Category Archives: Rant

GPG Signatures on Press Releases & Verifiable Anonymous Factions

Found the below on (here’s a reddit). As a proponent of public key cryptography, I whole-heartedly agree. If the groups used cryptographically secure signatures on their publications, anonymous would no longer be at risk of having members jump to fight in fabricated battles. This would do away with the potential for the Anonymous Hoax that seems so easy to create at the moment.

Hash: SHA1

Hello Anonymous,

Every time the core group puts out a press release or replaces website content with a message to the owners, it does so in the form of an image. I’ve been musing on the idea that internally these images must have a deeper purpose than simply acting as a style standard–maybe they have some steganographic messages hidden in the pixels to communicate within the inner circle. Maybe somewhere embedded is a forgery-proof watermark or a signature (beyond the famed logo)… but I haven’t found anything (not that I’ve looked too terribly closely) and I’m starting to wonder if it’s because nothing is there.

It’s obvious at this stage that there is a ‘usual’ press release team, no matter the ethereal, leaderless form in which anonymous supposedly exists–and I doubt it’s the only group acting as a team within anonymous. So here’s my suggestion:

Individual groups within Anonymous adopt a standard for communication that involves setting up a GPG encryption key ( for the faction and then using that key to sign whatever image/message are published by that faction. This is really what Public-Key Cryptography ( was created for–a public key that anyone in the public can use to verify message origin authenticity, with a secret key, physically protected by the owner (or owners).

If the core group wants to exist in a form that it can be ‘in charge’ of press releases and going on air on the David Parkman show and the like to verbally combat the rantings of lunatics, it would be great to create a public key for the group so the next time someone claims to have received a message from anonymous, that group can say, “Show me the signature? Does it verify against our public key? No? Then we didn’t sent it. Because we have a standard.”

This would also help anyone interested in following different factions in identifying which faction put out which message. If you find that there is an anonymous faction (or even a third party group like the WBC, FBI, etc) acting out against the core values of anonymous or pretending to be a member of an influential group, you can be sure that their messages are not mistaken as coming from any of the groups who accept the GPG signing standard.

Granted, it should be advised that holding a private encryption key belonging to a faction acts as physical proof that you are a member of that faction (in the event that your equipment is seized or accessed by an opposing force)–so this key needs to be treated with the utmost security in mind.

You’ll note that this message is signed by, which has a public key published for anyone to use to verify that this message was sent by the Anonymous Zombies faction: (forgive us Sven/–but your domain just seemed the most apropos for using as our identification source since you are the closest thing we know to an official anonymous domain besides 4chan, LOL).

You are Anonymous
You are Legion
You do not Forgive
You do not Forget
I Expect you… to cryptographically sign your messages
Version: GnuPG/MacGPG2 v2.0.11 (Darwin)


follow on Twitter

Ad Blockers: Making the Internet Better

I just stumbled upon this opinion column in Smashing Magazine, which claims that Web Designers should not use ad blockers. Along with a bunch of lousy arguments, the author fails to account for my two biggest reasons for using ad blocking:

  • Resource Consumption (time and bandwidth) – it makes the web faster
  • Ads Mostly Suck (and are equally ineffective)

First, let me say that rather than adding adblocker software or plugins, I use Dan Pollock’s host file: Instead of blocking ads directly, it redirects ad server domain resolution to localhost. It’s fast, it’s free, and it doesn’t take up resources running any extra processes.

A note from his file explains a bit of why it’s useful:

# Use this file to prevent your computer from connecting to selected
# internet hosts. This is an easy and effective way to protect you from 
# many types of spyware, reduces bandwidth use, blocks certain pop-up 
# traps, prevents user tracking by way of "web bugs" embedded in spam,
# provides partial protection to IE from certain web-based exploits and
# blocks most advertising you would otherwise be subjected to on the internet.

I started using this when I moved to Germany and ended up with a mobile internet connection for my main line, which is dirt slow. I couldn’t afford to waste my 5GB/month capped usage on ads–or slow down my general use with waiting for all the analytics and ad servers to resolve and load (yes, I block analytics too but that’s another post with a whole new topic).

But now that I’ve been using the hosts file for a while I’ve started to think that this is like when I abandoned television in favor of the internet for viewing videos. I got sick of the commercials. So much that I joined a revolution in a new medium that allowed me more fine-grained control over what I consume and how I consume it. I can’t watch TV anymore–the commercials are insufferable.

Yes, I’m a Web Developer, and yes, I use ad services on my sites–and I feel genuinely icky about it (but it pays for my hosting and gives me pet-project freedom). So, please, block my ads. If you don’t want them, I don’t want you to have to suffer them. You probably aren’t the person who makes me money on my ads anyway.

But here’s the kicker: When I find that there’s an ad company I like, who does things right, I allow them through my hosts file filter. Sadly, I haven’t found a decent service for sporting ads that don’t suck on my websites.

Commercials need to be better. Ads need to be better. Ad services need to be a hell of a lot better. A few ad agencies have caught onto this, creating viral advertising that people actually WANT to consume. I’m sure you remember the Sonia Bravia superball video. People didn’t block it. Instead it got passed around.

Here’s another ad-woth-watching by Nokia that gives me goose bumps, which I found at the end of a talk:

In closing, if you don’t want people to block your ads, make them not only worth consuming but sharing, make the ad servers fast and don’t put them in the way of what users actually want to consume. Make your ads into content that is served with the other content users want–so they can’t block it without blocking everything else they came to see (all of it hopefully as good as the rest). If your ads are the content that consumers want, consumers won’t worry about blocking it. Besides, if consumers want to block your ads, face it, your ads suck.

follow on Twitter

Time Remaining Calculations: Problem & Solution


A user initiates an action that will take some time to complete. This happens all the time, in all sorts of applications. The most common places you will find this are downloading and installing. Downloading is the easiest target for improvement so this is what I will focus on here.

The system wants to report to the user how long they will have to wait before the task is complete. This is usually presented with a progress indicator, a speed report and some form of time remaining.


If you’ve seen progress indicators like this before, you’ve no doubt suffered watching the time remaining report shift from 10 minutes to 1 hour, back to 10 minutes, up to 2 hours in what looks like an endless loop of uncertainty.

What the System Knows

  1. The total amount of data to be processed
  2. The current processing speed
  3. The total remaining amount of data to be processed
  4. The total time spent processing so far

The problem is that programmers tend to only pay attention to the first 3 pieces of information available. The fourth is outright ignored, which is sad because it allows us to write much, much better progress indicators.


What we tend to show is Time Remaining = Data Remaining / Data Speed
Example: 200MB / (1.2MB/s) results in 166.67 seconds remaining (or 2.8 minutes).

While this is valuable for the user to know the current speed and the time remaining at the current speed, and presents a fairly accurate report for users with constant download speeds, it’s often an unrealistic estimation of the real time to completion for anyone with variable rate downloads. In the case above where I was downloading a trial of the Adobe CS5 Suite, I was on a broadband connection (at a cafe) with a variable availability in transfer speed. My download shifted constantly between 50KB/s and 3.2MB/s, causing the weak progress indicator to jump back and forth between almost a day and less than an hour. But if the download manager calculated my AVERAGE speed, it could give me a much better indication of how long I can expect the action to take. And the great thing is that as the download progresses, it has the option of capturing and calculating a much more realistic number. In the end, the download took about 2 hours and 40 minutes, which ended at a time that the progress indicator never seemed to even come close to reporting.

Although, it could factor in some quite complex numbers, calculating variations in rates, all of that complexity is unnecessary–and probably not that useful. Really you just need this:

Rate = Time Spent / Amount Complete
Average Time Remaining = (Rate * Total Data) – Time Spent

We’ve downloaded 100MB / 200MB and, so far, it’s taken 12 minutes:

var totalData = 200; // constant
// vars to be updated at intervals
var timeSpent = 12;
var dataComplete = 100;
// calculate an estimate for the average time remaining
var dataRemaining = totalData - dataComplete;
var rate = timeSpent / dataComplete;
var avgTimeRemaining = (rate * totalData) - timeSpent;
// show it

So the avgTimeRemaining would be 12 minutes. The current speed might be different (probably is) so it would really be nice to see both the current rate and estimate at the current speed and the overall rate with an estimate that considers the shifting variation in speed. The closer you get to completion, the more accurate this second calculation becomes.

In Closing

It’s great to know how long I can expect something to take at my current speed, but it’s much better if I can also see my average speed along with an estimate based on that information. Often, for people with variable rates of processing and downloading, the second calculation is much more helpful.

follow on Twitter