One of my favorite exchanges has revamped and they implementing a very annoying safety feature: kicking me out of the trading page every inactive 30 minutes. The result is I have to now login10 + times a day just to login to check prices or to trade. This means I have to input 2FA code from my Google Authenticator every time to login too. Together with the stupid frequent ReCaptcha verification, every login now takes me at least 30 seconds.

There is nothing I can do with the ReCaptcha as that is one of the system design, but I can simplify the 2FA process.
The method is to export credentials of Google Authenticator to the chrome extension Authenticator.

Use this trick if:

• You did not backup the specific app’s credentials (the barcode or manual entry code) when you setting up 2FA with that app.
• You want to get the 2FA code on a computer instead of phone.

Prerequisites:

• You are using Google Authenticator on an android device.
• Your device must be rooted.

Procedure:

1. In the rooted phone, use a root file explorer to get /data/data/com.google.android.apps.authenticator2/databases/databases and copy it to the computer.

2. In computer, use Notepad++ to open the databases file.

3. You will see lots of “null” characters but skip it all to the bottom of the file, where you see readable text like below and the red part is your credential key.

   

4. Copy the credential key and insert into Authenticator extension.

   Authenticator -> Edit button -> Plus button -> Munual Entry

   

   1. Now you can copy the time-based access code using just a click.

      

The 2FA credential is crucial for the security obviously, that’s why you should not store this information in any plain text form. Encrypt it and store it somewhere offline like the USB thumbdrive. The next time you switch your phone or even lost it, you can easily recover the access code. With root access, you can also use the Titanium Backup app to backup Google Authenticator with the credential.

You should also start backing up the credential whenever you setting up a new 2FA login for a service.

双重认证（2FA）在黑客病毒猖狂的现在已经变成必要的户口保护手段了，尤其是收藏着重金的加密货币网站更是必不可少。我使用的是 Google Authenticator，由于某个常用的交易网站由于保安原因时常会需要不断的重新登入，把手机上的 Google Authenticator 移上来电脑中的 Chrome 插件 Authenticator 会方便很多。

谁适合服用：

• 想从电脑上快速获取 2FA 密码的人。
• 当初没有备份某个服务生成 credentials 的人。

前提条件：

• Google authenticator 必须运行在安卓手机上。

• 必须使用拥有超级用户权限的安卓手机

步骤见英文部分。

谁拥有用于密码生成的 credential 就可以生成 2FA access code 登入特定的服务，所以一定做好保护功夫。永远不要保存在纯文字格式。

​

This page is synchronized from the post: ‘Export Google Authenticator credentials to other device 获取2FA生成密码’

I’ve spent 2 hours on this using Copic markers in the grey book.

This is an entry for Disney drawing contest hosted by @sirsensei.

I’m not a big fan of Disney even when I was a kid. The first Disney that I looped over and over on a tape 20 years back was the Lion King. And looking back into the fictional characters, I found that the villain Scar got so much swag the other characters just don’t have to the story. Yeah, the typical hero-always-win theme for the Disney is just boring and paying some credit to the supporting role can be fun.

这幅作品花了两个小时，主要使用 Copic 马克笔在灰色绘画本上。这也是 @sirsensei 的迪斯尼绘画比赛的参赛作品。

其实从小我就不是迪斯尼的粉丝，总觉得男孩子不该喜欢这么可爱的东西。但是作为童年主流娱乐品，还是接触了不少。第一部迷上的迪斯尼卡通应该就是经典的狮子王，想当年的卡带时代可是被我重播了不少次。看回去其中的虚构角色，还是选择画有型有款的奸角 Scar 吧。迪斯尼的主角好人必胜的主旋律有点千篇一律了，把聚光灯分一点给配角们是我的使命，哈哈。

Drawing Breakdown

Sketch lightly with a pencil then outline the lion face with the darker marker.

用铅笔浅勾画出轮廓，然后深色马克笔确定脸的架构。

Leave the bright spot open, as the lighter tone cannot cover the darker tone. Lesser room to fix mistakes with markers.

亮色部分切记要留白，马克笔的亮色系并不能遮盖深色的，所以容错率也少了许多。

After the face toning, here comes the hair part. At some moment it bothered me to use the expensive marker on such a big scale. Haha.

脸部细节好了之后，开始大面积的用黑色上头发吧。如此大手笔的使用珍贵的Copic 颜料，心有一点点疼啊。

At last, use the white pencil to highlight the face and give the hair more texture.

最后，用白色铅笔将亮色部分再加强即可。

This page is synchronized from the post: ‘Drawitbetter Challenge #3 Scar’

Motivated by the price fall of durian in Singapore, for the first time I bought it myself after years of eating this king of fruit.

Pricing at S$17 per kilogram, the Musang King is a real deal for its awesome taste and size. We bought a total S$50 worth of durian for the dinner for two persons, we ended up so full and satisfied with the quality. It’s been a while we take so much of durian for a meal, gotta drink more water to counter the overwhelming energy and calories.

吃了十几年的榴莲，终于在昨晚第一次亲自下手买榴莲回家吃，主要是听说最近新加坡的榴莲供过于求而降价了。

猫山王每公斤十七新币，在榴莲界里可是鼎鼎大名的明星。虽然比起其他品种稍嫌贵了点，但是肉多籽细口感浓郁，实在是物有所值。我们二人共买了五十新币的分量当晚餐吃，许久没吃这么多榴莲了，好不过瘾。可也要记得多喝水以免上火。

回味无穷，下次再来。

This page is synchronized from the post: ‘Durian dinner 榴莲当晚餐’

I’ve spent another 3 hours on this artwork after the first version. Mainly using the pens below starting from the top: Pentel white gel pen, UniPaint marker, and White chalk oil color pencil which was also used in the first sketch.

The subject is the legendary Michael Jackson and his classic hat.
Ironically, I fell for Michael the day he passed away as the television mourning him with the “You Are Not Alone”. I fell in love with this song and immediately searched for all his songs and MV for the next few months, wondering how could I miss this astonishing artist when he was alive. I wished to draw a portrait of him as a gesture of tribute for a long time and this is the chance now.

The is an official entry for the Hat drawing contest bosted by @helene.

I’ve mentioned this artwork could be improved further, by making the white portion more vivid will enhance the contrast and makes everything pop on the paper. Seems like I was right. In the section below I put the previous work and the completed version side by side, you are the judge.

Comparison breakdown

_{Before: Hat and face portion}

_{After: Enhance the hat detail and emphasis the light spot}

^{Before: Shirt image was dull}

^{After: Contrast is way stronger. Shining spots on the coat are really shining now.}

^{Before: Bright part was lacking.}

^{After: Improved the hand and sleeve details.}

^{Before: Contrast was lacking.}

^{After: Some simple highlight on the hand can really make the hand and pant outstanding.}

There is a way to improve everything.

Don’t forget to preserve artwork by using the fixtatif spray in this guide too.

这次的主题是万古不朽的 Michael Jackson 的经典戴帽形象。

很讽刺的，我真正认识 MJ 就是在他去世的那天。当时电视上播放着缅怀 MJ 的《You Are Not Alone》，听到的当下就立马爱上了。接下来的几个月把他所有的作品和 MV 统统翻出来欣赏研究，对这位传奇般的人物彻底心折了。一直想要画个人像来向他致敬，这次机会终于来了。

基于第一个版本，这次的加强功夫用了额外的三个小时来完成。主要功臣是图上的白墨笔和马克笔。在黑纸上要让图画变得更突出立体就是增强对比，其实也就是要有办法在应该显亮的白色部分使之变得更白，这时候单纯的白色铅笔比起白墨笔就逊色许多了。

上面的部分我将各个部分用第一版本和完整版本来对比，没有对比真的就没有伤害啊。看来我所相信的一切都可以变得更好是正确的。

完成了别忘记用正确的方式保存作品。

正式用此版本来交功课，有兴趣的可以去参加由 @helene 举办的帽子绘画比赛。

This page is synchronized from the post: ‘Drawing Challenge#10 Tribute to the legend 向伟大致敬’

“We see bitcoin as a bit of a Ponzi scheme,” David Gledhill, group chief information officer and head of group technology and operations at Development Bank of Singapore(DBS).

He also does not think that getting into the world of bitcoin will create a competitive advantage for the bank, mainly due to bitcoin inefficiency in term of expensive transaction fees recently.

It’s a shame for a prominent figure in the biggest bank in Singapore will stand against bitcoin. Not sure though if he is the bitcoin or the blockchain technology. Maybe he has to say what he has to say for being in his position, after all the bitcoin was created with the motto “Unbank the bank”. I’m a big believer in the blockchain, and currently the world has shown the same trust via bitcoin billions worth market cap.

Of course bitcoin has its own problems to solve. Endless hardforks, ridiculously expensive fee, unbearable long transaction time, questionable scalability, and so on. Bitcoin has gained the largest market cap mainly because it was the first ever cryptocurrency being created. Many outsiders still regard the bitcoin as the signboard for the digital currency, while there are actually hundreds of better coins out there competing in the market.

Bitcoin is a Ponzi scheme? Those who said this is either playing smart trying to scare away the uneducated, or being too dumb to be ignorant.

Bitcoin might not be the last one standing ten years later, but blockchain is here to stay for sure.

新加坡最大银行，DBS 的首席信息官 David Gledhill 早日发表对比特币的看法，说这不过是一场庞氏骗局，银行的运作并不会因为参与这项技术而获得有利优势，还顺带提了最近吓人的交易费用为例子。

一个银行界的巨头说出这样充满抗拒性的言语的确是很令人遗憾。也许他只是说出身处在他这般职位所应该说出的话，毕竟比特币就是带着干掉银行的目标而诞生。不是很确定他所反对者是比特币本身还是背后的区块链技术，我是区块链的信徒，世界也正把同样的信任反映在比特币价格身上。但这不代表比特币就是区块链，它之所以能够成为龙头的主要原因还是因为它是第一个出现在大众目光的加密货币，对很多外行人来说比特币甚至就是加密货币的同义词，殊不知还有很多更先进强大的币种正在市场里闪耀着。

诚然，比特币本身是存在很多问题。无止尽的硬分叉，贵得吓人的费用，极慢的交易时间，充满疑问的扩展性等。但说比特币是庞氏骗局？说这等话的人不是聪明得想阻吓蠢蠢欲动的普罗大众，就是愚蠢得真的认为比特币毫无作为。

比特币未必会在遥远的十年后屹立不倒，但是区块链技术一定会长存下去。

This page is synchronized from the post: ‘Biggest bank in Singapore thinks Bitcoin is a Ponzi scheme’

It is reported that cryptocurrency mining malware has been breach from thousands of website to Google play store applications.

Coinhive, a site that offers a friendly programming interface to enable any website turning their visitor’s computer into mining machine for the website owner. A couple of multi-million downloaded applications from Google play store is taking advantage of user phone for illegal mining activities too, but no name of the applications was revealed.

For preventive measures:

• Install this Chrome extension to block all Coinhive malware.
• Apply good internet surfing habit, pay caution visiting potentially malicious websites.
• Don’t simply download untrustable applications even from Google Play store.
• Lastly, monitor the abnormal behavior of your devices like unusual high CPU usage or a drastic drop in the phone’s battery. They might be infected if high computing power was consistently being consumed without reasons.

有报道指出不单是网站有可能让你的电脑为陌生人挖矿，手机也成为了新目标。

Coinhive 提供了友善的编码界面让网站拥有者可以很容易的在自家网站装上，到访者的电脑就会被感染从而为之挖矿而不自知。Google play store 上也有数个拥有百万下载量的 App 会感染手机为远方的黑客挖矿，App 名字则被保密。

自保的方针有：

• 在电脑装上这个 Chrome 插件可以有效抵挡 Coinhive 攻击。
• 养成良好的上网习惯，拒绝访问来历不明的网站。
• 别随意下载应用软件，即使是来自Google Play store 这种官方渠道。
• 最后，密切观察设备的不正常状态。要是电脑的 CPU 使用帧率长时间处于高度使用状态，或是手机电池无故急剧下跌，那你很可能中奖了。

This page is synchronized from the post: ‘Don’’t mine for the hackers’