# pgp, keys, security, privacy

It’s been a long time since I wrote on this blog. I recently attended a talk with Phil Zimmerman recently and it was the opportunity to reuse pgp/gpg and I thought it was a good idea to talk about it.

# Why

I often had the questions why I would need to use strong encryption, especially since it used to be very illegal in my own country (there was a limit on 40 bits in France back when I started using cryptography). Usually, people tend to say that if you use cryptography, you must be hiding stuff and probably doing some very illegal and dangerous. I beg to differ on this topic: I keep my personal data in my home, which is usually locked. If a judge comes and ask to open the drawer, I’ll gladly do it if the due process is rightly followed. In the same way, I consider that my communication is private and while I’ll surrender my private key to the right officials and the right request, I prefer not having anyone being able to excess its authorization and illegally eavesdrop on me, which seem to have been a pretty common game for most governments. In a pettier way, some company sysadmin might be overusing their privilege and while you may trust them to watch you personal folder, it might be interesting to make sure they actually can’t do it.

# Theory

## Private/public keys

Quick reminder on theory:

• you want your communication to be secure (i.e. not easy to listen to silently)
• you want your communication to be authenticated (i.e. I need to be sure whom I’m talking to) and non compromised (i.e. if someone attempts at modifying the message, I want to know).

This can be enforced through cryptography the following way:

• signing with a private key will allow anyone having the corresponding public key to check the integrity of the message. Trusting that the set of key actually belong to the person you’re thinking about is a different problem.
• ciphering with a public key will allow only the target private key to read the message. Practically, message is ciphered with a random session key and that key is ciphered using the public key (for performance reason).

One fun side effect is that you need to encrypt the session key with the public key of each of the message recipient, including the ones in BCC, hence displaying them on the clear. You’ve been warned.

## Trust

While using asymmetric cryptography ensures that only a set of key is involved, knowing whether this set of key actually belong to an individual is a different problem. To solve this, the concept of “web of trust” exist. The principle is that at any time, you can check the real life identification of someone and cryptographically sign their key, hence providing the community that you checked that a given person is who they claim to be. Then, if you trust someone who trust someone else, you’re likely to actually trust that some one else to be who they pretend to be.

# Practically

## Generating a key

I’ll explain how to do most command using gpg command line, mostly as a reminder for me. There are several bazillions tools to help you automate and work around these process.
Modern standards seem to use a 4096 RSA key (this won’t prevent you from having your communication read when quantum computer will be there, so if you care…). Elliptic curves can be as safe for shorter keys but are not widely supported yet. The passphrase will be protecting your private key, it seems to be a very good idea to have something really strong here. I’m not talking about reusing a 8 letters web password kind of strong, but writing a full sentence that only you will remember kind of strong (like a pass-phrase, not a pass-word).

gpg --full-gen-key

This will generate a key, including a key id and a fingerpint:

bruce@morannon:~gpg --fingerprint C3F53DD4 pub 4096R/C3F53DD4 2016-06-10 Key fingerprint = 77EE B582 C4AA 7724 AD2D 53AC AC42 DF1E C3F5 3DD4 uid Florent Revelut (Bruce) <florent@revelut.ch> sub 4096R/92F7C250 2016-06-10 The id (C3F53DD4 in my case) will be used to identify your key. The fingerprint will be used when cross checking identities (i.e. if you check and identity, you need to be sure that you check the fingerprint) ## Signing someone else key Say I want to sign my old key FBE03BF7 with my new and shiny one C3F53DD4. Make sure you have the key, if not get it from a keyserver (pgp.mit.edu is a common alternative) gpg --keyserver pgp.mit.edu --recv-keys FBE03BF7 Sign the key (level 3 is the highest level of trust, meaning you checked really closely an official id) gpg --sign-key --default-cert-level 3 --no-ask-cert-level -u C3F53DD4 -a FBE03BF7 Export the key to a file gpg -a --export FBE03BF7 > FBE03BF7.txt and prepare a to send it to your stakeholder (this will generate a FBE03BF7.txt.asc that you can safely cut and paste in an e-mail) gpg -u C3F53DD4 --armor --recipient FBE03BF7 -e -s FBE03BF7.txt delete the key form your local keyring, you’ll get it from a keyserver later when you need it gpg --delete-key FBE03BF7 rm FBE03BF7.txt ## Importing a signature You’ll probably receive ane-mail with a file attachment named something.asc. You’ll have to decrypt it: gpg -d *.asc > clear.txt Then probably extract the file attachment, this will generate new files munpack clear.txt Then import the signature (check whatever file was generated in previous step). It will merge the new signature with the existing ones., gpg --import florent@revelut.ch.asc Then publish it: gpg --keyserver pgp.mit.edu --send-keys C3F53DD4 And done : your public keyis now available, including the trusted signature from your stakeholders. # Traps/tips If you encrypt an e-mail/a file you’re sending to someone else, you’d better encrypt it for you as well or you won’t be able to read it later (remember, you don’t have the private key of your recipient). If you have the file “in clear” on your file system, you will definitely want to delete it in a safer way than rm. Depending on your OS, file system and caching policies, this might get tricky to make sure your content is actually properly wiped out (or close to impossible). Enigmail is a very easy and user friendly way to cipher your e-mails. If you’re using a web-app to access your e-mail, you might want to switch to using a real mail client and imap to access your emails as webapp usually don’t support cryptography. It might eventually be coming for gmail though (blog post from google). Cryptography and BCC don’t work well together: the IDs of all recipients are in the clear… In the same way, ciphering and mailing list don’t work unless you have a way to expand the mailing list on client side and know all recipients (think about exchange server). There is no issue with signing cryptographically when sending to a mailing list and it’s considered a good practice. You can (and should) use your private key when tagging a git repository. As you put your reputation on line, you might want to review branch merge with extra care. Most people won’t check the signature of the public key, which is really bad. Anyone can publish a public key on a key server, if it’s not signed, it does not bring anything. Some extra paranoid people don’t want ot have their public key hosted on a key server. There are some use cases where it makes sense, use your best judgement on convenience vs security. # What could go wrong ? In the list of daily WTF, I stumbled upon this video: Someone backflipping over a speeding formula. That’s impressive. Kinda dumb & useless as well. # Music and mood I always listen to music, but most of the time I don’t really care or pay attention. I tend to use quite random playlist and mostly let them run. Or at least, this what I thought until I recently checked. What I discovered surprised me. Most people say their mood will be influenced by the music they listen to. This is explained in detail (and in French) by someone smarter and way more knowledgeable in music (which is easy considering my quasi-null level) In my case, I tend to influence my playlist based on my mood. The fun thing is that I do that unconsciously and that it seems to correlate sometime surprisingly. Let’s dig: Renaud can be good (Molly Malone) or bad (p’tite conne in a loop is a fairly good indicator of depression). Brel, Moustaki, Ferrat is mostly always bad: not for the singer himself but rather for the memories of a lost one they evoke. Funnily enough, Jean Yanne, which is from the same environment, is not triggered by the same feeling. On the contrary, classical music, opera and even requiem are an indicator of good mood. I especially like listening to symphonies, Fauré or Mozart requiems as it helps me getting isolated from the rest of thew world. My main problem now: each time I choose an album, I wonder if I’m making a conscious or unconscious choice. I have several hundreds disks in digital format but no real way or making statistics (as I use several players). Currently, this is more a feeling than hard-data backed evidence, which disturbs me. I know not to trust a feeling as it’s usually the best way to be wrong. For the coming weeks, I’ll try to sweep the darker area of my collections, to dig into stuff I know less and see if I have the opposite effects. Anyway, I found funny to realize after so many years and to discover such a correlation. # What I currently play, march edition Roughly 5 years after everyone, I’ve started playing the Witcher 2. I don’t have much available time so I play in easy mode. The fighting system is good, despite requiring to memorize 6 pictograms for some sorts (I actually did not memorize them but bound them to some mouse buttons). The quest part is simple but interesting, with lots of content and a nice story.It probably would not win the game of the year but it’s good to waste some time that I don’t have. It’s super cheap on steam, so definitely worth the few bucks it costs if you didn’t try it yet. As part of the previous of april’s monthly humble bundle, I received this War of Mine. It’s the same price tag as the previous game, but a very different kind of game. Instead of being a super badass, with nearly unlimited powers trying to kill their way to fame and fortune, you play a bunch of struggling civilians, trying to survive in the middle of a city in war, fighting for medicines, food, water, avoiding the various dangers represented by robbers, other scavengers, snipers. The game is black and white, with a very gloomy look and feel. The realization is definitely awesome, it’s interesting to play, but it has a psychological toll: you are constantly reminded that life can end without notice, that your hard-earned resources can be stolen by a group of robbers, leaving you with gashing wounds. I definitely enjoyed the few hours I spent on the game, but I would have a very hard time recommending it. While game usually translates you into an imaginary world, this one does its best to remind you in what environment some people live. On top of the survival struggle, should you choose the path of violence, your characters will start worrying about their fate and soul, making you actually feel bad for taking such a decision. Do you prefer to save the 2 begging kids mother or your friend? Cause there is not enough medicine for everyone. If you feel the immersion is not enough, your team is represented through realistic pictures, with a short bio explaining their struggles and evolving over time. And in case you’re wondering, death is final, there is no saving and reloading in real world. I’ve played Jamestown which is a good old fashioned shoot them up. Not much to say, it’s hard, entertaining, good to empty your brain. Several ships with different weapons, an hair-fetched scenario. I had it for a while, rather a good surprise and one of a few games that can be played with the kids watching, thanks to the very cartoon-like/unrealistic feeling (easy to spot the bad : they’re ugly) GRAVARK: Survival Evolved, Rust: these were games I really wanted to play. Open-world, mmo, sandboxing. I was really hoping for a feeling of collaboration, man against the environment, creativity. What I got was half finished games, full of bugs, almost impossible to play, with lots of gankers, fuzzy objectives, broken scenario. Clearly a huge deception and I don’t recommend investing time in these, which was a surprise for me. Last, millie is a very nice snake-like game. I didn’t play much but it’s one of the few games which is really nice and playable by one of my 5 years old twin. # Box with non vertical sides While creating a perch for our parrot, I stumbled upon something non trivial : if you want to assemble a box with non vertical sides, what cut angle are you supposed to use to have a nice assembly ? It’s obvious that it should be a trapeze, but what would be the α angle ? Easy peasy, let’s dig into the maths! On the schematics, once assembly is done, we have B=B’ and A,B, B’, A’ in same plane. Supposing that we have an angle β with vertical (meaning a standard box has β=0), this means $$tan(\alpha)=\frac{AB}{OA}=\frac{OA’.sin(\beta}{OA}$$ as OA = OA’, we have trivially $$\alpha=atan(sin(\beta))$$ If you need to be convinced, the animation above is done with β=30°. It’s been realized with pov and the code can be found on my POV repository on bitbucket. And by the way, why did I need that ? Just to make it real : # Je regarde youtube Pour changer, voilà un article en français. J’ai longuement hésité à le faire, puis je me suis lancé. Avec 10 ans de retard, je découvre youtube. J’ai un peu honte, je travaille dans la technologie, j’ai travaillé dans l’industrie des médias et c’est seulement maintenant que je m’intérèsse à ce nouveau média. Pour moi, youtube, c’était des mauvaises vidéos de chat, c’était des gens qui tombent filmés en SD, surencodés et pixellisés, c’était également du contenu copyrighté dont la légalité avait souvent la même odeur que la qualité. Et petit à petit, je me suis mis à regarder de plus en plus de vidéos et à changer d’avis. Tout d’abord, youtube est certes un repaire de pré-ado, surtout en lecture. De nombreux contenus font peur, par leur naïveté ou pour la violence de leurs propos. En tant que parent, je me dis que jamais je ne laisserai un téléphone portable ou une caméra à mes enfants. Et bien sûr, je n’aurai pas le choix. Alors oui, il y a des vidéos de gens ivres morts qui font la fête, d’accidents horribles non censurés, de gamines de 13 ans qui font des tuto maquillage hyper sexués sans se rendre compte de l’image qu’elles projettent. Ou sans se rendre compte de qui peut être derrière l’écran. Oui, il y a des viédos de chat qui font des millions de vue. Oui, Gangnam Style a fait tellement de vues qu’il a fallu coder le nombre de vues sur 64 bits. Ca fait quand même plus de deux milliards de vue sur une vidéo qui a de la publicité, probablement de quoi se payer quelques menus objets. À côté de ces gros tubes, il y a plein d’autres choses et c’est à elles que je veux rendre hommage. Personnellement, les comiques qui passent à la TV ne me font que rarement rire, mais je me marre quand je regarde le rire jaune. Et puis, il y a de vrais créateurs, qui passent des messages forts ou une vision alternative, de la réalité. Souvent des messages forts, artistiques, contestataires. Ce qui m’a décidé à faire ce billet, ce sont quelques vidéos que je vais mettre ici, brutes de décoffrage Les jeunes et la drogue, de Nad Rich’ Hard Facebook, tu ne nous auras pas, sauf que pour certains métiers, c’est nécessaire. Ou comment la loi est impuissante devant les impératifs business (en anglais sous-titré – le texte anglais est plus policé): Vous pensez que les motards sont tous de jeunes cintrés de vitesse. Changez d’avis avec mehdiator Ce que sont les crises d’angoisse, avec Meghan Rienks (en anglais) JB Bullet chante son indignation au lendemain des attentats de Charlie Hebdo (un an déjà…) L’analyse musicale par LinksTheSun Comment bricoler un tour avec une perceuse, par Jack Houweling (en anglais) J’en aurais encore des centaines comme ça. Des clips, des court-métrages qui mettent une grande baffe. J’ai du faire un choix, il est forcément injuste. Il est forcément très personnel, biaisé. Peut-être même politique, qui sait. Moi pas, en tout cas. Le point commun entre tous ces clips: ce sont des créations indépendantes, faites par de vrais artistes, souvent peu connus, souvent jeunes, toujours passionés. Des gens qui se battent pour essayer de vivre de leur passion, de se faire un nom, qui donnent de leurs trippes. Quand je compare ce que diffuse la télévision et que paient mes impôts à la qualité du contenu de Youtube, j’avoue que je fais mon choix. Oui, Youtube vit avec la publicité (ou par souscription pour les pays qui ont Youtube Red). Personnelllement, je préfère voir quelques vidéos de publicité et soutenir directement des artistes de valeur que regarder des spots entiers de publicité pour du contenu médiocre. Et parfois, même si je n’y suis pour rien, je suis un peu fier de l’entreprise pour qui je travaille qui permet à cela d’exister. Les commentaires sont comme d’habitudes modérés et le seront fermement contre tout troll. Cet espace est ouvert au débat, pas à la haine. Et à titre de rappel, ce sont ici exprimés mes avis personnels et non ceux de mon employeur, de mon perroquet ou d’une éventuelle conspiration franc-maçonnique. Et bien sûr, ça fait un peu plus d’un an, mais je reste charlie. # Egg shape and camshaft ## Introduction For some tinkering, I wanted to be able to draw a standard, egg-shaped cam and compute the displacement it was generating. I thought this was a trivial problem, but I couldn’t find anything, so I’ll describe the path I used. As a side note, the end-goal was to generate some 3D animation with persistence of vision, so I was somehow constrained by what as doable with this software (knowing that I don’t generate anything and just use the software, so no real way of numerical solution and such) The approach I followed seems to have been used for centuries by architect to create egg-shaped curves. It uses 2 parameters, that I named r and h. I’ll describe the geometrical construction and then go to the calculus phase. As a side note, I had great fun finding all of these and coining it into an article, hope you’ll like reading it as much as I had writing it 🙂 Some other may follow on related subjects, depending on interest / time. ## Construction • Choose a point (O), this will be your center of rotation for your cam. • Draw a circle S1 (black one) , centered on O and radius r • Draw a diameter, creating points A and B on circle intersection. • Draw a perpendicular diameter and pick a new point C so that OC = h • From now, the construction is symmetrical, I’ll focus on one side. • Draw a circle S2 (red one) centered on A and going through B (hence, radius = 2r ) • let D be the intersection of S2 and OC • Draw a circle S3 (green one) center on C and going through D • Your egg-shape is now, starting from bottom : S1 to B, then S2 to D then S3 ## Calculus #### Diameter of green circle By definition,$$AD = 2r$$ Using pythagore on ACO, $$AC = \sqrt{r^{2}+h^{2}}$$ Then $$CD = \rho = 2r-\sqrt{r^{2}+h^{2}}$$ #### BOD Angle If you project D on AB to have a new H point, then you have $$\widehat{HOD} = \widehat{BOD} = \beta$$ and $$tan (\beta) = \frac{DH}{OH}$$ $$tan (\widehat{OAC}) = \frac{OC}{AO} = \frac{h}{r}$$ then $$\widehat{OAC} = \alpha = tan^{-1}{\frac{h}{r}}$$ $$AH = 2r.cos(\alpha)$$ and $$DH = 2r.sin(\alpha)$$ $$OH = AH – OA = 2r.cos(\alpha) – r = r(2.cos(\alpha)-1)$$ Finally : $$tan(\beta) = \frac{2r.sin(\alpha)}{r(2.cos(\alpha)-1)} = \frac{2.sin(tan^{-1}{\frac{h}{r}})}{2.cos(tan^{-1}{\frac{h}{r}})-1}$$ #### Polar coordinates Let’s continue the fun, the end-goal is to have the polar coordinates of the cam… We’ll use $$\theta$$ as parameter and assume it’s value is 0 on AB axis. Function will have nice properties: • $$f(\theta+2\pi)=f(\theta)$$ • $$f(\frac{3\pi}{2}-\theta)=f(\theta)$$ Meaning that we can focus on $$[-\frac{\pi}{2},\frac{\pi}{2}]$$ On $$[-\frac{\pi}{2},0]$$, solution is trivial : $$f(\theta)=r$$ On $$[0,\beta]$$, solution is circle center on (-r,0) radius 2r, which has implicit equation $$(x+r)^{2}+y^{2} = (2r)^2$$ Using standard polar replacements: $$(f(\theta)cos(\theta)+r)^{2}+f^{2}(\theta)sin^{2}(\theta) = (2r)^2$$ The interesting function is now a second order equation, that can be trivially solved: $$f(\theta)=r.(\sqrt{cos^{2}(\theta)+3}-cos(\theta))$$ On $$[\beta,\frac{\pi}{2}]$$, solution is circle center on (0,h) radius ρ, which has implicit equation $$x^{2}+(y-h)^{2} = \rho^2$$ or $$f(\theta)^{2}cos^{2}(\theta)+(f(\theta)sin(\theta)-h)^{2} = (2r-\sqrt{r^{2}+h^{2}})^2$$ Again, the interesting function is now a second order equation, which can be (not so) trivially solved: $$f(\theta)= h.sin(\theta)+\sqrt{h^{2}sin^{2}(\theta) +5r^{2} -4r\sqrt{r^2+h^2} }$$ #### Limits on parameter Due to the way the cam is built, h must be positive. In addition, the worst case is having D aligned with O and C (actually C = D), and then, using pythagore: $$h \in [0,\sqrt{3}]$$ ## Realization with Pov-Ray Now that we’re done with the maths, it’s time to do the actual stuff. Real implementation can be found on my POV repository, core is in an include file and there is a reference example file. The cam itself is generated using CSG : intersection of cylinder and plan, the exact same way I’ve explained before. I encapsulated it into a macro with 2 parameters, h and r. With these explanations, reading the file is really straightforward. The polar function is implemented using a bunch of functions within POV. There are a few caveats: • it seems recursion is not well supported and maybe using a modulo would be smarter • using an horizontal egg instead of a vertical one (i.e. changing the theta reference) would allow to have a symmetrical function (the current one has a pi/2 offset) • POV function do not allow to use #if statement (seems to be limited to global variable). Using select is a ice workaround but is really killing readability To have an idea of how h parameter influences the result, quick matrix of rendering with r=1 and h variable: Free bonus, script used for the rendering, with some image magick in it: #/bin/bash BASE="came" OUTPUT=output findOUTPUT -iname "$BASE*.tga" -delete TOTAL="" for a in seq 0.1 0.1 1.6; do OUT=$OUTPUT/${BASE}_${a}.tga
OUT2=${OUTPUT}/${BASE}_${a}.jpg TOTAL="${TOTAL} ${OUT2}" povray -W200 -H200 +k0.1 -Iscene/$BASE.pov -O${OUT} Declare=h_parameter=$a
convert ${OUT} -fill white -stroke red -pointsize 40 -gravity south -annotate 0 "h:$a" ${OUT2} done montage${TOTAL} -geometry +2+2 result.jpeg

I’ve recently had to fly oversea (yesterday) and this is usually for me the opportunity to try new things: can’t really sleep, in-flight entertainment is usually crappy, so here I go.

I tried a new game called Chromasquad. Reason why I tried this is simple : I recently got it in a humble bundle (monthly one I guess), it’s DRM-free (I could get it from humble bundle website easily), it’s small (in 100 of MB at most) and runs decently on a mac book air, which has close to no power.

I tried and I got surprisingly addicted: pitch is pretty simple, a bunch of stuntsmen go out of their studio and start making their own power rangers clone. The game itself is close to XCom, enemy unknown : you work your team, improve it then play in a turn by turn. Gameplay is quite addictive, not as easy as it sounds initially. Graphics are… well, let’s say they fit with nostalgia with a nice principle of hand drawn, blocky old fashioned sprites. Either you love or you hate, it personally reminds me of my youth 🙂

Seeing how cheap the game is, I strongly recommend to buy it. Seeing that I missed the trophies (playing out of steam), I’ll probably redo it really soon and keep it as a plane friendly, low-power game.

Of course, the other games I did in the plane were less fun. They included tearing of my seat with the help of the steward to fetch my headphones converter, 45 minutes of turbulence in the middle of lunch and using a 10 inches screen to watch an SD movie. I don’t understand how in-flight entertainment can still be that crappy.

# Youtube and me, second round

My first try with youtube was such a tremendous success  (ahem) that I had to try again. The main problem of previous video was a really crappy sound. I did lots of tests since and discovered that my headset is producing decent sound quality with audacity. However, if I try to record directly from lightworks or OBS, the sound becomes awfully crappy. I don’t have an explanation yet.

Today’s topic is a response to tripa’s challenge to do a dodecaedron with a straigth edge and a compass. I found it quite interesting as it allowed me to explore other alternatives.

Let’s go to the gory details:

• Shooting is done using my reflex (Canon EOS 550D) and a 28-55 optic (if I remember correctly). The setup involved holding the reflex vertically and connecting it to my computer via USB. The challenges were mostly that the optic I used is a zoom and tended to fall and change focal and that the vibrations tended to shake slightly the video. Overall, I’m pretty happy with the video quality
• Shooting was done with my crazy parrot trying to help. Not sure if she was successful to help but she had a great time.
• I used lightworks, again, and I’m still not convinced. I was unable to zoom / trim my still pictures in the video editor (hence these nice black band) and export is limited to 720p, which is a pity knowing the initial material is 1080p… Some UI issue killed me as well, I have a feeling  that I’m not in control and it makes me slightly uncomfortable. Especially, I liked the concept of using subclips and reusing them, but I was hoping for references rather than copies : if I make a “introduction” edit and use it in my main edit, it seems like editing the intro one has no effect on the main one….
• Getting decent light is not trivial either, probably need to work on that one, I played easy as it was dailight and I had natural diffuse light (thanks to the snow falling from the sky)
• I used some background music that I took from bensound.com. I checked 10 times and it seems to be really fine with what I’m doing, I’m no musician but I found having a soft background sound helped. I definitely should do better with regards to music editing, I feel really crappy (no soft transition, lack of music at some point). I hope it does not cover my voice.
• I recorded the voice using audacity, then exporting sub-sample and mixing them. Not using face video means not having to care about AV synchro 🙂
• I inserted a title and some rolling credentials, was surprisingly easy !

My conclusion, it’s not trivial to do but it’s doable if you’re fine with a sub-par result. If you aim at higher quality, then the effort grows exponentially (and so does the headache)

I’m from a generation who was taught that the ultimate source of knowledge are the books. I managed to evolve on my own and found that internet is a wonderful place where lots of people share lots of interesting stuff. I was pretty happy with that situation : look for a blog post or an instructable, a random tutorial, more or less crappy, follow and tune, troll. I had the manual on how to do it, from newsgroup to phpbb forum. Eh, I even got my own personal blog!

The new generation seems however to have moved out of written knowledge and shit into using video as a solution to any problem. I personnally don’t like too much, I find much easier to skip and follow written instruction than a video whose focus is not always on the interesting part. Anyway, if the moves has moved that way and the cool kids are doing that, I guess I don’t have too many choices : follow and try to be a cool kid (ahem) or start becoming obsolete. I feel too young to be obsolete, so I looked at what is the effort required to create a decent youtube tutorial.

Bear with me: I didn’t want to do a crappy video with my smartphone of me doing something stupid (see : tthat how you plug an sdcard into a raspberry pi while focussing on the cable behind. I wanted to do something nice, not prolfessional but somehow useful.

Conclusion, it’s tough! My personal computer environement is composed of mac (corporate laptop), linux (poor laptop) and windows (gaming rig). It seems obvious that I want cross-platform tools, I got kids and less freetime than the average student, not talking about the random teenager which seems to be the most adept at posting content.

Ok, I tried tonight, spent roughly 3 hours on a simple inkscape tutorial

• I used Open Broadcaster Software for screencasting and mixing video and sound
• I used lightworks (free as in free beer, not free speech) for assembling clips together

Lessons learnt:

• if you want to explain something, better know exactly what you are doing. Especially, first try was a one shot with lots of trials and errors. So shot sequences and mix them later.
• mounting sequences is hard: it took half the time to just link them together and it seems I managed to export a 30 minutes video while having 10 minutes of content
• software limitations are bitches: I shoot in 1080p, could only export to 720p, which is a major issue when shooting a screencast.
• my microphone was saturating, so I reduced gain. And then you can’t hear me (used my heaphones as microphone)
• had to shoot twice cause I used a bad codec the first time, this pissed me of (we’re in 2015, isn’t the codec mayhem supposed to be fixed?)

Next time:

• redo the same video, I’m becoming exceedingly efficient at drawing dodecahedrons schematics
• write a script that you can follow
• keep empty space before and after each recording, it’s easy to trim
• read more tutorial on mounting tool, maybe switch to cinelerra?