Tuesday, June 26, 2018

Carbon Capture: ocean plants

The ocean has absorbed approximately a third of the extra carbon released since the industrial age. When carbon dioxide is absorbed by seawater it becomes carbonic acid, leading to the gradual acidification of the oceans.

There are several methods proposed by which the carbon stored in the ocean can be more rapidly sequestered, reducing carbonic acid levels (though the ocean would promtly absorb more carbon from the atmosphere):

  • alkalinization: to counteract the carbonic acid by adding huge quantities of alkalines to the ocean, such as bicarbonate. Quite usefully, bicarbonate can be produced via the Calcium Loop, by breaking apart the calcium carbonate into bicarbonate instead of heating it to release concentrated carbon dioxide.
  • fertilization: the carbon in the oceans could be handled by encouraging phytoplankton to grow. Different parts of the ocean contain phosphorous, nitrogen, and iron in differing amounts. By adding these three in the correct ratio, phytoplankton will be enabled to consume more carbon.

The main issue with these ideas is that they are not self-funding, they do not produce an output which can be used to generate revenue to continue the effort. These kinds of projects would depend on massive external support, as by governments or the (very) wealthy.

Sunday, June 24, 2018

Carbon Capture: reforestation

Pre-industrialization, forests covered approximately 5.9 billion hectares across the planet. Today that figure is 4 billion hectares, and still dropping. The deforestation has reduced the ability of the terrestrial plants to sink carbon in their yearly growth.

The basic idea in reforestation is straightforward: plant trees and other long-lasting plants in order to take up and store carbon from the atmosphere. Development of mechanisms to plant trees in large enough scale and short enough time frame to be useful in ameliorating climate change is the difficult part. This requires automation, most obviously by use of flying drones.

Biocarbon Engineering and Droneseed are two firms building technologies for rapid planting of trees. They use largish drones loaded with seed pods. The drones do require pilots, as most jurisdictions now require licensed pilots for dones, but where possible the drones are set to fly in a formation to allow a single pilot to control many at a time.

Biocarbon Engineering provides more details about their planting technology, utilizing seed pods loaded with nutrients fired from the drones toward the ground. A good percentage of the seed pods will embed into the ground, and the outer packaging will rapidly biodegrade and allow the seed to germinate.

The cost efficiency of this automated seeding method is not clear from publicly available information. Each reseeding project is a unique bid, and the bids are mostly not made public. Estimates of the cost of manual planting average $4940 per hectare using manual methods. Rough estimates of the cost of a Biocarbon Engineering project to reseed Mangrove trees in Myanmar is about half of what a manual effort would be.

Companies in this technology space

  • Propagate Ventures works with farmers and landowners to implement regenerative agriculture, restoring the land while keeping it productive.


musings on plants

In real deployments the type of plant life seeded will be chosen to fit the local environment by the client, such as the choice of Mangrove trees in Myanmar. If we were only concerned with the rapidity of carbon uptake, and did not care about invasive species, I think there are two species of plants we would focus on:

  • Paulownia trees which grow extremely rapidly, up to 20 feet in one year. These are native to China, and an invasive species elsewhere.
  • Hemp: "Industrial hemp has been scientifically proven to absorb more CO2 per hectare than any forest or commercial crop and is therefore the ideal carbonsink." (source). I find it amusing that hemp may be crucial in saving humanity after all.

Saturday, June 23, 2018

Carbon Capture: Biochar

biochar is charcoal made from biomass, from agricultural waste or other plant material. If left to rot or burned, the carbon trapped in this plant material would return to the atmosphere. By turning it into charcoal, a large percentage of the carbon is fixed into a stable form for decades.

Turning plant material into charcoal is a straightforward process: heat without sufficient oxygen to burn. This process is called pyrolysis (from the Greek pyro meaning fire and lysis meaning separating). In ancient times this was accomplished by burying smoldering wood under a layer of dirt, cutting it off from air. More recently, a kiln provided a more efficient way to produce charcoal by heating wood without burning it. Modern methods generally use sealed heating chambers in order to capture all of the produced gases.

Pyrolysis produces three outputs:

  • the solid char, which has a much higher concentration of carbon than the original plant material.

  • a thick tar referred to as bio-oil, which is much higher in oxygen than petroleum but otherwise similar.

  • a carbon-rich gas called syngas. It is flammable, though it contains only about half the energy density of methane. In earlier times the gas generally just escaped, while modern processes capture and usually burn it as heat to continue the pyrolysis process.

The temperature and length of pyrolysis determines the relative quantity of char, bio-oil, and syngas. Baking for longer time at lower temperature emphasizes char, shorter times at higher temperature produces more gas and oil.

The idea of biochar for carbon capture is to intercept carbon about to return to the atmosphere, primarily agricultural waste, and turn it into a form which both sequesters carbon and improves the soil into which it is tilled. The very fine char produced from agricultural waste is quite porous and makes soil retain water more effectively. It can also improve the soil health of acidic soils, balancing the pH and making the soil more productive.

Carbon Capture: Temperature Swing Adsorption

Adsorption: the adhesion of atoms, ions or molecules from a gas, liquid or dissolved solid to a surface. This process creates a film of the adsorbate on the surface of the adsorbent.

Temperature Swing Adsorption (TSA) for carbon capture relies on a set of materials, called carbon dioxide sorbents, which attract carbon dioxide molecules at low temperature and release them at a higher temperature. Unlike the Calcium Loop described previously, there is no chemical reaction between the sorbent and the CO2. Adsorption is purely a physical process, where the CO2 sticks to the sorbent due to the slight negative charges of the oxygen atoms and positive charge of the carbon.

There are a relatively large number of materials with this sorbent property for carbon dioxide, enough to have a dedicated Wikipedia page. These materials contain porous gaps. The gaps in the most interesting materials for our purpose are the right size to hold a CO2 molecule, with a slight charge at the right spot to attract the charges of different points on the CO2. To be useful for carbon capture, the sorbent has to attract CO2 molecules but readily release them with a change in temperature. They can be cycled from cold to hot to repeatedly grab and release carbon dioxide.

Unfortunately most of the known materials have drawbacks which make them unsuitable for real-world use, such as being damaged by water vapor.

The most recent class of sorbents developed are Metal-Organic Frameworks (MOFs), which are chains of organic molecules bound up into structures with metals. Metal-Oxide Frameworks are interesting because they are much more robust than the previously known sorbents, not being easily damaged by compounds found in the air and capable of being cycled in temperature without quickly wearing out.


Companies in this technology space

  • Inventys in Canada builds a carbon capture system using Temperature Swing Adsorption materials. Their system uses circular plates of a sorbent material, stacked vertically, and rotates the plates within a cylindrical housing. At different parts of the revolution the plates spend 30 seconds adsorping CO2, 15 seconds being heated to 110 degrees Celsius to release the concentrated CO2, and 15 seconds cooling back down to 40 degrees to do it again.

    Inventys goes to some length to explain that their technology is in the whole system, not tied to any particular sorbent material. I suspect this is emphasized because Metal Oxide Frameworks are innovating rapidly, and indeed the entire class of MOF materials was developed after Inventys was founded, so they ensure that the system can take advantage of new sorbent materials as they appear.

  • Skytree in the EU is a patent licensing firm which is fairly coy about the technologies it licenses but says they were developed as part of the Advanced Closed Loop System for the International Space Station. One of the main innovations in the ACLS is the development of a solid resin adsorbent Astrine, which means the technology is adsorption-based.

  • Climeworks in Switzerland describes their process as a filter which is then heated to release the carbon dioxide. This is clearly an adsorption process, and almost certainly using Metal-Organic Frameworks as it is described as being reusable for a large number of cycles.

  • Global Thermostat in New York describes their process as an amine-based sorbent bonded to a porous honeycomb ceramic structure.

Tuesday, June 19, 2018

Carbon Capture: Calcium Looping

I am very interested in technologies to ameliorate climate change. The looming, self-inflicted potential extinction of the human species seems important to address.

In this post we’ll examine the steps in Carbon Engineering’s Direct Air capture process, as published on their website, and explore what each step means. As I am an amateur at carbon capture technologies, anything and everything here may be incorrect. I’m writing this in an attempt to learn more about the space.


step 1: wet scrubber

A wet scrubber passes a gas containing pollutants, in this case atmospheric air containing excess carbon dioxide, through a liquid in order to capture the undesired elements. Scrubber designs vary greatly depending on the size of the pollutant being captured, especially whether particles or gaseous. In this case because CO2 molecules are being targeted, the scrubber is likely a tall cylindrical tower filled with finned material to maximize the surface area exposed to the air.

This process step uses hydroxide HO-, a water molecule with one of the hydrogen atoms stripped off, as the scrubbing liquid. Hydroxide bonds with carbon dioxide to form carbonic acid H2CO3. It is interesting to note that this same chemical process is occurring naturally at huge scale in the ocean, where seawater has acidified due to the absorption of carbon dioxide and formation of carbonic acid.


step 2: pellet reactor

The diluted carbonic acid is pumped through a pellet reactor, which is filled with very small pellets of calcium hydroxide Ca(OH)2. Calcium hydroxide reacts with the carbonic acid H2CO3 to form calcium carbonate CaCO3, which is the primary component of both industrial lime and antacid tablets. The small pellets in the reactor serve to both supply calcium for the reaction and to serve as a seed crystal to allow a larger calcium carbonate crystal to grow. In the process, hydrogen and oxygen atoms are liberated which turn back into water.

As the point of this system is a continuous process to remove carbon dioxide from air, I imagine the pellets are slowly cycled through the reactor as the liquid flows over them. The pellets with their load of newly grown crystal would automatically move on to the next stage of processing.

It is important to dry the pellets of calcium carbonate as they leave the pellet reactor. The next step collects purified carbon dioxide, where water vapor would be a contaminant. Removal of the remaining water could be accomplished by heating the pellets to somewhere above 100 degrees Celsius where water evaporates, but much less than 550 degrees where the calcium carbonate would begin to break down. Hot air would be sufficient to achieve this.


step 3: circulating bed fluid calcinator

A calcinator is a kiln which rotates. The wet pellets loaded with crystals of calcium carbonate CaCO3 slowly move through the kiln, where they are heated to a sufficient temperature for the calcium carbonate to decompose back into calcium oxide CaO and carbon dioxide CO2. A temperature of at least 550 degrees centigrade is needed for this, and the reaction works best somewhere around 840 degrees which is quite hot. There are catalysts which can encourage this reaction at lower temperatures, notably titanium oxide TiO2, but they are quite expensive and might not be economical compared with heating the kiln.

The carbon dioxide would be released as a hot gas to be collected, the calcium oxide will be left as solid grains in the calcinator. The calcium oxide can be used over and over, called calcium looping. Energy is expended at each cycle through the loop to free the carbon dioxide from the calcium oxide.


step 4: slaker

The solid output of the calcinator is calcium oxide CaO, also called quicklime. Quicklime is not stable, and will absorb other molecules from the air which would introduce impurities if put back into the pellet reactor. Therefore the calcium oxide CaO is combined with water to form calcium hydroxide Ca(OH)2.

A slaker adds controlled amounts of water to quicklime. This reaction releases a great deal of heat, so it is controlled by a feedback loop which reduces the inflow of material when the reaction gets too hot. I imagine the waste heat from this process could provide some of the heat needed for the earlier calcinator step, though additional heating would also be needed.


Companies in this technology space

  • Carbon Engineering, which builds large scale operations using the calcium loop process to capture carbon dioxide from air.
  • Calera, which captures CO2 to produce calcium carbonate for industrial use.



At the end of the process we have a highly purified stream of carbon dioxide extracted from ambient air. The long term goal of this kind of technology would be negative carbon emissions, which would mean keeping the CO2 from immediately circulating back into the environment by utilizing it in a long-lived form like various plastics or graphene. The technology also allows carbon neutral fuels to be made for applications where energy density requirements are higher than what battery chemistries are likely to provide, such as airplanes or ocean going vessels. Using carbon which was already in the atmosphere for these applications is much better than digging more carbon out of the ground.

Friday, June 15, 2018

CPE WAN Management Protocol: transaction flow

Technical Report 69 from the Broadband Forum is a management protocol called the CPE WAN Management Protocol (CWMP). It was first published in 2004, revised a number of times since, and aimed at the operation of DSL modems placed in customer homes. Over time it has broadened to support more types of devices which an Internet Service Provider might operate outside of its own facilities, in the residences and businesses of its customers.

There are a few key points about CWMP:

  • It was defined during the peak popularity of the Simple Object Access Protocol (SOAP). CWMP messages are encoded as SOAP XML.
  • Like SNMP and essentially every other network management protocol, it separates definition of the protocol from definition of the variables it manages. SNMP calls them MIBs, CWMP calls them data models.
  • It recognizes that firewalls will be present between the customer premises and the ISP, and that the ISP can expect to control its own firewall but not necessarily other firewalls between it and the customer.
  • It makes a strong distinction between the Customer Premises Equipment (CPE) being managed, and the Auto Configuration Server (ACS) which does the managing. It does not attempt to be a generic protocol which can operate bidirectionally, it exists specifically to allow an ACS to control CPE devices.

A few years ago I helped write an open source tr-69 agent called catawampus. The name was chosen based mainly on its ability to contain the letters C W M P in the proper order. I’d like to write up some of the things learned from working on that project, in one or more blog posts.

Connection Lifecycle

One unusual thing about CWMP is connection management between the ACS and CPE. Connections are initiated by the CPE, but RPC commands are then sent by the ACS. Keeping with the idea that it is not a general purpose bidirectional protocol, all commands are sent by the ACS and responded to by the CPE.

tr-69 runs atop an HTTP (usually HTTPS) connection. The CPE has to know the URL of its ACS. There are mechanisms to tell a CPE device what ACS URL to use, for example via a DHCP option from the DHCP server, but honestly in almost all cases the URL of the ISP’s ACS is simply hard-coded into the firmware of devices supplied by the ISP.


  1. The CPE device in the customer premises initiates a TCP connection to the ACS, and starts the SSL/TLS handshake. Once the connection is established, the CPE sends an Inform message to the ACS using an HTTP POST. This is encoded using SOAP XML, and tells the ACS the serial number and other information about the CPE in the <DeviceId> stanza.
    <?xml version="1.0" encoding="utf-8"?>
    <soap:Envelope xmlns:cwmp="urn:dslforum-org:cwmp-1-2"
        <cwmp:ID soap:mustUnderstand="1">catawampus.1529004153.967958</cwmp:ID>
          <Event soap-enc:arrayType="EventStruct[1]">
              <EventCode>0 BOOTSTRAP</EventCode\>
          <ParameterList soap-enc:arrayType="cwmp:ParameterValueStruct[1]">
              <Value xsi:type="xsd:string">http://[redacted]:7547/ping/7fd86a7302ec5f</Value>
    Several fields are highlighted above: the EventCode tells the ACS why the CPE device is connecting. It might have just booted, it might be a periodic connection at a set interval, or it might be because of an exceptional condition. The ParameterList, also highlighted, is a list of parameters the CPE can include to tell the ACS about exceptional conditions.

  3. The ACS sends back an InformResponse in response to the POST.
        <cwmp:ID soapenv:mustUnderstand="1">catawampus.1529004153.967958</cwmp:ID>

  5. If the CPE has other conditions to communicate to the ACS, such as successful completion of a software update, it performs additional POSTs containing those messages. When it has run out of things to send, it does a POST with an empty body. At this point the ACS takes over. The CPE continues sending HTTP POST transactions with an empty body, and the ACS sends a series of RPCs to the CPE in the response. There are RPC messages to get/set parameters, schedule a reboot or software update, etc. All transactions are sent by the ACS and the CPE responds.
        <cwmp:ID soapenv:mustUnderstand="1">TestCwmpId</cwmp:ID>
            <ns2:ParameterValueStruct xmlns:ns2="urn:dslforum-org:cwmp-1-2">
              <Value xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">param</Value>


The ACS can send multiple RPCs in one session with the CPE. Only one RPC can be outstanding at a time, the ACS has to wait for a response from the CPE before sending the next.

When the session ends, it is up to the CPE to re-establish it. One of the parameters in a management object is the PeriodicInformInterval, the amount of time the CPE should wait between initiating sessions with the ACS. By default it is supposed to be infinite, meaning the CPE will only check in once at boot and the ACS is expected to set the interval to whatever value it wants during that first session. In practice we found that not to work very well and set the default interval to 15 minutes. It was too easy for something to go wrong and result in a CPE which would be out of contact with the ACS until the next power cycle.

There is also a mechanism by which the ACS can connect to the CPE on port 7547 and do an HTTP GET. The CPE responds with an empty payload, but is supposed to immediately initiate an outgoing session to the ACS. In practice, this mechanism doesn't work very well because intervening firewalls, like the ISP's own residential gateway within the home, will often block the connection. This is an area where the rest of the industry has moved on: we now routinely have a billion mobile devices maintaining a persistent connection back to their notification service. CPE devices could do something similar, perhaps even using the same infrastructure.

Wednesday, June 6, 2018

Reading List: High Output Management

High Output Management by Andy Grove was first published in 1983, making it one of the earliest books about management in the technology industry and an influential book about management overall. I recently read the 2nd edition, revised in 2015.

Though the revisions help in updating the material, the book does still strongly resonate of the 1980s. Some of the examples concern Japanese DRAM manufacturers crowding out US firms, the rise of the PC industry, and the business climate of email beginning to replace telephone and memos. Nonetheless, management techniques change much more slowly than technology, and there is quite a bit of useful material in the book.

Some key takeaways for me:


Manager output = output of org + output of adjacent orgs under their influence

Grove’s point is that managers should be evaluated based on the performance of their own organization, plus the extent to which they influence the output of those who don’t directly report to them. This is especially important for knowledge leaders who provide technical direction for a large organization in particular areas, but without having large numbers of people reporting to them on the orgchart. The examples Grove uses are typically concerned with manufacturing and production, which was a particular strength and focus of his at Intel.

It is notable that 30+ years later, we’re still not very good at evaluating management performance in influencing adjacent organizations. Manager evaluations focus mostly on their direct reports, because that is more straightforward to judge. The incentives for managers are therefore to grow their org as large as possible, which isn’t always the best thing for the company even if it is the best thing for the manager.


Choose indicators carefully, and monitor them closely

It is important to monitor output, not just activity, or you’ll end up emphasizing busywork. An example Grove gives is a metric of the number of invoices processed by an internal team. That metric should be paired with a count of the number of errors produced. Any productivity metric needs to be paired with a quality measurement, to ensure that the team doesn’t feel incentivized to produce as much sloppy work as possible.

Even more importantly, the indicators need to be credible. If you won't act on them by taking big (and possibly expensive) steps, then all the monitoring will produce is anxiety. The business indicators need to be invested with sufficient faith to act when a new trend is clear, even if that trend has yet to percolate up in other, more visible, ways.


Management can usually be forecasted and scheduled

Though we will always deal with interruptions or emergencies or unexpected issues, a big portion of a manager’s job is predictable. You know how often you should have career discussions with team members, and when performance appraisals should be done, so put career discussions on the calendar a quarter before performance appraisals. You know when budgeting will be done, put milestone planning on the calendar two months before that.

For lull times between the scheduled activities, Grove recommends a backlog of manager tasks which need to be done but don’t have a hard deadline. This also nicely reduces the temptation to fill the lull periods by meddling in the work of subordinates.

I feel like this is something management as a profession has gotten better at since the book was initially written. Practices may vary across companies, but on the whole I feel like there is perhaps more structure for managers than the book implies from earlier times.


Now, a disagreement: technical half-life

Grove makes a point several times that technology changes quickly so the company needs to keep hiring younger workers straight out of university, where they will have learned the latest technology. As engineers become more senior they can move into leadership and management roles and leave the technology to those more recently graduated.

I find this not credible, for several reasons:

  • It assumes that technology work is 100% technical, that communications skills and leadership are entirely separate and can be supplied by those senior engineers who move into management roles.
  • There are far fewer managers than engineers. This idea takes it as given that universities should produce a large number of grads for corporations to chew through, and discard most of them in favor of fresh graduates. It seems like corporations could find a better use for their senior engineers than to discard most of them.
  • It implies that all of this new tech comes from somewhere else, perhaps from Universities themselves, and that senior engineers play no role in developing it.

Wednesday, May 2, 2018

We Edited DNA in our Kitchen. You Can Too!

When our children expressed an interest in DNA and genetic engineering, we wanted to encourage their curiosity and interest. We went looking for books we could read, videos we could watch, etc.

However as we all now live in the future, there is a much more direct way to inspire their interest in genetic engineering: we could engineer some genes, in our kitchen. Of course.

We bought a kit from The Odin, a company which aims to make biological engineering and genetic design accessible and available to everyone. The kit contains all of the supplies and chemicals needed to modify yeast DNA: Genetically Engineer Any Brewing or Baking Yeast to Fluoresce

Altogether the exercise took about a week, most of which was spent allowing the yeast time to grow and multiply. If we had an incubator we could have sped this up, but an incubator is not essential for a successful experiment.

The first step was to create a healthy colony of unmodified yeast. We mixed a yeast growth medium called YPD, rehydrated the dried yeast, and spread everything onto petri dishes. The yellowish gel on the bottom of the dish is the growth medium, the droplets are the rehydrated yeast.

After several days to grow, we could then take up a bit of yeast into a small tube. We would be modifying the DNA of the yeast in the tube, and would later be able to compare it to our unmodified yeast.

The next steps are the amazing stuff.

We used a pipette to add a tiny amount of transformation matrix. This mixture prepares the yeast cells to take in new DNA.

We then used the pipette to add the GFP Expression Plasmid. GFP is Green Fluorescent Protein, and is what makes jellyfish glow in blue light. The GFP Expression Plasmid bundles the DNA segment for the jellyfish gene together with CRISPR as the delivery mechanism.

Swirling the yeast together with the plasmid is how we edited DNA in our kitchen. Over several hours, CRISPR transferred the new gene into the yeast cells in the tube. We incubated the tube for a day, then spread it onto a fresh petri dish to spend a few more days growing.

Voila: shining a blue light on the original dish of unmodified yeast versus the dish with our genetically engineered strain, you can see the difference. Our modified yeast glows a soft green. This is the Green Fluorescent Protein which our modified yeast produces.

This wasn’t a difficult experiment to perform, every step was straightforward and the instructions were quite clear. The kids got a great deal out of it, and are enthused about learning more.

We genetically engineered yeast in our kitchen. You can too!
Genetically Engineer Any Brewing or Baking Yeast to Fluoresce

Monday, April 30, 2018

Automated Blackmail at Scale

I received a blackmail letter in the postal mail yesterday. Yes, really. It begins thusly:

Hello Denton, I’m going to cut to the chase. My name is SwiftBreak~15 and I know about the secret you are keeping from your wife and everyone else. More importantly, I have evidence of what you have been hiding. I won’t go into the specifics here in case your wife intercepts this, but you know what I am talking about.

You don’t know me personally and nobody hired me to look into you. Nor did I go out looking to burn you. It is just your bad luck that I stumbled across your misadventures while working on a job around <redacted name of town>. I then put in more time than I probably should have looking into your life. Frankly, I am ready to forget all about you and let you get on with your life. And I am going to give you two options that will accomplish that very thing. Those two options are to either ignore this letter, or simply pay me $8,600. Let’s examine those two options in more detail.

In email this wouldn't be notable. I probably wouldn't even see it as it would be classified as spam. Via postal mail though, it is unusual. Postal spam is usually less interesting than this.

The letter went on to describe the consequences should I ignore it, how going to the police would be useless because the extortionist was so very good at covering their tracks, and gave a bitcoin address to send the payment to.

There are several clues that this was an automated mass mailing:

  • It helpfully included a How To Bitcoin page, which seemed odd for an individual letter (though crucial to make the scam work).
  • It looked like a form letter, inserting my first name and street name at several points.
  • Perhaps most importantly, I don't have any kind of secret which I could be blackmailed over. I don't live that kind of life. Reading the first paragraph was fairly mystifying as I had no idea what secret they were referring to.

I haven't written about bitcoin before as, other than wishing I'd mined a bunch of coins in 2013 or so, I find it farcical. However cryptocurrency is key in enabling things like this automated blackmail at scale, by providing a mostly anonymous way to transfer money online.

I am by no means the first person to be targeted by this scam:

  • Dave Eargle received an early version of the letter, which called out infidelity specifically. The letter I received was completely vague as to the nature of the scandalous secret.
  • Joshua Bernoff received a letter earlier this month which looks very similar to mine.
  • As the scam has grown, various news outlets have covered it: CNBC, Krebs On Security. The news coverage occurred in a burst in January 2018, covering Dave Eargle.

The amount of money demanded has increased over time. The 2016 letter which Dave Eargle received demanded $2000. The 4/2018 letter which Joshua Bernoff received demanded $8,350. My letter demanded $8,600. I imagine the perpetrator(s) are fine-tuning their demand based on response rates from previous campaigns. More sophisticated demographic targeting is possible I suppose, but the simpler explanation seems more likely.

I'll include the complete text of the letter at the end of this post, to help anyone else targeted by this scam to find it. I'm also trying to figure out if there is somewhere at USPS to send the physical letter to. Using the postal service to deliver extortion letters is a crime, albeit in this case one where it would be difficult to identify the perpetrator.



Hello Denton, I’m going to cut to the chase. My name is SwiftBreak~15 and I know about the secret you are keeping from your wife and everyone else. More importantly, I have evidence of what you have been hiding. I won’t go into the specifics here in case your wife intercepts this, but you know what I am talking about.

You don’t know me personally and nobody hired me to look into you. Nor did I go out looking to burn you. It is just your bad luck that I stumbled across your misadventures while working on a job around <redacted name of town>. I then put in more time than I probably should have looking into your life. Frankly, I am ready to forget all about you and let you get on with your life. And I am going to give you two options that will accomplish that very thing. Those two options are to either ignore this letter, or simply pay me $8,600. Let’s examine those two options in more detail.

Option 1 is to ignore this letter. Let me tell you what will happen if you choose this path. I will take this evidence and send it to your wife. And as insurance against you intercepting it before your wife gets it, I will also send copies to her friends, family, and your neighbors on and around <redacted name of street>. So, Denton, even if you decide to come clean with your wife, it won’t protect her from the humiliation she will feel when her friends and family find out your sordid details from me.

Option 2 is to pay me $8,600. We’ll call this my “confidentiality fee.” Now let me tell you what happens if you choose this path. Your secret remains your secret. You go on with your life as though none of this ever happened. Though you may want to do a better job at keeping your misdeeds secret in the future.

At this point you may be thinking, “I’ll just go to the cops.” Which is why I have taken steps to ensure this letter cannot be traced back to me. So that won’t help, and it won’t stop the evidence from destroying your life. I’m not looking to break your bank. I just want to be compensated for the time I put into investigating you.

Let’s assume you have decided to make all this go away and pay me the confidentiality fee. In keeping with my strategy to not go to jail, we will not meet in person and there will be no physical exchange of cash. You will pay me anonymously using bitcoin. If you want me to keep your secret, then send $8,600 in BITCOIN to the Receiving Bitcoin Address listed below. Payment MUST be received within 10 days of the post marked date on this letter’s envelope. If you are not familiar with bitcoin, attached is a “How-To” guide. You will need the below two pieces of information when referencing the guide.

Required Amount: $8,600
Receiving Bitcoin Address: <redacted>

Tell no one what you will be using the bitcoin for or they may not give it to you. The procedure to obtain bitcoin can take a day or two so do not put it off. Again, payment must be received within 10 days of this letter’s post marked date. If I don’t receive the bitcoin by the deadline, I will go ahead and release the evidence to everyone. If you go that route, then the least you could do is tell your wife so she can come up with an excuse to prepare her friends and family before they find out. The clock is ticking, Denton.

Wednesday, January 24, 2018

I Know What You Are by the Smell of Your Wi-Fi

In July 2017 gave a talk at DEFCON 25 describing a technique to identify the type of Wi-Fi client connecting to an Access Point. It can be quite specific: it can distinguish an iPhone 5 from an iPhone 5s, a Samsung Galaxy S7 from an S8, etc. Classically in security literature this type of mechanism would have been called "fingerprinting," but in modern usage that term has evolved to mean identification of a specific individual user. Because this mechanism identifies the species of the device, not the specific individual, we refer to it as Wi-Fi Taxonomy.

The mechanism works by examining Wi-Fi management frames, called MLME frames. It extracts the options present in the client's packets into a signature string, which is quite distinctive to the combination of the Wi-Fi chipset, device driver, and client OS.

The video of the talk has been posted by DEF CON:


  • The slides are available in PDF format from the DEFCON media server, and the speaker notes on the slides contain the complete talk.
  • The database of signatures to identify devices is available as open source code with an Apache license as a GitHub repository.
  • There is also a paper which describes the mechanism, and which goes a level of detail deeper into how it works. It is available from arXiv.

Tuesday, January 23, 2018


Behold: the Yakthulhu. It is a tiny Cthulhu made from the hair of shaved yaks.

(Really, it is. Yak hair yarn is a thing which one can buy. Disappointingly though, they do not shave the yaks. They comb the yaks.)