How to keep your bitcoins safe.

In February of 2014, a company by the name of Mt. Gox, at the time the largest bitcoin exchange in the world, halted all bitcoin withdrawals. Soon after, they revealed that almost 850,000 bitcoins were lost and suspected stolen, and a collective groan was heard by geeks all across the world. At the time, the value of all that coinage was roughly $473 million. As of writing, the value would be about $14 billion. Similar “oopsies” and thefts have happened over the years at various exchanges including Bitstamp, Bitfinex, Poloniex, and BTC-e.

People lost their money, and more people will continue to lose their money because people are stupid. The goal of this post is to mitigate some of that stupidity by teaching you some of the most basic ways to safeguard your cryptocurrency (crypto).

But first: What?

Unless you’ve been living under a rock that has itself been living under a rock, you’ve heard all about cryptos, more specifically: Bitcoin. Bitcoin is the 2016 Kevin Spacey of digital currencies: well-known, popular, and will go down in flames in a year. That last one is just wild speculation, of course, but that’s the nature of cryptos these days. There are lots of others including Ethereum, Litecoin, Ripple, etc. They all rely on blockchain technology to function. I won’t bore you with an explanation of what blockchain is, instead I’ll suggest you watch a two-minute basic explanation of it.

Now that you understand it a little bit, let’s say you bought some crypto on Coinbase, which seems to be the most popular source for newcomers these days. It’ll show you your “wallet” and the total number of crypto you have. OK, that’s cool, but have you wondered where that crypto actually is? Is it on your phone? On Coinbase’s servers? On whatever the hell the cloud is?

The answer is: it’s on a bunch of strangers’ computers. Like you learned in the video that you’re supposed to have watched (and if you haven’t, then watch the goddamn video), Coinbase doesn’t store your crypto. It exists on the blockchain, and the blockchain is distributed and decentralized on computers all over the world. The “wallet” that Coinbase provides for you is simply a set of public and private keys you use to read from, and write on, the blockchain.

Second: WHAT?!

A simplified explanation of how a transaction occurs with most crypto is as follows:

  • I want to send you 1 bitcoin for 1 lb of cocaine. I don’t know what the street value of cocaine is and which one of us is being ripped off, but stay with me.
  • You use your wallet to generate a new address, which will look something like 3J98t1WpEZ73CNmQviecrnyiWrnqRhWNLy. That is your address (public key). The transaction, which is comprised of other data including the amount sent, sender, and recipient, gets signed with my private key.
  • Math happens on a bunch of computers racing to solve the problem needed to include the transaction in the blockchain.

Your private key is essential to the whole puzzle, because without it, you can’t sign transactions you make as a sender, or unlock transactions as a recipient. To get into your bank vault (wallet) you need the safe combination (private key).

When you use Coinbase as a wallet, they hold your private keys, not you.

Let that sink in. If you don’t own your private keys, you don’t own your crypto. The holder of your key is the only one who can spend that money. Back to the bank vault analogy, imagine you stored your money in a bank safe, but the only person with the combination is some dude named Jimmy. Jimmy can just go in your safe and take all your money. “Nah, Jimmy is chill, he would never do that,” you say. Perhaps he wouldn’t. But what if Braden threatened Jimmy’s family? That’s the kind of thing a dude named Braden would do.

When exchanges get hacked, Braden takes everybody’s keys.

Regardless of the type of crypto you’re interested in, you’re going to have to keep it safe. Moving your money out of an exchange is the first step you need to take.

Get your own wallet.

There are different types of wallets, and they offer different degrees of security. Let’s go over some of them, and you can choose which one is right for you.

Paper Wallet

A paper wallet is a simple print-out of your public key (wallet address) and private key. They’re encoded with a QR code for simple scanning and copying of the address. The idea is you generate it on a site like https://liteaddress.org/ (for Litecoin) and print it out from a non-networked printer using a computer you’re certain is free of any malware. Since both the public and private key are visible, you’re going to want to obfuscate the private key by folding it nicely so it’s not easily visible.

For Bitcoin: BitAddress

For Ethereum: MyEtherWallet

For Litecoin: LiteAddress

Pros: Very simple to get started. Nothing to buy, and if you’re savvy and download the source code for the wallet generator site (linked in the footer of each site) you can generate a paper wallet on a clean, air-gapped (offline) computer, print it on a non-networked basic printer, and it’ll basically ensure it’s hack-proof.

Cons: Somebody can just take your sheet of paper from you or snap a quick photo of the private key when you’re not paying attention. Or you can lose it easily. At that point, your money is gone forever.

Software Wallet

A software wallet is an application that will store your keys for you. Usually they have you write down a set of seed words or passphrase that you need to write down on paper and keep very, very safe. That is your method of recovery should you lose your wallet for any reason (corrupted hard drive, stolen device, etc.) On your computer, popular ones include Exodus, Electrum, and Jaxx. On your phone, Jaxx, BreadWallet for Bitcoin, and LoafWallet for Litecoin.

Pros: Also simple to get started, and offers good security provided you have no malware on your device. Simple to restore if your device is lost/damaged provided you still have the seed words.

Cons: Hackable. If you have a virus on your computer, there’s a decent chance it’ll scan your computer for your private key, in which case it’s game over. Then again, this sort of danger is present against your bank account info as well if you’ve ever done online banking.

Hardware Wallet

The most secure of the bunch, hardware wallets are specialized devices that resemble a USB stick and plug into the aforementioned port. If you got a genuine, sealed device direct from the manufacturer, you can be pretty certain it won’t be hacked and the only way you can lose your money is through your own stupidity. Someone would have to steal the wallet AND your passphrase to gain access to your funds. At that point, Braden would have to threaten your family. Trezor and Ledger are the two big players in the hardware game.

 

Pros: The most secure wallets around. Your keys can’t get any safer since they’re never, ever exposed to anything outside of the little device.

Cons: They’re going to cost you. You’re looking at around $68 for the cheapest Ledger and $105 for the Trezo offering. If you’re holding an amount of money you’d cry over, consider it a worthwhile investment.

Sending your crypto.

Since most newbies are getting started with Coinbase, I’ll use that as a reference point, but the general idea is the same from any exchange.

From Coinbase, you’ll want to send it to your wallet address. There’s a small network fee (pocket change under a buck), but you can avoid that by signing up with GDAX which is owned by Coinbase and transferring it from Coinbase to your GDAX wallet. It incurs no fee, and you can also withdraw from GDAX into any supported wallet (currently Bitcoin, Litecoin, and Ethereum) for free as well. Coinbase basically eats the network cost through GDAX, which is great.

That’s really all there is to it. Buy your crypto at an exchange, and once the transaction clears, move it out to your personal wallet. If you want to trade it on an exchange, simply move it back and make your trade.

Giving Jimmy control of your money is never in your best interest, because nobody cares about your money more than you do.

Capistrano & delayed_job With Rails 4

If you’ve tried deploying your Rails 4 app using Capistrano, and you happen to also be using the delayed_job gem, you may have encountered a problem.

bash: script/delayed_job: No such file or directory

The solution is actually quite simple. Rails 4 uses the bin directory in place of the script directory, so add this to your deploy.rb file:

set :delayed_job_command, "bin/delayed_job"

Done.

Ruby? For games? I’ll hang you for that shit. PART 1

Ruby is an amazing language. It is, without a doubt, my favorite scripting language. The first time I heard about it was back in late 2006. I dove right in, and I haven’t looked back. I’ve built myself a pretty decent career on Ruby, and I couldn’t be happier about that.

And now I decided I wanted to fuck around and make games for fun, and later, for profit. Like a true goddamn American.

Ruby isn’t designed for that. Its bread and butter is the command line, and thanks to DHH, the web. There are gems around that’ll help you out, like rubygame, gosu, and releasy. None of those are ideal. I would strongly recommend against wasting your time building games with Ruby. If you want to create a desktop game, learn C++, Java, or Objective-C (and Cocoa) and start playing in hard mode. If browser games are your thing, look into Javascript with HTML5, it’s seriously sexy stuff these days. Creating a game in Ruby is stupid.

With that said, I’m going to show you how to build a game in Ruby.

Let’s build a hangman game!

Alright, enthusiastic me, let’s do it! We’re not going to use any of those gems I pointed out earlier. We’re going old-school with this one and we’re just going to build a command line hangman game.

Let’s start off by outlining the rules of the game as algorithmic as possible:

  1. User is given a phrase to decipher. The phrase is obfuscated by replacing each letter with an underscore.
  2. User guesses, one at a time, a letter believed to match an obfuscated letter in the phrase. The user is allowed 6 incorrect guesses before they lose.
  3. If the user’s guess is correct, replace every instance of the obfuscated letter on the board with the guessed letter. If the guess is incorrect, add the letter to the “used letters” pile and mark off an attempt.
  4. The game ends when all obfuscated letters are guessed, or when the user gets 6 incorrect guesses.

That’s the gist of the game. If you’ve never played hangman, you’re probably from the Third World, and that’s OK. Also, we’re going to go ahead and keep this traditional by drawing a dude getting hanged. We’re not going to pussyfoot around it like teachers do nowadays by drawing an apple tree with some apples and removing one upon each incorrect guess. No, we’re going to murder an ASCII character, so make sure you’re OK with this before continuing.

Getting our assets in order

A lot of people play hangman with a simple word list. I’ve decided to use movie titles, because yes. I went over to IMDB and copied their top 250 movies list, then dumped it in a file which you can find here. I’m aware there are only 246 movies on that list, and I don’t know what happened either. I may have just gotten rid of movies I didn’t like, or maybe it was movies with numbers in them? Whatever, it doesn’t matter, we’ve got 246 movies to work with.

If you don’t want to use movies, use whatever you want. Just make sure each word/phrase is on its own line, and I recommend against numbers since all of that will be stripped out later anyway.

It’s all about phrasing

Ruby is an object-oriented language. If you don’t know what that means, I have no idea why you’re reading this tutorial to begin with. The first thing we should do is set up a Phrase class to manage the phrase the player needs to guess. We’ll initialize it and select a phrase right off the bat.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
class Phrase
  def initialize
    @letters = []
    selection.each {|l| @letters << l.gsub(/[^a-zA-Z ]/, "")}
  end
 
  def selection
    seed = phrases.length # Get the number of phrases
    # And use that for a random index
    phrases[rand(seed)].split("").map {|x| x.upcase}
  end
 
  def phrases
    lines = []
    file = File.open('phrases.dat', 'r').each {|line| lines << line.chomp }
    file.close
    return lines
  end
end

Let’s go over this.

The selection method simply counts the number of lines in the file (remember, each line is its own word/phrase), creates an array of phrases (lines), transforms them all to uppercase, and selects a random phrase.

The phrases method supplies all of the phrases in the file to the selection method. Could those two methods be condensed into one? Absolutely, but I’m trying to tutorialize you, damn it.

@letters is an array where each letter in the phrase is an element in the array, with everything that isn’t a letter or a space stripped out. If our word were “Sprinkletits!!1”, our array would look like this:

puts @letters # => ["S", "p", "r", "i", "n", "k", "l", "e", "t", "i", "t", "s"]

If you instantiate that class and run your script, you should see something like:

class Phrase
# ... all that code up there
end
 
phrase = Phrase.new
puts phrase.letters # => undefined method `letters' for #<Phrase:0x100169580> (NoMethodError)

Oh. Right. We forgot to define a method for letters.

def letters
  @letters
end
 
# Let's prettyprint the phrase
def show
  @letters.to_s
end

Add that to your class, run the script again, and you should see:

class Phrase
# ... all that code up there
end
 
phrase = Phrase.new
puts phrase.letters # => ["A", "L", "I", "E", "N"]

phrase.show will simply show “ALIEN”. Now we’re getting somewhere.

But I’m tired of writing for today, so I’ll stop right here and continue this another day. I know, it’s a pretty anti-climactic ending.

Mixing Multiple Audio Files With SoX

SoX, the “Swiss Army knife of sound processing”, is awesome. I’ve been using it a lot lately for a project I’m working on, and I encountered a situation not quite covered in their documentation.

I wanted to mix multiple audio files together to create a new file. Let’s say I have a file with a really cool beat and I wanted to completely ruin it by adding another file with Nicki Minaj rapping.

sox -m sick-beat.wav awful-lyrics.wav output.wav

Very straightforward. Now I have a beat with the sounds of a pregnant wildebeest being tortured in a child’s night terror. But what if I wanted to start the track with her shit lyrics a few seconds after the first track begins? SoX provides the pad effect which takes two parameters: one for before the file plays, and another for after (in seconds). Awesome!

sox -m sick-beat.wav awful-lyrics.wav pad 3 0 output.wav

That should delay her retarded-ass rhymes from starting for 3 seconds, right? Well, no. Instead, it shifts BOTH files. One solution is to pad her rape lyrics first, then apply that intermediary file against the other:

sox awful-lyrics.wav offset-awful-lyrics.wav pad 3 0
sox -m sick-beat.wav offset-awful-lyrics.wav output.wav

That does exactly what we want. But what if you wanted to add the stylings of a more competent rapper to drown out her wailing? You’d have to add yet another line, creating yet another file, before then mixing them. It doesn’t seem too bad for two files (though still wasteful), but it gets more cumbersome as it scales. Granted, it’s a linear growth, but it’s still wasteful since you’ll probably want to be deleting the intermediary files once you’re done. There’s a smarter way to do it!

sox good-rapper.wav -p pad 3 0 | sox - -m awful-lyrics.wav -p pad 3 0 | sox - -m sick-beat.wav combined.wav

SoX provides the useful -p option that treats your command as an input pipe to another SoX command. In this case, the beat starts at 0:00, Nicki ruins it at 0:03, and finally a competent artist like Nas or Mos Def comes in at 0:06 and makes things listenable.

You can also check out avconv and ffmpeg.

Twitter-like Character Count Plugin Written in jQuery

See it in action right away if you don’t feel like reading.

I wanted to pop my plugin cherry, but I wasn’t sure what to put together. A wise man once said, “If you don’t know what to build, just build something you need for yourself.” That wise man’s name? Albert Einstein. Just kidding. It was me. I said that.

I’m currently working on a web app that requires limiting text fields to a certain number of characters, because lowering the quality of discourse to a level of syntactically-fucked brevity is all the rage these days. So rather than just implement it onto my app, I decided to turn it into a plugin. Because, you know, not enough jQuery plugins exist.

Grab the plugin on Github

Usage

Simple.

$("#textbox").lilCharacterCount();

Or, with options.

$("#textbox").lilCharacterCount({
  limit: 140,
  warning: 100,
  allowExceed: true,
  counterClass: "character-count",
  defaultClass: "bg-info",
  warningClass: "bg-warning",
  dangerClass: "bg-danger",
  submitButton: ""
});

Features

  • Count down from character limit to 0
  • Block further text past limit, or allow text past limit and display negative count (like Twitter)
  • Warn user when getting close to limit (again, like Twitter)
  • Disable submit button when exceeding limit
  • Uses Bootstrap classes by default, but can be changed via options

Options

limit
Number. Sets the character limit for the text box. Default: 140
warning
Number. Toggles the warning class on the counter when this character count is reached. When set to 0, it is disabled. Default: 100
allowExceed
Boolean. Determines whether or not typing is allowed past the limit. Default: true
submitButton
String. ID of submit button that, if supplied, will be disabled if limit is exceeded. Default: blank
counterClass
String. Class for the counter. Default: character-count
defaultClass
String. Class applied to counter when the character warning or limit values haven’t been exceeded. Default: bg-info
warningClass
String. Class applied to counter when the character warning values have been exceeded. Default: bg-warning
dangerClass
String. Class applied to counter when the character limit value has been exceeded. Default: bg-danger