify the date of your file, go to their website, click Verify Stamp, and enter your hash, or drag in your file, and the site will tell you when it was submitted. However if you wish to be able to validate your file without the existence of Originstamp, you’ll need to collect a few more pieces of information. After waiting a day or two, you’ll need to revisit OriginStamp, click Verify Stamp, enter your hash or upload file and it will take you to a confirmation page. On this page, it will list of all the hash submissions as well as the Check Sum hash. You should store both of this with your final version file. The list of all hashes can be a somewhat long now as the site gains popularity.
Hopefully you would never have to defend the legitimacy of your file, but if you did, you should have a pretty convincing case. Of course, I have no idea how a jury would react to this information, or if it would even be admissible as evidence. However, to illustrate what you have, below is how I would argue the authenticity of my Presidential prediction if someone was accusing me of being a fraud in a court of law
Me: “Your honor, I did in fact create this JPG on 10/31/2016. To prove it I used a site called OriginStamp. This site took my file and hashed it using the SHA-256 method. If you go to OriginStamp, they will confirm this transaction.”
Accuser: “What the heck is OriginStamp?!? Judge, objection! I’ve never heard of this site. How can we trust its validity?”
Me: “Okay forget going to OriginStamp, we can walk through what they did. OriginStamp created an SHA-256 hashed text of my file (see above). OriginStamp then took ANOTHER SHA-256 hash (the Check Sum) of all the other records they received that day. I have a list of these and the SHA-256 hash of these can be conducted on numerous sites.
“As is the nature of SHA-256 hashes, they are relatively easy to calculate in one direction, but impossible to conduct in a reverse manner. Stated differently, I can claim with utmost certainty that no one on the planet can produce any SHA-256 pre-calculation string which results in the same final hash output as any of mine, without using my file or text. Such an effort would take far more than millions of years with today’s computing power.”
Accuser: “So what he has a hash that is unique? What does this prove?”
Me: “It doesn’t prove anything yet, but as a final step, Originstamp used the final Check Sum hash along with Base 58 encoding, to find a Bitcoin address to log a small Bitcoin transaction which cleared on 11/3/2016. This process can also be demonstrated on multiple websites, I have a screenshot from Brainwalletx.Github.io. A user simply needs to enter the Check Sum as the Secret Exponent to generate the address that was used. What this means is that this address was specifically used for this purpose we have outlined. The possibility that this address which comprises a hashed connection to my exact file is incredibly unlikely.”
Accuser: “So you’re saying there’s a chance…”
Me: “Technically yes, but the fact that an active address which I found with my specific JPG hash in it is beyond infinitesimal. There are exactly 2^256 possible bitcoin addresses — that’s far more atoms than there are on earth, sun, and other planets, combined. The likeliness of this series of events happening is less than me playing the Mega Millions Lottery and winning, four times in a row.”
Accuser: “Okay so how do we know you didn’t make the entry after the election?”
Me: “The blockchain’s integrity is maintained by thousands, perhaps millions of computers validating transactions. At the end of Sep 2016, the hash calculation rate per second was 2.6×10^16. This represents far more processing power than any single entity such as the United States government could direct at the blockchain in hopes of manipulating the network. It would be easy for me to find at least a dozen articles on the web, or a computer science professor to testify how unrealistic back-dating entries in the block chain is.”
Accuser: “I still think this is bogus”
Ultimately your argument would likely hinge on testimony of some math expert, but that’s my best effort to simulate how to defend the legitimacy of the transaction. Note the links in the discussion above for reference on how Base58 encoding is conducted.
For better or worse, I have been entangled with Google Drive since its inception. It’s not perfect, but the ability to access it through most customers’ networks or while using their mandated laptops has proven extremely useful. My most common usage is accessing notes or solutions I’ve compiled from previous projects. I realize lots of offer ways to do this, some probably better. But Drive was one of the first I found, so I have a lot in there which makes the concept of switching to GitHub, OneNote or something else seem not worth the effort.
One problem I did encounter was saving text in the Google Doc format. When storing saved code for VBA or Swift, Docs occasionally applies little adjustments in the formatting or attempt to spell check which was undesirable. What I really wanted was a text editor like Notepad. Google drive does let you save Text files, but they weren’t very easy to edit from the normal interface.
I found a great solution with an app called Drive Notepad available in the Chrome Webstore. This does almost everything I want with some helpful features. Most notably, you can adjust what language your code is displayed in, which is extremely useful for its readability. Initially I was just looking for a text editor (which there are plenty of), but this works even better. See screenshots below.movie Rings trailer
Can share with usual google share options, though not in real time like doc or sheets.
Searchable as a regular google drive. I use excessive comments in my archived solutions specifically to facilitate the searching based on what I will likely remember.
Have to manually save. Unlike google drive document that saves literally in real time, Drive NotePad requires you to manually hit save or CTL S. This has never been a problem for me as it delivers a warning when you navigate away after changes, but it would be nice to have. I’m sure the creator has been bombarded by this request.
Files count against your storage space on google drive. Nobody should care about this, I just am listing it in case anyone was curious. Source text takes up an infinitesimal amount of space that this will never be an issue. I always got some quirky satisfaction of knowing that Google Docs and Sheets never counted against my storage limit (which I’m not near close to hitting). If you’re rolling your eyes that I listed this as a small drawback, I don’t blame you.
Yesterday Pat Conroy died at age 70. He appears to have died of cancer, which to me is a bit of a relief that he didn’t go out more like Hemingway. Conroy was very open about some depression he experienced and suicidal tendencies in his family. Regardless, the author produced several books that I consider terrific.
Most notably to me was The Lords of DisciplineI enjoyed so much, it’s essentially embedded in my DNA as it ranks as one of the most enjoyable reads in my lifetime. Granted, I read it in high school, and the characters may now seem cookie cutter if you’ve seen a bunch of movies or books since its creation in 1980. However it’s easy to overlook the flaws as the writing is fantastic, the humor is suburb, and the emotional roller coaster is real.
The main character is a person that I think “coders” could appreciate. He experiences a brutal military academy with a critical perspective that many decentralized thinkers may appreciate. Logical questions about military training such as, “Why learn to march in unison?” or “Why humiliate new members?”
The book also dives deep into young male emotions including friendship, honor, deepest purpose, love and challenging institutional establishment. Considering that the main character is a basketball skinny white guy with a wise-ass sense of humor, it’s no surprise that it was easy for me to relate to him. Yet people who don’t share my bias have often enjoyed this book, so I’d recommend it to virtually anyone.
Important to note that this is fiction. Conroy did go to the military school mentioned and followed a similar path as the main character, but the grand events are mostly made up. I don’t typically read fiction, but this one is worth it.
One of the best quotes: “Evil would always come to me disguised in systems and dignified by law.”
He’s written other good ones. If you want to read one of the most entertaining first chapters of a book, consider opening up The Great Santini. Also good was My Losing Season, a non-fiction book about the writing The Lords of Discipline.
RIP Mr. Conroy, thanks for your gifts to the world!