A long needed statement about #Crypto…

There are 2 sub-topics that I think need addressing:

  1. The unending crypto scams.
  2. What crypto actually IS.

These are two mutually exclusive topics. NEITHER defines the OTHER.

What are MY credentials to be able to speak about this?

I’m a software engineer with many decades of experience. I’ve been involved in cryptocurrencies since 2014. I have used many of the crypto services and many of the cryptocurrencies. I have traded dozens of cryptocurrencies and currently hold many cryptocurrencies. I have created my own blockchain from scratch and my own cryptocurrency completely from scratch with code. I’ve created neural networks and have trained them on price histories of cryptocurrencies to build price prediction AI. I understand the technology from top to bottom at a fundamental level and I understand the use of it and the tools and services built around it. I also understand the political thought processes involved in the creation of BitCoin as I hold similar, if not exactly identical beliefs as well.

Let’s talk about the scams first:

While crypto offers many benefits to humanity, scammers know that people are interested AND that people think they can get rich quick with crypto. They know it’s still relatively new and that most people are uneducated about it. They use those 2 facts AGAINST unsuspecting people and cheat them out of their money. This is a HUGE problem that NEEDS to be both addressed AND dealt with.

HOWEVER! The same is true for Gold, Stocks, US Currency, and anything else involving people’s hard earned income. This has absolutely NOTHING to do with “crypto”. Humans are a greedy species and that greed will and does manifest around everything. Crypto is no exception. The greed and scams are a fault of the greedy and the criminals, not a fault of the financial tools.

The PROBLEM is NOT the object of investment. The PROBLEM is the greed of the scammers (and to an extent, the greed of the victims, but that’s another story for another time).

Gold, Silver, precious metals, cash, and crypto are ALL vehicles of financial transactions and investments (well, cash is NOT an investment since it’s DESIGNED to devalue over time). Do NOT make the mistake of getting angry at the financial instrument simply because there are bad people out there taking advantage of people’s lack of education about them.

Let’s talk about CRYPTO in its own right:

I’ll precede this topic by stating that crypto exists to liberate you from the corrupt financial system controlled by tyrants and greedy and corrupt politicians. It WILL NOT liberate you from greedy, corrupt individuals that will do everything in their power to trick you out of your holdings.

Let’s examine whether or not it’s living up to that dream:

A basic primer on what cryptocurrencies ARE and then, what they are NOT

What Cryptocurrencies ARE:

There are many cryptocurrencies and not all are implemented with exactly the same backend technologies. My description will be as basic and non-technical as I can get away with while still providing you the facts you need to understand it. This will be a challenge (for me, not you), so bear with me. The REASON it’s a challenge is because I’m a highly technical person and have created my own crypto from scratch with code, so I understand that when I talk about things of this nature to non-technical people, I, like all technical people, have a language gap between me and you. I’ll do my best though:

To understand crypto, we must first understand the system it’s designed to replace. It’s NOT designed to replace “money”. It’s designed to replace an entire corrupt and tyrannical financial system. This includes central banks, regular banks, credit cards, payment systems, all of which have denied services to people in recent years simply because of the individual’s political opinions. But THAT phenomenon has occurred SINCE the first cryptocurrency (#BitCoin) was invented. It was invented to protect your liberties from such tyranny, but at the time BitCoin was invented, we were in the middle of the 2008 housing collapse that destroyed the life savings of MILLIONS of Americans (and others around the world). One person, who to this day is still anonymous, decided enough was enough and designed a new currency that could NOT be controlled by a centralized authority. It was to provide the following functional differences from the current system:

  1. Impossible to forge the currency
  2. Impossible for your holdings to be confiscated by tyrants
  3. Impossible for your transactions to be blocked by tyrants
  4. Impossible for banks to hold or steal your money
  5. Impossible for central authorities to willy nilly devalue the currency by printing more

Notice that I did NOT mention “get rich quick”? That is not and was never a reason for cryptocurrencies.

How Things Are Going…

At the time of this writing, it’s September 2023. The BitCoin #whitepaper was released in January of 2009. It’s been 14 years. let’s examine each intended benefit and see how they’ve turned out so far.

1. Impossible to forge the currency

This has held up, at least for BitCoin and most cryptocurrencies. There have been thousands of cryptocurrencies created since the invention of BitCoin and some of those have been poorly designed and crypto was able to be forged. But not with the vast majority of them and most importantly, not with BitCoin. After 14 years and hundreds of thousands of white-hat hackers and actual bad guys trying to break it, it’s never happened.

Conclusion: SUCCESS!
For the remainder of this discussion, we’ll limit it to BitCoin since the nuances of the thousands of others are too many to cover. I may mention Ethereum, Monero, and stable coins, as those are notable and important to the discussion.

2. Impossible for holdings to be confiscated by tyrants

This too has held up. However, no doubt you’ve been blasted with stories of millions of dollars worth of crypto being confiscated by law enforcement or scammers or cryptocurrency exchanges going belly up. These are NOT cryptocurrency being confiscated by tyrants NOR BY ANYONE!

“WHY?” you ask?

Great question! The confusion comes from the poorly written articles about these events and lack of understanding of what actually happened. Let’s discuss the first big event: Mt. Gox. This was the first cryptocurrency exchange. An exchange is bridge between the current legacy financial system and crypto. An exchange is where you go to exchange dollars for crypto and vice versa, as well as crypto for crypto.

AN EXCHANGE IS NOT CRYPTO! IT’S A CENTRALIZED AND PRIVATELY OWNED AND CONTROLLED BANK!

Mt. Gox was an exchange. It’s a centralized business… a bank. People would sign up with it, give their personal information, open an account, put fiat currency into it, and use the bank’s software (their website) exchange dollars for crypto and vice versa. All this did was update records in a database in the bank’s records. The customer didn’t actually own any crypto. They just had records in a centralized database that said that user could withdraw certain amounts of crypto. As long as they failed to withdraw the crypto they were entitled to into their own, personal wallet, it was never their crypto. It was the bank’s crypto. Many people didn’t understand that and many still don’t to this day. If you “have crypto” in an exchange, do do NOT have crypto. You have an IOU from the bank.

To actually “OWN” crypto, you MUST move it from the entity that holds it to your own, personal wallet where YOU possess the private cryptographic keys. Once you do that, THEN and ONLY THEN do YOU own the crypto. It’s that private key that makes you the owner. Your crypto absolutely, positively, MATHEMATICALLY CANNOT move without the use of that private key.

Mt. Gox got hacked.

Let me repeat that: —===>>> Mt. Gox got hacked <<<===
BitCoin DID NOT GET HACKED!

Mt. Gox was a centralized bank with bugs in their software. Hackers discovered the security flaws and used it to steal about a hundred million or so dollars worth of BitCoin FROM Mt. Gox! Why? Because they were able to control Mt. Gox’s software and instruct it to use Mt. Gox’s private keys to move the crypto.

This was a failure of Mt. Gox to protect their private keys. BitCoin functioned as it should have. The hackers did NOT break the encryption of BitCoin. They effectively stole the combination of the bank’s vault.

Not a SINGLE CUSTOMER’S BitCoin was stolen!

“But HOW can you say that? None of them have ever recovered their BitCoin to this day!”

Ah, but they NEVER POSSESED THE BITCOIN! It was NEVER THEIRS! Why? Because they never cashed in on their IOUs from the Mt Gox bank. Once Mt. Gox was drained of Mt Gox’s BitCoin, they lacked the BitCoin necessary to honor the IOUs that people’s fiat currency was given to them to purchase. This was a failure of a central bank. This central bank defeats the purpose of BitCoin.

YOU DON’T OWN BITCOIN IF IT’S IN A CENTRALIZED BANK! YOU OWN AN IOU!

in case it isn’t obvious at this point; If you purchase cryptocurrency from a centralized exchange, you must immediately move it to your own personal wallet were YOU control the keys. If you don’t do that, YOU SIMPLY DO NOT OWN ANY CRYPTO!

With the explanation of WHO actually owns BitCoin, let’s move on. We’re still examining the dream of “2. Impossible for holdings to be confiscated by tyrants”…

With the explanation above in mind, you’ve certainly heard of governments “confiscating crypto from people” by forcing a crypto exchange to hand it over to the tyrants. This is identical, technologically, to the Mt. Gox breach. It’s simply the government doing it rather than a hacker, but by force instead of a hack. Once again, they took resources in possession of a centralized bank. They did NOT hack the BitCoin blockchain nor did they control the BitCoin network to take it. The user’s simply did not own any BitCoin. The centralized bank did and they handed it over to the tyrants. If the user’s had already moved their claimed crypto into their own wallets, the tyrants would never have been able to take it.

Conclusion: SUCCESS!
The BitCoin blockchain has never been hacked. As long as you hold your private keys securely, your BitCoin can’t be taken.

3. Impossible for your transactions to be blocked by tyrants

No doubt you’ve heard about the Obama administration’s scheme called “Operation choke point”, where they unconstitutionally strong armed banks from doing business with gun stores? They intimidated banks into closing the accounts of 100% legitimate American businesses that sold firearms to American citizens for their constitutionally protected second amendment rights to bear arms.

You’ve also heard of Justin Trudeau’s Canadian government that locked the bank accounts of tens of thousands (might have been more) of Canadians because he disagreed with them for protesting. Not only did he lock THEIR accounts, but hey ALSO locked the accounts of individual citizens that were NOT protesting, but simply donated to the cause. In addition to THAT, he also ordered an American funding organization, GoFundMe, to hand over all donations that AMERICANS had made to the cause. Fortunately, GoFundMe refused.

These are just 2 well known examples, but this happens every day to various degrees.

You’ve probably heard of a story recently in the news of the U.S. government going after a decentralized cryptocurrency mixer called “Tornado”. It allowed users to send a chosen amount of crypto to the mixer, give it multiple other crypto wallet addresses and it would take the crypto received from multiple other people, mix it up, and then send it out to the wallet addresses (think of a wallet address as a bank account number) specified by the users. This allowed the users to then own their crypto anonymously to achieve privacy in their transactions. Of course, the government has the tyrannical belief that they should know about every single transaction that ever takes places throughout all of humanity. They are wrong, but that doesn’t stop them from claiming otherwise. They ordered centralized exchanges to not honor any crypto that touched any of those wallets.

Did this block transactions?

Yes and no.

Yes in that if anyone that owned those wallets wanted to move their crypto into the exchanges, they were blocked.

No, in that the blockchain and the network was not blocking it. It was individuals choosing to not accept transactions from wallets the government told them not to. The owners of that crypt are still, to this day, able to transfer it to any wallet they want and to accept crypto from any other wallet. The attempt by the government to black list those wallets was embarrassingly stupid in that all a user had to do was spend 10 seconds creating a new wallet and moving their crypto to the non-blacklisted wallet.

Conclusion: SUCCESS! (with noted exceptions of individuals choosing to follow orders)

4. Impossible for banks to hold or steal your money

At first glance, knowing that exchanges are banks and can hold and steal your crypto, you might think that with dream was a failure. In fact, it’s quite the opposite.

Simply don’t give your crypto to a centralized bank. Problem solved.

Of course, the centralized exchange banks are necessary as they are the on and off ramps to and from crypto and fiat. But, not entirely. Also, if you claim your IOU immediately by moving your just purchased crypto into your personal wallet, you’re then safe. You can also acquire crypto in many other ways. For example, you can run your own cryptocurrency mining software that generates crypto for you. You can sell products and services by accepting crypto directly from the buyer into your own, personal crypto wallet, bypassing the centralized banks.

If your crypt is in your own wallet where you and ONLY YOU have the keys, then it is, indeed, impossible for any bank to hold or steal your crypto because they simply don’t possess it. In crypto, YOU are LITERALLY your own bank.

Conclusion: SUCCESS!

5. Impossible for central authorities to willy nilly devalue the currency by printing more

This one is the one that seems to be most misunderstood by the general public. And it’s because the average person does not understand the technology that makes up cryptocurrencies. They CONSTANTLY argue against crypto saying, “Well, crypto is made from thin air. They can just make more at any time!”

This is fundamentally and completely FALSE! Here’s why:

(Prepare for techno-talk. I’ll keep it as limited as possible)
BitCoin comes into existence in only 1 way: Complex software algorithms are used to hunt for special numbers in a huge universe of numbers. Once a special number is found, the computer that found it presents it to the whole BitCoin network. The network validates the number is in fact a genuine special number and rewards the finder with a certain amount of Bitcoin. Any validator that lies is kicked out of the network and black-listed. Any computer claiming to have found a special number and isn’t validated by the network is also black listed. It’s financially harmful to be dishonest in that network.

The amount of computation and searching for one of those special numbers is ENORMOUS. The BitCoin network is the most powerful supercomputer on the planet; leaps and bounds more powerful than any government supercomputer. A BitCoin represents the enormous amount of computational time AND power consumed to generate it. There is no central authority that can authorize more BitCoin. The network only allows the creation of new BitCoins when a miner finds one of these numbers and on average, the entire global BitCoin mining decentralized network finds only ONE about every 10 minutes. At the time of this writing in 9/2023, this number is rewarded by the network with the creation of 6.25 new BitCoins. Every 4 years, the network cuts that reward in half. At the next 4 year cycle, it will be cut down to 3.125.

This is designed specifically to prevent deflation of the value of the cryptocurrency and is a direct result of the central banks choosing willy nilly to print TRILLIONS of new dollars, intentionally devaluing all existing dollars. The BitCoin network software is also designed to stop producing new BitCoins once 21 million BiCoins have been generated. As of right now, nearly 20 million have already been created. But with the halving event of every 4 years, it will take another 140 years to mine that last 1 million BitCoins.

THERE WILL NEVER BE MORE THAN 21 MILLION BITCOINS

Conclusion: OVERWHELMING SUCCESS!

FINAL CONCLUSION

Don’t hate a financial asset and tool just because there are bad people in the world. 100% of all financial assets and tools have always been, are now, and will always be tools used by scammers too. An asset is not defined by the bad guys. It’s defined by it’s function.

Don’t let your previous anger at the scammers cloud your judgement on BitCoin. In fact, it’s to the tyrants advantage that you let it cloud your judgement, because they WANT you to remain in the tyrannical financial system where they are gaining more and more control over everything you can do with your own money. They’re desperately hoping that light bulb of awareness never turns on in your head.

Cryptocurrency is the key to your financial liberties. Don’t deny yourself and your family your freedoms because of your misunderstanding caused by scammers and propagandists that want you to remain in the system that THEY control.

Decentralization Central

Moving to decentralized services and apps has recently become critically important if you want to maintain your sovereignty and your free speech, free from big-tech authoritarian censorship.

This is so important that I’ve dedicated my time to creating a hub for decentralized services and apps. I registered a domain name, secured it with an SSL certificated, and wrote an online, searchable database for anyone to access, listing dozens (and growing) of fully decentralized apps, DAPPs, and services, as well as some that aren’t necessarily 100% decentralized, but useful nonetheless, plus a few companions services and apps that may not, themselves be decentralized, but support decentralization.

Without further ado, allow me to officially introduce…

DecentralizationCentral.com <– Click here!

And yes, you can switch to light mode if you wish. Just click the dark/light button at the top of the page, next to “About”.

The services are easily discoverable by browsing the dozen or so categories. Each category houses multiple services. You can also use the search bar to search for both services and categories of services.

Each service has its own informational page, describing the service and listing the decentralization features it has. Each feature is color coded. A fully decentralized service will have all decentralization features listed in green.

Below that is a list of icons representing the platforms the service is support on.

And below the list of platforms supported, is a list of useful links. Note that SOME links are not regular web links. We ARE, afterall, talking about the next, decentralized web, which has new kinds of links that require new kinds of browsers to support them. Almost all links are traditional links that will work with your traditional (legacy) browser.

The new kinds of links you may run into are:

  • IPFS (InterPlanetary File System)
  • dat:// (beaker browser)
  • TOR .onion links (for the TOR network)

Please peruse this database and try out any of the services that peak your interests. And check back often. I’m constantly updating it with more decentralized products and services and adding new features.

Things to expect in the near to mid-term future:

  • Video demonstrations
  • Blogs
  • More informative text for each service… more like a wiki page.
  • User editable pages plus users being able to add more services.
  • How-to articles to get you started into the world of decentralization.
  • Forums
  • The ultimate goal will be having a fully decentralized version of this website.

What are your thoughts on big tech censorship and how to protect yourself from it? What would be useful for YOU in those services and on the DecentralizationCentral.com website? Let us know in the comments.

Encrypt Your Entire Boot Disk

This is another entry in my list of articles on encrypting your entire digital life

Encrypt All The Things! [A Guide]

…from end to end.  Click here for the lead article.  This article is about encrypting your entire boot disk on your server, desktop, or laptop computer.  I’ll be giving specific instructions for Windows, but Mac & Linux steps are similar.  Note that encrypting your boot drive is performed differently than encrypting non boot drives (which I’ll also cover in a separate article).  These instructions are using free, open source software that’s NOT from Microsoft.

Short (VERY short version)

    1. Install encryption software.
    2. Backup boot drive (no, seriously!  DO THIS!)
    3. Select boot volume.
    4. Provide passphrase.
    5. Reboot.
    6. Enter passphrase on boot prompt.
    7. Wait for boot.
    8. Encrypt volume.

The rest of this shows you the details of those steps.

Note the following trade-offs to encrypting your boot drive:

  1. When powering on or rebooting, your PC will stop until you enter your encryption passphrase.  This means you can’t reboot your PC remotely.  Someone has to physically be there.
  2. After typing in your passphrase, there will be a delay.  My PC takes 48 seconds that it didn’t take before.

Let’s begin

  1. Download and Install VeraCrypt from https://veracrypt.codeplex.com/releases/view/616110
  2. Open the “System” menu and choose “Encrypt System Partition/Drive”.
    1. image
  3. Follow the directions in the software.
  4. After you’ve answered all the prompts in the software, it will require you to reboot.  During boot, BEFORE Windows boots, you’ll be prompted to enter your passphrase.  Go ahead and enter it and hit [Enter].
  5. You’ll then be prompted for “PIM”.  Honestly, I have no idea what this is.  I just left it blank and hit [Enter].  All is good.
  6. Your PC will work on decrypting for a while.  My Quad-Core i5-4690K CPU @ 3.5Ghz takes about 48 seconds here.  Your mileage may vary depending on the speed of your CPU.
  7. Once it’s done there, Windows will boot.  Go ahead and log in.
  8. You still haven’t actually encrypted your disk yet.  You just got the VeraCrypt bootloader installed.  Shortly after you log in, VeraCrypt will automatically open and walk you through actually encrypting your disk.  That will be the final step.

DO NOT FORGET YOUR PASSPHRASE!!!!!

After that, you’re all done.  Now, every time you reboot, you’ll be prompted for your passphrase SO DON’T YOU DARE FORGET IT!  Seriously!  If you forget your passphrase, there’s NO WAY to recover it.  That’s it.  It’s done.  The data on your boot drive will be gone forever.  You’ll have to reformat your drive, install a fresh copy of Windows, and start all over OR pull out the drive and set it aside, hoping you’ll remember some day.  I cannot stress this enough.  You CANNOT forget your passphrase!  I recommend storing a HINT of your passphrase in an ENCRYPTED password management tool, like LastPass.  I use the “secure notes” feature to store mine.

Your drive is now much more secure.

What you NEED to know about Windows 8 and 10 disk encryption

And by “Windows 8 and 10 disk encryption”, I mean the built-in encryption capabilities of Windows.  I’m NOT talking about what we just did above with a third party product called VeraCrypt…

  • If you install Windows 8 or 10 on your own PC, then log into your Microsoft account, at that time, your DECRYPTION KEYS are UPLOADED to Microsoft servers!!!  Yes!  Without asking!
  • If you buy a PC with Windows 8 or 10 already on it, your decryption keys are ALREADY uploaded to Microsoft servers.
  • You can request that Microsoft delete your decryption key, but it’s already too late.  Once your decryption key leaves your hands, you can no longer trust that it’s secure.
  • To fix this, you’ll need to RE-Encrypt your disk, which requries generating a NEW key, then NEVER log into Windows with your Microsoft account.  Just… DON’T!  But DO create a LOCAL user account and use that from now on.

Thank you for sharing this article.  See this image?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Encrypting Your Cloud Storage

image

This is the sixth entry in my “Encrypt All The Things!” series.

Let’s face it.  Cloud storage SUX!  Why?  Because all of the most popular cloud storage services do NOT provide end to end encryption.  Oh sure, you’re files travel over an https connection from your PC to their server, but your files are not encrypted with a public key from a private key that only YOU have access too.  Sure, the cloud storage providers may encrypt your files (with THEIR keys) AFTER they receive your upload and before they store them on their own drives.

BUT!

THEY have access to the contents of your files.  They can see the file names in clear text.  They have access to the entire contents.  THEY own the encryption keys on their end and you sent them your files without encrypting them first.  Therefore, you are NOT in control of your data.  If that cloud service gets hacked or if there’s a bad employee, or they get subpoena’d, other people can (and likely WILL) gain access to your personal data.  It’s simply NOT protected.

There’s only ONE option

When it comes to cloud storage, you have only one option for realistic security.  That is, your files MUST be encrypted ON YOUR END before they’re sent over the wire to the cloud storage provider and that encryption on your end MUST be done with your public key and your private key MUST be a key that ONLY YOU have access to.  It should exist ONLY on your own PC or phone.  PERIOD.  There are no if, ands, or buts about it.  This is called “zero knowledge” encryption.

Please see “Understand Encryption” on a discussion of public/private keys.  It’s kind of critical to your understanding of how to judge whether a cloud storage service is doing it right.

Zero Knowledge

Spideroak.com has this to say about zero knowledge encryption:

“Zero Knowledge means we know nothing about the encrypted data you store on our servers. This unique design means nothing leaves your computer until after it is encrypted and is never decrypted until it is unlocked with your password on your computer. It’s not just “end to end encryption;” it’s a Zero Knowledge System.”

Spideroak.com, by the way, is a cloud drive service provider.  Though, there are some critiques of the way they password protect your local key on your own PC, it is far more secure than Google Drive, Microsoft One Drive, Amazon cloud storage, DropBox, Box.Net, etc…

Another one with zero knowledge is Mega.co.nz.  This cloud storage provider was created by the infomous Kim DotCom who’s wanted by the United States government for hosting a similar service for copyright pirates.  So, some reasonable questions have arisen as to the true privacy of this site.  And recently Kim DotCom has come out and said he’s no longer affiliated with Mega and that you shouldn’t trust it, that it’s not safe (but can you trust HIM?)

Anyway, the point is, you need to either encrypt your own files BEFORE uploading them to a cloud service or use a cloud service that does it for you (ON YOUR END!).

Home Brew

Alternatively, you can do it yourself by manually encrypting your Individual Files then upload the encrypted files to any cloud storage provider you want.  It’s a bit of a hassle, but it will provide you actual protection.  You should note that if you upload your encrypted files, but keep the file names, a LOT can be known about what you’re storing.  Best to zip up the file first (storing the name in the zip file), giving the zip file an arcane name, like the date and time it was zipped, encrypt the zip file (not with the weak ass encrypting provided in the zip products, but with how I describe to encrypt Individual Files), THEN upload it.

Conclusion

    1. Save yourself some headaches and use only “zero knowledge” cloud services and thoroughly research what others have to say about their encryption.
    2. Hide your meta-data (file names, folder names, folder structures, etc…) if you’re going to home-brew it.

Do you have any experience with encrypted cloud storage?  Please share your experience in the comments.

Thank you for sharing this article.  See this image?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Stick it to the NSA: How to Encrypt your WebMail

If you access your email from your desktop web browser, then follow these instructions to get email encryption working.  This is an initial draft.  I’ll expand some of the steps very soon.

  1. Install the Google Chrome  or Firefox browser if you haven’t already and install the extension named “Mailvelope” from https://www.mailvelope.com
  2. Once installed, there’ll be a new lock icon on the top right of your browser.  Click it and a menu opens.  Choose “options”.
  3. If you haven’t, at some time in the past, already created a private and public key pair, you’ll need to do that now.  If you don’t know what I’m talking about, you haven’t and you’ll need to do it now.  Click “Generate Key”.
  4. Once generated, it’s critical that you back up your private key, encrypted, to a place that no one can get it and that will last longer than your current hard drive and PC.  If you lose it, you’ll NEVER be able to read ANYTHING you’ve encrypted with your keys!  Install LastPass.com, create a secret note, and put your private key in there for long term, encrypted, safe storage.  Mark the note as “must reprompt for password”.  NEVER, EVER give anyone your private key.  NEVER send it unencrypted over the internet.  NEVER email it in an unencrypted e-mail message!  NEVER send it unencrypted over a wireless network, especially an open or public one.
  5. No one can send you encrypted e-mail unless they have your PUBLIC key.  Publish your PUBLIC key to a key server.  DO NOT PUBLISH YOUR PRIVATE KEY!!!!!!!! EVER!!!

Now, when you use GMail or most any of the other popular, free e-mail services in a  desktop browser, you can send and receive encrypted e-mail.  NOTE!  Just because you have the ability to send and receive encrypted e-mail does NOT mean that all your e-mail will be encrypted.  You MUST understand the following:

  1. Nothing you did here encrypted any of your old email.
  2. New email that comes in will usually be in clear text (NOT encrypted).
  3. When you start a new email message, Mailvelope will recognize this and provide you an icon, overlayed in your new email window.  Click it to write your email, then click “encrypt” to encrypt the email.
  4. You CANNOT send encrypted email to people that aren’t already set up, like you are, to send and receive encrypted email.
  5. You can’t send encrypted e-mail to anyone from whom you’ve not acquired their public key.
  6. You acquire public keys by searching on a key server.  MIT’s key server is here:. https://pgp.mit.edu
  7. Use the Mailvelope menu to import the public key of each individual with whom you wish to send encrypted email to.  You’ll find that most people have NOT registered a public key, so  you cannot participate in encrypted email with them.
  8. Once you encrypt and send an email message, you won’t be able to read it from your sent box.  It’ll be there, but encrypted with THEIR public key.  Only THEIR private key can decrypt it.  So, send it to both them AND yourself, THEN you can read it.
  9. Encrypted email is unreadable even by Google’s servers, which means you CANNOT use the Google email search feature for words in encrypted mail.
  10. ONLY the BODY of the email is encrypted, not the subject line, not the TO address, not your FROM address, not any part of the headers.

Things to note about HOW the keys work:

  1. When you generate keys, you only do it once, unless you have multiple email addresses.  In which case, generate a key pair for each of your email addresses you wish to send and receive encrypted email for.
  2. Keys are  created in pairs:  One is public.  The other is private.
  3. Feel free to give away your public key to ANYONE, ANYWHERE, ANYTIME.  Shout it from the mountain tops.
  4. Protect your private key with your life.  Well, don’t die for it, but it’s critical you protect it!  If anyone EVER acquires it, they can read EVERYTHING you’ve ever encrypted with your public key!
  5. Your public and private keys are intimately, mathematically connected.  Anything encrypted with your public key can ONLY be decrypted with your private key and  vice versa.
  6. Nothing is safe if you encrypt it with your private key, because everyone has your public key and can easily decrypt it.  A side benefit is you can do this to prove YOU are the one that created the message.  This is called “digitally signing” your document.
  7. If you want to encrypt something that ONLY YOU can decrypt, encrypt it with your PUBLIC key.  Decrypt it with your PRIVATE key.

What is Bitcoin?

Production Of Bitcoins By Mike Caldwell of Casascius

BitCoin, also known as a “Cryptocurrency” is not as complex to understand as one might think.  To understand BitCoin, let’s first review what “real” money is (or what it’s supposed to be):

In the United States, “Real” money is paper and coins, manufactured by the Federal Reserve.  It has no real value on it’s own.  It’s a low cost representation of gold.  At least, that’s what it used to be.  When it’s backed by a real world and limited resources that can’t be duplicated, it can represent real value because the item behind the money (the gold) is rare, limited, and can’t be duplicated.  Instead of exchanging actual gold for goods and services, we exchange the paper and coin representations of that gold.

So, what about BitCoin?

Now, think of this:  You have a set of incredibly complex mathematical formulas that you want to calculate the answers to.  The problem is that it takes a high speed computer days (or more) of crunching numbers 24/7 before it can find an answer to just ONE of those formulas.  That’s what a BitCoin is!  It’s an answer to one of those complex numbers.  You can’t duplicate it.  You can’t fake it.  You have to mine it, just like you have to mine gold.  But instead of picks and axes, you use CPUs.  It’s still a LOT of work to “find” the “nuggets” of answers.  Additionally, there are a limited number of answers… about 21 million.  So, once the last one is mined, that’s it.  No more manufacturing of more BitCoins.

Now, as you know, gold is represented by paper and low cost metal coins.  How is BitCoin represented?  Well, it’s NOT represented with tangible things you can hold in your hand.  It’s just numbers… the numbers that represent the answers to the formulas.  You CAN print them out on paper and store them under  your mattress, if you like, so in a way, you CAN make paper representations of it.  But, you CANNOT counterfeit it.  When you buy something with BitCoin, you don’t just hand someone a printed piece of paper with a bunch of numbers on it.  I mean, you COULD, but that, by itself, won’t fly.  You give them the numbers (either electronically or on paper) and they then run the numbers through one of many transaction processors (actually, I think it goes through many).  The processors are servers run by many people around the world.  They VALIDATE that those numbers are, in fact, an actual BitCoin… an actual answer to one of the 21 million formulas.  Once validated, the person you’re buying form can accept it, then give you the goods or services you’re wanting to buy.

In short:

A BitCoin is a limited and non counterfeit-able asset, just like gold.  But instead of a tangible asset, it’s an answer to a complex math problem.  Your “money” in BitCoin is usually kept in digital form and is validated on each transaction as being real.

[poll id=”12″]

Best Android Apps to start off 2013 (Shopping)

imageAll these apps are FREE!  This article is one of a series of articles about the best Android apps available as of the beginning of 2013.  Click here for the main article that includes links to this article and links to all the other categories of “The Best Of” apps for beginning 2013.  Let’s get started with the Shopping category, which lists the best shopping related apps available at the ending of 2012 and beginning of 2013.

 

Amazon2012-12-31 18.41.13

The Amazon app is a native front end to the Amazon online store (not the app store).  This provides most of the features in the web site (if not all of them… I’ve, by no means, researched each and every feature of this massive web site).

This app is useful for obvious reasons in addition to the fact that you can be browsing in a brick and mortar store, like Wal-Mart, pick up an actual item off the shelf and scan its barcode into this app and it’ll tell you what you can get it for on Amazon.

I won’t go into extreme detail of what this app does.  If you’re familiar with Amazon.com, you already have a good idea.  You can, of course, track your Amazon.com orders with this app too.

2012-12-31 18.58.17Amazon App Store

One of the great things about Android is that you’re NOT locked into just ONE app store, like you are with iOS and Windows Phone.  You don’t have to root or jailbrake your Android phone to install another app store.  It’s perfectly legitimate to do so on Android.

The Amazon Android App Store is a direct competitor to the Google Play app store that’s pre-installed on almost every Android device made (with the exception of the really cheap and crappy Chinese Android products).

To Install It:

Go to Settings –> Security –> Unknown Sources

and make sure it’s checked.

Then go to this URL to download it to your phone (or Google search for “Amazon App Store”).

image

Amazon Price Check2012-12-31 18.52.59

This app lets you scan barcodes while in a real store and compare the prices to Amazon… Not sure why this is a different app from the Amazon app.

 

2012-12-31 18.42.00Ebay

This is a nicer and more responsive native app than trying to use the ebay website from your mobile browser.  If you’re familiar with ebay, you already know what you can do with this app.  If not, just look at this screen shot and that should pretty much tell you what you need to know.

Best Buy2012-12-31 18.43.472012-12-31 18.44.45

This is a front end to the Best Buy web site and is very useful when you’re in a physical Best Buy store.  If you’ll notice, most products have a ticket on the shelf with a price, a small description, and a 2D QR bar code.  Scan it with this app and you’ll get the full details of the product.

You can also check the balance of your Best Buy gift cards by simply taking a picture of the back of your gift card.

If you’re a RewardsZone member (and if not, WHY NOT?), you can check on your RewardZone points and even display your RewardZone points on your phone to the cashier at checkout to redeem your points, instead of printing them out at home and bringing them in.  You’ll save ink, paper, time, frustration, and money… an the “green” Nazis will sprinkle their happy happy fairy dust on you.

2012-12-31 18.45.502012-12-31 18.45.20Game Stop

The GameStop app is a native front end to the GameStop web site, with the addition of letting you “check in” to GameStop stores when you arrive to receive some PowerUp points.  You can keep track of your PowerUp points with the app too.  And, of course, like all store apps, you can search and browse their product selection.

FedEx2012-12-31 18.47.032012-12-31 18.46.51

The FedEx app is highly useful when you’re tracking a packing you’ve either sent or are expecting to receive (such as one you ordered with say, the Amazon app).  The screen shots to the right pretty much sum up what this app does.  It’s short and simple… It does the things you expect and nothing fancy.

2012-12-31 18.42.292012-12-31 18.42.35UPS

The UPS app is similar to the FedEx app.  It does the same thing, except for UPS shipments.  No surprises here.

 

QR Droid2012-12-31 19.52.382012-12-31 20.14.05 & Barcode Scanner

Both apps “QR Droid” and “Barcode Scanner” let you scan those 2D barcodes you’re seeing everywhere.  They usually represent a URL and it’s extremely convenient to scan them in places like BestBuy on product tags on the shelves or on movie posters or even on web sites on your desktop computer to load up the URL on your phone.  Installing QR Droid also gives you the ability to create your OWN QR Codes.  For example, you can send a contact from your contacts to it and it’ll display as a QR code on your screen.  Someone else can scan your screen with their phone and receive your contact.  If you’re on a web page, you can share the web page to the app and it’ll produce a QR Code with the URL encoded in it.  You can save it and e-mail it or publish it on your website, or show it on your screen to let someone else scan it.  But, since we’re in the “Shopping” apps category here, you can use it to scan 2D QR Codes in stores to get more information on the products and to even compare prices.

2012-12-31 19.07.39Kroger

The Kroger app is a master app for all the stores shown in the screen shot:

  • Kroger
  • Baker’s
  • CityMarket
  • Dillons
  • Food4Less
  • Food4Less Fremont
  • Foods Co
  • Fred Meyer
  • Fry’s
  • Gerbes
  • JayC Food Stores
  • King Suupers
  • Owen’s
  • Pay Less Super Markets
  • QFC Quality Food Centers
  • Ralphs
  • Smith’s

Kroger is the parent company for all these grocery stores.  This app works with all of them.  If you have a customer loyalty card at any of these stores (and if you don’t, WHY NOT?) they all work at all those stores.  This app will let you browse coupons and add them to your card.  When you check out, if you’ve put any of those products in your cart, when you swipe your card at the register, all those coupons are applied.  You can check your fuel points too and see the weekly ads.  This is a MUST HAVE app if you shop at any of these grocery stores.

CraigsNotifica

That’s not a typo.  That’s actually what it’s called.  This is an unofficial Craig’s List app.  With it, you can search Craig’s List and receive notifications based on your searches, add items to your favorites and even post ads.  There are a million Craig’s List apps.  Just find one that you like and use it.  This one works perfectly fine.

Google Shopper2012-12-31 20.37.39

Google Shopper integrates with “Barcode Scanner” (reviewed above).  Scan any barcode and this app will find multiple sources for that product.  This is probably the best way to find the best price on anything.  Use this when shopping in any physical store to decide whether or not it’s worth buying that product in your hands now, or somewhere else.

You Chime In

What are some of YOUR favorite apps in this category?  Let us know in the comments below.

Conclusion

This completes my list of “Best” shopping apps available to start off 2013.  There are, of course, other shopping of apps and this is, by no means, a comprehensive list.  Some of these are the apps in this category that I use on a daily basis and install on a new phone or tablet as soon as I get it.

Click here to follow me on Google+.

Follow me on Twitter @CSharpner.

See these images?

imageimage

You’ll find an actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Check back later for updates too!

 

How to use untyped Session Variables

Session variables are helpful, of course, but they have many drawbacks, including having to access them by name in a string (no intellisense, no compile time error checking), they’re untyped, so you have to cast them, and it’s easy to accidentally use the same name from different pages for different purposes and overwrite their contents, creating odd runtime behavior that’s nearly impossible to track down.  (BTW, this works for application variables too, of course).

Click here to follow me on Google+.

In this article, I’ll provide simple techniques to completely eliminate ALL of these problems.

Accidental reuse of the same name

Take this session variable as an example:

Session["SomeEventTime"] = DateTime.Now;

Imagine two developers (or even ONE developer… I’ve done this myself) working on 2 pages of the same app at the same time.  The app may have timestamps that it needs to track.  It’s not uncommon for 2 programmers who work together to come up with the same name for their own session variables.  When a user runs the app and uses one page that sets the variable, then visits the other page, that resets it, then any code that depended on the first one will behave poorly.

Typos of the name

Take this example:

Session["SomeEventTime"] = DateTime.Now;
this.EventTimeLabel.text = ((DateTime)Session["SomEvenTime"]).ToString();

Notice the error?  On the second line, the “e” in “Some” is missing and the “t” in “Event” is missing.  The compiler won’t catch this.  It’ll only be caught at run time and likely by the customer, which is embarrassing and gives both you and your team a negative image and increases the cost to the customer because you’ve got to go back in and fix it.

Notice also that you don’t get intellisense with session variable names like you do with components and other variables?  You just have to know that the session variable exists, what its name is, and what type of data is stored in it.  There’s no catalog or anything at all to know what session variables are used.  You just have to be extremely diligent, search the source for use before you make up a new one, do this 100% of the time, and hope that the other developers on your team are also doing this, diligently, 100% of the time.  Chances of that happening?  Nearly zero.

Untyped

Notice also that the compiler has no idea what type of object is stored in the session variable?  In C#, you have to cast it, which means you have to just “know” what’s in there, and if you’re wrong, the compiler won’t know… It’ll just accept it, compile it, and then it’ll crash at run time.  VB.Net doesn’t require you to cast it, but same runtime problem.  If you assign it to a variable of the wrong type, the compiler won’t catch it, will compile it, and your customers will find the runtime error.

Solutions!

Here’s how to resolve each of these problems:

Accidental reuse of the same name

This one’s easy, but apparently not obvious to most programmers until it’s pointed out to them.  Let’s see if you can figure it out before I tell it to you.  Think of databases.  How do you guarantee that a record identifier is 100% unique and never used anywhere else?

A GUID, of course!

image

So, give your session variable names a GUID.  Each session variable gets a different GUID.  Don’t be so judgmental just yet.  Yes, of course, they’re impossible to remember and to type, but I’ll cover that in a moment.  For now, I’m solving the problem of accidental reuse.  You KNOW no one else is going to use the same GUID.  So, your SomeEventTime session variable now looks like this:

Session["E4D1DE1A-ECC9-45FF-8B78-C5CD16803CFF"]

Now, to solve THREE more problems at once… one of them that we just introduced:

Gaining intellisense, giving it a usable name, and giving it a type

Wrap your session variable up in a property.

 public DateTime SomeEventTime 
{
get{return (DateTime)Session["E4D1DE1A-ECC9-45FF-8B78-C5CD16803CFF"];}
set{Session["E4D1DE1A-ECC9-45FF-8B78-C5CD16803CFF"] = value;}
}

Now, when you use your session variable, you reference the property name.  This gives you intellisense, fully typed session variables, and eliminates any concern of the internal session variable name being too hard to remember and type out.

You’ve just gained another benefit by making it a property:  Triggers!

Now that it’s wrapped up in a property, you can add special code during the assignment or during the reading of the variable.

Scope

One last thing to consider:  Scope.

Where do you create the property wrapper?  In the page?  Do you make it private? Public?  Do you put it in Global.asax?  I’ll leave that up to you to judge on a per case bases.  It might be the topic of another article here too.

What have you done?

You’ve eliminated every problem you have with session variables and gained:

  1. Type Safety.
  2. Intellisense.
  3. Compile time name checking.
  4. Triggers on setting and reading.
  5. Scope.
  6. Prevention of accidental reuse of the same name.

You’ve lost:

  1. Embarrasing runtime bugs.
  2. Wasted time looking for hard to find logic problems caused by two different parts of the code using the same name for what was believed to be different session variables.

See this image?

image_thumb26

You’ll find an actual working version of it at the bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Check back later for updates too!

Click here to follow me on Google+.