Love reading these posts where a person implement their own solution to communicate with devices that have proprietary software that only support Windows.
Thanks for sharing.
This is such a great caring useful post. About such a pure, incredible human story: liberating technology. Making it better. Life finding a way. I love love love how much interesting stuff opened up because packet capture caught the (plaintext, yay!) firmware upgrade.
But man, to see this story show up around the world has been really such a terrormongering frenzy of Fear Uncertainty and Doubt. Oh no, the users: they are uploading their own firware! What if they do bad things?! Everyone is at risk!
And they're not even wrong here. Yes. It's some kind of a risk. The device looks like a keyboard, and it could be programmed to type. It could perhaps possibly script a way to open a terminal and exfiltrate some data, before your very eyes (but if you tab away you're ok! it's just a keyboard!)
There are so many forces (and definitely among them much of the press) who seems desperate to build such a sterile, closed world, that drive such a conservative clutching for certainty against any chance or possibility for good fear before them. We've seen similar pants wetting over wireless. The FCC in 2014 changing Part 15C rules for U-NII devices was exactly this sort of "someone might do something bad possibly" rule setting, that demanded that device makers lock down their devices:
> All U-NII devices must contain security features to protect against modication of software by unauthorized parties.
> Manufacturers must implement security features in any digitally modulated devices capable of operating in any of the U-NII bands, so that third parties are not able to reprogram the device to operate outside the parameters for which the device was certi ed. The software must prevent the user from operating the transmitter with operating frequencies, output power, modulation types or other radio frequency parameters outside those that were approved for the device. Manufacturers may use means including, but not limited to the use of a private network that allows only authenticated users to download software, electronic signatures in software or coding in hardware that is decoded by software to verify that new software can be legally loaded into a device to meet these requirements and must describe the methods in their application for equipment authorization.
This all is such an anti-human infernal hell. A world where we can not see our devices, much less be allowed to touch or manipulate the world around us. We are being robbed of our god given right to explore, understand, experiment. This is our heavenly purpose, our god given nature, our mission to understand and shape the world around us. Yet there are these confounding legalistic and media denials of the Enlightenment project, that are against understanding the world, against humankind gaining our footing. The government is outlawing Homo Habilus, is using the law to send us back not to a pre-Great Deal (US) time a hundred years ago, nor pre-Reconstruction (US again) two hundred years ago, but to pre Homo Habilis, pre man the skillful, 2 million years ago. Anti-circumvention anti-access laws are an affront to god, an affront to our deepest spiritual nature, an affront to our species.
Rasmus is doing amazing work. The circumstance of them being able to see what was happening, being able to observe the world around them, capturing & seeing what he had there, and then doing some work to modify & change things: that is glory. That is divine. This is virtue. That is why our species was created, and why it exists, our making and our ongoing purpose, and is what has made our species better at every turn. That Conde Naste or the FCC doesn't like it, and wages war against our species is infernal. Shame on them. Shame on the terrormongers, the fear-makers of this world, who spin human access to the world about us as bad, as scary, as something to be stopped and shut down: that fear is what we have to fear, that fear is a little death for our species. That fear diminishes not protects, that fear is against god.
The god or gods made us all hackers, and that has been the best thing going for our species for millions of years: to try to unwind this is spiritual/religious treason. The terrormongering needs to be shown the door.
>Analyzing this function, I was able to deduce that it wasn't using SHA at all, but rather some weird AES-256-GCM based authentication.
>This is fairly unusual - typically, the tool for proving that you know a shared secret is HMAC. I'm not sure why Creative felt the need to jump through so many hoops to make something that achieves essentially the same thing. This encryption scheme provides integrity and confidentiality, but the latter seems pointless here, as the nonce is already known to both sides. Only the integrity proof matters. Maybe I'm missing something here, but it just seems strange overall.
just call a spade a spade. it wasn't "strange", "unusual", or "weird", it was retarded.
But man, to see this story show up around the world has been really such a terrormongering frenzy of Fear Uncertainty and Doubt. Oh no, the users: they are uploading their own firware! What if they do bad things?! Everyone is at risk!
This is such toxic terrible dreck. Even ArsTechnica, who I've loved for decades, was in full on "be terrfieid, be afraid, hide your children, no one is safe" mode over this: https://arstechnica.com/security/2026/06/highly-reviewed-spe...
And they're not even wrong here. Yes. It's some kind of a risk. The device looks like a keyboard, and it could be programmed to type. It could perhaps possibly script a way to open a terminal and exfiltrate some data, before your very eyes (but if you tab away you're ok! it's just a keyboard!)
There are so many forces (and definitely among them much of the press) who seems desperate to build such a sterile, closed world, that drive such a conservative clutching for certainty against any chance or possibility for good fear before them. We've seen similar pants wetting over wireless. The FCC in 2014 changing Part 15C rules for U-NII devices was exactly this sort of "someone might do something bad possibly" rule setting, that demanded that device makers lock down their devices:
> All U-NII devices must contain security features to protect against modication of software by unauthorized parties.
> Manufacturers must implement security features in any digitally modulated devices capable of operating in any of the U-NII bands, so that third parties are not able to reprogram the device to operate outside the parameters for which the device was certi ed. The software must prevent the user from operating the transmitter with operating frequencies, output power, modulation types or other radio frequency parameters outside those that were approved for the device. Manufacturers may use means including, but not limited to the use of a private network that allows only authenticated users to download software, electronic signatures in software or coding in hardware that is decoded by software to verify that new software can be legally loaded into a device to meet these requirements and must describe the methods in their application for equipment authorization.
Via the excellent Battlemesh conference, https://www.battlemesh.org/BattleMeshV8/Agenda?action=Attach...
This all is such an anti-human infernal hell. A world where we can not see our devices, much less be allowed to touch or manipulate the world around us. We are being robbed of our god given right to explore, understand, experiment. This is our heavenly purpose, our god given nature, our mission to understand and shape the world around us. Yet there are these confounding legalistic and media denials of the Enlightenment project, that are against understanding the world, against humankind gaining our footing. The government is outlawing Homo Habilus, is using the law to send us back not to a pre-Great Deal (US) time a hundred years ago, nor pre-Reconstruction (US again) two hundred years ago, but to pre Homo Habilis, pre man the skillful, 2 million years ago. Anti-circumvention anti-access laws are an affront to god, an affront to our deepest spiritual nature, an affront to our species.
Rasmus is doing amazing work. The circumstance of them being able to see what was happening, being able to observe the world around them, capturing & seeing what he had there, and then doing some work to modify & change things: that is glory. That is divine. This is virtue. That is why our species was created, and why it exists, our making and our ongoing purpose, and is what has made our species better at every turn. That Conde Naste or the FCC doesn't like it, and wages war against our species is infernal. Shame on them. Shame on the terrormongers, the fear-makers of this world, who spin human access to the world about us as bad, as scary, as something to be stopped and shut down: that fear is what we have to fear, that fear is a little death for our species. That fear diminishes not protects, that fear is against god.
The god or gods made us all hackers, and that has been the best thing going for our species for millions of years: to try to unwind this is spiritual/religious treason. The terrormongering needs to be shown the door.
>This is fairly unusual - typically, the tool for proving that you know a shared secret is HMAC. I'm not sure why Creative felt the need to jump through so many hoops to make something that achieves essentially the same thing. This encryption scheme provides integrity and confidentiality, but the latter seems pointless here, as the nonce is already known to both sides. Only the integrity proof matters. Maybe I'm missing something here, but it just seems strange overall.
just call a spade a spade. it wasn't "strange", "unusual", or "weird", it was retarded.