Even in existing liberal democracies we’re seeing an increasing slide towards authoritarianism and fascism, and it is important to understand that the slide into those forms of government happen slowly until they happen very suddenly. The current political climate in the US is a solid example, and Europe is – despite what we might want to tell ourselves – not that far behind.

“Ultimately, arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.”
― Edward Snowden

Opsec is an abbreviation for Operations Security, and it describes a doctrine on how to safeguard information so it may be kept secret and not used against you.

Wikipedia defines it thusly: “Operations security (OPSEC) is a process that identifies critical information to determine whether friendly actions can be observed by enemy intelligence, determines if information obtained by adversaries could be interpreted to be useful to them, and then executes selected measures that eliminate or reduce adversary exploitation of friendly critical information.”

So, what can you – a civilian – do to protect and safeguard your information? It’s not really all that difficult or complicated. It might be depressing. Sorry about that.

First of all, assume that any and all communications and data is compromised by default. Work from there.

Use secure email. I recommend ProtonMail. You can use a domain they provide or your own. Proton is encrypted and secure email hosted in the EU, a political region with some of the strictest privacy protections on the planet (for the time being – local governments are doing what they can to circumvent EU regulations).

Use a VPN as often as possible. Proton provides VPN services. Others that I’ve found to work well are NordVPN (this is an affiliate link) and ExpressVPN.
VPN is an acronym that means Virtual Private Network, and is a means of encrypting and obfuscating your inline activity from your ISP.
This is especially relevant in countries like Denmark that have a telecommunications surveillance law (linked article is in Danish) in place. Assume all your activity online is logged.

Switch away from your ISPs DNS servers. If you use a VPN that will likely already have been handled for you. I recommend reading this article on how to get started on changing your DNS servers.

Use end-to-end encrypted private messaging. The only really good solution for that right now is Signal. Signal has a proven track record and is run by a non-profit with no commercial interests.
End-to-end encryption means that any messages sent are readable only by you and the recipients, but are heavily encrypted while being transmitted. Signal also supports configuring the service to automatically delete your conversations after a certain amount of time, so even if someone managed to crack your code and access your device, the messages would be gone.

Most countries now have laws in place that allow them to demand of you that you unlock your devices to allow them to search them. This is an obvious security risk, and given that high speed internet pretty much ubiquitous globally I highly recommend you delete sensitive files from your devices before crossing any border. You can always redownload them once you get to your destination.

And finally … remember, any service you use for free means that you are paying with your data.

I will update this post as and when I think of more stuff. If you have any ideas, comments or suggestions please feel free to send them my way, and I will include them here.

It took me all of 20 minutes and a bit of light googling to parse together what I needed. Here’s the code I use.

#include "Keyboard.h"   // This loads the library that allows the Arduino to mimic itself as a standard USB keyboard. 

const int BUTTON_PIN = 7;

int lastState = LOW;
int currentState;

void setup() {
  Serial.begin(9600);
  pinMode(BUTTON_PIN, INPUT_PULLUP);
  Keyboard.begin();   // The keyboard library is loaded into memory. 
}

void loop() {
  // read the state of the switch/button:
  currentState = digitalRead(BUTTON_PIN);

  if(lastState == HIGH && currentState == LOW) { // button is pressed
    pressedTime = millis();
    Keyboard.press(KEY_LEFT_SHIFT);
    Keyboard.press(KEY_TAB);
    Keyboard.press('S');S
  }
  else if(lastState == LOW && currentState == HIGH) { // button is released
    Keyboard.releaseAll();   // I instruct the keyboard library to release all keys, ending the PTT
  }

  // save the the last state
  lastState = currentState;
}

Next up is hijacking the CB handset I have. I have already disassembled it and started poking around. I didn’t know these things come with a speaker built in, and we’re not going to use that, so it has to go.

I did however find a wiring diagram that I think is going to be helpful. I am hoping I can wire everything up to run via the existing cable which has four leads in it. Should be doable as long as the button and the microphone can share a ground wire.

Anyhoo. I am cautiously optimistic about this project.

I’ve been playing a bit of Space Trucker, Elite Dangerous, etc and I want to replicate that feeling.

So this idea originally came from a buddy of mine (hey, Troels), and he talked about using an Arduino Leonardo to enable the push-to-talk (PTT) function on the handset and hooking that into a Discord chat, or even just a games own PTT functionality.

So here’s the idea … get a handset, an Arduino Leonardo board. Wire that up and hook it into your gaming rig. Extremely simplified.

I have zero experience with Arduino, but since I tend to learn best when I have an actual practical project I want to do this seems like it will fit the bill nicely. I am looking forward to this, and I think it’s going to be fun. And I’ve been looking for an excuse to get into Arduino and play around with it.

Bill of goods

• Arduino Leonardo board
  Or compatible. There are a ton of cheaper boards than the OG, I am using a board from Keyestudio.
• A CB radio handset
  I got a PROMAXPOWER (what a name) one on the cheap from Amazon.
• A variety of bits
  Breadboard, wires, etc. to test on before final assembly.

The expected outcome

I want to outline some criteria’s for success on this one. Just to give myself something to go back to if I get lost or go too far down a rabbit hole.

1. PTT functionality
   The PTT button needs to be connected to the Arduino, to engage the PTT function, and send the correct keyboard combination to the computer to engage PTT.
2. Audio capture
   I should be able to capture audio from the handheld mic and send it to the computer.
   I genuinely don’t know how I am gonna do this yet, but I have a few ideas.

Extra credit

If I achieve the above then ideally I want to build it out into a self contained unit. 3D print a housing, with dedicated connectors, and the like. Something inspired by the look of CB radios or LogitechGs flight sim control panels. Maybe something that I can mount under my desk, or on my desk shelf.

The Sony AVX AV3250 has a parking break sensor, that enables the display to show the videosignal if, and only if, the parking break is enabled. Or, if you do like I did, and just ground it to the chassis of the car.

The next bit is to plan out the permanent power connection, and design the panel and bracket that will hold the connections and devices. I’ve been screwing around in TinkerCad, and I ordered some “powerthiefs”, essentially a power splitter with a separate fuse.

Also, in the 2006 Honda Civic when you remove the stock head unit you lose access to a small secondary screen that display stuff like the date and time, as well as the current AC settings. Not in and of itself a huge issue, but nonetheless I preferred having things work if at all possible.

So when I went to install my new head unit I also purchased a canbus adapter (as they are called) from a company called Connects2. They do all sorts of cool stuff for after market head units and it made the installation a breeze.

However, after installing my new head unit I no longer had the use of the audio steering wheel controls. No volume up/down, skip and play/pause. Ever so slightly more annoying. First I thought it might’ve been an issue with the head unit connector cable, so I bought a new one. When that didn’t work they thought it might be a defective canbus adapter.

None of that was true. What did in fact happen was that I had put the cables together in the wrong order.
I had installed everything by first connecting cables to the car and then the headunit. It was supposed to be the other way around. None of the instructions mentioned this, so I assume its one of those things that is “just known” in the car audio installer world. I only found out about this after googling for months, and suddenly stumbling across an eight year old youtube video (I don’t have the link, sorry), that said “always connect back from the head unit”.

Regardless. I have my controls back. I am happy.

About a year ago I bought a car that I have been eyeing ever since I first saw it. The 2006 Honda Civic hatchback with the space shuttle facelift that relaunched the Civic in Europe. It’s an astonishingly cool car, and I was very lucky. The one I found was in mint condition, and loaded up with extras. I have affectionately named it Blackbird.

Despite not being born with it the previous owner had even had it retrofitted with an Android based headunit. That served me well in the beginning, and I managed to get Carplay working on it using a CarLinkIt dongle and the AutoKit app. But it was a very cheap unit, likely bought for next to nothing from China. It crashed often – becoming so unresponsive I would need to pull over to, turn off the car, and restart the car to get the unit to reboot. So … it was not long for this world.

About two months ago I installed a Sony XAV-AX3250. This is a midrange unit. With my tinnitus high audio quality is kinda wasted on me, but I did want something that was going to be stable. And this unit had gotten some pretty reviews.

There is absolutely nothing amazing about this device. Which is exactly how I want it.

There was one thing that caught my eye … the back of this unit has a minijack A/V port, also known as a TRRS port. This is a port that carries stereo audio and a composite video signal over minijack. Composite resolution is 576i which, let’s be honest, is paltry.

However! 576i is perfect for old consoles. It’s the resolution of old CRT tv’s, after all.

I do have a couple of spare Raspberry Pi’s kicking about the place, and they have a TRRS connector, too. And they a low power enough that they can easily run off of a USB charger in the car (and in the future, with a bit luck, through a hardwired connection).

Then I could take that RasPi, and drop something like RetroPie on it … and presto, mobile gaming with all the old classics.

So here’s the plan

First up, I need to make sure this is even feasible. So step 1 is gonna grab all the stuff I already have and just kinda prototype it; meaning boot the RasPi in the car, and get some sort of signal up on the head unit.

Already have most of what I need, including some SNES style USB controllers, cables, patches, and more.

If that works, then I need to wire everything up … that means grabbing a fuse patch and hardwiring the power connector.

I hope this works. It’ll make the breaks on the long road trips and the waits at ferries a lot more fun.

Git is the common thread

I use Gitlab for all my git’ing needs. Gitlab is a full fledged software project management stack, and contains everything from git repos, wikis, CI and much much much. I originally chose Gitlab because I was bootstrapping my business years ago, and it was the easiest way to have infinite private git repos.
I am assuming that you could drop in almost any git server offering out there.

Catch problems before they are deployed

Gitlab CI is a really solid and strong tool. It is equivalent to Github Actions, in case you’re using that. Part of the CI process is linting, testing and security auditing.

I have my Gitlab CI configured to use docker, and it runs off a second hand Intel NUC I have chucked in the back of a cupboard. I run a variety of docker images to do some pre-deployment checks. I try to write solid code, but everyone has a bad day, and these tools help to catch problems before they deploy and become embarrassing. It’s not a failsafe, but just another bit in my toolbox.

The docker images I use are almost exclusively provided by a group called pipelinecomponents, and their repo on Docker Hub is amazing. Because I most often work in PHP and frontend technologies my most used of their containers are:

• eslint; does static analysis of JavaScript, and flags any potential issues
• stylelint; verifies the compiled CSS output and flags deprecated methods and code
• php-linter; runs static analysis on PHP and will validate against specific versions of PHP
• php-security-checker; reviews the contents of composer.json and flags any dependencies that may have been declared insecure
• php-codesniffer; does essentially the same as php-linter, but I am a belt and suspenders kind of guy

… and yet, still …

I have all these tools and still something will fail or break. Maybe I didn’t test for a very specific edgecase? Maybe a scenario cropped up that I hadn’t accounted for? Regardless, the last thing you want is to learn about issues from your users. It is much much better if your code can report on itself when it breaks or fails.

This is where the genius tool known as Sentry comes in. You integrate Sentry into your codebase and it will monitor and report on any abnormalities, including a full stack trace of the failing code.

Sentry integrates with Gitlab and vice versa, so every time I deploy new versions all tools are aware of the latest release, and Sentry will automatically flag new bugs to the appropriate release. It will help you track regressions, it will help you identify users, and much much more.

It took me a while to configure and set everything up, but ever since it got set up I have lost count of how many hours this has saved me in debugging and tracing.

This is my pipeline. There are many like it. But this one is mine. Like I said, all of these tools run off of a NUC in cupboard, using Docker.

You can recreate most of the same workflows and automations using a vast variety of tools.

I started larping when I was 13 years old, some 20+ years ago. Back then we were the weird kids running around woods with padded sticks and bedsheets with holes cut in them.

But the worlds we built felt so real and captivating, that it really shouldn’t come as a surprise that this particular bug was one that stuck around.

Larping permeates all layers of societies and larpers come from all walks of life. It’s one of the things that make this community great. Especially in Scandinavia where I believe we do what we can to make sure that there’s room for everyone; in spite of flaws, social ineptitude or diagnosis.

Most of us have always been the odd ducks, so I’d like to tell myself we’re more tolerant of whatever damage the others carry around (this is of course total bullshit, but I like the thought and the idea that this is what we work towards).

Fast forward to today, and larping is a massive hobby. We who participate in it form international communities and share incredible experiences. We pour obscene amounts of money, time and effort into crafting our worlds, and as we’ve grown up we’ve become an increasingly demanding audience.

Commercialising our art

It’s difficult to talk about larping in Scandinavia without mentioning Dziobak Larp Studios. They’re the producers of the massive events you’ve read about on Geek & Sundry, HuffPo and elsewhere. From the Harry Potter-ish College of Wizardry to the Downton Abbey inspired Fairweather Manor they’ve managed to bring larping into the mainstream. That is in and of itself a massive accomplishment. But sadly these successes have not come without cost.

DLS is the brainchild of “Visionary Wild Card” Claus Raasted. Claus is an old acquaintance of mine, and I can definitely vouch for the “wild card” part of his chosen title. We’ve rarely seen eye to eye, and at times it has led to clashes, which were from my perspective more a matter of personality than objective. It’s hard to refute the benefit of having Claus in our community. He is, for better and worse, a trailblazer and a force to be reckoned with.

So, what’s the problem

Sadly, as DLS has grown and the company is trying to be profitable that “come hell or high water” attitude has repeatedly caused problems for DLS. It’s easy to see how this particular aspect of Claus’ personality permeates his company.

There was a time when the laissez-faire attitude of associations were easier to deal with because everyone was a volunteer and just doing the best they could with what was available. To me it feels like as if DLS is often trying to play itself down as “just another association”, while still being a for-profit company.

It feels to me that DLS hasn’t quite realized that there’s a different level of expectation when you’re a for profit company selling a product. Sure, they may say it’s co-creation, and that’s likely true, but that’s also really easy to sell with a customerbase as intensely passionate as the average larper.

No one is perfect, and growing a company naturally means you will fuck up from time to time. It is, however, how you manage those fuckups that will define your long term success. And it is managing it’s fuckups that it seems to me that DLS stumbles again and again.

• Rather than respond to criticism by listening and integrating, they try to silence critics. By going so far as using a business relationship to silence a critic by contacting their employer. Or by saying that critics have hurt their employees feelings (welcome to the big leagues; this is how customers react).
• Fucking up rights management. Which is an admittedly difficult arena when you have so many passionate volunteers who will spend so much of their spare time to make sure their experience at your event is the best experience it can possibly be. But that just makes it so much more important that you get it right every single time.
• And worst of all; repeatedly working with and hiring abusers and then turning a blind eye when made aware of the situation. This feels particularly grating as Claus has repeatedly positioned himself as a proactive feminist in the larping community, so seeing this kind of behaviour from his company ends making all his good works smack of manipulation and hollow talk (which I know it isn’t, but goddammit if it doesn’t feel like it).

It seems like the guiding principle at DLS is not unlike Facebooks; “move fast and break stuff”. The problem is of course that DLS has far less social capital than Facebook, and each time they break stuff they also erode the community’s confidence in them.

Most of the time I don’t respond or react at all to these kinds of things, but DLS is swiftly becoming the face of larp in a commercial sense, and I am so tired of seeing them drop the ball. Am I being unfair or too harsh? Maybe, though I don’t think so. All of my frustration is founded in wanting these lovable morons to succeed.  

DLS would do well to figure out what their position is on social issues, because right now it certainly feels like they’re picking and choosing when it is convenient to respect and protect those who love and attend their events. Maybe then it’ll be easier to root for them again?

We started laughing about the Chinese gentleman who thought we were waving at him when we were yelling at him to take a step backward, so a young mother could get into her seat next to her child.
We never stopped laughing for the two and a half hour flight. You found it especially funny that I got elbowed in the eye by the flight attendant during the safety demonstration, though you admitted to feeling bad for laughing at my misfortune.
You had been visiting Malta for Easter break with your friend, and was sad to be leaving. I jokingly invited you and your friend to come visit. You accepted (your friend roller her eyes at this).

I don’t know if it was fear or stress at missing my connecting flight, but I never got around to giving you my email address. If you’re out there, I’d like to buy you a cup of coffee sometime.

I was looking into setting up my own incoming webhook server, because webhooks are super cool and useful for a variety of things. 
And also because I am a giant nerd and wanted to play around with some stuff. 

Now, there are very few ready made components for this out there, so I had to do a bit of digging and I've ended up with the configuration I'm documenting here for posterity. 

My setup is running on a VM on my local network, and I've routed an obscure port to it, so I can receive webhook requests from anywhere on the internet. 
The setup is as follows:

• a VM running Ubuntu 16.04.3
  
• Adnan Hajdarević's awesome Webhook server written in Go.

Setting up Go

Go is not in Ubuntus repos yet (should be in 17.04, but that does not have LTS support). So I followed these excellent instructions. 

Running the program as a service

First I install the webhook server. 

go get github.com/adnanh/webhook

This has no real value if I have to log in to the server and manually start it after each reboot, so with a little help from Caius I managed to set it up as a service, so the webhook runs on each boot. 

[Unit]
Description=Webhook service
ConditionPathExists=/home/[username]/work/bin/webhook
After=network.target

[Service]
Type=simple
User=[username]
Group=[username]
LimitNOFILE=1024

Restart=on-failure
RestartSec=10
startLimitIntervalSec=60

WorkingDirectory=/var/webhook
ExecStart=/home/[username]/work/bin/webhook -hooks /var/webhook/config/hooks.json -verbose

# make sure log directory exists and owned by syslog
PermissionsStartOnly=true
ExecStartPre=/bin/mkdir -p /var/log/echoservice
ExecStartPre=/bin/chown syslog:adm /var/log/echoservice
ExecStartPre=/bin/chmod 755 /var/log/echoservice
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=webhookd

[Install]
WantedBy=multi-user.target

The program loads a config file called hooks.json, that I've placed in /var/webhook/config, and it's a basic file that lists the names of the hooks available, what script that hook should activate and what the working directory for that command is.

[
  {
    "id": "redeploy-webhook",
    "execute-command": "/var/scripts/redeploy.sh",
    "command-working-directory": "/var/webhook"
  }
]

Now I can define what hooks I want, and whatever scripts I need to have executed. Examples of this could be having my Hue lights flash if one of my servers crash, or privately scrobbling my Plex views, to name but a few things I can do with this little box.