content update

content/blog/beets-soulseek.md

@@ -1,3 +1,4 @@
 ---
 title: Beets and Soulseek Or, How I Learned to Give Up and Love The Hoard
----
+date: 2025-02-03
+---

content/blog/hacking-hikmicro-pt1/hacking-hikmicro.md

@@ -0,0 +1,72 @@
+---
+title: Reversing an image format
+date: 2025-01-15
+tags: reverse-engineering, hacking-hikmicro
+---
+
+This post is the first in a series on reverse engineering binary file formats using an array of tools,
+mainly to serve as insight into how to approach these kinds of challenges as they can be daunting.
+Part one focuses on the image format.
+
+
+# Introduction
+
+*[ITAR]: International Traffic in Arms Regulations
+In the past few years, Chinese manufacturers have brought cheap, performant microbolometer arrays to the consumer market.
+These arrays are higher resolution and faster framerates than what can reasonably be acquired in the West - mostly due
+to low competition and ITAR restrictions. Most popular are the low-cost modules by Infiray, which provides whitelabel solutions
+to a host of other companies (TOPDON, Vevor, HTI, UNI-T) to relabel and sell under their own name. They come in two major
+form factors: Phone add-on and gun-grip unit. Existing work has documented and reverse-engineered the phone communication protocols,
+but 
+
+I've been burned once by the phone-dongle style before with Seek Thermal. Simply put, the pace of smartphones is longer than
+the target lifespan of these products. Therefore I wanted one that could be used in a dedicated fashion. The PC
+connectivity was still important to me, since there are certain operations that can only be done with access to raw
+data, like Lock-In Thermography.
+
+For that reason, the Hikmicro line of portable imagers interested me. It's more expensive than the whitelabel Infiray
+products, but offers some pretty nice looking PC software and uses a Radiometric JPEG image format for data.
+Live USB is advertized and it supposedly also delivers radiometry over the USB (!). This is on
+top of being a standalone unit so you don't need to use an odd phone app. However this choice seems less popular on forums
+and there is no reverse engineering project that exists already, so we'll have to start from scratch.
+
+
+# Getting the picture
+
+
+To start with something simple, lets figure out how their image format works. They call it "radiometric JPEG". This
+isn't to be confused with FLIR's RJPEG format, which is already well understood.. When using regular image viewers,
+we get a screenshot of the display. Where things get interesting is when we open the image with the Hikmicro Analyzer software, we can see the full
+resolution visual image, as well as the raw radiometric data. This lets us use the tool to construct reports and take more accurate measurements.
+
+When first exploring a new binary format, start with the basics. I have a photo of my cat taken with a Hikmicro B10 (which I returned for the Pocket C).
+Running `file` on it is unsuprising:
+
+```bash
+$ file cat.jpeg
+cat.jpeg: JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=3, datetime=2024:12:29 04:44:22, orientation=upper-left], baseline, precision 8, 240x320, components 3
+```
+
+But there's obviously more than just that in the file, since the analyzer software is able to recover radiometric data.
+Let's use [imhex](https://imhex.werwolv.net/) and [binocle](https://github.com/sharkdp/binocle)
+to start poking around. `binocle` lets us view binary data as a 2D texture. This is mostly pointless for text or encrypted/compressed files,
+but it makes it easy to spot larger patterns/segments:
+
+![Binocle view](binocle_view.png)
+
+It's mostly just noise. But then there's an odd repeating pattern close to the end. By changing the width of the texture we might be able to get a better idea
+of how it works. A good guess here would be a resolution of (camera, screen, microbolometer). Let's try 192, the resolution of the microbolometer:
+
+![Cat-shaped Binary](cat_shaped_binary.png)
+
+Well that's something. It's not perfect, but it means that our thermal data is relatively raw in the file. With that in mind, let's dig into `imhex` to see if we can parse more out.
+
+# I'm hexing here
+
+Imhex is pretty great. You can perform a lot of analysis without needing other tools.
+
+
+
+
+
+

content/blog/hikmicrothermal/index.md

@@ -1,9 +0,0 @@
----
-title: Hacking Hikmicro part 1
-description: Reverse engineering the Hikmicro Pocket C to understand the image format
----
-
-I recently picked up a Hikmicro Pocket C thermal imager, since
-my old Seek Thermal was becoming too annoying to use. The Pocket
-C is a standalone device with a much better sensor. It supports
-radiometric images as well as radiometric video and USB radio.

content/blog/nix-unprivileged-deployments.md

@@ -1,8 +1,7 @@
 ---
 title: Unprivileged deployments with Nix
-author: me
 date: 2025-04-17
-tags: nixos
+tags: NixOS
 ---
 
 Note: this post assumes familiarity with the Nix Ecosystem.
@@ -183,11 +182,9 @@ the nix store. We have two options:
 1. Make `static-site` a trusted user
 2. Create a trusted keypair to sign our closure when it's built.
 
-Pick your poison - if signing key and deployment SSH key are separate, it would be more secure.
-If both the signing key and the SSH private key are CI secrets, then it's moot, since
-attackers who gain control of the secrets would have both parts anyways.
+Pick your poison - the keypair mechanism is slightly more secure.
 
-I mostly want to get this working, so I made `static-site` a trusted user.
+I just want to get this working, so I made `static-site` a trusted user.
 Note that if you wanted to use the keypair instead, `deploy-rs` has a
 [secret environment variable](https://github.com/serokell/deploy-rs/blob/aa07eb05537d4cd025e2310397a6adcedfe72c76/src/push.rs#L131)
 called `LOCAL_KEY` which is a file that contains the signing key.
@@ -197,3 +194,5 @@ called `LOCAL_KEY` which is a file that contains the signing key.
 
 
 
+
+

content/blog/zig-is-dark-souls/index.md

@@ -0,0 +1,36 @@
+
+---
+title: Zig is Dark Souls
+description: This is both good and bad.
+date: 2025-01-14
+draft: true
+---
+
+Rust is now too mainstream. DARPA is onboard, it's making it's way into
+Linux, and is stable and popular. I think this is a Good Thing. But
+the contrarian in me knows that it's time for me to move on to something
+new, because what's the fun in using languages that are popular?
+
+Enter Zig. It's been gaining traction among tech folk for having
+C interop, interesting features, and fast. Some of the headlines:
+
+- `comptime`: Lispers are in shambles. Run Zig code to generate Zig code.
+- Cross compilation. For real. Not Rust cross where you need to find a sysroot.
+Not Go cross locking you out of CGO. You can literally change a variable and make
+a Mac binary on Windows like it's nothing.
+- Web target, both WASI and freestanding.
+- SIMD Vectors? We take those I guess.
+- It's got a build/test system built in. More on that later.
+
+This all sounds good. Unfortunately you have made a fatal mistake
+and missed the last headline.
+
+- Developed by ~~Andrew Kelly~~ From Software.
+
+Strap in.
+
+## Everything is fine
+
+It can't be that bad, right? It's got a few large programs,
+people praise it, there's even a little tutorial called Ziglings!
+Isn't that cute. Lets make our way through those