Shellsharks Blogroll - BlogFlock

📝 2026-06-14 12:49 - Kev Quirk

2026-06-14T11:49:00.000Z

Can someone who's more green fingered than me tell me is this is giant hogweed please?

It's all over one of our fields, so if it is I'll need to get someone in to get rid of it.

Thanks for reading this post via RSS. RSS is ace, and so are you. ❤️

You can reply to this post by email, or leave a comment.

Did Frank Sinatra really think "Something" was a Lennon/McCartney song? - Terence Eden’s Blog

2026-06-14T11:34:16.000Z

Read enough articles about The Beatles and you'll repeatedly hit the claim that Frank Sinatra frequently introduced his cover of George Harrison's "Something" as his "favourite Lennon & McCartney number."

Much like the misquote about Ringo not being the best drummer in The Beatles, I think this might be one of those semi-apocryphal lines which has taken on a life of its own.

Here's what Paul McCartney has to say in The Beatles Anthology, Episode 4.

https://shkspr.mobi/blog/wp-content/uploads/2026/05/Sinatra.webm

That was broadcast in 1995 - so we need to look for sources from before that.

There's not much Internet before the mid-1990s. Google's mismanagement of the USENET archives is a cultural obscenity. Nevertheless, we can find a few references which predate McCartney's broadcast.

1994-12-26

Frankie used to introduce "Something" as his "tribute to Mr. Lennon and Mr. McCartney" ;^)

1990-03-05

In fact, a friend of mine (a supposed Beatle fan; turns out she's really just a L/M fan), were having a discussion about this very subject, she, just like Frank Sinatra, didn't know that George wrote "Something." Duh.

So it was certainly a proto-meme back then.

Of the thousands of Beatles books, I can't find any from before the mid-1990s which mention Sinatra's misattribution.

For example, 1994's The Complete Guide to the Music of the Beatles simply says:

Similarly, there are plenty of books and articles about Sinatra - lots of them talk about Something, but never this supposed misrepresentation. In 1980's New York Magazine, Sinatra is interviewed and says:

There are many videos of Sinatra singing Something on YouTube - none of them have him introducing the song as a Lennon/McCartney number.

Indeed, here's one where he introduces it as being by George Harrison.

I think that's 1982's The Concert for the Americas - in the Dominican Republic.

Here's a 1985 concert where he introduces it as being by George Harrison of The Beatles.

Way back in 1978 at Sinatra's Caesar’s Palace Concert, he introduces it with "George Harrison wrote it" and finishes with "by George Harrison".

Even back in 1975, during a concert in Jerusalem he was crediting Harrison, saying:

Every one of The Beatles was a very talented young man individually. And here's an example of George Harrison with a great love song."

I've now listened to dozens of recordings of Sinatra singing Something live and in none of them does he so much as mention John Lennon or Paul McCartney.

So is the quote apocryphal? Possibly not!

Less than a year after John Lennon was murdered, Sinatra treated Carnegie Hall⁰ to a series of 11 concerts.

On 10th September 1981, John Rockwell published Pop: Sinatra at Carnegie - a review of the opening night of Sinatra's concert series at New York City's Carnegie Hall:

Also on the 10th, a clutch of US papers reproduced a story by the inimitable Mary Campbell of the Associated Press.

Most of the syndicated versions leave out the parenthetical remarks.

On the 11th, Patricia O'Haire published a somewhat snide review of the September 9th concert in The New York Daily News

On 14th September 1981, a British newspaper re-reported the comment:

That's the Daily Express by Rob Benson, their Los Angeles correspondent¹.

By the 29th of September 1981, the story had made it to Australian Financial Times' The Bulletin.

It's unclear how many of those journalists were actually at the concert. I assume John Rockwell, Mary Campbell, and Patricia O'Haire were as they published fairly detailed reviews.

Tracking down a set-list for that long-gone concert is tricky. Carnegie Hall themselves get the dates wrong in their archive and say the first performance was on the 8th, and their set-list is sourced from Setlist.fm rather than their own records. The Sinatraphiles mailing list has a set-list for the 9th which does include "Something".

There's a purported recording of the September 10th concert with a set-list on the reverse:

There's no "Lennon" song - the only Beatles number is "Something". Let's take a listen to the introduction from that bootleg recording.

🔊 Something
🎤 Frank Sinatra

💾 Download this audio file.

"A beautiful song by George Harrison. Maybe one of the best love songs ever written."²

So, that's a handful of contemporary sources who mention that Frank Sinatra once introduced "Something" as being composed by someone other than Harrison.

The only recording is of the concert the next day - and it doesn't includes that "blooper".

There's no other mentions I can find which directly cite a specific concert or performance.

Did Sinatra ever say it was his "favourite Lennon and McCartney song"? He sang in thousands of shows³, not all of which were recorded⁴, so it is entirely possible he mentioned it. But you'd expect more than a few reporters would write about it, wouldn't you?

The origin of the "quote", as far as I can tell, is from an interview Paul McCartney gave to David Hinckley in the New York Daily News on 21st October 1984.

That's the first time that I can see "Something" mentioned as Sinatra's "favorite Lennon-McCartney song".

I went rummaging through some reviews of Frank's concert performance which included "Something" in the set list.

His concert at the Palladium:

And Frank sings 'Something'. It's OK. The Vanilla Fudge were more adept at Beatle rewrites however.

Chris Salewicz. "Frank Sinatra: Palladium, London". New Musical Express (1975).

His concert at the Royal Albert Hall:

Superb renditions of Jim Webb's 'Didn't We?' and Harrison's 'Something' were recreated with a totally unique empathy. "Real Songs, beautiful songs", he said fervently, no trace of show-biz cant.

Max Bell. "Frank Sinatra: Royal Albert Hall, London". New Musical Express (1975).

And another report of the same gig:

Jimmy Webb's 'Didn't We' and the classic 'Nice And Easy', were exceptionally good, standing out easily among lacklustre renditions of 'Something', 'Strangers In The Night' and a David Gates song. In between, Sinatra delivered various controversial raps designed to instigate audience loyalties but proved that Sinatra should open his mouth only when singing.

Barbara Charone. "Frank Sinatra: Royal Albert Hall, London". Sounds (1975).

I've read dozens of gig reviews of old Sinatra concerts and they all contain various levels of snark about his performance, song choice, and politics - so you'd expect British reporters would have picked up on the misattribution, wouldn't you?

Instead, there's two slightly contradictory reports of one single concert and no suggestion that Sinatra himself said it was his "favorite Lennon-McCartney song". Given that he repeatedly credited George Harrison in the decade leading up to that concert, I think it is fair to say the "quote" has taken on a significance far beyond its actual importance.

If you have a recording of Sinatra introducing "Something" as a Lennon/McCartney number - or any other contemporary reports of that - please drop a comment in the box.

After all, Sinatra had a lot of practice! ↩︎
It is odd that the reporter describes Sinatra as "now" singing Something when it had been in his repertoire for over a decade. About the right level of journalistic rigour expected of the Express. ↩︎
Later on, in the introduction to "Luck Be A Lady Tonight", he sarcastically describes Marlon Brando as "America's great baritone!". There are quite a few jokey moments in the performance - so it is entirely possible his Lennon & McCartney remark was a quip. ↩︎
Incidentally, as far as I can tell, Sinatra first sang "Something" in December 1970 on The Dean Martin Show - about a year after its release on Abbey Road. Sinatra's performance doesn't contain him saying anything about the song. ↩︎
I spoke to one collector who said:

I also checked all of the other collectors lists I have, and they do not have it either, I do however have reference to its existence via a notecard that represents a massive collection. What this means is that the concert could exist, but more than likely has never been digitized. Many Sinatra concerts are still stuck on reel to reels from the 70s and 80s and have never been transferred to the digital realm and shared on the internet.

↩︎

Hobbling my app launcher - Johnny.Decimal

2026-06-14T01:47:30.000Z

I've been using an app launcher/switcher since at least 2011 – the date my Alfred v1 licence was created in 1Password – and for unknown years before that, when Quicksilver was the new thing.

App launchers do just that: they help you launch apps. Why grab the mouse and shuffle on over to the Dock when your fingers are already on the keyboard? We've had this capability for decades: Windows 3.0's File Manager had a File → Run… menu, with Windows 95 adding the keyboard shortcut Win-R. From there, type a thing and it'll launch.¹ Alfred, Raycast and their ilk just do this faster and better.

Speed ≠ efficiency

Lately, I've noticed these tools getting in the way. I have Raycast bound to Cmd-Space and testing shows that I can switch from whatever I'm doing to anything else in 150ms: essentially instantly.²

This sounds like a benefit. But when I can switch to anything, instantly, that's what I find myself doing, and way too often. It's like all friction has been removed, and what remains isn't good. What remains is a slippery mess.

The other behaviour I've noticed is an almost manic switching between two apps. Safari, code, Safari, code. Flick-flick-flick between the two. My fingers are so used to these keyboard sequences I feel like I do them subconsciously! I end up in an app and wonder, what am I doing here? (I was previously using the builtin Cmd-Tab switcher for this, but I broke that habit by turning off the keyboard shortcut.)³

Reintroducing friction

Fortunately, Raycast makes it easy to disable certain apps. Because I don't want to quit Raycast entirely: it's far too useful. I use it as an emoji 👋🏼 and Unicode symbol ▷ ■ ◁ picker. At the former it's way better than macOS' builtin feature, and at the latter it fills a gap that the OS simply doesn't provide.⁴ It's also my clipboard manager, my snippet expander, and the list goes on.⁵

But you can turn off its ability to launch an app by just unchecking the Enabled box in Preferences → Extensions for that app. So that's what I've done for Safari and Discord, to start. As I notice other apps that are distraction magnets, I'll disable those.

Instead, it's back to the trackpad. Swipe-swipe-swipe to the Dock I'll go, and I'll click the icon and it'll take about a second and that already feels like an eternity. And my brain is enjoying that.

In the early versions it wasn't quite this simple. Typing excel won't launch Excel, for example. You need to know the full name of the executable, excel.exe. In modern versions of Windows you should be using the newer search features to do this, although Win-R still brings up trusty Run. ↩
I recorded my screen as I invoked Raycast, typed s, and hit return. This switches me to Safari. Raycast is only on screen for 7 frames of the 50 frames/sec recording. ↩
Using the wonderful Supercharge by Sindre Sorhus. The setting Tweaks → Disable Command+Tab app switcher exists because I asked him to add it. :-) ↩
For emoji, assign a keyboard shortcut to the Raycast builtin feature Search Emoji & Symbols. I use Ctrl-Opt-I.

For Unicode, install the extension Unicode Symbols Search. I bind that to Ctrl-Opt-U. ↩
Bind the builtin Clipboard History to Ctrl-Opt-C. ↩

Read "Why "Book-Shaming" Won't Solve the Children's Literacy Crisis" - Molly White's activity feed

2026-06-13T15:22:31.000Z

Read:

“Why "Book-Shaming" Won't Solve the Children's Literacy Crisis”.

Jessica Winter in The New Yorker. Published June 12, 2026.

Barnett’s concerns about literary merit and professional esteem may be timeless, but they are not terribly timely; they seem to float high above the current on-the-ground realities of what many educators and researchers agree to be a literacy crisis. In urging his audience to see children’s books as “real books,” Barnett skips over larger, more pressing questions about why so many children aren’t reading books at all, real or otherwise.

SwissMicros calculators - Johnny.Decimal

2026-06-13T01:29:10.000Z

I have no use for a desk calculator, but as soon as I have a desk again I'm buying a SwissMicros DM41L.

Figure 0217A. SwissMicros DM41L.

If you need scientific, the DM42n has you covered.

Figure 0217B. SwissMicros DM42n.

Clouds; colour - James' Coffee Blog

2026-06-13T00:00:00.000Z

Approaching a junction, I looked up to the sky and saw a hole in the clouds unlike any I have seen before. I usually look up to the stone that must be at least a hundred years old: to the grey buildings – homes – in which I see so many stories. But today the blue sky and the white cloud stood out; the life of the city is made as much in Nature as it is in architecture.

I was on my way to a coffee shop, one I frequent because every time I go it is quiet. Classical music plays in the background. I have been there enough times to know their playlist is limited, but I don’t mind. On the playlist is a rendition of one of my favourite songs from childhood, a song that introduced me to the idea of lightning bugs. Nature illuminates? Awe lives on through the decades.

At a table close to the entrance, I saw the Great Wave; it was someone’s laptop cover. Now I see art wherever I go.

Later in the day, while walking, I heard in the background a child say “why are we here?” to their parent, presumably referring to the physical location. My mind couldn’t help but jump to the existential. Why are we here? Oh! how the same question can take on different meanings through life; we grow into new views and perspectives and answers.

“How is art history?” said someone I have had a crush on for several months, a person to whom, most recently, I have found myself being more open with than many. Earlier this year, I didn’t think I’d see them again, but chance had it that I have had the opportunity to do so a few more times (and potentially once more after today). To her question I replied “I see the world through new eyes everywhere I look.” “Everything is so colourful.”

I had been carrying a veil of tiredness today, accumulated from staying up late to have many wonderful late-night conversations this week. But in the moment when I was asked about my studies, the artistic lens I have been building over the last few years came to the fore. I saw colour in the moment and the world and life. The moment brought a smile to my face. I had been carrying that perspective for so long, bringing it into my writing. But there was something special sharing it with someone in spoken word. Maybe some day I’ll have the words to describe how I feel.

📝 2026-06-12 16:59 - Kev Quirk

2026-06-12T15:59:00.000Z

I can think of worse places to walk the dogs...

Thanks for reading this post via RSS. RSS is ace, and so are you. ❤️

You can reply to this post by email, or leave a comment.

Published on Citation Needed: "Second Circuit rejects Sam Bankman-Fried’s appeal" - Molly White's activity feed

2026-06-12T15:18:13.000Z

Published an issue of Citation Needed:

Second Circuit rejects Sam Bankman-Fried’s appeal

The Second Circuit upholds Bankman-Fried’s conviction and 25-year sentence, leaving few remaining options for the disgraced crypto executive

Gadget Review: TP Link EH210 Ethernet Splitter (USB-C) ★★★★★ - Terence Eden’s Blog

2026-06-12T11:34:18.000Z

When I ran Ethernet around our house, I thought I was being clever. A CAT6 cable for every room - lush! Some of my rooms have lots of devices, so they get a nice big Ethernet switch with lots of ports and blinking lights.

But most of my rooms don't have that many devices. Our gym had only an Internet connected TV so that I could watch Quibi while exercising. Recently we added a Kodi box so that I could stream Linux ISOs while sweating on my static bike. Was it worth running another cable there? No. Did I want to buy an expensive hub or switch with multiple ports? Also no.

Enter the EH210. I bought it because it is USB-C powered - as everything should be.

The USB cable it came with was reasonably long. I shoved the A end into the TV and the C end into the device. When the TV is off, it doesn't supply any power to its USB ports - which is perfect for me. When the TV is on, the splitter wakes up quickly and starts blinking its little lights.

The metal chassis is good at dissipating the heat. The lights aren't egregiously bright. Both outbound Ethernet work simultaneously and they are fast enough for video streaming. The supplied Ethernet cable seemed fine.

And… That's all there is to say about it really. For a tenner (depending on The Algorithm) it's a decent bit of kit. If you dont need a fully provisioned switch integrated with your mesh network, this is just the ticket.

Factoring "short-sleeve" RSA keys with polynomials - Trail of Bits Blog

2026-06-12T11:00:00.000Z

What happens when the bits of an RSA private key are heavily biased toward 0 instead of being randomly generated? The public key’s bits could be biased enough for us to detect these incorrectly generated keys in the wild. Together with Hanno Böck of the <a href="https://badkeys.info/">badkeys</a> project, we found hundreds of unique keys that not only have this property, but can be quickly factored. We also found the bug that led to many of these keys and analyzed historical data to track the issue over time. Surprisingly, the pattern of 0 bits is often highly structured, allowing us to develop a powerful polynomial-based cryptanalytic technique that exploits the pattern. <figure> <img src="https://blog.trailofbits.com/2026/06/12/factoring-short-sleeve-rsa-keys-with-polynomials/shortsleevekeys_figure1_hu_49c6698c7e83848f.webp" alt="Figure 1: Two patterns of RSA moduli with repeated blocks of 0 bits seen in real-world examples." width="910" height="362" loading="lazy" decoding="async" /> <figcaption>Figure 1: Two patterns of RSA moduli with repeated blocks of 0 bits seen in real-world examples.</figcaption> </figure> These “short-sleeve” keys, named for how the 0 bits don’t fully cover the limbs of the big integers, largely fell into two patterns. Pattern 1 remains unexplained, but we traced pattern 2 to a type mismatch in big-integer code from old versions of the CompleteFTP file transfer software. The CompleteFTP bug also generated vulnerable short-sleeve DSA keys, and we recovered 603 unique RSA private keys and 74 DSA keys from internet scans. If you used CompleteFTP to generate host keys between December 2016 and December 2023, CompleteFTP has released a <a href="https://enterprisedt.com/downloads/KeyChecker.zip">tool</a> to check whether your keys need to be regenerated. <h2 id="how-we-found-the-weak-keys">How we found the weak keys</h2> The badkeys project is an open-source service that checks public keys for known vulnerabilities. While developing this tool, Hanno collected a massive number of real-world keys from public sources, including Certificate Transparency logs, internet-wide TLS and SSH scans, PGP keys, and many others. By searching this dataset for unexpectedly sparse RSA moduli, we uncovered a large number of keys in the wild with the patterns in Figure 1. Both patterns include several regularly spaced blocks of all zeros interleaved with seemingly random data. Pattern 1 appears in CT logs for certificates issued to several large organizations, including <a href="https://crt.sh/?id=375717364">Yahoo</a> and <a href="https://crt.sh/?id=14320619439">Verizon</a>, and on some devices running NetApp software. Fortunately, these certificates have already expired, but we still shared our findings with these companies. We wanted to learn more about which product could be responsible for generating these keys, but we did not hear back. Pattern 2 appears on SSH hosts running the CompleteFTP software from EnterpriseDT. The underlying vulnerability affects RSA keys generated using versions 10.0.0–12.0.0 (Dec 2016–Mar 2019) and DSA keys generated with v10.0.0–23.0.4 (Dec 2016–Dec 2023). These vulnerabilities affect a small minority of hosts on the internet, but the more interesting takeaway is that independent cryptographic implementations failed in similar ways. More implementations may include the same bugs, and so it’s worth tailoring cryptanalytic algorithms for this particular type of failure. <h2 id="factoring-with-polynomials">Factoring with polynomials</h2> Cryptographic algorithms often need integers hundreds or thousands of bits long, and they represent these “big integers” using an array of smaller machine-sized values, called limbs. If we interpret pattern 1 as a sequence of 128-bit limbs, or 32-bit limbs in pattern 2, the repeated blocks of zeros correspond to a single block of zeros in each limb. Only a small contiguous subset of the limb is filled with random bits, and the rest of the limb is uncovered, hence the nickname “short-sleeve keys.” By exploiting this mathematical structure in the limbs of these moduli, we replace the hard problem of factoring integers with the easy problem of factoring polynomials. That is, we take the modulus $n$ with unknown factors $p$ and $q$, express it as a polynomial $f_n(x)$ with small coefficients, factor $f_n(x)$ into $f_p(x)$ and $f_q(x)$, and convert these factors into $p$ and $q$. The technique of converting between integers and polynomials is common, including doing <a href="https://en.wikipedia.org/wiki/Kronecker_substitution">fast polynomial multiplication</a>, but sadly, few resources <a href="https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/o2_vKIslDBc/m/iz7yNMy_AAAJ">describe</a> how to use it for fast integer factorization. In particular, we use the digits in the base-$B$ representation of the integer to set the coefficients of the polynomial. In the normal base-10 representation, this involves replacing powers of 10 with powers of $x$, and then converting a polynomial back to an integer involves replacing powers of $x$ with powers of 10. Mathematically, the base-$B$ representation of an integer $a = \sum_i a_i B^i$ corresponds to the polynomial $f_a(x) = \sum_i a_i x^i$, and the polynomial evaluation $a = f_a(B)$ converts back to an integer. For short-sleeve keys, the base corresponds to the limb size, and the extra zero bits in each limb will lead to polynomials with exceptionally small coefficients. <figure> <img src="https://blog.trailofbits.com/2026/06/12/factoring-short-sleeve-rsa-keys-with-polynomials/shortsleevekeys_figure2_hu_9d95cd1ea06ffa6c.webp" alt="Figure 2: Integers with blocks of 0 bits can be represented as polynomials with small coefficients." width="834" height="120" loading="lazy" decoding="async" /> <figcaption>Figure 2: Integers with blocks of 0 bits can be represented as polynomials with small coefficients.</figcaption> </figure> This method of representing integers with polynomials is useful because the product of evaluations $f_a(B) * f_c(B)$ equals the evaluation of the product $(f_a*f_c)(B)$. All evaluation does is replace $x$ with $B$, so it doesn’t matter if this happens before or after multiplication. The same is true of addition.<a href="#fn:1" class="footnote-ref" role="doc-noteref">1</a> For a short-sleeve RSA modulus $n$ with $w$-bit limbs, we can use the base-$2^w$ representation to find a polynomial $f_n(x)$ with exceptionally small coefficients. If $f_p(x)$ and $f_q(x)$ also have exceptionally small coefficients, then $f_n(x) = f_p(x) * f_q(x)$. Note that for correctly generated prime factors, $f_p(x)$ and $f_q(x)$ will typically have $w$-bit coefficients; that’s why this attack doesn’t work in general. <a href="https://en.wikipedia.org/wiki/Factorization_of_polynomials#Factoring_univariate_polynomials_over_the_integers">Factoring polynomials</a> is easy, so we can factor $f_n(x)$ to get $f_p(x)$ and $f_q(x)$, then evaluate these factors at $2^w$ to get $p$ and $q$. This is the basic version of the attack, but I’m intentionally omitting a key insight needed to factor these real-world moduli. A full explanation is at the end of this blog. <figure> <img src="https://blog.trailofbits.com/2026/06/12/factoring-short-sleeve-rsa-keys-with-polynomials/shortsleevekeys_figure3_hu_2438a334e3fbc87c.webp" alt="Figure 3: Special-form polynomials can be factored to reveal the RSA private key." width="944" height="239" loading="lazy" decoding="async" /> <figcaption>Figure 3: Special-form polynomials can be factored to reveal the RSA private key.</figcaption> </figure> The correspondence between integers and polynomials makes it easy to factor these special form moduli, but interestingly, it helps factor general RSA moduli as well. The General Number Field Sieve (GNFS) algorithm has the best known asymptotic performance, and the <a href="https://members.loria.fr/PZimmermann/talks/rsa250-prace.pdf">first step</a> is defining a number field by selecting a polynomial $f_n(x)$ and evaluation point $m$ such that $f_n(m) = n$.<a href="#fn:2" class="footnote-ref" role="doc-noteref">2</a> <h2 id="reverse-engineering-the-completeftp-vulnerability">Reverse engineering the CompleteFTP vulnerability</h2> After applying this technique to the keys that Hanno found, we found that the private factors are indeed short-sleeved: the prime factors have large, regularly spaced blocks of unset bits. The SSH banners for the hosts with the second pattern indicate they use the CompleteFTP software, so we reverse-engineered a trial version to determine what caused the vulnerable keys. Dynamically generated RSA keys did not have the short-sleeve pattern<a href="#fn:3" class="footnote-ref" role="doc-noteref">3</a>, so we used the <a href="https://github.com/icsharpcode/ilspy">ILSpy</a> tool to decompile the .NET code in the demo binary. After some reverse engineering, we found the bug that generated the short-sleeve keys. The following function fills the big integer represented by <code>bignumLimbs</code> with a randomly generated value of the desired bit length. See if you can spot the problem. <figure class="highlight"> <pre tabindex="0" class="chroma"><code class="language-csharp" data-lang="csharp">public void genRandomBits(int bits) { // Calculate the number of limbs int numLimbs = bits / 32; // Allocate space for the RNG output byte[] array = new byte[numLimbs]; // Call the system RNG rngProvider.GetNonZeroBytes(array); // Copy to the limbs of the big number Array.Copy(array, 0, bignumLimbs, 0, numLimbs); // Set the top bit to ensure proper bit length bignumLimbs[numLimbs - 1] |= 0x80000000; // Store the length dataLength = numLimbs; }</code></pre> <figcaption>Figure 4: Decompiled code for the vulnerable genRandomBits in CompleteFTP. Several branches have been removed for clarity, and comments are added.</figcaption> </figure> There’s a mismatch between the size of the limbs and the size of the RNG output! Each limb requires 32 bits of random material, but <code>Array.Copy</code> <a href="https://learn.microsoft.com/en-us/dotnet/api/system.array.copy?view=netframework-4.8.1">implicitly casts</a> each 8-bit element of the RNG output to its own element of the big-integer limbs. The repeating structure in the short-sleeve keys is because the issue affects each limb, and the 0 bits are because too small of a value is copied to each limb. This exactly matches the pattern of the cryptanalyzed keys. We also figured out why our dynamic testing did not generate broken keys: the <code>genRandomBits</code> function was compiled in but unreachable in the latest version. Older versions used custom-written key-generation code that called this vulnerable function, which was later refactored to use standard .NET crypto APIs. We reverse-engineered an older version of the CompleteFTP software to look for other calls to <code>genRandomBits</code> and found that DSA key generation was also affected. The 160-bit DSA private key $x$ was previously generated by this function, and the public key and parameters include a generator $g$ and target $y = g^x$. The private key is easily <a href="https://en.wikipedia.org/wiki/Baby-step_giant-step">recoverable</a>, and once we knew what to look for, we found vulnerable DSA keys in the wild as well.<a href="#fn:4" class="footnote-ref" role="doc-noteref">4</a> Since v12.1.0, CompleteFTP generates RSA keys using .NET’s <code>RSACryptoServiceProvider</code>, and since v23.1.0, it generates DSA keys using the <code>DSA.Create</code> API. <h2 id="how-the-vulnerability-spread--and-how-it-was-contained">How the vulnerability spread, and how it was contained</h2> The decision to refactor key-generation code to use standard libraries significantly mitigated the scope of the impact. This is actually reflected in the data. Prof. Nadia Heninger has a large collection of historical and contemporary SSH scans that we used to find <a href="https://eprint.iacr.org/2023/1711">broken SSH RSA signatures</a>, so I checked to see whether it included CompleteFTP hosts. There were typically hundreds of CompleteFTP hosts in each IPv4-wide scan, and after aligning the historical scans to the release history, the trend is clear. <figure> <img src="https://blog.trailofbits.com/2026/06/12/factoring-short-sleeve-rsa-keys-with-polynomials/shortsleevekeys_figure5_hu_5c586f6d854f2cbb.webp" alt="Figure 5: Over time, fewer CompleteFTP hosts run the vulnerable software, but a significant fraction still use vulnerable keys." width="1200" height="450" loading="lazy" decoding="async" /> <figcaption>Figure 5: Over time, fewer CompleteFTP hosts run the vulnerable software, but a significant fraction still use vulnerable keys.</figcaption> </figure> Starting with the introduction of the RSA vulnerability in December 2016, there was a consistent increase in the number of hosts with vulnerable keys, and once the rewritten RSA code was released in March 2019, this trend immediately stopped. However, even though the number of hosts running an affected version has steadily decreased since then, the proportion of affected keys has plateaued, consistent with customers who regularly update their software but generate their keys only once. The EnterpriseDT team was very responsive throughout disclosure. To help these users, EnterpriseDT released v26.1.0 of <a href="https://enterprisedt.com/products/completeftp/">CompleteFTP</a> on May 8, 2026; this update automatically checks if the system is using a vulnerable RSA or DSA key and alerts the user if the key needs to be regenerated. They also released a <a href="https://enterprisedt.com/downloads/KeyChecker.zip">standalone tool</a> that does the same. In addition, the badkeys <a href="https://badkeys.info/">website</a> and standalone <a href="https://github.com/badkeys/badkeys">tool</a> now support the detection of vulnerable short-sleeve RSA keys. In total, we recovered private keys for 603 unique RSA public keys and 74 DSA keys generated by vulnerable versions of CompleteFTP, and 26 RSA keys with the unidentified short-sleeve pattern. Our data sources are heavily biased toward RSA SSH keys, so these numbers do not reflect the actual prevalence. <h2 id="the-search-for-more-short-sleeve-keys">The search for more short-sleeve keys</h2> Unfortunately, we do not have more information about short-sleeve pattern 1, nor do we know whether that vulnerability extends to other key types. It’s common for cryptanalytic algorithms to exploit knowledge of irregularly spaced blocks of known bits (including ECDSA<a href="#fn:5" class="footnote-ref" role="doc-noteref">5</a> and RSA<a href="#fn:6" class="footnote-ref" role="doc-noteref">6</a>), but the regular spacing of short-sleeve leakage adds new structure, and there may be powerful variants of these algorithms that can exploit this property. If this type of leakage appears in two independent implementations of RSA, there are likely to be even more examples of short-sleeve keys out there. In this instance, the impact of the vulnerabilities is fortunately limited, but it illustrates the power of practical research. The process of using known vulnerabilities to inspire more capable algorithms and using these algorithms to uncover new vulnerabilities generates a powerful feedback loop in cryptanalysis. It helps us understand how real cryptographic systems fail in practice, and it is only by observing how systems break that we learn how to make them more secure. <h2 id="acknowledgments">Acknowledgments</h2> Thank you to Nadia Heninger for introducing me to Hanno and for letting me use the SSH scans for this project. Those scans consist of historical data from Censys and the University of Michigan provided by Zakir Durumeric and contemporary data and analysis scripts from Kevin He and George Sullivan. <h2 id="appendix">Appendix</h2> This final section is intended for those who want to implement the attack or write a proof that the attack works. I left out key details from the main post, but the following guided questions will help you close that gap. First, here are the full moduli for you to factorize. They are synthetically generated, but follow the same pattern as keys in the wild. The factors of $n_2$ were generated by calling <code>genRandomBits(1024)</code> in a loop until the result was prime. <figure class="highlight"> <pre tabindex="0" class="chroma"><code class="language-text" data-lang="text">n_1=0xc889f7ef523b08e400000000000000014d2ee8284c7a03c000000000000000012c16eeaeab96ddc8000000000000000201036d671407a06600000000000000022f743377005a840d0000000000000001e8e3c0efdd8054ba000000000000000306ee98c677dfdf190000000000000002de525d2b1011ceae0000000000000424455c59eec3a0654500000000000003f8d762d68bcbe8cc3a00000000000000d31291f9aaa7e9a7d60000000000000337a82a59342aadff570000000000000295c495b3690a69b66c00000000000000d9c5e55654e9b14cba000000000000040f0f0f7d3bfdce03d6000000000000026b89ac77db000000000000000000036a77 n_2=0x40000049000014ac8000900e00010ec58000b17b8001e0720001be890002169f80029cd5000349190003cd4480037c8c000397660003b28300041021000418cb00058a210004c2708004924980053b8780051cbd8005ebe80006bb27800765e6800651478007f62300073949800860950008614d800863988008d103800884c100099a260009a6d90009578f0007e84300080db800072e59000724f10007c0ec0006ec6600062231000605930005ca4c000566cc0005da92000574dd00040bf1000457dc0004cfbe0004c5640003fe6d0003ada60002de110002cbb30002d5a6000243840001cdf40001a8a9000151be000113f4000101070000acdf000029e5</code></pre> </figure> <ol> <li>If you compute $f_{n_2}(x)$ using $B=2^{32}$, some of the coefficients are large. Why is that? Is it true that all of the coefficients of $f_p(x)$ and $f_q(x)$ are small?</li> <li>Is there a bit shift $p \ll i$ such that $f_{2^i p}(x)$ has small coefficients? This is the key trick needed to turn arbitrary short-sleeve values into polynomials with small coefficients.</li> <li>If $f_{2^i p}(x)$ and $f_{2^j q}(x)$ have small coefficients, can you still compute $f_{2^i p}(x)*f_{2^j q}(x)$ from public information? Can you still recover $p$ and $q$?</li> <li>If this polynomial factorization technique worked for every $p$ and $q$, then RSA would be broken. Why is the short-sleeve property important, and why doesn’t this factorization method work in general? What are the limits?</li> <li>The short-sleeve property allows us to construct the product $f_{2^i p}(x)*f_{2^j q}(x)$, but unless $f_{2^i p}(x)$ and $f_{2^j q}(x)$ are irreducible, factorization may split this into more than two terms. Prove that there is always an efficient way to recover $p$ and $q$ from the polynomial factorization.</li> </ol> <div class="footnotes" role="doc-endnotes"> <hr> <ol> <li id="fn:1"> In math terms, the evaluation map is a ring homomorphism. <a href="#fnref:1" class="footnote-backref" role="doc-backlink">↩︎</a> </li> <li id="fn:2"> More accurately, modern factoring implementations use a generalization of this technique. They search for a pair of polynomials $f_0, f_1$ where $f_1$ is linear and $Resultant(f_0, f_1)$ is a small multiple of $n$. In the special case where $f_1$ is monic, then $Resultant(f_0, x - m) = n \Leftrightarrow f_0(m) = n$. <a href="#fnref:2" class="footnote-backref" role="doc-backlink">↩︎</a> </li> <li id="fn:3"> CompleteFTP RSA key generation on Linux had a separate issue where the private exponent was set to 65537 and the public exponent was large. We disclosed, and this issue was fixed in v26.0.2. The Linux version of the tool offers <a href="https://enterprisedt.com/products/completeftp/editions/">different features</a> and is less popular than Windows. According to license data from EnterpriseDT, they believe no production users are affected by this issue. Our scans corroborate this claim, as we found no keys in the wild with this property. <a href="#fnref:3" class="footnote-backref" role="doc-backlink">↩︎</a> </li> <li id="fn:4"> Diffie-Hellman key exchange also used the vulnerable function, but with a 2048-bit exponent. This is not vulnerable, and we believe that DH key exchanges that used this function are still cryptographically secure. <a href="#fnref:4" class="footnote-backref" role="doc-backlink">↩︎</a> </li> <li id="fn:5"> <a href="https://doi.org/10.1007/978-3-540-74462-7_9">Extended Hidden Number Problem and Its Cryptanalytic Applications</a> by Hlaváč and Rosa considers the problem of (EC)DSA nonces with multiple blocks of unknown bits at arbitrary locations. <a href="#fnref:5" class="footnote-backref" role="doc-backlink">↩︎</a> </li> <li id="fn:6"> <a href="https://doi.org/10.1007/978-3-540-89255-7">Solving Linear Equations Modulo Divisors: On Factoring Given Any Bits</a> by Herrmann and May considers factoring RSA when one of the factors has multiple contiguous blocks of unknown bits. <a href="#fnref:6" class="footnote-backref" role="doc-backlink">↩︎</a> </li> </ol> </div>

📝 2026-06-12 09:16 - Kev Quirk

2026-06-12T08:16:00.000Z

You know what the absolute worst part of owning an EV is?

It's when you get in the car with the kids and there's 67% battery left.

⁶🤷⁷

Thanks for reading this post via RSS. RSS is ace, and so are you. ❤️

You can reply to this post by email, or leave a comment.

📝 2026-06-12 06:46 - Kev Quirk

2026-06-12T05:46:00.000Z

So a fox came into the field and took a chicken from right in front of us at dinner time last night.

Unfortunately we couldn't get to it in time. Our rooster tried, but he wasn't successful either.

We have her last egg, so we're gonna try and hatch it. 😟

Thanks for reading this post via RSS. RSS is ace, and so are you. ❤️

You can reply to this post by email, or leave a comment.

Identifier: Taiwanese survey markers - Johnny.Decimal

2026-06-12T01:59:05.000Z

I first saw this sort of identifier years ago in Melbourne and, once I dig out the old photos, I'll do a retrospective post. I was obsessed with them long before Johnny.Decimal was an idea. It's quite obvious that I have a certain type of brain.

But right now I'm in Taiwan, and what a lovely surprise to find this in the pavement in the coastal city of Hualien.

Figure 0216A. Hualien survey mark HK33.

That is a survey marker and now that you've seen one, you'll find them everywhere. I'm not sure how standard it is to offer a public lookup for these things – Melbourne has one – but even if you do find a site, the software tends to be … shall we say 'specialised'? By which I mean, from the 1990s, and hideous. (Usually some flavour of ArcGIS.)

And, as I'm learning, there isn't necessarily one type of marker and one city website that references it. Here in Taipei there seem to be different data sets for the departments of 'Land Administration' vs. 'Urban Development'.

All of which is to say that I tried getting links to these markers, and failed. So just enjoy the photos. ;-)

Figure 0216B. Taipei survey mark 114148.

Figure 0216C. Taipei survey mark HA173.

📝 2026-06-11 21:56 - Kev Quirk

2026-06-11T20:56:00.000Z

Dammit. My first attempt at a 2 colour print has failed - the filament keeps getting jammed from the AMS for some reason.

Thanks for reading this post via RSS. RSS is ace, and so are you. ❤️

You can reply to this post by email, or leave a comment.

Every physical Nintendo Switch game I have - Joel's Log Files

2026-06-11T13:50:00.000Z

I thought it would be fun to list every single physical game I own, and try to justify my purchasing desitions. Honestly though, it will be a bit painful too. It will be a paragraph per game, so it should not be that long.

I will also note how worth the purchase is or will be once I play it, in my opinion. This is not based on future pricing or rarity, but how much I’ll actually enjoy the title itself from what I know of it, and how expensive it is compared to getting it digitally. My list is in alphabetical order.

Also, if I don’t remember what a game is about from the title and memory alone, I’ll let you know, that’s probably a sign I shouldn’t have bought it, but I sometimes buy obscure unknown games because of that! Besides, I think at least one reader will be like “that game is so good, you better give it a try right now” or something.

13 Sentinels: Aegis Rim - I have heard some incredible things about this title when it comes to its setting and story. I am still unfamiliar with most of it, I know it’ll involve mechas and high schoolers though, maybe even some time travel? I am interested on the scenario those protagonists will have to face. I think this one’s worth having and playing some day.
Animal Well - This one’s my most recent purchase. A metroidvania that seems to be focused on exploration and curiosity over combat. I heard amazing things about it and I was there when it came out. Everyone seemed to have something to say. I was extremely tempted to get it on Limited Run Games back then, but thankfully it was published for much less money later, so I’m glad I found it at the price I did. I blame Wouter.
A Space for the Unbound - The title alone made me want to get this game. And the pixel art seemed amazing too. I think it’s a bit of a coming of age story set in the future, something like that? I must admit I don’t recall the plot of it. I found it for relatively cheap though, even if it’s the European release. The cover looks really pretty too, I am glad to have it with me.
Astral Chain - This is a title that came out early in the Switch lifespan, and it seems to have acquired a bit of a cult following, even though there has been no sequel for it yet. I believe that just owning it kind of neat. I am yet again unaware of its story, I just know it seems to involve some sort of mecha police, and stuff like that.
Bo: Path of the Teal Lotus - I was excited by this one, a Metroidvania that seemed somewhat similar to Hollow Knight with a japanese artstyle and setting. I remember seeing it compared to Nine Sols. I am yet to play it but I let a friend borrow it. I got the Japanese release and it doesn’t have Spanish, so unfortunately my friend didn’t understand the plot and kinda abandoned it. The mechanics seems good though.
Balatro - A fantastic title that I have already purchased three times. Digital Switch version, physical Switch version, and on my phone. What is there to do? It’s an amazing videogame where you use Poker hands to win chips forevermore, that I am yet to win. I haven’t been helplessly hooked by it, but I really appreciate what it has done and the innovation it brought to the scene—even if we are a bit flooded with Balatro-likes lately.
Castlevania Advanced Collection - I completed Aria of Sorrow pretty much a year ago, and I really enjoyed it! So I decided to get the whole collection, which saw a Limited Run release as well. Thankfully, it was being resold rather cheap in my country, so I didn’t even struggle to pay for it. I should give a go to the other titles in the collection soon.
Castlevania Dominus Collection - Everyone seems to think that Dawn of Sorrow is the best of the Castlevanias. I am not sure yet, but I want to try it. This was the first purchase I made on Limited Run. It came out with three different covers, and it does look like most of the versions with the cover I liked (from Order of Ecclesia) are rarely sold (or very expensive) so that’s kinda cool. I blame Wouter.
Celeste - A title I completed on a Christmas before this blog was even a thing. I remember vividly going through it and accepting challenge after challenge of the main path. Years later I decided to buy it, and saw someone from the fediverse sellling their Limited Run copy for a good price! I decided to purchase it from them and well, that cover is just awesome to see. I am so happy to have it with me, now I just need to replay it soon.
Chrono Cross: Radical Dreamers Edition - Alright, this one’s interesting. A port of a PS1 title that is a follow-up to my favorite videogame of all time! And that cover? Absolutely gorgeous too. The only caveat is how it could affect my enjoyment of the first game or something. Honestly, I am not too worried and I don’t think it’ll be terrible either, I am looking forward to giving it a go someday. I have heard the Switch performance isn’t the best or something? I am not sure though.
Crow Country - A modern indie game with the style of the PS1, inspired by old school survival horror, such as the Resident Evil games I already played and loved, with a main character that looks like the blocky models from Final Fantasy VII? Why would I not want to give this one a try I wonder? I am definitely playing this at some point. I blame Wouter.
Crypt Custodian - Honestly, this was so cheap to get physical in my country I am not even worried of buying it. And thankfully, I know that my friend Amin loved it to bits! A sort of Zelda/Metroidvania game I look forward to.
Dead Cells: Return to Castlevania - The physical version of this game that includes pretty much all the DLC on it. I want to play it soon and have fun with it. This is another one that Amin loves, and I have other friends who agree. It was in fact, one of the first titles I tried on a friend’s Switch. I have heard that after so many updates, the performance of the game has worsened, but if that’s really the case, I’m sure I can wait for the Switch 2 to run its smoothly anyway whenever I buy it.
Dragon Quest I & II HD-2D Remake - Listening to Into The Aether is very dangerous sometimes, they praised these games so much it was almost impossible for me to resist when I saw them at a very affordable price. Two games completely remade and improved in every way, from archaic and storyless to playable and with characters you actually care about is just awesome.
Dragon Quest III HD-2D Remake - The one that did that trick first, this one was a truly helpless purchase at basically full price and I am yet to even open it. A bit pathetic of me to be honest, but I have a reason to trust this series so much, and it’s the next game.
Dragon Quest XI S: Echoes of an Elusive Age - Definitive Edition - Now this is a masterpiece, a game I’ve dedicated dozens of hours to already. It’s a wonderful game that has been featured in plenty of my posts, selected as my desert island game—make sure to check to post if you haven’t, lots of recommendations to be found.
Emio The Smiling Man - This is another recommendation caused purely becase of Into The Aether—ITA from now on, it’ll come up a few more times—this is a game from the Famicom Detective Club series, a murder mystery visual novel style of game, with some great art and writing, from what I’ve seen. It’s something akin to the Ace Attorney games apparently, although there are some horror elements to it as well. It’s part of my Summer Game Challenge so I may finally play it soon.
Fantasian Neo Dimension - For a long time I heard of this game being an exclusive for the Apple Arcade that featured music from Nobuo Uematsu and produced by Sakaguchi, the creator of Final Fantasy itself! I’ve heard the Switch port doesn’t have the best loading times, but that it doesn’t really matter much either. We’ll see.
Final Fantasy I-VI Collection - This one was quite the bummer. I bought it when it was rather expensive and it ended up getting more copies produced later, bringing down the price. Definitely a mess-up on my part. In any case, six classic games that shaped what a JRPG is ought to be in one package? Awesome. The games are not as beautiful as the Dragon Quest remasters though, sticking to the original art for the most part with a revamped UI and an ugly text font—which can be changed in the settings at least.
Final Fantasy VII & Final Fantasy VIII Remastered - The next two games of the Final Fantasy series are here! I must admit, most of these I own just to have a legal copy and feel less bad about playing them with an emulator. In this case, I could start over FFVII, but I have spent like 20 hours already on it, and I may as well play VIII on my Anbernic handheld too. Not the best purchase but cool to have anyway.
Final Fantasy Tactics - The Ivalice Chronicles - Of course there is even more Final Fantasy here, but this one is a Tactics RPG! That means there’s a grid and characters move like chess pieces. It seems to be a very beloved game, and I’m definitely looking forward to giving it a spin. In case it’s not clear… I own too many JRPGs.
Final Fantasy X/X-2 HD Remaster - This is my most expensive purchase. I got it at a certain price, used. I realized the second game had to be downloaded with a code that no longer worked… I asked for a refund and they refused to give me the full price back, saying it was used and well, I immediately purchased the game right there brand new… Then I realized the Japanese version of the game includes both titles in cartridge, but I haven’t purchased it again, and I hope I don’t… I won’t!
Final Fantasy XII The Zodiac Age - So many Final Fantasies, I wonder which one will be the real final one. In any case, Zodiac Age was mentioned a lot in some episodes of ITA and I decided I may as well get it too. The only game missing from my Switch collection is Final Fantasy IX, I wonder how long that’ll last…
Fire Emblem: Three Houses - When I purchased Celeste, this was a title also on sale by the individual who sold it to me! I decided to purchase both to help a bit. This game seems to be beloved by many, and after how much I liked Fire Emblem: The Blazing Blade, I saw no reason not to give it a go.
Gris - This is another game I purchased because of Amin’s love for it. What else can I say? It’s all his fault. Its a platformer with amazing art and music, super minimal in design too, will give it a shot someday.
Hades - This is one of those that maybe I could have saved, as I also have it digitally. But, the game is so good I already finished it! and it also came with the full soundtrack, with a Bandcamp download code. That was definitely a delight to see. Review coming soon.
Hollow Knight - This is worth having no matter what. Amazing game, I will definitely own Hollow Knight Silksong physical as well, as soon as it goes out of preorder and is available on cheaper stores in my country.
Kirby and the Forgotten Land - A bit of a homework buy for me. I just wanted a wholesome game to play whenever small kids in my church or extended family visit. It’s awesome and fun for me as well. I just haven’t given it a go in a while.
Legacy of Kain: Sould Reaver 1 & 2 Remastered - This one was absolutely worth it. Two great games, one of which is already a favorite of mine. I was going to get the Limited Run release of it, but then it was published for normal and I just went for that one. It’s a great collection of ports and the extras are also super interesting to see.
Live A Live - Along Chrono Trigger and Final Fantasy VI, this title is probably one of the most interesting JRPGs of the SNES days, which remained exlusive to Japan for quite a while. This port brings it to modern times with HD-2D, and I am rather excited to give it a go some day.
Mario & Luigi Brothership - I loved the original Mario & Luigi Superstar Saga, and when I saw the trailer for this one, I just had high hopes. I saw it on Walmart on sale and decided to pick it up. It seems like reviews are rather mixed, but I want to give it a fair shot sometime.
Mario Kart 8 Deluxe - This is just a must, let’s move on.
Marvel vs Capcom Fighting Collection - A lot of great games that none of my friends have been willing to try in multiplaer, honestly a bit of a fail since I haven’t touched it in ages and I kinda don’t care about playing it myself, maybe one day.
Metroid Dread - Literally one of the best experiences in gaming I have ever had, the first game I’ve ever completed at 100%. A truly fantastic work of art in the Metroidvania genre, in my opinion. I will probably replay it at some point. I borrowed it at the time but had to get my own copy in the end, worth it.
Metroid Prime Remastered - This is the game I’m currently playing at the time of writing. After more than 16 hours of playtime, it’s fair to say this game is defeinitely worth it. What a delight, a perfect remaster, in my opinion.
Metroid Prime 4 Beyond - This was a bit of an impulse purchase this year when I saw it on a deal that was more than decent for me. I think it’s going to be a pretty nice adventure, if not the best Metroid Prime has to offer. Thankfully, I already played that, so I’m ready to have a bit of a mixed experience in Samus’ world.
Monster Hunters Generations Ultimate - I have Monster Hunter Rise digitally, and it’s the only one I’ve played, but I love Monster Hunter as a franchise, and whenever Freedom Unite on the PSP becomes way too archaic for me—probably never to be honest—I plan to check this one out to keep the old school style of the game alive.
Nier Automata - Everyone I know tells me this game is one of those that might change the way you look at videogames, and your life as a whole. That’s an experience 1000xRESIST gave me, but perhaps this one deserves a shot as well. We will see! Some say the Switch port is subpar, so I’ll probably wait until I get a Switch 2 to try this.
Nintendo Switch Sports - I miss the actual Miis having the spotlight, and to be honest, not all of these games are worth playing at all. But I really enjoy Golf, Bowling and Volleybal with friends, and that’s all that matters to me.
Octopath Traveler II - Although I haven’t played it, a friend borrowed it from me and has more than 40 hours of playtime. I know this game is worth it, and someday I’ll check it out for myself. One of the great JRPGs of modern years.
Outer Wilds: Archeologist Edition - This is a title that is another life-changing experience. And after 11 hours I can truly confirm this is already the case. I ended up leaving it pending for a bit, but I truly want to return to it soon. It’s a really fantastic game that I would love to finish for the Summer Game Challenge. I got this one because of JP
Persona 5 Royal - This one seems to be yet another eye-opening experience for many people, although a bit harder to get into than the rest because of the commitment it takes. It should be fun, but I’ve heard the performance on Switch, while passable, is not ideal. I personally paid like 1/4th of the price for it and have no complains, will play some day.
Pipistrello and the Cursed Yoyo - After so many heavy hitters, this indie title with a GBA style seems to be more of a fun Metroidvania title with some heavy platforming elements. I got it because of Wouter, although he ended up a bit mixed on it—he’s not as good at platforming compared to me.
Pokémon Legends Arceus - I had heard so many things and praise for this title for finally giving the Pokémon formula the refresh it needed. I really want to get into it at some point, I’ve never completed a Pokémon title though, so we’ll see.
Pokémon Legends Z-A - I got this because of FOMO and I haven’t even touched it, I’ll probably love it if I give it a try and some time.
Pokémon: Let’s Go Pikachu! - This one is actually borrowed, so it doesn’t count. It’s a remake of Pokémon Yellow that seems to be made for little kids.
Prince of Persia: The Lost Crown - An absolute masterpiece of Metroidvanias, so many quality of life features that have been lacking on Silksong and even Metroid Dread, I love every aspect of this game and I am happy to have it on my collection. The physical version has gone down in price a lot, but I’m glad to have played it when I did. Check my review of it!.
River City Girls 1+2 - The beat’em up genre is super fun and requested among my friends, so picking this up seemed like a good idea. We played the opening hour of the sequel and were surprised by it. However, right now Full Metal Furies is our multiplayer title, so this is currently shelved.
Sea of Stars - A title that I actually found because of Linus from LTT, yes, I actually found out about CrossCode and Chained Echoes because of him too. The guy has taste in videogames. Anyway, this title also showed up on ITA and everywhere because it was the indie GOTY in 2023. It seems like there were mixed reviews about it overall though, so I’ll see.
Shin Megami Tensei V: Vengeance - The SMT series is a blindspot for me (like Persona, and Octopath, and many already mentioned, but whatever), and it seems extremeley interesting and mechanically rich compared to most others JRPGs . Some day, I’ll give this one a go, it may absorb me completely, which scares me.
Signalis - This is another one I got because of Resident Evil, although it was before I actually played them. I was thinking of playing it before the classics, but things happened, and now I’m eager to see how it evolves the mechanics in the genre, especially compared to Crow Country. It has a darker feel to it akin to Parasite Eve too, which I like.
Star Wars Heritage Pack - This physical game contains five titles in the cartridge and two download codes. The game I cared about from it was Star Wars: The Force Unleashed, a game I tried and loved in my childhood playing on my PSP. The rest seem to be awesome too, especially the Knights of the Old Republic games, which are the ones that are download codes, unfortunately. It was rather cheap though, so nice.
Streets of Rage 4: Anniversary Edition - This is another beat’em up that actually stuck! Because it’s beatable in a single sitting, unlike the RCG games that are almost like open worlds. In any case, the music, art and overall atmosphere of this game is super cool, worth beating, and probably replaying too.
Suikoden I & II HD Remaster - This one is another title that I am yet to complete first on my PSP, and then on my Anbernic handheld.
Super Mario Bros Wonder - a wonderful return to the 2D games of the series, with an incredible art style and excellent courses. Played it multiplayer with friends and enjoyed every second of it!
Super Mario 3D All Stars - This one is also borrowed and I think it’s best to play the games emulated, and I already have a better port of Super Mario Galaxy anyway.
Super Mario 3D World + Bowser’s Fury - What a title this is! One of the best level-based Mario games ever, can’t complain much about it, wonderfully chaotic in multiplayer.
Super Mario Galaxy 1 + Super Mario Galaxy 2 - These ports from the original Wii games had a mixed reception because of the price, the games are more than a dozen years old. I paid a lower price myself and have never played them fully, so I accepted the Nintendo tax.
Super Mario Oddysey - one of the first titles in the system and one that redefines what Super Mario can be! I hope I get to play this one at some point, I got it at a good price and it’s now waiting for its turn…
Super Smash Bros Ultimate - This is just essential and a must, let’s move on.
Tactics Ogre: Reborn - As if I didn’t have enough with Ivalice Chronicles, this title seems to be a great port of the original Tactics Ogre, and yes, this is one that Wouter made me purchase, evil!
Tales of Graces F Remastered - I have never played a Tales game, and this release on Switch seemed interesting enough for me, I saw it mentioned in the TWG Online Discord and I just couldn’t help myself…
Teenage Mutants Ninja Turtles: Shredder’s Revenge - An intense beat’em up featuring the ninja turtles and friends! An awesome homage to the franchise with great mechanics, awesome music and cool moves, I’d say this one’s worth having!
Trails in the Sky First Chapter - This one is probably a masterpiece, and a very dangerous game to get into, given how it spawns a whole franchise with a dozen videogames I may end up addicted to. Will try it sometime, one of those JRPGs that could change you or something. I even got a special edition of it with a metallic case.
The Hundred Line: Last Defense Academy - Quite literally my most played title on the Switch, this game is very much worth it. It’s a fantastic, mind-blowing story, a visual novel mixed with tactics and a Mario Party map. The best part is I am not even done with it yet, it’s so fun. Over 70 hours and counting.
The Legend of Zelda: Breath of The Wild - There’s nothing to say, this game is a must on the Nintendo Switch, a delight that has given me 40+ hours of adventure and awesomeness!
The Legend of Zelda: Echoes of Wisdom - This one looked so fun, and my sister wanted to play it too! Unfortunately haven’t had the chance to complete it, and I think my sis left it halfway, we’ll see how it goes.
The Legend of Zelda: Tears of the Kingdom - This is quite literally the reason I finally bought a Nintendo Switch, I wanted the Tears of the Kingdom edition, and I wanted the game to match! Unfortunately haven’t had the chance to play it yet… I know it’ll be worth it
The Legend of Zelda: Link’s Awakening - This one is also borrowed so it doesn’t count, but someday…. I may end up playing the GBC version anyway.
The Messenger - I blame Wouter for this one. A platformer I think? Kinda metroidvania-ish? I heard about it from ITA so that means it must be a good title.
Triangle Strategy - Every time I try this game I get hooked for like three hours and then I don’t want to play it again. I am in like hour 17 by now and it’s a great title, I just need to get a grip to finish it. It’s borrowed though so whatever!
UFO 50 - This one is a collection of fifty games developed by a fake company (like a sort of alternate history thing in the plot) and you can just play them all and enjoy! Very retro stuff. Wouter got it too but I can’t blame him this time
Unicorn Overlord - I found out about this one from ITA and since Wouter got it too I thought why not. It’s a tactics RPG with some very unique mechanics, done by the same people from 13 Sentinels, I think it will be worth it!
World of Horror - I’ll be honest, I was told by YouTube that this game was rare and got it just because of that. Seems to be a sort of horror detective point and click thing roguelike. Could be worth it though.
Wizardry: Proving Grounds of the Mad Overlord - The ultimate dungeon crawler or something, a genre I am yet to explore in depth. I got this one from Limited Run, and I must admit the quality of the cover left a bit to be desired, I’m sure the game itself is going to be good, someday.
Xenoblade Chronicles - I heard of this game for so long and I finally played like the first five hours. I was enamored and I want to play it more, I just haven’t picked it back up… I should have put it on the Summer Game Challenge.
Xenoblade Chronicles 3 - I don’t have 2, but 3 seems to be the one people prefer anyway, I’ll get to it someday…
Xenoblade Chronicles X - The marketing got me and I was helpless, this one was definitely something I could have done without at least until beating the others. Then again, some people prefer it over all of them.
Yakuza Kiwami - I’ve heard great things about the Yakuza games from everywhere, I definitely plan to get to this someday, also purchased from Limited Run, bundled with Wizardry!
Ys Origin - I love the Ys games, sibling of the Trails series but more action focused. This one title promises a lot and I sure hope it delivers.
Ys VIII: Lacrimosa of DANA - This one though, seems to mark the refining of the franchise on a new direction started by Ys Seven—which I completed—and it was one of the first things I bought more than a year ago. I am eagerly waiting to play it.

Honestly, I know I own too many games for me to even complete, and I’m not even counting my digital purchases.

I am not sure why I am writing this, I thought it would be fun but it just kept going and kinda felt pitiful in the end? It’s not like it matters that much.

Anyway, if you recognize any of these games and would vouch for me finally trying them, feel free to do so. But of course, there’s quite a backlog waiting for me…

Eighty one in total.

This is day 79 of #100DaysToOffload

Reply to this post via email | Reply on Fediverse

Career Update - Life After Stepping Down - Kev Quirk

2026-06-11T11:21:00.000Z

Last October I made the decision to step down from my role as a global executive in the cybersecurity industry. The last 8 months have gone by in a flash, so I wanted to write a little update on how it's going. Do I regret the decision? Was it the right thing to do? Or have I screwed up the career I've spent 25 years building?

The TL;DR is that I'm far happier now than I was back in October. I've battled with whether this was a failure, and I decided that I didn't fail, it was all just my ego.

I've gone from working a ~60-70 hour week, to working a ~40-45 hour week on average (I'm contracted to 35 hours). When I sign off, I know my phone isn't going to ring. I'm doing work that I enjoy doing again, with a team I enjoy doing it with.

More importantly though, I'm less stressed and I get to spend quality time with my family. That right there, that, is the most important thing.

For example, since all my team are in the States, I tend to have late meetings. So on a Wednesday I shift my hours and sign on at around lunchtime. My wife is also off on a Wednesday, so every week we now take the boys to school, then go out for breakfast together. After that we take the dogs for a walk. It's just lovely.

Working weekends just isn't a thing for me now either. So I can spend every weekend with the kids, or out on my motorbikes with friends, or in the garage working on them, or on various projects around the smallholding.

Sure, I don't have a corner office, or an assistant, or the fancy executive job title. But I'm happy I traded those things in for all the above.

If you're thinking about a step down to focus more on family instead of your career, my advice is to go for it. I have zero regrets.

Thanks for reading this post via RSS. RSS is ace, and so are you. ❤️

You can reply to this post by email, or leave a comment.

Taylor Swift question challenge - James' Coffee Blog

2026-06-11T00:00:00.000Z

Inspired by the Bear Blog question challenge and other blogging challenges, I thought I would make my own: the Taylor Swift question challenge.

The questions are orientated more toward people who have heard a few of her songs, but, no matter whether you have listened to one or all of her songs, I hope you find something interesting in this quiz! If you don’t feel like you can answer a question, feel free to skip it and/or add your own in its place.

Here are the questions:

What is the first Taylor Swift song you can remember listening to?
What is/are your favourite Taylor Swift song(s)?
What is/are your favourite Taylor Swift album(s)?
What is your favourite Taylor Swift song that she performed with someone else?
What lyric stays with you more than any other?
What Era are you in right now?
Which Eras Tour mashup do you like the most?
If you went to the Eras Tour, what night did you go?
What other musicians do you like and hope people check out?

If you like the questions, feel free to write responses on your website!

My answers are below.

What is the first Taylor Swift song you can remember listening to?

I don’t remember exactly, but I have a feeling it would have been “Shake it Off,” most likely on the radio.

The most vivid memory I have of her music was when I started listening to the Midnights album. If I recall I listened to it once and enjoyed it, but something drew me back and I kept listening. That started me on what is now a years-long journey of appreciating her music. And there’s still more for me to listen to. I haven’t listened to most of her Debut album!

What is/are your favourite Taylor Swift song(s)?

Favourites are hard, but they do get me thinking. I love exile. It is also one of my favourite songs to play on the piano. exile introduced me to Bon Iver, whose music I have gone on to greatly appreciate. I always love when an artist can introduce you to another artist.

The Great War, The Albatross, The Bolter, You Are in Love, and Maroon are among my favourites too.

Also, Taylor Swift’s performance of “You’ve Got a Friend in Me” with Randy Newman is wonderful.

What is/are your favourite Taylor Swift album(s)?

I think my favourite album is folklore, followed by TTPD and Midnights. Although evermore has so many good songs, too. And Red. And… wait.

What is your favourite Taylor Swift song that she performed with someone else?

Since I said exile earlier, I think I’ll say “I don’t wanna live forever,” which she sung with Zayn.

What lyric stays with you more than any other?

“Say it once again with feeling” from How Did It End.

Also the plosive sounds of "pathological people pleaser" in You're Losing Me really stick with me.

What Era are you in right now?

Most likely my Showgirl era! I feel like I can embrace my playful side more. But I’m holding on to the memories of other eras; they will hold on to me.

Which Eras Tour mashup do you like the most?

The Great War and You’re Losing Me is a great mashup. I also love playing Out of the Woods and All You Had to Do Was Stay on guitar.

If you went to the Eras Tour, what night did you go?

Edinburgh N2!

Our surprise songs were:

All of the Girls You Loved Before x Crazier, and;
The Bolter x Getaway Car.

What other musicians do you like and hope people check out?

Bon Iver, HAIM, and Florence and the Machine, who all collaborated with Taylor Swift. Other musicians I recommend are:

Metric
The Revivalists
Maisie Peters (who opened for Taylor Swift in London) (My Regards is so amazing)
Death Cab for Cutie
Gracie Abrams (Hit the Wall is so good!)
Lorde
The Colourist (please perform again! Although I’m not sure what my chances are of this happening since they stopped performing over a decade ago.)
MisterWives

Bear Blog question challenge You’ve Got a Friend in Me

The honest truth about leaders who want to replace their workers with AI - Werd I/O

2026-06-10T22:19:28.000Z

Link: CEOs Who Think AI Replaces Their Employees Are Just Bad CEOs, by Mike Masnick in TechDirt

I second this sentiment:

“It seems pretty clear to me that companies that think they’ll be able to layoff huge swaths of workers because of LLM tools are going to find out they’re mistaken pretty quickly. The power of LLMs is that when used well and used willingly it can help employees to get more done, but that doesn’t mean you need fewer humans. You need more humans who know how to work productively.”

I’ve seen some pretty dumb stuff out in the wild: leaders who have expected their engineers to dramatically increase their output to inhuman levels, company-wide token leaderboards, product managers who believe they can replace real user research with synthetic personas, and, of course, high-level leaders who think they can replace their human workers with AI agents. (None of this, I should say, has been at my job, where our work is primarily done by humans and AI, when it is used at all, is an assistive tool.)

I think Mike Masnick’s prescription is accurate: many CEOs are so distant from the actual productive work of a company that they miss the complicated nuance of what goes into it. So if they can produce something with Claude Code that feels analogous to it, a bad CEO might start wondering why they’re hiring all these people.

A good CEO will understand that they’re missing a ton of expertise that goes into building something well, doing work with skill, or even just exercising humane human judgment. The others will find out the hard way that they’re wrong to underestimate their employees.

Home Brew Presents: Last Week - The Weblog of fLaMEd

2026-06-10T20:50:03.000Z

What’s going on, Internet? Last night I headed out by myself to catch the Home Brew Crew perform their first project Last Week at the Auckland Town Hall.

I was supposed to go with my wife, but last minute plans saw her and the kids head to Waiheke for the long weekend. Solo gig? No problem!

I started my night solo by hitting up Low Brow on K Road for a burger and beer before making my way down Queen Street to the venue. Sitting at the bar with my beer waiting for my burger, it wasn’t long until a group of people out for the night approached the bar and hovered waiting for a table. I started talking with one of the group and quickly discovered that they were out for a work social club event and also heading to see Home Brew. I ended up chatting with them and a couple beers later I headed off with them for the walk down Queen Street to the show.

We arrived just before 7pm as the doors opened, and there was a line all the way down the street. We headed across the road to an Irish Pub for another drink and wait for the line to clear out. In the pub I was introduced to more people and had some more chats with other concert goers. It was great to have a chat with others about Tom Scott, Home Brew and the other music associated with him and Young Gifted & Broke (YGB).

As we finished up our drinks and headed across to the venue, it was time to part ways as I was heading up stairs to my seats while the group was heading inside to the floor. I said my goodbyes, exchanged phone numbers with a quick txt message and made my way to find my seats.

Once orientated I headed back downstairs to check out the merch stand. I was hoping for a copy of the vinyl which has only been available during its first pressing in 2010 and a hoody.

I made it to the front of the line and was able to get a copy of a recently repressed vinyl in pink, a black “LISTEN TO HOME BREW” t-shirt, and a Run It Back lyric book. No hoody though.

I grabbed a couple drinks, a bottle of water balanced in my hands with my merch and made my way back to my seats.

I had seats up in the circle which proved to be popular as many people hovered nearby, some asking if they could sit in the vacant seat that I had also purchased for the night. I kept the seat occupied with my jacket and merch haul.

The place was heaving with people. The stage design was fantastic. Set up to resemble the Sandringham flat where Tom lived at the time when they created and recorded the EP complete with fridge full of beer. They also had the egg cartons on the wall as mentioned in the closing track on Run It Back, “Run It Back Again”:

Remember when we first started this shit?
(Yeah run it back)
Studio with the egg cartons and shit
(ha ha yeah)

The stage soon filled up with what Tom describes as his favourite people in the world. I saw Team Dynamite, Brandan Shiraz, Mellowdownz (I think?) up there on stage.

It wasn’t too long before Tom burst onto the stage and started spitting the words to the hit, Monday. The crowd went wild, the floor was heaving under a cloud of smoke (not ciggis). He continued through the EP setlist including all the hits, Tuesday, Wednesday, Thursday, Friday, Saturday, and Sunday. Once Last Week was finished he dived into the rest of the Home Brew hits, Drinking In The Morning, Alcoholic, Datura/White Flowers and many more!

I had a super fun time, even though I was solo, there were enough people around who were happy to talk so I never felt alone. I’m super happy I got to see Home Brew perform live finally as with them all off in their own musical directions we might not get to see them perform together again, especially not Last Week, front-to-back.

Listen to Home Brew, laterz.

Hey, thanks for reading this post in your feed reader! Want to chat? Reply by email or add me on XMPP, or send a webmention. Check out the posts archive on the website.

📝 2026-06-10 21:05 - Kev Quirk

2026-06-10T20:05:00.000Z

I'm quite liking #Vivaldi, especially now I have dark/light mode switching working in #Ubuntu.

If it sticks, I'll play with their email and RSS integration next.

Thanks for reading this post via RSS. RSS is ace, and so are you. ❤️

You can reply to this post by email, or leave a comment.

Shellsharks Blogroll - BlogFlock

📝 2026-06-14 12:49 - Kev Quirk

Did Frank Sinatra really think "Something" was a Lennon/McCartney song? - Terence Eden’s Blog

Hobbling my app launcher - Johnny.Decimal

Speed ≠ efficiency

Reintroducing friction

Footnotes

Read "Why "Book-Shaming" Won't Solve the Children's Literacy Crisis" - Molly White's activity feed

SwissMicros calculators - Johnny.Decimal

Clouds; colour - James' Coffee Blog

📝 2026-06-12 16:59 - Kev Quirk

Published on Citation Needed: "Second Circuit rejects Sam Bankman-Fried’s appeal" - Molly White's activity feed

Gadget Review: TP Link EH210 Ethernet Splitter (USB-C) ★★★★★ - Terence Eden’s Blog

Factoring "short-sleeve" RSA keys with polynomials - Trail of Bits Blog

📝 2026-06-12 09:16 - Kev Quirk

📝 2026-06-12 06:46 - Kev Quirk

Identifier: Taiwanese survey markers - Johnny.Decimal

📝 2026-06-11 21:56 - Kev Quirk

Every physical Nintendo Switch game I have - Joel's Log Files

Career Update - Life After Stepping Down - Kev Quirk

Taylor Swift question challenge - James' Coffee Blog

What is the first Taylor Swift song you can remember listening to?

What is/are your favourite Taylor Swift song(s)?

What is/are your favourite Taylor Swift album(s)?

What is your favourite Taylor Swift song that she performed with someone else?

What lyric stays with you more than any other?

What Era are you in right now?

Which Eras Tour mashup do you like the most?

If you went to the Eras Tour, what night did you go?

What other musicians do you like and hope people check out?

The honest truth about leaders who want to replace their workers with AI - Werd I/O

Home Brew Presents: Last Week - The Weblog of fLaMEd

📝 2026-06-10 21:05 - Kev Quirk