Packetizer Logo
 

Paul E. Jones' Blog

AES Crypt Version 4 Released

September 6, 2024

I have been busy working on the latest version of AES Crypt, one of the most popular file encryption tools on the Internet with well over a million downloads. That works on the latest release is now complete.

AES Crypt 4 is the fourth major version of the popular encryption software. AES Crypt 4 is available as a GUI and command-line application for Windows, Linux, and Mac, with both binaries and source code published.

Key Updates:

  • Enhanced Security: The key derivation function now uses FIPS-recommended PBKDF2 using HMAC-SHA-512 with 300,000 iterations, configurable via the command-line tool. We’ve also switched to PKCS#7 padding.
  • Performance Boost: Intel Intrinsics functions improve performance by approximately 30% on Intel processors.
  • Apple Silicon Support: The Mac version is now compiled for Apple Silicon.
  • Safety Measures: Mac and Linux versions now refuse to overwrite existing files, aligning with the Windows version.
  • Command-Line Enhancements: More options, integrated key generation, and a progress meter for long files.
  • Code Overhaul: Rewritten in C++20 with daily unit tests and improved integration tests for enhanced code safety.
  • Backward Compatibility: AES Crypt 4 remains fully compatible with all previous versions, ensuring access to encrypted files created by older versions.

All packages are available at https://www.aescrypt.com.

Permalink: AES Crypt Version 4 Released

Webex for Apple Vision Pro

February 6, 2024

I previously wrote a blog post about Webex Hologram, which uses any one of several 3D headsets to allow one to participate in holographic videoconferences. While that was really awesome, Cisco just released a video for Webex using the Apple Vision Pro. This is a very practical step toward both allowing one to utilize a 3D headset with existing videoconferencing, while also serving as a precursor to a full-blown holographic video experience.

Permalink: Webex for Apple Vision Pro

Variable Length Integer Encoding

August 29, 2023

In recent years, I’ve seen several methods for variable-length encoding of integers for transmission over a network. The most recent one I encountered was defined in section 16 of the QUIC protocol specification. In that document, 64-bit integers are encoded as 1, 2, 4, or 8 octets based on the value of the integer. Another format is specified in Appendix B of the CBOR specification, which specifies how to encode any one of the typical integer sizes commonly used on modern computers today. Using a rigid encoding like these offers a means of quickly serializing data, but at a cost of increasing the number of octets required. In the case of CBOR, it perhaps isn’t accurate to refer to it as a variable-length encoding, but rather an encoding for each possible signed and unsigned integer type. However, the effect is more-or-less similar, though larger integers are encoded with less space efficiency.

When considering space-efficiency, another encoding approach is to encode integers so that the most-significant bit (MSb) of each serialized octet indicates whether this is the final octet or whether there is another octet to consume. The following illustrates that idea:

Source Code

10000011 11111111 01111111
^        ^        ^--- 0 == final octet

Here, if a 1 is present as the MSb, it means the next octet is a part of the integer. If the MSb is a 0, it indicates this octet is the last octet in the serialized sequence of octets. Following this method, a value between 0 and 127 can be serialized into a single octet, while incrementally larger integers consume additional octets. This method can be used for both unsigned and signed integers, where the signed integers are stored in twos-complement format.

Serializing and deserializing data can be efficient. Below, I present functions that will perform those operations on a buffer given an unsigned or signed 64-bit integer. This code uses C++ constexpr functions, though these could easily be transformed into C macros if one prefers those.

Source Code

// Space-efficient encoding of variable length integers
// Copyright (C) 2023
// Paul E. Jones <paulej@packetizer.com>

#include <cstdint>
#include <cstddef>
#include <span>

// Find the most significant bit position for unsigned integers
constexpr std::size_t FindMSb(std::uint64_t v)
{
    std::size_t p = 0;

    if (v >= std::uint64_t(1) << 32) p += 32, v >>= 32;
    if (v >= std::uint64_t(1) << 16) p += 16, v >>= 16;
    if (v >= std::uint64_t(1) <<  8) p +=  8, v >>=  8;
    if (v >= std::uint64_t(1) <<  4) p +=  4, v >>=  4;
    if (v >= std::uint64_t(1) <<  2) p +=  2, v >>=  2;
    if (v >= std::uint64_t(1) <<  1) p +=  1, v >>=  1;

    return p;
}

// Find the most significant bit position for signed integers
constexpr std::size_t FindMSb(std::int64_t v)
{
    return ((v >= 0) ? FindMSb(static_cast<std::uint64_t>(v)) :
                       FindMSb(static_cast<std::uint64_t>(~v)));
}

// Return number of octets required to encode given std::uint64_t value
constexpr std::size_t VarUintSize(std::uint64_t value)
{
    return FindMSb(value) / 7 + 1;
}

// Return number of octets required to encode given std::int64_t value
constexpr std::size_t VarIntSize(std::int64_t value)
{
    return (FindMSb(value) + 1) / 7 + 1;
}

// Serialize the unsigned integer into the given buffer, returning 0 if the
// buffer is too short to hold the serialized integer
std::size_t Serialize(std::span<std::uint8_t> buffer, std::uint64_t value)
{
    // Determine space requirements for the variable-width integer
    const std::size_t octets_required = VarUintSize(value);

    // Ensure the buffer is of sufficient length
    if (buffer.size() < octets_required) return 0;

    // Write octets from right to left (reverse order)
    for (std::size_t i = octets_required; i > 0; i--)
    {
        // Get the group of 7 bits
        std::uint8_t octet = value & 0x7f;

        // Shift the data bits vector by 7 bits
        value >>= 7;

        // If this is not the last octet, set the MSb to 1
        if (i != octets_required) octet |= 0x80;

        // Write the value into the buffer
        buffer[i - 1] = octet;
    }

    return octets_required;
}

// Deserialize the unsigned integer from the given buffer, returning number of
// octets deserialized or zero if there was an error
std::size_t Deserialize(const std::span<std::uint8_t> buffer,
                        std::uint64_t &value)
{
    std::uint8_t octet{0x80};
    std::size_t total_octets{0};

    // Initialize the integer value
    value = 0;

    // Read octets until we find the last one having a 0 MSb
    while (octet & 0x80)
    {
        // A 64-bits value should never require more than 10 octets
        if (++total_octets == 11) return 0;

        // Ensure we do not read beyond the buffer
        if (total_octets > buffer.size()) return 0;

        // Get the target octet
        octet = buffer[total_octets - 1];

        // Add these bits to the returned value
        value = (value << 7) | (octet & 0x7f);
    }

    // If the total length is 10 octets, initial octet must be 0x81
    if ((total_octets == 10) && (buffer[0] != 0x81)) return 0;

    return total_octets;
}

// Serialize the signed integer into the given buffer, returning 0 if the
// buffer is too short to hold the serialized integer
std::size_t Serialize(std::span<std::uint8_t> buffer, std::int64_t value)
{
    // Determine space requirements for the variable-width integer
    std::size_t octets_required = VarIntSize(value);

    // Ensure there is sufficient space in the buffer
    if (octets_required > buffer.size()) return 0;

    // Write octets from right to left (reverse order)
    for (std::size_t i = octets_required; i > 0; i--)
    {
        // Get the group of 7 bits
        std::uint8_t octet = value & 0x7f;

        // Shift the data bits vector by 7 bits
        value >>= 7;

        // If this is not the last octet, set the MSb to 1
        if (i != octets_required) octet |= 0x80;

        // Write the value into the buffer
        buffer[i - 1] = octet;
    }

    return octets_required;
}

// Deserialize the signed integer from the given buffer, returning number of
// octets deserialized or zero if there was an error
std::size_t Deserialize(const std::span<std::uint8_t> buffer,
                        std::int64_t &value)
{
    std::uint8_t octet{0x80};
    std::size_t total_octets{0};

    // Ensure we do not read beyond the buffer
    if (buffer.empty()) return 0;

    // Determine the sign of the number by inspecting the leading sign bit
    value = (buffer[0] & 0x40) ? -1 : 0;

    // Read octets until we find the last one having a 0 MSb
    while (octet & 0x80)
    {
        // A 64-bits value should never require more than 10 octets
        if (++total_octets == 11) return 0;

        // Ensure we do not read beyond the buffer
        if ((total_octets) > buffer.size()) return 0;

        // Get the target octet
        octet = buffer[total_octets - 1];

        // Add these bits to the returned value
        value = (value << 7) | (octet & 0x7f);
    }

    // If the total length is 10 octets, ensure the initial octet is one
    // of the only two valid values
    if ((total_octets == 10) && (buffer[0] != 0x80) && (buffer[0] != 0xff))
    {
        return 0;
    }

    return total_octets;
}

Permalink: Variable Length Integer Encoding

Revolutionizing Collaborative Communications using Distributed Applications

October 1, 2022

Having recently finished work on a project involving holographic videoconferencing (which was totally awesome, by the way), my mind now drifts back to one of the things that is near and dear to my heart: the concept of distributed applications in the space of collaborative multimedia communications.

Those who know me know that I was championing this concept for several years just as the 2008 financial crisis took a grip on the world. Before that global recession, there was substantial momentum and interest. It’s a non-obvious concept, often confused and conflated with the concept of “disaggregated media.” It usually took me explaining the concept to hardware vendors, like TV and device makers, for them to understand it. However, the reaction was always positive once the lightbulb went off in their heads.

I’m back to thinking about it again. I put together a new presentation on the subject of “Revolutionizing Collaboration Technology using Distributed Applications.” It is hard for me to not think about this concept because the concept is powerful and has the potential to truly revolutionize the way we communicate. It opens the door for innovation unlike anything we have seen to date in this space.

As I take inventory of the current collaborate communications landscape, I see an unfortunate trends in the industry, including more isolation, disregard for standards or interoperability, and more centralized control. I am convinced that a more open collaborative communications platform can be created that not only creates more value for users but can simultaneously create more customer loyalty and profit growth. I have heard many users express a yearning for more interoperability, and it is frustrating to them (and me, quite frankly) that it isn’t just seamlessly possible to jump on a video call with anyone in his or her address book because different people use different vendors.

Building a distributed application platform is not trivial. I have been studying this for a long time. I understand the challenges and there are plenty. At the same time, if done properly it opens the door for substantially more user adoption and collaboration among people. This is especially true for those who need to communicate with industry partners, vendors, etc.

Perhaps most neglected of all in all of the existing collaborative communications offerings is the consumer space. I understand why. And while there are many non-interoperable solutions from which to choose, the abundance of non-interoperable options is one of the biggest problems. I, and I think most users, would prefer to select a preferred communication application provider and, from that application, be able to collaborate with anyone.

This is achievable.

Permalink: Revolutionizing Collaborative Communications using Distributed Applications

Pointers Are Not Dangerous

July 21, 2022

Some programmers say pointers are dangerous. I think pointers are fine; bad programmers are dangerous.

Permalink: Pointers Are Not Dangerous

What is the Metaverse?

February 11, 2022

I have been asked several times “What is the metaverse?”

The short answer is that it’s a flailing company’s effort to remain relevant as their user base and core business erodes.

Seriously, that’s it.

Young people do not care about Facebook anymore, and older adults are getting bored with it, too. This is reflected in decline in number of daily active users.

Teens and young adults are more interested in newer platforms like TikTok and Snapchat.

I appreciate that my definition of metaverse is entirely non-technical, but it’s important to put things into perspective. There is and will be a lot of hype around metaverse, with Facebook jockeying to put itself at the front of the pack. it’s unlikely to unfold that way, though.

The metaverse concept is substantially equated with virtual reality or augmented reality. To that end, Facebook has a good foot in the door with the acquisition of Oculus. There is no doubt that virtual and augmented reality will become a bigger part of our lives. However, merely creating a piece of hardware is not going to make one the dominant player in the VR/AR market. Facebook understand that, which is why they’re trying to position themselves as the platform for this technology. This platform being the metaverse.

The challenge that Facebook has is that VR/AR will be most successful in entertainment (especially gaming) and business, neither of which Facebook has any significant presence. By far, the largest business opportunity for VR/AR will be gaming, which will be dominated by Microsoft and Sony. Apple could be strong contender, too, if it produces a long-rumored headset. Likewise, Google could be a player in this space and has dipped its toes in the water a bit. Importantly, though, the company that will dominate in this space will be one with a large platform. Microsoft, Sony, Apple, and Google have viable platforms. Facebook does not and likely will not. Facebook phone, anyone? They are too far behind.

Permalink: What is the Metaverse?

Holographic Videoconferencing

October 26, 2021

While I've not been so engaged in public activities recently, I've nonetheless still been very busy working on some very cool videoconferencing technology.

Over the past few years, two things I've been involved with are end-to-end media encryption in conferencing and holographic video conferencing. The former was predictable since I had worked in the public on some standards related to that (like RFC 8871). The latter has been kept pretty quiet.

Today, Cisco announced that new product I've been working on. It is called Webex Hologram. Webex Hologram utilizes an array of cameras to create a three-dimensional image that gives you the impression of being there with the person with whom you're communicating. You can move left or right and observe the parallax enabled by using a plurality of cameras.

To get a sense of what Webex Hologram will enable, see this video.

In addition to video, the system enables one to interact with content. The content interaction is pretty cool, but what truly makes Webex Hologram stand out from other holographic solutions is the fact that there is real video, not just bobbing cartoon heads.

It has been a very fun project that offers a revolutionary user experience. It is not over, but I'm pleased to see the project reach this significant milestone.

Links:

Permalink: Holographic Videoconferencing

LinkedIn Using Demographics to Artificially Promote Users

October 22, 2021

I logged into LinkedIn and was greeted with this. They want to “improve equal access and opportunity” by asking me demographic questions. There is only one possible way to use such demographic data: to modify algorithms to artificially promote some people and demote others based on demographics. There is nothing “equal” about that kind of behavior.

I am a firm believer in promotion based on merit. Anything other than merit-based promotion is demoralizing, degrading, and unfair those who are intelligent and who have worked hard to achieve accomplishments.

Permalink: LinkedIn Using Demographics to Artificially Promote Users

Crumbling Discourse in Society

October 6, 2021

Our society seems to be going off the rails. I am not sure where the problem is rooted, but people have become more and more intolerant of views expressed by others in recent years to the point that I think it is harmful. I have seen friends become enemies. I have seen people rebuked for merely having a different opinion on a topic. Any day of the week, you can visit Twitter and see some of the nastiest, hateful exchanges between people. Twitter isn’t alone, of course. The same thing exists on Facebook. And it is because of the hateful exchanges I’ve seen that I do not have account on either platform any longer.

Before I closed those accounts, though, I had many animated discussions with people on different topics. Some people participating in the conversation agreed with my opinions and some did not. Personally, I appreciate the fact that others have a different opinion than my own, since hearing their views helps me to expand my thinking about whatever issue is being discussed. However, there were some people who had absolutely to tolerance for any view except their own. And it was sad, too, because most of those people who were so bigoted in their thinking called themselves “liberals”. Liberals, they were not.

In 2021, it is clear that the free exchange of ideas is still being oppressed by these types of bigots. One of the platforms I was using was “Nextdoor”. For those unfamiliar with Nextdoor, they are a community-oriented site where people have discussions about things happening in their town or the neighborhood. I had not visited the site for a few days, but tonight when I went to log in I was greeted with this notice.

I was being falsely accused of violating community guidelines, specifically in sharing “misinformation.” I had not been involved in any heated exchanges with people, but I was involved in discussions related to vaccinating children. There are some in my neighborhood who want to require all kids to get the new COVID-19 vaccine. I believe we should not force it on them until we know more about the effects. Is my opinion “misinformation”?

It might due to the references I used to support my position. On the CDC’s web site, they show that children are not nearly as affected by COVID-19 as older adults. In fact, as of today they show the total number of deaths of children aged 0 to 17 at 499 people, whereas the same page shows that the number of children who have died from pneumonia is 1010. We also know, generally, who in that age group is most at risk, as the CDC has published that information, too. The research is pretty clear about it.

And my concern about vaccinating children is a concern shared by the Joint Committee on Vaccination and Immunisation in the UK. They wrote:

For persons aged <18 years old who do not have underlying health conditions that put them at higher risk of severe COVID-19, there is more uncertainty in the precision of the harm-benefit balance when considering the impacts on children and young people themselves.

My concern is also shared by Pfizer, too. In a document published October 2021, they wrote the following:

The number of participants in the current clinical development program is too small to detect any potential risks of myocarditis associated with vaccination. Long-term safety of COVID-19 vaccine in participants 5 to <12 years of age will be studied in 5 post-authorization safety studies, including a 5-year follow-up study to evaluate long term sequelae of post-vaccination myocarditis/pericarditis.

In short, they need five years to determine whether it is safe for children.

My expression of caution is clearly shared by medical experts. Even so, the bigots who police Nextdoor falsely claimed that my opinion, with data points taken from the CDC and linked directly, is “misinformation”.

Well, this is one more social media platform I will not be using. It’s sad that our society is so full of intolerant, bigoted individuals. What’s worse, though, is that they lie. I did not publish “misinformation”. Apparently, though, I published information with which they did not agree.

How can we function as a society when conversions are shut down by intolerant, bigoted individuals like those at Nextdoor?

More importantly, how many deaths like this, this, this, this, this, and this will there be among children due to vaccines the government claims are “safe”? Perhaps we will know once research is conducted on what is actually causing the adverse side-effects.

UPDATE 9/2022: A year later, the CDC is now sharing even more information about how to deal with the health issues that we observed in 2021. Nextdoor still says I shared misinformation. I did not. Not only did they suppress information I provided from the CDC, but they also lied about me and still lie about me.

UPDATE 10/2022: It has now been made public that Pfizer did not test to see if the vaccine stopped transmission.

Permalink: Crumbling Discourse in Society