Mac M1/M2: Keyboard Brightness Keys + Remap § to ~

I recently moved from the US layout to the UK layout for my shiny new MacBook Air M2. I’d get used to the keys, however, my work MacBook is still on the US layout. Therefore, I decided to:

  1. Remap the section key § to tilde/back-tick (I use the tilde and back tick keys a lot)
  2. Remap the original tilde key to the left shift, so that I don’t accidentally hit the tilde in the wrong place
  3. Bring back the keyboard brightness keys by remapping the Siri (F5) + DND keys (F6)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "">
<plist version="1.0">
"HIDKeyboardModifierMappingSrc": 0xC000000CF,
"HIDKeyboardModifierMappingDst": 0xFF00000009
"HIDKeyboardModifierMappingSrc": 0x10000009B,
"HIDKeyboardModifierMappingDst": 0xFF00000008
"HIDKeyboardModifierMappingSrc": 0x700000064,
"HIDKeyboardModifierMappingDst": 0x700000035
"HIDKeyboardModifierMappingSrc": 0x700000035,
"HIDKeyboardModifierMappingDst": 0x7000000E1

Save the contents above to ~/Library/LaunchAgents/com.judepereira.keyremapping.plist, and logout/login :)

That’s all!


Cloudflare Zero Trust Gateway and Net Neutrality

TL;DR: This post isn’t merely a rant after Cloudflare’s recent outages, but rather meant to serve as an after-thought: is Cloudflare ruining the entire concept of a distributed internet? Is it on a path to violate Net Neutrality?

Let’s analyse it a little bit.

What is it?

Cloudflare’s Zero Trust Gateway routes all internet traffic from your devices such as your laptop, via Clouldflare’s internet backbone. Most likely, your personal device wouldn’t be connected to the zero trust Gateway, since it’s almost always deployed by enterprise companies.

What’s wrong with it?

The internet is de-centralised – no single authority can take it down, nor can control traffic across it. In its literal sense, “internet” means interconnected networks. This means that you’re reading this post through a bunch of networks that eventually connect to the host where this blog is hosted, in Amsterdam via Digital Ocean. The source of your connection could be anything – from a 5G capable device, a wired network connection being shared in a building, your ISP, etc. The list goes on an on.

However, Cloudflare Zero Trust Gateway routes ALL your traffic through a bunch of proxies that Cloudflare exclusively controls:

Yes, Cloudflare actually runs an active MITM attack, decrypting all your TLS data.
Fuck off Cloudflare!

And now we get to the real problem: when Cloudflare deploys a buggy version of their software, to the end user, that is to you, it appears as if the entire internet is down. You can’t get work done, nor can you do anything productive with that €3000 MacBook you’ve just bought. Surprisingly, this happens more often than not, especially in recent times.

In the future, if Cloudflare Zero Trust Gateway captures any significant market share (hopefully unlikely), they can suddenly start to make decisions that violate Net Neutrality.

Net Neutrality

If you’ve never watched John Oliver’s take on Net Neutrality, watch it here. ISPs have done such things in the past, and have managed to get away with it, albeit far fewer of those severely offending ISPs exist today (if somebody finds a valuable source for or against this, please post it in the comments). Of course, the giants still continue to live on.

Final Notes

In order to preserve Net Neutrality, the openness of the internet, no single company should own a significant chunk of the internet traffic. If your company is pushing for Cloudflare Zero Trust Gateway, push your IT administrator to read this post, and help point them in the right direction.

Getting the AWS CLI to accept Cloudflare WARP’s root certificate

When we moved to Cloudflare WARP at CleverTap, everything worked as expected, except for the AWS CLI:

SSL validation failed for [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)

The problem with Cloudflare WARP is that it’s the equivalent of Charle’s Proxy – presenting its own certificate for everything. While this works for almost everything, it doesn’t work for tools that use a well known and publicly trusted CA bundle.

Moreover, AWS’ CLI v2 is built with Python, which apparently doesn’t even have access to macOS’ Keychain. So, although that Cloudflare WARP certificate is installed in Keychain, tools from JetBrains and AWS’ very own CLI will refuse to work.

The solution? Download a .crt from Cloudflare’s documentation, convert it to a .pem (using Keychain), and then add it to your CA bundle (in my case, the default one installed by Homebrew).

Preparing the certificate

Download the certificate from here. Next, open it up in Keychain:

Right click on that entry, to see the Export option:

Export it as a PEM:

Hit Save.

Installing the certificate

And now to the tricky part. The CA bundle that AWS uses for its CLI is a mystery. However, it does allow one to override that, by using an environment variable. So, we want that CLI to trust the usual set of root certificates, along with Cloudflare’s. OpenSSL installs a decent set of trusted root certificates, which we can append to:

$ cat Cloudflare.pem >> /Users/jude/bin/Homebrew/etc/openssl/cert.pem

All that’s remaining is to tell the AWS CLI to use it:

$ export AWS_CA_BUNDLE=/Users/jude/bin/Homebrew/etc/openssl/cert.pem

And voila! It starts working magically!

LetsTuneup: A music chart with Arjit Singh in the lead

LetsTuneup has grown tremendously, and with it, we’ve introduced new features too. We identified that a few of our users couldn’t use the app to it’s full extent because they didn’t have music on their devices.

We’ve solved that. Users can now pick their favourite artists, powered by a location aware scoring algorithm, which recommends popular artists in their area.

Leading the recommendation list in Mumbai is Arjit Singh, followed by Eminem, Linkin Park, Coldplay and Pink Floyd. Honey Singh is #11 on the chart, and some nostalgic users love Akon, making him #28.

Arjit Singh in the lead, with Eminem, Linking Park, Coldplay and Pink Floyd following close
Arjit Singh in the lead, with Eminem, Linkin Park, Coldplay and Pink Floyd following close

Stay tuned and look forward to our next big feature, very soon.

US toy giant threatens to sue Matchbox

TL;DR: A giant American toy company threatens to sue Matchbox. Having no resources at hand, Matchbox is forced to change it’s name to Tuneup.

On the 14th of March, I received an email from Apple (via the giant toy company) with the following content:

The developer of the reported application is using the registered
Matchbox trademark in the description of the application without
authorization from the right holder. Also he is offering services by
unlawfully using the registered trademark which is causing bad
influence for the Matchbox brand values. Furthermore, this application is
not authorized from the right holder. This is a trademark infringement
causing damages to our client xxxxxxxx, the right holder for the
Matchbox intellectual property. I would kindly ask you to proceed and
remove the infringement/application from all stores worldwide.

This company, had the trademark for Matchbox registered under the following classification codes: US 001 002 003 005 021 022 023 026 029 036 037 038 039 041. Each and every G & S description was related to toy products, fabrication, stationery products, and manufacturing processes.

Looking up these classification codes on the United States Patent and Trademark Office’s website, absolutely none of them are for computer software, or anything that even crosses paths with Matchbox.


The million dollar question: If there was absolutely no case for “confusingly similar”, why did Matchbox change it’s name?

It’s simple really. Big guys always bully the small ones. They threatened to sue us if we didn’t stop using it. Even after proving to them that it wasn’t even remotely infringing to their use of Matchbox, they wouldn’t budge. Had I fought them legally, I would’ve won. Easy peasy. However, due to the lack of resources, I had no choice but to change it’s name.

If I had to call Matchbox anything other than Matchbox, I’d call it Tuneup. “Tuneup” is imagined by Joelle Fernandes, the co-founder of Let’s Tuneup.

Why Matchbox, and how it connects people through music

There’s no doubt that music defines us. It influences our moods, for example, making us happy by releasing a chemical named dopamine. It can affect what we wear, what we eat, and perhaps even who we enjoy being together with. It affects our thought process too (it’s well known that ambient noise can improve productivity).

In a study conducted amongst couples who were eighteen years old, it’s been found to predict personality traits. According to the same study, it’s what we’re most likely to discuss about when we meet somebody new, within the first few weeks. Psychologically, men and women who listen to similar music tend to be better communicators, and have longer lasting relationships.

It’s probably one of the most important things in our lives. If I were to place music on Maslow’s hierarchy of needs, I’d place it at the physiological stage. It’s a fundamental part of our society. Even the Hollywood movie directors (e.g. the scene from Interstellar) would agree.

Why not extend this to the social discovery apps we use today? None of them base their core on this. One of the most popular apps for social discovery, Tinder, uses Facebook page likes and interests, to match people together.

This is why Matchbox was created. It bridges the gap between “truly anonymous“, and “hey there“. The app shows you the top ten artists that are common between you and the person you’re looking at, giving you a fair knowledge of what that person would be like:

Matchbox showing the top 10 artists
Matchbox showing the top 10 artists

You’re more likely to be at ease knowing that the opposite person is a little similar to you. Matchbox was crafted with the sole intention that music is the key that connects us, and binds us together. It has evolved for over 9 months, before being made available to the world.

As it stands right now, Matchbox has a hundred active users, and is growing slowly.

Go ahead and test drive the app, and see for yourself how Matchbox re-defines the social discovery platform.

Download on the App StoreGet it on Google Play

Discover – my second iOS app

iTunes Genius is a great feature. However, it lacks music discovery outside your own music library. Sure, you can always do a Google search for similar tunes, but let’s face it – who has time to do this anymore?

There weren’t any great music discovery apps on the App Store either. All of them either looked ugly, or had to be opened by the user. The content wasn’t available readily.

Then I thought of Discover. I wrote this app keeping in mind that the app would never have to be opened by the user, to see any content. Instead, why not present it in the Today screen itself? This way, the widget can refresh it’s content quickly and present it, in a beautiful manner.

Unobtrusive. Simply genius, isn’t it?

How can this be made any better? Provide buttons which directly search the iTunes Store or YouTube for the song recommended. This way, it’s easy for the user to try out new songs, with zero effort. Eureka! The effort of typing on the device is now gone!

I’ve submitted the app on the App Store for review, and I hope it will be accepted and published soon. Here’s a sneak peak of it:

Highlights of Discover
Highlights of Discover

Discover took a total of one month to complete. Although it was a simple app, I couldn’t give it much time day to day.

I love what it’s turned into. There’s so much that I’ve learned about iOS – auto layout, GCD, and the language itself.

0f > Float.MIN_VALUE = false!

Turns out that this is the expected behaviour from the java doc:
A constant holding the smallest positive nonzero value of type float, 2-149.

So now, how do I get the smallest negative value that a float can hold?

Just came across the most weirdest thing ever in Java – 0f > Float.MIN_VALUE returns false!

Similarly, anything less than 0, (say -10 for example) is surprisingly not greater than Float.MIN_VALUE.

However, 0 > Integer.MIN_VALUE returns true!

Want to try it out?

public class E {
    public static void main(String[] args) {
        System.out.println("1f > Float.MIN_VALUE: " + (1f > Float.MIN_VALUE));
        System.out.println("0f > Float.MIN_VALUE: " + (0f > Float.MIN_VALUE));
        System.out.println("-1f > Float.MIN_VALUE: " + (-1f > Float.MIN_VALUE));
        System.out.println("0f < Float.MIN_VALUE: " + (0f < Float.MIN_VALUE));
        System.out.println("0f == Float.MIN_VALUE: " + (0f == Float.MIN_VALUE));


1f > Float.MIN_VALUE: true
0f > Float.MIN_VALUE: false
-1f > Float.MIN_VALUE: false
0f < Float.MIN_VALUE: true
0f == Float.MIN_VALUE: false

A Usable Mac: Yosemite + Reduced Transparency + Lucida Grande

I updated to OS X 10.10 after a day it was released – only to be stunned by the really, really ugly looking UI. @francispereira dubs this new update as “Polio infected”. There’s transparency where it should never have been in the first place, and the font smoothing engine is gone haywire with the new system default font, Helvetica.

Let’s fix it:

Drop the transparency

Open System Preferences(type sys in Spotlight). Open the Accessibility settings(second last row, extreme right). Check the checkbox that says “Reduce transparency”.

Revert the system default font to Lucida Grande(the font used in OS X 10.9 and earlier)

Download this app which I found here. Uncompress the downloaded file, then right click on the extracted app, and click on Open. Then click on the Patch and Install button in the dialog box that appears. It will then prompt you for your system password, as it copies Lucida Grande from /System/Library/Fonts to /Library/Fonts, and then patches it to be the system default font.

Next, log out and log back in to see a more usable Mac.

Seriously Tim, you ought to check yourself before you wreck yourself.

Evidently, SEED is just a kid in the corporate world

Despite several efforts to contact SEED Infotech regarding their mishap for the past two days, they do not respond. E-mails, twitter updates, facebook posts being deleted from their end, says everything: SEED Infotech is lazy. They cannot afford to sponsor an event such as this one. What’s more, today’s challenge makes no sense whatsoever! SEED tried to put up a memorial contest to pay their respects to Dennis Richie, the creator of the C. They called it a “mega-event in January“, I call it a “mega-flop in January“.

The day they came to The Wilson College, they seemed to be disorganized. They didn’t seem to know what they were doing themselves.

SEED has put down the level of computing. SEED has brought their level from zero to nil, well, to top it all off, they had an insane web programmer, who didn’t know what he was doing. Notice the actual link of the page, followed by what it’s supposed to be:

Clearly, they do not have the potential to host such an event, and must be never allowed to.

They haven’t even once shown a sign of improvement, answers incorrect, questions incorrect, what more is there to it? This proves SEED’s incompetence in hosting an event, which surprising should be pretty easy enough to pull off correctly.

Last but not the least, @SEEDInfotech, your just a kid in the corporate world. Congratulations on winning this title.

As Francis Pereira says, “good talent is always hard to find“, and SEED does not have such talent.

Import your Nokia S40 Contacts to Google or the like

Nokia S40 phones’ can’t sync with Google or any other good online web services. So if you wanted to export your contacts from your phone and import them into your GMail contacts/other contact management, how would you accomplish this?

It’s a little complicated, but easy once you do it for the first time.

From your Nokia S40 phone:
Take a backup of only your contacts, and transfer this backup file to your computer, running GNU/Linux(if anyone can replicate this process on Windows, drop a comment).

On your desktop:
The NBF file is a simple zipped file. Unzip this zip file, and navigate your way to the contacts folder:

$ unzip Backup000.NBF
$ cd predefhiddenfolder/backup/WIP/32/contacts/

If the above specified path does not exist, then look for the directory contacts in the extracted directory.
The contacts are stored in the most popular vcard format, all the contacts you have are in a separate vcard for each contact. Let’s combine all of these into one single vcard file:

$ cat *.vcf > ~/Desktop/phone-contacts.vcf

Now you can import this file into any contact management application that supports the vcard format.

For GMail:
Navigate to Contacts(it’s located a the top left corner), then under More actions, click on Import. Choose the newly created combined vcard file(located on your desktop) and click on Import.

To clean up things, in the Contacts view in GMail, again select More actions, and click on Find & merge duplicates…, this will ensure that you don’t have duplicate contacts, and clean up your contacts as well.

If someone accomplishes this in Windows, please leave a comment on doing so.