Rearrange bookmark pages

master
Noah 2018-07-20 19:08:16 +00:00
parent 7ff16586cf
commit 4b20de4e3e
7 changed files with 538 additions and 112 deletions

View File

@ -96,6 +96,7 @@
<li>&#0187; <a href="/">Homepage</a> <small>(<a href="/blog.rss">RSS</a>/<a href="/blog.atom">Atom</a>)</small></li>
<li>&#0187; <a href="/about">About Me</a></li>
<!-- <li>&#0187; <a href="/photos/albums">Photo Albums</a></li> -->
<li>&#0187; <a href="/current-projects">Current Projects</a></li>
<li>&#0187; <a href="/wiki/Main-Page">My Wiki</a></li>
<li>&#0187; <a href="/guestbook">Guestbook</a></li>
<li>&#0187; <a href="/contact">Contact Me</a></li>

50
www/current-projects.md Normal file
View File

@ -0,0 +1,50 @@
# Current Projects
These are the personal projects I'm currently working on.
* [Active Software Projects](#active-software-projects)
* [Open Source](#open-source)
* [Closed Source](#closed-source)
* [Long Term Support](#long-term-support)
* [RiveScript](#rivescript)
## Active Software Projects
### Open Source
* [kirsle/blog](https://github.com/kirsle/blog): the Go software that currently
powers the back-end of kirsle.net.
* [rivescript-js](https://github.com/aichaos/rivescript-js): the JavaScript port
of RiveScript, see [RiveScript](#rivescript) below.
* [dethnote](https://git.kirsle.net/apps/dethnote): encrypted, zero-knowledge
message storage with time-delayed dead man's switch to unlock messages.
### Closed Source
* doodle: a drawing-based maze game written in Go using SDL2.
---
## Long Term Support
* [rophako](https://git.kirsle.net/apps/rophako): the Python blog and content
management system that previously powered kirsle.net.
### RiveScript
[RiveScript](https://www.rivescript.com/) is a chatbot scripting language I
originally programmed in Perl around 2003 during a time when chatbots were
popular (i.e. SmarterChild).
A second wave of chatbots has come and gone around 2016 and interest has been
dropping off again. Most of the implementations of RiveScript are in "long term
support" mode without actively gaining new features.
* [rivescript-js](https://github.com/aichaos/rivescript-js): work is nearing
completion on **v2.0.0** which brings much needed async support and gets away
from CoffeeScript. After v2.0.0 is stable rivescript-js will return to long
term support.
* [rivescript-python](https://github.com/aichaos/rivescript-python)
* [rivescript-go](https://github.com/aichaos/rivescript-go)
* [rivescript-java](https://github.com/aichaos/rivescript-java): mostly maintained
by [@marceloverdijk](https://github.com/marceloverdijk) nowadays.

View File

@ -88,6 +88,9 @@ input:focus, textarea:focus, select:focus {
p {
margin: 10px 0;
}
hr {
border-top: 1px solid #006699;
}
.text-muted {
color: #959595 !important;
}

View File

@ -0,0 +1,61 @@
# Corporate Sins
Bookmarks to articles about **egregious** crimes against humanity committed by
corporations over the years.
* [Chick-fil-A](#chick-fil-a)
* [Cisco](#cisco)
* [Symantec](#symantec)
---
# Chick-fil-A
[Chick-fil-A](https://www.chick-fil-a.com/) continually donates millions of
dollars to groups that oppose same-sex marriage and other homophobic agendas.
Most famously they supported [Proposition 8](https://en.wikipedia.org/wiki/California_Proposition_8_\(2008\))
to take away equal rights from LGBT people in California in 2008.
* [Chick-fil-A same-sex marriage controversy](https://en.wikipedia.org/wiki/Chick-fil-A_same-sex_marriage_controversy)
* [Snopes: FACT CHECK: Chick-fil-A and Same-Sex Marriage](https://www.snopes.com/fact-check/chick-fil-a-gay-marriage/)
# Cisco
[Cisco](https://www.cisco.com/) is supposedly a trusted technology company
that sells corporate network infrastructure (routers, switches and things).
Your company probably has Cisco gear in their server closet and ISP's all
over the world run Cisco hardware.
With their position and level of trust they should know better, but Cisco has
implemented some of the most blatant backdoors that I have ever seen in my
entire career in tech.
> **Cisco Architecture for Lawful Intercept**
>
> Attackers could exploit these backdoors and not leave any audit trail. Thats
> how the lawful intercept protocol was designed so that ISP employees cant tell
> when a law enforcement agent logs to the ISPs routers (even though law
> enforcement is supposed to gain this access with a court order or other legal
> access request).
>
> Furthermore, this protocol could be abused by ISP employees because no one
> else working for the ISP could then tell when someone gained access to the
> routers via Ciscos Architecture for Lawful Intercept.
>
> — [Tom's Hardware](https://www.tomshardware.com/news/cisco-backdoor-hardcoded-accounts-software,37480.html)
* [Backdoors Keep Appearing in Cisco's Routers](https://www.tomshardware.com/news/cisco-backdoor-hardcoded-accounts-software,37480.html) (July 2018) —
five backdoors discovered in five months in 2018.
* [Cisco Removes Backdoor Account, Fourth in the Last Four Months](https://www.bleepingcomputer.com/news/security/cisco-removes-backdoor-account-fourth-in-the-last-four-months/) (June 2018)
* [Cisco fixes hard-coded password 'backdoor' flaw in Wi-Fi access points](https://www.zdnet.com/article/cisco-fixes-wi-fi-access-points-with-hard-coded-backdoor-access/) (2016)
* [Malicious Cisco router backdoor found on 79 more devices, 25 in the US](https://arstechnica.com/information-technology/2015/09/malicious-cisco-router-backdoor-found-on-79-more-devices-25-in-the-us/) (2015) — Security researchers discovered a hidden "knock sequence" that allowed remote access to the Cisco routers. When confronted, Cisco "fixed" the problem by shuffling the knock sequence around. The security researches discovered the new sequence again because *of course they did.*
# Symantec
[Symantec](https://www.symantec.com/) is a security company most known for
creating Norton Antivirus. Their response to a security incident is *apparently*
to **shut the fuck up** and pray that nobody ever finds out about it.
* [Top Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States](https://motherboard.vice.com/en_us/article/mb4ezy/top-voting-machine-vendor-admits-it-installed-remote-access-software-on-systems-sold-to-states) — In 2006 hackers stole the source code to **pcAnywhere** and the public did not learn of this until 2012, when hackers posted the source code online. Only then did Symantec admit that *they knew about it the entire time.* Not only did this play a role in hacked voting machines but it compromised the security **of all customers of the pcAnywhere software.**
* [Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs](https://arstechnica.com/information-technology/2017/03/google-takes-symantec-to-the-woodshed-for-mis-issuing-30000-https-certs/) — Symantec has **repeatedly** had problems with this; the result is that Symantec has lost all trust by browser vendors and has been revoked from the trusted Certificate Authority Store on Chrome and Firefox. SSL providers are supposed to be among the **most trusted** companies because the security of the Internet rests in their hands. If hackers can trick Symantec into giving them an SSL cert for `google.com` then countries like Iran can [intercept private communications putting lives in real danger](https://en.wikipedia.org/wiki/DigiNotar).

View File

@ -1,13 +1,4 @@
# Bookmarks
This page will be my effort to migrate bookmarks out of my web browsers and onto this page. Because why should these
great links be locked away in Mozilla's heavily encrypted Sync service? I can probably keep track of them better myself,
and this way I won't have to worry about losing them to a browser glitch!
Also, some of these links may be helpful to others.
If you want to bookmark my bookmarks, then bookmark _this_ page, as I may be reorganizing some of these onto
sub-pages when this list gets too long.
# Development Bookmarks
* [Development](#development)
* [Bash](#bash)
@ -27,14 +18,6 @@ sub-pages when this list gets too long.
* [Web Development](#web-development) — HTML, JavaScript &amp; CSS
* [API Design](#api-design)
* [Web Dev Tools](#web-dev-tools)
* [Gaming](#gaming)
* [Introversion](#introversion) — Topics about introverts.
* [Network Security](#network-security) — Encryption, OpSec, &amp; hacking topics.
* [NSA](#nsa) — Stories of the NSA, Edward Snowden, and related OpSec topics.
* [Philosophy](#philosophy)
* [Privacy](#privacy)
* [Short Stories](#short-stories)
* [Reddit](#reddit) — Miscellaneous cool Reddit threads and comments.
# Development
@ -205,97 +188,3 @@ If you violate terms in any of Google's monetary services, your account can be g
* [Bandwidth to Filesize Calculator](https://toolstud.io/data/filesize.php)
* [Sprite Cow - Generate CSS for sprite sheets](http://www.spritecow.com/)
# Gaming
* Minecraft
* [XP Farm Guide](https://imgur.com/a/gkNzm?gallery) — Basics on how to turn a spawner dungeon into an automated mob grinder.
* [Negative Space](https://imgur.com/a/yqlkc#0) — A building design guide.
* [My Guide to Building Modularly, and the Power of Cubes!](https://imgur.com/a/K1Vyk)
* Pokémon
* [**Pokémon X/Y Guide** Megathread](https://www.reddit.com/r/pokemon/comments/1ov1s5/pok%C3%A9mon_xy_guide_megathread/) — Collection of all sorts of in-depth guides.
* Zelda
* [**Breath of the Wild** Data Compendium](https://docs.google.com/document/d/1QiaqiORIK0BVTRjO-PtHKyAL5nTT8QushYDIWozNwoo/edit) — Way more numbers than you ever wanted about weapons, attacks, defense, HP and so-on.
# Introversion
* [The Pros and Cons of being an Introvert](https://thebranchingmind.com/2017/09/03/the-pros-and-cons-of-being-an-introvert/)
# Network Security
* Operational Security (OpSec) — *The first rule of OpSec is you don't talk about your OpSec.*
* [Protecting a Laptop from Simple and Sophisticated Attacks](https://www.grepular.com/Protecting_a_Laptop_from_Simple_and_Sophisticated_Attacks)
* [Secure Secure Shell](https://stribika.github.io/2015/01/04/secure-secure-shell.html) — SSH hardening tips &amp; tricks.
* [15 reasons NOT to start using PGP](http://secushare.org/PGP) — It's harder to use *optional* encryption over *insecure* e-mail when there are better alternatives.
* [OpenPGP Best Practices](https://riseup.net/en/security/message-security/openpgp/best-practices) — If you *must* use PGP.
* [What Sean Penn Teaches Us About How Not to Chat With a Fugitive](https://theintercept.com/2016/01/12/sean-penn-el-chapo-opsec/) — El Chapo post-mortem on OpSec failure.
* [**Ed Snowden** Taught Me to Smuggle Secrets Past Incredible Danger. Now I Teach You.](https://theintercept.com/2014/10/28/smuggling-snowden-secrets/)
* [NSA-proof your e-mail in 2 hours](http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/)
* Post-mortems and Tales
* [Reflections on Trusting Trust](http://wiki.c2.com/?TheKenThompsonHack) — The **Ken Thompson Hack** - Can you trust your C compiler? Linker? Kernel? Hardware?
* [Pwning a Spammer's Keylogger](https://www.trustwave.com/Resources/SpiderLabs-Blog/Pwning-a-Spammer-s-Keylogger/)
* [Everything Is Broken](https://medium.com/message/everything-is-broken-81e5f33a24e1)
* [Lockdown: The coming war on general-purpose computing](https://boingboing.net/2012/01/10/lockdown.html) (2011)
* [Fun with your friend's Facebook and Tinder sessions](https://robertheaton.com/2014/12/08/fun-with-your-friends-facebook-and-tinder-session-tokens/)
* [Snapchat Protocol Reverse Engineering &amp; Security Audit](http://gibsonsec.org/snapchat/fulldisclosure/)
* Cryptography
* [You are dangerously bad at cryptography](https://www.happybearsoftware.com/you-are-dangerously-bad-at-cryptography.html)
* [Myths about `/dev/urandom`](https://www.2uo.de/myths-about-urandom/)
* Tor Project &amp; Onion Routing
* [Tor Project](https://www.torproject.org/)
* [Combining Tor with a VPN](https://www.deepdotweb.com/jolly-rogers-security-guide-for-beginners/combining-tor-with-a-vpn/)
* Tutorials
* [Secure Salted Password Hashing - How to do it Properly](https://crackstation.net/hashing-security.htm)
* [Enhanced challenge/response authentication algorithms](http://openwall.info/wiki/people/solar/algorithms/challenge-response-authentication)
* [How to use DM-Crypt to Create an Encrypted Volume on Ubuntu](https://www.digitalocean.com/community/tutorials/how-to-use-dm-crypt-to-create-an-encrypted-volume-on-an-ubuntu-vps)
* References and Cheat Sheets
* [XSS Filter Evasion Cheat Sheet](https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet) — Defeating cross-site scripting filters
## NSA
* Nothing to Fear, Nothing to Hide
* [If You Are Doing Nothing Wrong You Have PLENTY to Fear - 30 Examples](https://foodforthethinkers.com/2014/04/25/if-you-are-doing-nothing-wrong-you-have-plenty-to-fear-30-examples/)
* The Chilling Effect
* [Mass surveillance silences minority opinions, according to study - The Washington Post](https://www.washingtonpost.com/news/the-switch/wp/2016/03/28/mass-surveillance-silences-minority-opinions-according-to-study/)
* NSA Sharing their Warez
* [NSA Tools for Spying on Foreign Terrorists Used by **DEA** to Bust Americans for Drugs](https://www.reddit.com/r/Libertarian/comments/1jqmnu/nsa_tools_for_spying_on_foreign_terrorists_used/)
* OpSec
* [PRISM Break - Opt out of global surveillance programs like PRISM, XKeyscore, and Tempora](https://prism-break.org/en/) — Comprehensive guide to open source tools and best practices.
* [NSA-proof your e-mail in 2 hours](http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/)
* [Get your loved ones off Facebook](http://www.salimvirani.com/facebook/)
* [Inside the NSA's War on Internet Security](http://www.spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361.html)
* [We're Deprecating HTTP and It's Going to be Okay](https://konklone.com/post/were-deprecating-http-and-its-going-to-be-okay) — HTTPS Everywhere!
* [Having Lost the Debate on Backdooring Encryption, Intelligence Community Plans to Wait Until Next Terrorist Attack](https://www.techdirt.com/articles/20150916/15570332276/having-lost-debate-backdooring-encryption-intelligence-community-plans-to-wait-until-next-terrorist-attack.shtml)
* [More Stories of People Arrested for Making Joke Threats on Social Networks](https://www.techdirt.com/articles/20100923/01464111127/more-stories-of-people-arrested-for-making-joke-threats-on-social-networks.shtml)
# Philosophy
* [Breaking into the Simulated Universe](https://ieet.org/index.php/IEET2/more/Edge20161030)
* [What Does It Mean to Die?](https://www.newyorker.com/magazine/2018/02/05/what-does-it-mean-to-die) — Concerning what it means to die: A New Yorker article explores some of the real-world effects of the work of philosophers.
# Privacy
This topic has some overlap with my [NSA](#nsa) category; check those links too.
* [Privacy in General](https://www.billdietrich.me/Privacy.html) — "Why should I care about privacy ? I have nothing to hide. I'm not a criminal." — Privacy matters because there are criminals and corporations out there trying to rip you off.
* [If You Are Doing Nothing Wrong You Have PLENTY to Fear - 30 Examples](https://foodforthethinkers.com/2014/04/25/if-you-are-doing-nothing-wrong-you-have-plenty-to-fear-30-examples/)
# Short Stories
* [There Will Come Soft Rains by Bradbury](http://www.gs.cidsnet.de/englisch-online/originals/soft_rains.htm) — A chilling tale of a smart home in a post-apocalyptic future.
* [The Last Question by Isaac Asimov](http://multivax.com/last_question.html) — A short story about the heat death of the universe. *How can entropy be reversed?*
* [The Last Answer by Isaac Asimov](http://www.thrivenotes.com/the-last-answer/) — A short story about an afterlife of never-ending consciousness.
* [I don't know, Timmy, being God is a big responsibility](https://qntm.org/responsibility) — A short story about a supercomputer that simulates the universe a little *too* perfectly. *"Well, we can't exactly turn it off."*
* [The Egg by Andy Weir](http://www.galactanet.com/oneoff/theegg_mod.html) — A story about the space in between lives. [Excellent YouTube adaptation.](https://www.youtube.com/watch?v=ehRggplMieM)
* [Ragged Trousered Philosopher](http://www.fullmoon.nu/articles/art.php?id=tal) — A conversation with God on a train.
* [The Machine](http://existentialcomics.com/comic/1) — A webcomic about teleporters and whether they murder &amp; re-materialize their users.
* [25 Lives](https://s2b2.livejournal.com/142934.html) — A touching webcomic about reincarnation.
# Reddit
* [Surprise psychology on *What is the most cynical thing you honestly believe?*](https://www.reddit.com/r/AskReddit/comments/19hfj3/what_is_the_most_cynical_thing_you_honestly/c8o44w2/)
* [You had ONE job](https://www.reddit.com/r/funny/comments/2dsyys/you_had_one_job/) — Placeholder texts in production.
* [rugtoad comments on 'What do insanely poor people buy, that ordinary people know nothing about?'](https://www.reddit.com/r/AskReddit/comments/2sbi17/what_do_insanely_poor_people_buy_that_ordinary/cno0g4b/)
* [What are the things you simply DON'T FUCK WITH?](https://www.reddit.com/r/AskReddit/comments/2t1qwh/what_are_the_things_you_simply_dont_fuck_with/) — Chemistry.
* [More scary chemicals that you don't fuck with](https://www.reddit.com/r/AskReddit/comments/4ioqd5/what_do_you_never_fuck_with/d3028rn?context=4)
* [10 years from now I am a scientist working at the Large Hadron Collider. AMA.](https://www.reddit.com/r/IAmA/comments/9z4d5/10_years_from_now_i_am_a_scientist_working_at_the/) — Humor.
* [You just won a 656 Million Dollar Lottery. What do you do now?](https://www.reddit.com/r/AskReddit/comments/24vzgl/you_just_won_a_656_million_dollar_lottery_what_do/chba4bf/) — In case that ever happens.

163
www/wiki/Bookmarks/index.md Normal file
View File

@ -0,0 +1,163 @@
# Bookmarks
This page will be my effort to migrate bookmarks out of my web browsers and onto this page. Because why should these
great links be locked away in Mozilla's heavily encrypted Sync service? I can probably keep track of them better myself,
and this way I won't have to worry about losing them to a browser glitch!
Also, some of these links may be helpful to others.
If you want to bookmark my bookmarks, then bookmark _this_ page, as I may be reorganizing some of these onto
sub-pages when this list gets too long.
## Sub-Pages
* [Corporate Sins](/wiki/Bookmarks/Corporate-Sins) — Let's not forget the crimes against humanity committed by corporations.
* [Development](/wiki/Bookmarks/Development) — Resources, tutorials and interesting articles for software developers.
Topics include Bash, C/C++, HTML/CSS/JS, Python, Unicode...
## Table of Contents
* [Development](/wiki/Bookmarks/Development#development)
* [Bash](/wiki/Bookmarks/Development#bash)
* [C/C++](/wiki/Bookmarks/Development#c-c)
* [HTML/CSS](/wiki/Bookmarks/Development#html-css)
* [Game Dev](/wiki/Bookmarks/Development#game-dev)
* [Git](/wiki/Bookmarks/Development#git)
* [Go](/wiki/Bookmarks/Development#go) — Golang
* [JavaScript](/wiki/Bookmarks/Development#javascript)
* [PHP](/wiki/Bookmarks/Development#php)
* [Programmer Humor](/wiki/Bookmarks/Development#programmer-humor)
* [Python](/wiki/Bookmarks/Development#python)
* [Technology](/wiki/Bookmarks/Development#technology) — Hadoop, MongoDB, etc.
* [Google Ban Hammer](/wiki/Bookmarks/Development#google-ban-hammer) — Because people don't believe me without examples.
* [Tutorials](/wiki/Bookmarks/Development#tutorials)
* [Unicode](/wiki/Bookmarks/Development#unicode)
* [Web Development](/wiki/Bookmarks/Development#web-development) — HTML, JavaScript &amp; CSS
* [API Design](/wiki/Bookmarks/Development#api-design)
* [Web Dev Tools](/wiki/Bookmarks/Development#web-dev-tools)
* [Gaming](#gaming)
* [Introversion](#introversion) — Topics about introverts.
* [Network Security](#network-security) — Encryption, OpSec, &amp; hacking topics.
* [NSA](#nsa) — Stories of the NSA, Edward Snowden, and related OpSec topics.
* [Philosophy](#philosophy)
* [DP/DR](#dp-dr) — Depersonalization/derealization.
* [Privacy](#privacy)
* [Short Stories](#short-stories)
* [Reddit](#reddit) — Miscellaneous cool Reddit threads and comments.
# Gaming
* Minecraft
* [XP Farm Guide](https://imgur.com/a/gkNzm?gallery) — Basics on how to turn a spawner dungeon into an automated mob grinder.
* [Negative Space](https://imgur.com/a/yqlkc#0) — A building design guide.
* [My Guide to Building Modularly, and the Power of Cubes!](https://imgur.com/a/K1Vyk)
* Pokémon
* [**Pokémon X/Y Guide** Megathread](https://www.reddit.com/r/pokemon/comments/1ov1s5/pok%C3%A9mon_xy_guide_megathread/) — Collection of all sorts of in-depth guides.
* Zelda
* [**Breath of the Wild** Data Compendium](https://docs.google.com/document/d/1QiaqiORIK0BVTRjO-PtHKyAL5nTT8QushYDIWozNwoo/edit) — Way more numbers than you ever wanted about weapons, attacks, defense, HP and so-on.
# Introversion
* [The Pros and Cons of being an Introvert](https://thebranchingmind.com/2017/09/03/the-pros-and-cons-of-being-an-introvert/)
# Network Security
* Operational Security (OpSec) — *The first rule of OpSec is you don't talk about your OpSec.*
* [Protecting a Laptop from Simple and Sophisticated Attacks](https://www.grepular.com/Protecting_a_Laptop_from_Simple_and_Sophisticated_Attacks)
* [Secure Secure Shell](https://stribika.github.io/2015/01/04/secure-secure-shell.html) — SSH hardening tips &amp; tricks.
* [15 reasons NOT to start using PGP](http://secushare.org/PGP) — It's harder to use *optional* encryption over *insecure* e-mail when there are better alternatives.
* [OpenPGP Best Practices](https://riseup.net/en/security/message-security/openpgp/best-practices) — If you *must* use PGP.
* [What Sean Penn Teaches Us About How Not to Chat With a Fugitive](https://theintercept.com/2016/01/12/sean-penn-el-chapo-opsec/) — El Chapo post-mortem on OpSec failure.
* [**Ed Snowden** Taught Me to Smuggle Secrets Past Incredible Danger. Now I Teach You.](https://theintercept.com/2014/10/28/smuggling-snowden-secrets/)
* [NSA-proof your e-mail in 2 hours](http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/)
* Post-mortems and Tales
* [Reflections on Trusting Trust](http://wiki.c2.com/?TheKenThompsonHack) — The **Ken Thompson Hack** - Can you trust your C compiler? Linker? Kernel? Hardware?
* [Pwning a Spammer's Keylogger](https://www.trustwave.com/Resources/SpiderLabs-Blog/Pwning-a-Spammer-s-Keylogger/)
* [Everything Is Broken](https://medium.com/message/everything-is-broken-81e5f33a24e1)
* [Lockdown: The coming war on general-purpose computing](https://boingboing.net/2012/01/10/lockdown.html) (2011)
* [Fun with your friend's Facebook and Tinder sessions](https://robertheaton.com/2014/12/08/fun-with-your-friends-facebook-and-tinder-session-tokens/)
* [Snapchat Protocol Reverse Engineering &amp; Security Audit](http://gibsonsec.org/snapchat/fulldisclosure/)
* Cryptography
* [You are dangerously bad at cryptography](https://www.happybearsoftware.com/you-are-dangerously-bad-at-cryptography.html)
* [Myths about `/dev/urandom`](https://www.2uo.de/myths-about-urandom/)
* Tor Project &amp; Onion Routing
* [Tor Project](https://www.torproject.org/)
* [Combining Tor with a VPN](https://www.deepdotweb.com/jolly-rogers-security-guide-for-beginners/combining-tor-with-a-vpn/)
* Tutorials
* [Secure Salted Password Hashing - How to do it Properly](https://crackstation.net/hashing-security.htm)
* [Enhanced challenge/response authentication algorithms](http://openwall.info/wiki/people/solar/algorithms/challenge-response-authentication)
* [How to use DM-Crypt to Create an Encrypted Volume on Ubuntu](https://www.digitalocean.com/community/tutorials/how-to-use-dm-crypt-to-create-an-encrypted-volume-on-an-ubuntu-vps)
* References and Cheat Sheets
* [XSS Filter Evasion Cheat Sheet](https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet) — Defeating cross-site scripting filters
## NSA
* Nothing to Fear, Nothing to Hide
* [If You Are Doing Nothing Wrong You Have PLENTY to Fear - 30 Examples](https://foodforthethinkers.com/2014/04/25/if-you-are-doing-nothing-wrong-you-have-plenty-to-fear-30-examples/)
* The Chilling Effect
* [Mass surveillance silences minority opinions, according to study - The Washington Post](https://www.washingtonpost.com/news/the-switch/wp/2016/03/28/mass-surveillance-silences-minority-opinions-according-to-study/)
* NSA Sharing their Warez
* [NSA Tools for Spying on Foreign Terrorists Used by **DEA** to Bust Americans for Drugs](https://www.reddit.com/r/Libertarian/comments/1jqmnu/nsa_tools_for_spying_on_foreign_terrorists_used/)
* OpSec
* [PRISM Break - Opt out of global surveillance programs like PRISM, XKeyscore, and Tempora](https://prism-break.org/en/) — Comprehensive guide to open source tools and best practices.
* [NSA-proof your e-mail in 2 hours](http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/)
* [Get your loved ones off Facebook](http://www.salimvirani.com/facebook/)
* [Inside the NSA's War on Internet Security](http://www.spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361.html)
* [We're Deprecating HTTP and It's Going to be Okay](https://konklone.com/post/were-deprecating-http-and-its-going-to-be-okay) — HTTPS Everywhere!
* [Having Lost the Debate on Backdooring Encryption, Intelligence Community Plans to Wait Until Next Terrorist Attack](https://www.techdirt.com/articles/20150916/15570332276/having-lost-debate-backdooring-encryption-intelligence-community-plans-to-wait-until-next-terrorist-attack.shtml)
* [More Stories of People Arrested for Making Joke Threats on Social Networks](https://www.techdirt.com/articles/20100923/01464111127/more-stories-of-people-arrested-for-making-joke-threats-on-social-networks.shtml)
# Philosophy
* [Breaking into the Simulated Universe](https://ieet.org/index.php/IEET2/more/Edge20161030)
* [What Does It Mean to Die?](https://www.newyorker.com/magazine/2018/02/05/what-does-it-mean-to-die) — Concerning what it means to die: A New Yorker article explores some of the real-world effects of the work of philosophers.
* YouTube Videos:
* [Alan Watts - Life is NOT a Journey](https://www.youtube.com/watch?v=rBpaUICxEhk) — we think of life as a pilgrimage, a journey to the end, the next big goal. Go to college, get married, have kids, retire. But we miss the point the whole way along: it was a musical thing and you were supposed to sing or to dance while the music was being played.
* [Alan Watts - Law of Attraction](https://www.youtube.com/watch?v=hK_yGDn6BVQ)
## DP/DR
> Depersonalization is a state in which you perceive yourself from a third person
> perspective as a character in a dream. It is hard to cure because it is
> literally true. Your mind is just not supposed to remember that it is the
> author of the dream that your self experiences.
> [@Plinz](https://twitter.com/Plinz/status/1008961482804154368)
For me, a lot of the questions raised while experiencing DP/DR are philosophical
in nature so I categorize these links as a sub-genre of [Philosophy](#philosophy).
* [Depersonalization/Derealization on Wikipedia](https://en.wikipedia.org/wiki/Depersonalization_disorder)
* [/r/dpdr](https://www.reddit.com/r/dpdr)
* YouTube Videos:
* [Jim Carrey - What It All Means](https://www.youtube.com/watch?v=wTblbYqQQag)
* [Alan Watts - Happiness is NOT the Meaning of Life](https://www.youtube.com/watch?v=RsdoJ9x8IBs) — If you had the magic power to dream anything you wanted to dream -- be a superhero, have every kind of pleasure -- you would eventually dream where you are now. Of playing that you weren't God.
* [Alan Watts Proves You Don't Exist](https://www.youtube.com/watch?v=vNKOUhx-7qk)
* [Alan Watts - Are you ready to 'wake up'?](https://www.youtube.com/watch?v=YFzeCv_WFnY)
# Privacy
This topic has some overlap with my [NSA](#nsa) category; check those links too.
* [Privacy in General](https://www.billdietrich.me/Privacy.html) — "Why should I care about privacy ? I have nothing to hide. I'm not a criminal." — Privacy matters because there are criminals and corporations out there trying to rip you off.
* [If You Are Doing Nothing Wrong You Have PLENTY to Fear - 30 Examples](https://foodforthethinkers.com/2014/04/25/if-you-are-doing-nothing-wrong-you-have-plenty-to-fear-30-examples/)
# Short Stories
* [There Will Come Soft Rains by Bradbury](http://www.gs.cidsnet.de/englisch-online/originals/soft_rains.htm) — A chilling tale of a smart home in a post-apocalyptic future.
* [The Last Question by Isaac Asimov](http://multivax.com/last_question.html) — A short story about the heat death of the universe. *How can entropy be reversed?*
* [The Last Answer by Isaac Asimov](http://www.thrivenotes.com/the-last-answer/) — A short story about an afterlife of never-ending consciousness.
* [I don't know, Timmy, being God is a big responsibility](https://qntm.org/responsibility) — A short story about a supercomputer that simulates the universe a little *too* perfectly. *"Well, we can't exactly turn it off."*
* [The Egg by Andy Weir](http://www.galactanet.com/oneoff/theegg_mod.html) — A story about the space in between lives. [Excellent YouTube adaptation.](https://www.youtube.com/watch?v=ehRggplMieM)
* [Ragged Trousered Philosopher](http://www.fullmoon.nu/articles/art.php?id=tal) — A conversation with God on a train.
* [The Machine](http://existentialcomics.com/comic/1) — A webcomic about teleporters and whether they murder &amp; re-materialize their users.
* [25 Lives](https://s2b2.livejournal.com/142934.html) — A touching webcomic about reincarnation.
# Reddit
* [Surprise psychology on *What is the most cynical thing you honestly believe?*](https://www.reddit.com/r/AskReddit/comments/19hfj3/what_is_the_most_cynical_thing_you_honestly/c8o44w2/)
* [You had ONE job](https://www.reddit.com/r/funny/comments/2dsyys/you_had_one_job/) — Placeholder texts in production.
* [rugtoad comments on 'What do insanely poor people buy, that ordinary people know nothing about?'](https://www.reddit.com/r/AskReddit/comments/2sbi17/what_do_insanely_poor_people_buy_that_ordinary/cno0g4b/)
* [What are the things you simply DON'T FUCK WITH?](https://www.reddit.com/r/AskReddit/comments/2t1qwh/what_are_the_things_you_simply_dont_fuck_with/) — Chemistry.
* [More scary chemicals that you don't fuck with](https://www.reddit.com/r/AskReddit/comments/4ioqd5/what_do_you_never_fuck_with/d3028rn?context=4)
* [10 years from now I am a scientist working at the Large Hadron Collider. AMA.](https://www.reddit.com/r/IAmA/comments/9z4d5/10_years_from_now_i_am_a_scientist_working_at_the/) — Humor.
* [You just won a 656 Million Dollar Lottery. What do you do now?](https://www.reddit.com/r/AskReddit/comments/24vzgl/you_just_won_a_656_million_dollar_lottery_what_do/chba4bf/) — In case that ever happens.

259
www/wiki/Doodle-Notes.md Normal file
View File

@ -0,0 +1,259 @@
# Ideas
## Table of Contents
* [Major Milestones](#major-milestones)
* [File Formats](#file-formats)
* [Text Console](#text-console)
* [Doodads](#doodads)
# Major Milestones
The major milestones of the game are roughly:
* Prototype: make a simple SDL painting program that does nothing special.
* Simple Platformer: be able to toggle between "edit mode" and "play mode"
and control a character who can walk around your level and bump into the
solid geometry you've drawn (no objects yet, just the basics here).
* Add Doodads (buttons, doors, the player character themself, enemies, ...)
* Share a lot in common with map drawings, in that they're hand-drawn, will
share a similar file format.
* Available doodads can be dragged/dropped into maps.
* The player character should be a Doodad under the hood to keep it from
becoming too special (read: easier to make the game multiplayer in the
future by putting a "networked user" in control of a doodad instead of
the keyboard/mouse).
* **Version 1:** Single Player Campaign and Editor. This is the minimum
feature set for a first public release of the game. Required features:
* The game should ship with a single-player "campaign mode" of pre-made maps
that link to one another in sequence. i.e. 100 levels that the player can
play through in a certain order.
* It must include the level editor feature so players can create and share
their own maps.
* Dev tools may be clunky to use at this stage; i.e. players creating custom
Doodads will need to use external tools outside the game (i.e. code editors
to program the JavaScript logic of the doodad), but everything should be
available and possible for modders to extend the game with custom features.
* Game should have a good mixture of doodads and features: doors, buttons,
switches, etc. and make a usable single player experience.
* World sizes might be limited in dimension.
* **Version 2:** Multiplayer Collaborative World Builder. This is a
"pie in the sky" long-term vision for the game, to make it multiplayer,
hopefully addicting, and possibly slightly Minecraft-like. Some ideas:
* Players can self-host their own multiplayer servers to draw worlds with
friends.
* A new server would initialize as a blank white level with maybe a single
platform (a line) for players to spawn on.
* Gameplay is a mixture of players drawing the world and playing on it.
* i.e.: one player could be drawing himself a castle and, as he's drawing,
another player could be walking on the lines being laid down, etc.
* World size should be infinite.
* Besides creative mode, other game modes should be explored eventually...
* Automatically-spawning enemy doodads that you have to fight?
* Procedurally generated default maps? Having a blank white canvas is
sorta like Superflat worlds in Minecraft, whereas normal Minecraft worlds
come with randomly generated terrain to start from.
* Find a way to incorporate drawing into a survival mode game? i.e. instead
of a "Creative Mode" style, "unlimited ink to draw as much as you want,"
have some natural limiter where players have to spend time in Play Mode
to be able to change the map.
# File Formats
* The file formats should eventually have a **Protocol Buffers** binary
representation before we go live. JSON support shall remain, but the
production application will not _write_ JSON files, only read them.
(This way we can ship drawings in the git repo as text files).
## Common Drawing Files
* A common base format should be shared between Levels and Doodads. You should
be able to use the Editor mode and draw a map *or* draw a doodad like a
button. The drawing data should be a common structure between Level and
Doodad files.
* The drawing is separated between a **Palette** and the **Pixels**
themselves. The Pixels reference the Palette values and their X,Y
coordinate.
* The _color_ and the _behavior_ of the palette are decoupled.
* In the base game, all the solid lines you draw may be black and red
lines are fire, but these aren't hard and fast rules. You could hack a
custom map file that makes black lines fire and red lines water if
you wanted.
* The Palette in the map file stores the attributes and colors of each
distinct type of pixel used in the map. Here it says "color 0 is
black and is solid", "color 1 is red and is fire and is not solid",
etc.
* A mod tool could be written to produce a full-color pixel art level
that still behaves and follows the normal rules of the Doodle game
with regards to geometry and collisions.
* Ideas for pixel attributes:
* Brush: what shape brush to draw the pixel with.
* Solid: can't collide with other solid pixels.
* Fire: applies fire damage to doodads that intersect with it.
* Water: If a doodad passes through a blue pixel, they toggle their
underwater physics. This way pools can be entered from ANY side (top,
bottom, sides) and the physics should toggle on and off.
* Slippery: when a doodad is standing on a slippery pixel, do some extra
checks to find a slope and slide the doodad down it. Makes the pixels
act like ice.
* Standard palette:
* The base game's map editor will tend toward hand-drawn style, at least
at first.
* Black lines are solid.
* Dashed black lines are slippery.
* Red lines are fire.
* Blue lines are water.
* Light grey lines are decoration (non solid, background geometry)
* May make it possible to choose arbitrary colors separately from the
type of pixel. A palette manager UX would be great.
## Level Files
* In the level file, store the `pixelHistory` as the definitive source
of pixels rather than the grid of pixels. Let the grid be populated when
the level is being inflated. The grid should have `json:"-"` so it doesn't
serialize to the JSON.
* This makes it possible to animate levels as they load -- by
fast-tracing the original lines that the mapper drew, watching them draw
the map before you play it.
* Makes the file _slightly_ lighter weight because a lot of lines will have
delta positions in the pixelHistory so we don't need to store the middle
pixels.
* It should have space to store copies of any custom Doodads that the user
wants to export with the level file itself, for easy sharing.
* It should have space to store a custom background image.
# Text Console
* Create a rudimentary dev console for entering text commands in-game. It
will be helpful until we get a proper UI developed.
* The `~` key would open the console.
* Draw the console on the bottom of the screen. Show maybe 6 lines of
output history (a `[]string` slice) and the command prompt on the
bottom.
* Ideas for console commands:
* `save <filename.json>` to save the drawing to disk.
* `open <filename.json>`
* `clear` to clear the drawing.
* Make the console scriptable so it can be used as a prompt, in the mean
time before we get a UI.
* Example: the key binding `Ctrl-S` would be used to save the current
drawing, and we want to ask the user for a file name. There is no UI
toolkit yet to draw a popup window or anything.
* It could be like `console.Prompt("Filename:")` and it would force open
the text console (if it wasn't already open) and the command prompt would
have that question... and have a callback command to run, like
`save <filename.json>` using their answer.
# Doodads
Doodads will be the draggable, droppable, scriptable assets that make the
mazes interactive.
* They'll need to store multiple frames, for animations or varying states.
Example: door opening, button being pressed, switch toggled on or off.
* They'll need a scripting engine to make them interactive. Authoring the
scripts can be done externally of the game itself.
* The built-in doodads should be scripted the same way as custom doodads,
dogfooding the system.
* Custom doodads will be allowed to bundle with a level file for easy
shipping.
* Installing new doodads from a level file could be possible too.
* Doodads within a level file all have a unique ID, probably just an
integer. Could be just their array index even.
Some ideas for doodad attributes:
* Name (string)
* Frames (drawings, like levels)
Doodad instances in level files would have these attributes:
* ID (int)
* X,Y coordinates
* Target (optional int; doodad ID):
* For buttons and switches and things. The target would be another
doodad that can be interacted with.
* Self-contained doodads, like trapdoors, won't have a Target.
* Powered (bool)
* Default `false` and most things won't care.
* A Button would be default `false` until pressed, then it's `true`
* A Switch is `true` if On or `false` if Off
* A Door is `true` if Open and `false` if Closed
* So when a switch is turned on and it opens a door by pushing a `true`
state to the door... this is the underlying system.
## Scripting
* Probably use Otto for a pure Go JavaScript runtime, to avoid a whole world
of hurt.
* Be able to register basic event callbacks like:
* On load (to initialize any state if needed)
* On visible (for when we support scrolling levels)
* On collision with another doodad or the player character
* On interaction (player hits a "Use" button, as if to toggle a switch)
* Doodads should be able to pass each other messages by ID.
* Example: a Button should be able to tell a Door to open because the
button has been pressed by another doodad or the player character.
Some ideas for API features that should be available to scripts:
* Change the direction and strength of gravity (i.e. Antigravity Boots).
* Teleport the player doodad to an absolute or relative coordinate.
* Summon additional doodads at some coordinate.
* Add and remove items from the player's inventory.
## Ideas for Doodads
Some specific ideas for doodads that should be in the maze game, and what
sorts of scripting features they might need:
* Items (class)
* A class of doodad that is "picked up" when touched by the player
character and placed into their inventory.
* Scriptable hooks can still apply, callback ideas:
* On enter inventory
* On leave inventory
* Example: Gravity Boots could be scripted to invert the global gravity
when the item enters your inventory until you drop the boots.
* Some attribute ideas:
* Undroppable: player can't remove the item from their inventory.
* Item ideas to start with:
* Keys to open doors (these would just be mere collectables)
* Antigravity Boots (scripted to mess with gravity)
* Buttons
* At least 2 frames: pressed and not pressed.
* Needs to associate with a door or something that works with buttons.
* On collision with a doodad or player character: send a notification to
its associated Door that it should open. (`Powered: true`)
* When collision ends, button and its door become unpowered.
* Sticky Buttons
* Buttons that only become `true` once. They stick "On" when activated
for the first time.
* Once pressed they can't be unpressed. However, there's nothing stopping
a switch from targeting a sticky button, so when the switch is turned off
the sticky button turns off too.
* Switches
* Like a button. On=`true` and Off=`false`
* 2 frames for the On and Off position.
* On "use" by the player, toggle the switch and notify the door of the new
boolean value.
* It would invert the value of the target, not just make it match the
value of the switch. i.e. if the switch is `false` and the door is
already open (`true`), making the switch `true` closes the door.
* Powered Doors
* Can only be opened when powered.
* 2 frames of animation: open and closed.
* A switch or button must target the door as a way to open/close it.
* Locked Doors
* Requires a key item to be in the player's inventory.
* On collision with the player: if they have the key, the door toggles to
its `true` powered state (open) and stays open.
* The door takes the key from the player's inventory when opened.
* Trapdoors
* One-way doors that close behind you.
* Can be placed horizontally: a doodad falling from above should cause
the door to swing open (provided it's a downward-only door) and fall
through.
* Can be placed vertically and acts as a one-way door.
* Needs several frames of animation.