Lucas Nicodemus

Maker @ Pryaxis

Read this first

A very in-depth look at Day One 2.0

I’ve been a fan of Day One for quite some time, and Day One 2.0 just came out. It’s a great update, worth every penny, but it lacks some polish that I’ve come to expect from Bloom, given how well the last version was in the last two years that I’ve used it.

The update really nails some key features. Importing from Day One Classic is a snap — the import process on iOS and Mac is fluid and fast, and it requires no extra interaction for people who are already on Day One Sync. A common pitfall that most import tools run into is duplication — running two imports generally duplicates all data that the first one did, but Day One intelligently only syncs data that is missing on the server. This means that the ideal upgrade workflow is just installing Day One and importing the entire database on all devices. Any entries that somehow weren’t synced properly will sync, and anything that already

Continue reading →


Email, screenshots, and trust

Recently, the Half-Life community has fallen victim to screenshot based email spoofing. A conversation is usually posted via screenshot, usually with something blurred out, showing a random community member exchanging words with someone important. Almost always1, these emails provide something akin to confirmation of the existence of a god.

21tvGHT.png

 How to spoof email

If you want to spoof an email from Gabe Newell, you have a couple different options.

  1. You could photoshop it. Email exchanges are always posted as screenshots, so just photoshopping text is trivial. Since you’re going to blur out your email address anyway (it’s a big secret), you have plausible deniability if anyone ever questions why the screenshot has photo editing EXIF data, or why it has compression artifacts, or why it looks fake. It was just a side effect of editing out my precious email address, and/or name!

  2. You could

Continue reading →


CyberPatriot 8 Round 1 Score Analysis

For the past several years1, I’ve analyzed CyberPatriot2 competition rounds using a Pryaxis product called The Magi.

This report covers the data The Magi collected during CyberPatriot 8 Round 1, during the entirety of the competition window.

After the competition window closes, CyberPatriot modifies scores to account for penalties, alternative score dates, and extenuating circumstances that warrant score modifications. Because this round had no Cisco/Networking scores, the scores compared here are free reveal how the CyberPatriot operations center alters scores from images after the competition closes.

 Removed Scores

CPOC’s3 released official score PDFs tell an interesting story about five teams.

One team, 08-2587, was listed as “Score Under Review,” and no score was provided. Their team was flagged as having multiple copies of the same image open but had a fairly “average” score of

Continue reading →


Pryaxis Jump

Over the last few years, I’ve been back and forth with ideas on how to improve training cyber defense best practices. No real world simulation platform is accurate1 or robust enough23 for more than basic use. As the popularity of competitions like CyberPatriot4 and National CCDC5 increases, tooling for simulating these environments has stagnated. I needed a way6 to build and train using advanced cyber defense scenarios, so I got a friend or two7, and together, we built Pryaxis Jump.

Jump allows someone with knowledge8 about information security, like a CyberPatriot coach or mentor, to marry training with real-time evaluation and results. For the longest time, competitors were trained prior to competitions with tutorials and given dense copies of benchmarks to memorize. Many times, they were “thrown off the deep end,” having been told to somehow secure systems with no guidance on what

Continue reading →


Just Ephemeral Enough

From GOODROOT, via Medium, on the permanent nature of social networks:

Things are different now. In our over-connected existence we have lost the ability to create a blank slate. When, previously, you could separate yourself from past lives and — through reflection and distance — achieve emotional growth and maturity, you are now inhibited by the confines of socially networked relationships. It has been ten years since I graduated the dregs of High School cliques and hierarchies, yet returning from socially ambiguous anonymity to the sun-exposed magnifying glass of social networks has sent me spiralling into strange old thoughts, beliefs, and desires.

I stopped using “Facebook proper” a fairly long time ago1. I rarely check News Feed, and while I occasionally post things to Timeline, I use Facebook as a record more than I do anything else – a permanent log of notable life events that

Continue reading →


What I Use

I love the idea behind sharing your setup. Peeking into what other people use influences how I develop my own workflow, but I’ve never shared the results. My favorites, coincidentally, are Zach Holman’s and Jeff Atwood’s, though both are now very dated. My setup might not be entirely unique, but I love it nonetheless.

I use OS X on a 2013 Macbook Air. I don’t really suggest non-Apple laptops these days because I admire the usability of OS X and Apple’s build quality. If I picked, I would’ve gone with the non-existent Retina Air. The Air has enough power to run VMware Fusion and a colossal amount of tasks with relative ease, but it’s also light I love the battery life on it. I click with the Vortex Poker 3, a Cherry MX Blue 60% keyboard. Mechanical keyboard explanations can cause eyes to gloss over, so I’ll skip that. It’s great (buy one today).

For web browsing, I use Chrome with

Continue reading →


Inside Out

Inside Out is a Pixar film. I don’t just mean that it was made by Pixar Animation Studios in Emeryville California, as the credits dutifully remind us, but that it is a Pixar film in the same way that Toy Story and Up were Pixar films. Inside Out joins the Pixar ranks as a non-derivative, non-sequel, new IP film that creates its own expectations and drives itself. If Inside Out’s success measures up to its hype, it will not be because a previous Inside Out came before it, nor because it has princesses (it doesn’t), musical numbers (it doesn’t), or any otherwise common stereotypes depicted in modern filmmaking. Inside Out, breaks the mold, just as Toy Story and Up did before it.

Inside Out stars Riley Anderson’s emotions. While the trailers seem to indicate that more on-screen time might be devoted to Mr. and Mrs. Anderson’s emotions, the trailer cuts are essentially all the time they

Continue reading →


TShock User Survey

In Terraria 4.2.10, I snuck in an update that added a link to a Typeform survey. The survey is now closed, and after 325 responses, it’s finally time to discuss the results.

This survey is, of course, not entirely a complete sampling of server owners or plugin developers. Many of the 1,200+ online servers are running older versions of TShock, and many server owners do not update immediately to new versions. With that being said, however, the data is still interesting to look at.

 How would you rate TShock?

The first two questions in the survey were directed at the overall quality of TShock, and its user submitted plugin catalog.

The average rating for TShock was 4.65/5. However, 94% of responses were either 4 or 5 on the scale. 5% of responses were in the lower half, rating TShock 2 or 3, and 0% of responses (only one person) rated TShock as a single star.

The plugin catalog rating

Continue reading →


Default Keyboards; Different Perspectives

With iOS 8, iOS and Android users have the capability to install non-standard keyboards. A key difference in the implementation Android has over iOS is the ability to set a default keyboard.

In Android’s settings, “Language & Input -> Current Keyboard” identifies the default keyboard that will be presented at all text input boxes.

In iOS’ settings, “General -> Keyboards,” all keyboards that are installed are certainly listed, but pressing the edit button and reordering them does nothing to change which keyboard is the default. Moreover, for input fields that deal with passwords, as well as text entry fields in non-app environments (Springboard, and Settings), iOS will present the standard keyboard and prevent switching to an alternative.

Apple’s distinction is that an alternative keyboard might be suited for occasional use, but, for the vast majority of the time, the built-in keyboard

Continue reading →


Exist.io mood tracking in Day One

About a year ago, I signed up for Exist, a service that correlates passive data from things like Fitbits and Twitter to determine a variety of different data analytical statements about a user. The hidden gem in Exist is its mood recording feature. Each day, it sends an email asking how the day went, with a one sentence summary of why it went that way.

For one reason or another, it might be conceivable that one might stop using Exist, or at least to store moods in a more permanent location. I had no idea the amount of value I’d place on the mood rating system until I had been using it for some time. Having already expressed my love of Day One with ETD, it only made sense to build a similar tool for Exist’s mood data.

There are some caveats. This script assumes that you want to import all moods with moods and assumes you will only run the script exactly once. Unlike ETD, it will not

Continue reading →