Starcheat is a player save editor for Starbound that gives you greater control over characters, mainly their inventories. You can add and modify items easily, along with accessing the raw item JSON of each individual slot in a file. Other internal information and stats are displayed as well. This simplifies complex item modifications.
The character parsing and asset loading have been fixed and updated so it’s much faster than previous versions (a large character that would take 5 minutes before now takes a couple seconds), and it’s been fully stabilized to work with the latest Starbound version flawlessly. There are a couple other neat tools included but you’ll have to test it yourself and see. No serious issues exist with this release that would break your character but you should always back up your storage/player folder before and when modding for safety.
This game and the community have had a wonderful place in my heart since I joined it 8 years ago. This is my gift back to the community. Since it doesn’t seem like there are going to be many more Starbound updates, especially to the player file structure or foundational changes of that nature, this will probably be one of the last Starcheat versions needed.
Starcheat will never request funds for its use or development. Make sure you only ever download from Starcheat.net. There are plenty of malicious versions out there.
When Bitcoin was started in Jan. 3, 2009, it was a mystery. No one was ever credited with its invention, and while many people have falsely claimed to be the author, the real inventor still has yet to be verified, although I think it’s Adam Back.
An overview of Bitcoin
Bitcoin has a couple of neat features built into its design. Most people are aware by now of “mining” Bitcoin, which consists of using powerful computer components to, essentially, check math equations verifying other users transactions with the coin to keep fraud or hacks from occurring. The more computers verifying the transactions, the safer, as theoretically a bad actor could take 51% control of the network and verify forged Bitcoin transactions.
When mining Bitcoin, a ‘block reward’ is paid out to the one computer who verifies the transaction correctly first, and guesses the solution to the math problem the fastest. The ‘transaction fees’ that you pay when sending Bitcoin are paid out as a way of compensation for helping the network, and are separate from the block reward.
The block reward, originally, was 50 BTC. This would be an astronomical $3,027,800.00 in today’s currency with the current conversion rate of Bitcoin (1:60556).
Naturally, if that much Bitcoin was given out with today’s popularity of the coin, it would cause rapid inflation. This is because as more Bitcoin entered the market, it would become more easily obtained, and the demand would drop, making the value of Bitcoin decrease.
However, as the authors were aware of economic theory, they implemented a few safeguards to try to mitigate that situation. First, there is a hard limit on the amount of Bitcoin that can ever be created. That limit is 21 million. This is set in the source code and a fundamental rule that cannot be changed without disrupting the entire network. Once that number is reached, no more Bitcoin can be given out as a block reward. We are estimated to reach the upper limits of Bitcoin around 2140, but at least 97% of all Bitcoins will be mined into existence in the next decade. The last 3% will take much more time, due to another one of the cryptocurrency’s features.
Bitcoin has a process built into its underlying framework and code that is known as “halving”. Bitcoin’s framework contains instructions to decrease the block reward every 210,000 blocks rewarded. This means about every 4 years at our current pace, the block reward divided by 2. In 2009, it was 50 BTC, as stated above. In 2012, it halved to 25. In 2016, 12.5. Now, most recently, in 2020, it’s dropped to 6.25. This will continue until the block rewards become negligible amounts of Bitcoin.
This process helps maintain the scarcity of Bitcoin as a resource and a currency.
If you want to learn more about cryptocurrencies, you can look at “how do blockchains work?”, for an easy to understand explanation.
Let’s talk about usage
Bitcoin uses a lot of energy. Mining Bitcoin is a very electricity intensive task, and “Cambridge researchers say it consumes around 121.36 terawatt-hours (TWh) a year”. This is more than the whole of Argentina uses per year, and that number will only increase as Bitcoin becomes more widespread.
This, additionally, is by design. The more power and effort it takes to compute a block’s solution and get that BTC reward, the better for BTC. This method also keeps the value of the currency in check because it requires more effort and money to produce, therefore it must be worth more, right? ?
When looking at utility use of Bitcoin, it’s hard to argue for it modern day. Most of the ideas people are rallying behind do not apply to Bitcoin anymore, and can be found elsewhere in far better cryptocurrencies. Bitcoin, as a whole, has been surpassed technologically many times over at this point. This is to be expected. Bitcoin should be seen as the framework for cryptocurrencies, the origin idea, but not the final version, or anywhere close to it. The first phone was nothing like what we have today, just like the first computer. There is a necessary step in the process of adoption for technology of all levels, and this is the next technology that will take a while to refine.
Bitcoin is unchanging because of its code, which means it’s difficult to keep modern. Many other cryptocurrencies that have implemented Bitcoin’s core ideals have been released since 2009 however, and many that do it better. For instance, one such “feature” of Bitcoin is that it is supposedly anonymous. However, it is not. This is a fact. Many government agencies and even private companies have developed extremely sophisticated solutions to parse the blockchain and create connections to online identities. Personally supplied information to exchanges for verification is readily sold and shared with many partners, or such government agencies. This along with computer usage, location, and withdrawal location tracking can paint a clear picture of how Bitcoin is being used, where, and how much.
Okay, so it isn’t private. What about speed? Is Bitcoin fast?
Well, no. It’s not fast by digital standards anyway. It is definitely better than a 3-5 day ACH transaction by your bank or a wire, but it still takes around 30-60 minutes depending on transaction fees. If you pay a higher transaction fee, you can send it in as little as 10 minutes or lower. There was a recent change to the Bitcoin network called segwit that is a whole other technological explanation, but basically increased the speed of the network, decreased transaction fees, and freed up more space for transactions by removing unnecessary data.
Modern cryptocurrencies have this beat, however. Ethereum transactions on average are confirmed in around 5 minutes, and NEO confirms in 15 seconds. Ripple can be sent in 4 seconds.
Monero, a cryptocurrency that takes the idea of anonymity from Bitcoin and runs with it, makes a nice balance between security and speed with 30 minute transaction times on average. Monero is unable to be tracked or linked to identities easily with today’s technology, as it was/is built with a security-first focus in mind. In fact, it’s so effective that the IRS has offered up to $625,000 to anyone that can successfully crack it or track transactions taking place.
Well, do people use it? Not really, either. Most of Bitcoin is stored in long-term holding wallets, or people want to purchase it like a stock, because they think the value will rise. A currency is effective and useful when it can be used as just that: a stable currency. Bitcoin is not stable by any means price-wise, and that means it is treated more as a store of value. Because of this, it’s difficult to use in transactions because the prices change so quickly, in the next 10 minutes the Bitcoin you just got paid for your services could be worth less than half of what it was originally.
Despite all this, cryptocurrencies are still a promising technological advancement – we simply need more iterations like every level of technology that has ever been developed.
What’s next?
Bitcoin is a great framework and foundation for future ideals of cryptocurrencies that will eventually rule the world. The era of slow banking apps and waiting days to transfer money have already largely been eased with the introduction of apps like PayPal, Venmo, or Cashapp, and they will be eliminated in the future when cryptocurrencies are refined and implemented properly into everyday conveniences.
If you want my opinion on what cryptocurrency will be the next widely adopted coin? None of the current ones available.
I recently starting using a Mac laptop again for the first time in almost 6 years, and the stark contrast between the two major OSes was made all the more clear to me. Little things about macOS I never noticed before my long stint with windows practically jumped out at me.
One such glaring oversight that seemed to be unforgivable is the fact that macOS doesn’t currently have a good built in window switcher. If you hold CMD (command) + Tab, you will get an application switcher, but it does not switch between active windows of the same program. This limitation is hard to form a habit around, as I found myself frequently attempted to CMD + Tab to another Firefox window, or another instance of a Finder window I had open. However, I found a nifty application that can bring that behavior to macOS, and I highly recommend you try it out. If you build the fast switching window shortcut into your daily routine, it will help maximize your productivity.
Drag it to your /Applications folder by clicking Finder > Applications on sidebar & drag+dropping into the window
Double click to launch
Click the Controls tab
Make sure shortcut 1 is highlighted
Change the shortcut to your desired keys by clicking the keys in the line “Hold [KEY] and press: [KEY] Select next window”
I highly recommend using CMD + Tab for the average user
Now, close the window, don’t quit it.
Test! You should be able to switch between applications and their windows with a nice, graphical interface upon pressing CMD + Tab. If you want to switch to the last used application then press CMD + Tab ONCE, meaning if you press CMD + Tab and release, you will continue to switch between your recently used applications. This is a great trick for copying down information, or quickly referencing another window while completing the current task.
When Windows 10 came out, it was supposed to usher in a new standard of operating under the Microsoft family. The start menu was brought all the way back in comparison with Windows 8.1, and they finally fixed a number of graphical issues users were having.
The rebrand to Windows 10 was for the numerous changes they’d done to the operating system, back then.
So what changes to instigate a new OS now?
A New Name Means Distance from Old Identity
Changing a name is a great way to distance a person, place, or thing from old actions or non applicable qualities that exist currently. It’s a way to signal change, that something is not the same as before.
Microsoft and other corporations use this strategy often to create positive attention for their brand or distance themselves from negative attention.
And Windows 10 has had a lot of negative attention:
Really, that’s the most important thing, isn’t it? Are the changes any good?
Well, no.
Unless you want a bunch of features you could already achieve in Windows 10 with more bloat, more integrated applications, less customization, and more restrictions on which hardware you can install it on.
Wouldn’t it be great if you could already do that in Windows 10?
Oh wait. You can.
This is what my desktop looks like currently on 21H1. I also have a custom dark theme installed to properly theme some of the discrepancies out of the OS like the Task Manager, the dialogue options, and even Notepad.
Using TaskbarX, SecureUXTheme, and a few other dependencies, you can already create what I believe to be a better look than what Windows 11 delivers out of the box.
Changing UX Design
Notice that the start button is on the bottom left in the image above. Now look at a picture of the new Windows 11 taskbar:
The start button has moved to the center with the other icons.
THIS IS BAD UX DESIGN.
Why?
Because when a button is on an edge that you can move your mouse against, it has an infinite width. If you drag your mouse against the left edge of your (leftmost) monitor, it cannot move outside the screen and thus any button on the edge of the screen would be easier to quickly whip the mouse over and click.
In the same way, when a button is in a corner such as the start button was in most previous versions of Windows, it is much easier to drag your mouse to the corner quickly without aiming at all, as two sides have infinite width. This makes it extremely efficient to locate the start button, no matter the cursor location.
However, by moving the start button to the center of the taskbar, Microsoft eliminates that smart UX choice they made all those years ago.
Perhaps Microsoft will realize this and provide an option to restore the default alignment in a later update. As of 8/2/2021, this is not possible.
The main concern for me as Microsoft continually whips around GUI updates is… how has Windows fundamentally changed since the last big update? And how are they fixing the small issues that continue to plague normal operations throughout the working day? Well, the answers to both of those questions are pretty disappointing.
A) It hasn’t changed that much, so don’t expect to notice much difference
B) They haven’t fixed that much, so don’t expect to notice much difference
And that’s where we are. Another graphical change to an OS in an era where to this day, on the latest Windows build, you can open command prompt and hold F11 down to see the old Windows 7 UI underneath for a split second as the GUI is overwritten with the new theme.
Progress Is Not Bad
But there has to be progress. Windows 11 is completely unnecessary for what they are bringing to the table in the new versions. In a perfect world, maybe Windows 10 would have been rebranded to “Windows” with thematic naming to keep versions clear, saved the sweeping UI upgrades until AFTER THEY’VE FINISHED THE EXISTING DARK THEME FOR THEIR CURRENT OS, and maybe don’t make yet another “Settings” app before the old Control Panel is even removed.
I’ll say it again, I would love for Microsoft to be innovating here, but where is it? What can be achieved on Windows 11 that can’t already be accomplished on existing hardware and software?
I suppose nothing. It’s not like I would consider whatever Microsoft is shipping with their OS to be essential apps, probably just a new version of candy crush 😉.
At the very least, Microsoft says they will still support Windows 10 for 4 more years, until 2025. Maybe by that time, Windows Infinity will have hit shelves and I can skip 11.
Honestly, just please make one settings app and I’ll be happy. 🙏
Wow, it’s been a long time since I began this blog. Four years and counting, to be precise, and lots of stuff has happened since that point. I realized I hadn’t touched the blog css or general theme since inception, so I decided to spruce it up a little bit. The style refresh was much needed and I think it looks pretty good!
It’s cool to look over the archives and see what I’ve written since that point.
That’s all this blog is for, after all. 😄 Writing practice, and fun. Hopefully whomever visits gets a small amount of enjoyment from it as well.
Some nice reviews by clients. Mostly putting these on the blog to link between my website and Upwork.
Genevra was nothing short of AMAZING! We needed functionality on our nonprofit’s website we weren’t sure how to do and she connected all the dots perfectly and SUPER fast. She’s extremely knowledgable, incredibly thorough, patient, kind, and responsive! Genevra answered a MILLION questions I asked (I’m curious, what can I say!?) and explained everything in a way that made sense to a relatively non-technical person. Honestly, our team was quite hesitant to use Upwork in the first place since we had never used it before and are a small charity. (Thus, we have very little risk we can take on as it relates to our tiny budget!) Part of it was also that we didn’t even know exactly what we needed or how to accomplish what we wanted to do. Genevra put all of those worries to rest as we exchanged messages back and forth before deciding to work together. She was very fair and transparent on pricing and worked with us. She also instantly knew how to help us and the best approach to take for what we were trying to do. It was TOO easy. If you’re looking for someone you can trust, please look no further and hit Genevra up – even if you don’t necessarily know what you need, trust her to help you find it! I’m sure if she doesn’t know she can at least point you in the right direction! We will certainly trust her with any future tech/software project. Genevra rocks!
https://www.upwork.com/jobs/~014ce5e09030e7b1c1
Working with Genevra was a great experience. She was professional, quick, and solved the issue I had run into with ease. I would recommend her to anyone looking for a great freelance web developer!
https://www.upwork.com/jobs/~019da05fa9f035f24a
Gen did a great job with minimal revisions. She also noticed other problems we were unaware of and brought up on her own initiative. Looking forward to working with her again!
TikTok is the most popular growing social media right now by far, surpassing the likes of Reddit, Snapchat, Twitter, Pinterest and Quora.
And it’s much more popular among Gen Zs and Millenials.
But TikTok was declared as a security threat and many have growing concerns about the operations of ByteDance as a whole.
TikTok Source Code Analyzation
Step 1: Obtain TikTok source code
Step 2: Spend hours looking through said program for suspicious things
Step 3: Share!
Beyond initial paranoia, let’s be realistic about what apps collect. Even Google collects IP (and therefore geographic location), and other pieces of personal data:
Google might collect far more personal data about its users than you might even realize. The company records every search you perform and every YouTube video you watch. Whether you have an iPhone or an Android, Google Maps logs everywhere you go, the route you use to get there and how long you stay — even if you never open the app.
So then what are we looking for? How is this different? For one thing, Google, Facebook, Reddit, and Twitter apps don’t collect anywhere near the same amount of data that TikTok does, and they don’t obfuscate and hide their methods sneakily like TikTok. Additionally, TikTok has some weird code in it that no normal social media app should have. Here’s a quick comparison of the APIs TikTok accesses vs the Facebook app:
Below deconstructs more about what the TikTok app can/does do and why it might do it. Make your own judgement at the end of the day. However, this is all just what’s able to be seen. Note that TikTok has the ability to update their app and add / remove code without updating the app through the store.
Things TikTok Collects
Location (once every 30 seconds for some versions)
Phone Calls
Screenshots(?)
Network Information (Wifi Networks’ SSID, MAC address, Carrier, Network Type, IMSI (possible), IMEI, local IPs, other devices on the network)
Facial Data
Address
Clipboard
Phone Data (cpu, hardware ids, screen dimensions, dpi, memory usage, disk space, etc)
Installed Apps
Rooted/Jailbroken Status
All keystrokes in the browser (more below)
Location
Most apps collect your location, so there’s nothing too fishy about this. However, one could argue that your location is not useful to TikTok’s general functioning and therefore shouldn’t attempt to locate you so often or at all unless you’re using a feature that takes advantage of that. The data collected here includes your latitude and longitude, and exact location if they can pull it from the WiFi (done in the wifi collecting code).
Phone Calls/Call Log/Phone Number
TikTok requires you to provide a phone number upon signup on most occasions to function normally within the app, so they can link your identity to your phone number. They also collect your call log (people you’ve called) and have the permission to make calls from your device, although I’ve never heard of a case of this happening. Phone numbers are generally very unique, so this combined with location and name would already be enough to identify virtually anyone using this app in the U.S.
Screenshots
The app hooks an observer at some point (it would make sense to be on app load) that watches when the user takes screenshots. It’s unlikely this code can run in the background or does, but the app at least knows everything you take a screenshot of while using the app. Additionally, TikTok includes a string, “KEYWORDS”, that may be of significance. A keyword is defined as: “an informative word used in an information retrieval system to indicate the content of a document”. They may use this variable to find screenshot files and potentially scan/upload/use them. However, this may have legitimate use in categorizing images for upload by the user or be non malicious.
Network Information
It also collects lots and lots of Network data. The app uploads full lists of network contacts, SMS logs, IP, local IP, MAC address information, and probably anything else it can read from the phone (which is virtually everything).
Facial Data/Recognition
TikTok includes facial verification code as well, which upon first glance I believed to be for the face filters they include, but does a little more than that. The code includes a link to this domain (archived). Translating said domain states:
Oops, my bad. Should’ve known I had to reverse-engineer the app, extract a developer URL, and then get a translator just to see that I’d even agreed to facial recognition logging by ‘continuing to use this service’.
And further on, it states what I believe to be particularly interesting:
Near the bottom it states facial images are transmitted to the parties listed above.
In specific:
ByteDance developed this function, which includes but not limited to the Ministry of Public Security’s “Internet +” trusted identity authentication platform, “Query Center” and other institutions to provide verification data and technical support.
This is very important because it mentions a “Ministry of Public Security”, and an “Internet+” identity authentication platform/program of some sort, and it also states near the bottom of the same translated text that facial images and identity verification results + data is transmitted to said 3rd party.
It seems they serve the Chinese Communist Party, or are at least connected to the government in a very direct way.
And what is the trusted identity authentication platform? More research turns up articles such as this, and this. It appears likely all facial recognition data would be sent back to China and saved by various parties.
TikTok seems to be sending facial recognition data of anyone who uses the app back to some sort of 3rd party associated with the CCP that has all the other information combined. This could create a very scarily comprehensive profile and location on high-interest targets China wants to keep track of. Additionally, it can use shadow tracking, which is a term pioneered by the era of Facebook. Shadow tracking or shadow profiles are collected data or hidden profiles of people that don’t use the app but TikTok can keep tabs on because of connections. For instance, when you upload your contacts to TikTok, it will track the names you’ve assigned to each contact and use that data in cross-checks with other uploaded contacts of your friends. For every person that uploads their contacts. This can quickly create a vast network of phone numbers and identities, even for people who aren’t associated with TikTok at all. Combining facial recognition data with shadow tracking techniques, and everything listed in this post could make for a pretty sophisticated tracking tool.
Address
I’ve used TikTok for a while before now, and I’ve never been asked to enter my address, city, or where I live. However, the TikTok app contains code to parse and send addresses of locations. This is probably to generate addresses from locations collected for internal logging and ease of viewing user’s geographical locations. This is not to say that is malicious.
TikTok collects lots of data about the device you are using to access their app. Installed app list, device ID, phone name, phone storage, etc. Extrapolating from this, it also probably collects more data not proven here.
Rooted/Jailbroken Status
Detects whether or not you’re rooted. This isn’t that big of a deal but I thought it was worth a mention. Could be used in combination with other obfuscation techniques to hide nefarious actions.
Other Problems
Beyond straight up tracking and collecting data about their users, there is also a number of fundamental design issues with the app as well. For instance, the app uses out of date cryptographic algorithms, including MD5 and SHA-1 for hashing. Both of which have been broken wide open and are no longer secure. Additionally, the app used to only use HTTP, not HTTPS until recently, and that exposed user’s emails, date of birth, and username in plaintext to anyone smart enough to look for it.
Execution of Remote Code & System Calls
Some research states TikTok executes OS commands directly on the phone and has the ability to download remote .zip files, extract them, and execute arbitrary binaries on your device, allowing TikTok to run whatever code they want. While I don’t doubt this is possible, I have not personally verified the code in my research. However, I would not put it past the app to have this capability. Perhaps it’s better hidden now.
Keystrokes in the Browser
The app was tested with inappbrowser.com which shows all JavaScript events that are hooked. If you open this page in your browser, no events will show. This is a good thing. There are no events being monitored in a default, safe browser. The site is meant to show how a 3rd party app is abusing its in app browser. TikTok happens to monitor all keystrokes and key inputs in its in app browser, so the output looks a little more like below.
Security Research Files
Penetrum Security wrote an in-depth paper on TikTok if you’re interested in reading into a lot of what I’ve discovered here, and also compared how much data Facebook, Twitter, and common social media apps collect vs. TikTok. They’ve done great work and I’ve archived those files here. The data collection comparison paper is very interesting (second download).