Antarctica Starts Here.

I've been asking myself that very question, every morning, for the last couple of weeks. The job hunt continues as well as before, which is to say not well at all. The only really noteworthy things that have happened were a couple of recruiters thinking that they were being cute by saying things that are highly inadvisable under any circumstances ¹, and one "interview offer" (not even a job offer) for a security position which it would seem was a bait-and-switch to get me to sign up for yet another job hunting service that is a black hole for job applications. The stress and worry about such things are why I've not been writing very much lately. In point of fact, I have a couple of pending posts that I have to edit one more time before I can schedule them, but I just can't bring myself to do it.

The other day (as I write this) while getting ready to put the finishing touches on something, I was hit by a particularly distressing bit of news from Lyssa: Her debit card had been locked out because some jagoff had made just shy of $1500us worth of purchases online from the United Kingdom. Even at the best of times $1500us is not an amount of money to sneeze at, so my hearts leaped into my throat upon hearing this. At least the card has been locked out and a replacement is on the way, but the way things are set up you can't dispute pending transactions, only cleared transactions. Which means that every day for the next few days, we have to lose a few hundred dollars so that I can go back and file another report on those transactions. Fucking whee. ²

While attempting to care for my mental health these days I've been trying to work on at least one side project a week so that other parts of my brain can do things for a change. Nothing for a portfolio or to get the attention of recruiters, just stuff that I enjoy. Last week I decided to do more shortwave listening to switch up what I listen to when job hunting. I have no shortage of RTL-SDR radios on the shelf in my office ³ and while I'm not a very good ham I do like to tinker. So I did a little research and figured out that a magloop antenna would be a good project. They're kind of big but flat, so if you want to store one behind a door (let's say) they're ideal. Additionally, they're quite resilient to interference (of the sort one finds in an urban area (which is generated by... well... everything, like the electrical noise coming off of a street light)) so it's possible to get a good signal when you otherwise might not. I pulled together the parts to build a single turn magnetic loop and a couple of components from my stash of parts and spent the other day tuning it. I'll put it through its paces later this week (because, on the west coast, you pick up many more shortwave signals after dark than you do in the middle of the afternoon).

A few weeks before that I sat down to do something that I'd wanted to do for years but hadn't gotten around to, which was sit down and code myself a ciphersaber. Many years ago it looked like folks might lose the options for privacy because the US government was looking at ways to restrict access to string cryptography unless you were a government entity or one of their contractors. The Cypherpunks, a loosely organized group of cryptographers and hackers of various sorts, took this personally and set about doing something about this. ⁴ One in particular, Arnold Reinhold, announced a challenge: Implement a cryptographic tool of your very own, by yourself, from memory in whatever language you want, and then prove that it works by decrypting a file and viewing its contents. He called this the Ciphersaber. ⁵

The Ciphersaber is an implementation of the RC4 cryptosystem, which was reverse engineered from RSA's implementation and posted to the cypherpunks mailing list on 9 September 1994. These days RC4 is something nobody should use because it's been thoroughly analyzed and a number of attacks were found, leading to it being officially declared "Oh, hell no!" in RFC 7465 about eleven years back (even Microsoft is trying to get rid of it, which should tell you something). However, that does not mean that RC4 is not interesting on its own, least of all because it's possible to carry the entire algorithm in your head. It really is that simple; you can write it from scratch using just the information on the Wikipedia page, which is how I did it. I wrote it in Python using only everything built into the language, no third party modules. It's remarkably tiny, also: 286 lines of code in total, 121 lines of Python if you don't count the comments or whitespace. ⁶ After trying it against the test files on the gurus.com page I was able to successfully decrypt cknight.cs1 and extract the image file.

It might seem kind of strange, but I'm quite proud of this achievement.