francescomecca.eu/_site/page2/index.html
2016-07-14 22:40:39 -04:00

444 lines
24 KiB
HTML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en-us">
<head>
<link href="http://gmpg.org/xfn/11" rel="profile">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<!-- Enable responsiveness on mobile devices-->
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1">
<title>
Caught in the Net &middot; La rete ti cattura ma libera il pensiero
</title>
<!-- CSS -->
<link rel="stylesheet" href="/public/css/poole.css">
<link rel="stylesheet" href="/public/css/syntax.css">
<link rel="stylesheet" href="/public/css/hyde.css">
<!-- Icons -->
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="/public/apple-touch-icon-144-precomposed.png">
<link rel="shortcut icon" href="/public/favicon.ico">
<!-- RSS -->
<link rel="alternate" type="application/rss+xml" title="RSS" href="/atom.xml">
</head>
<body class="theme-base-09">
<div class="sidebar">
<div class="container sidebar-sticky">
<div class="sidebar-about">
<h1>
<a href="/">
Caught in the Net
</a>
</h1>
<p class="lead"></p>
</div>
<nav class="sidebar-nav">
<a class="sidebar-nav-item" href="/">Home</a>
<a class="sidebar-nav-item" href="/about/">About</a>
<a class="sidebar-nav-item" href="/archive/">Archive</a>
<a class="sidebar-nav-item" href="/contattami/">Contattami</a>
<a class="sidebar-nav-item" href="/atom.xml">RSS</a>
<a class="sidebar-nav-item" href="http://francescomecca.eu:3000">Personal Git</a>
<a cleass="sidebar-nav-item" href="https://github.com/s211897-studentipolito">github</a>
<span class="sidebar-nav-item" href="" >Powered by Jekyll and Hyde</span>
</nav>
<p>&copy; 2016. CC BY-SA 4.0 International </p>
</div>
</div>
<h3 class="masthead-title">
<a href="/" title="Home">Caught in the Net</a>
</h3>
<div class="content container">
<div class="posts">
<div class="post">
<h1 class="post-title">
<a href="/pescewanda/2016/05/03/satoshisignature/">
Why Wright's proof is a fake
</a>
</h1>
<span class="post-date">03 May 2016</span>
<p>I explained in my previous <a href="http://francescomecca.eu/pescewanda/2016/04/17/wright-nakamoto/">post</a> (in italian) that the signature that Wright provided as a public proof is in fact invalid.
I want to explain briefly how you could check this claim.
The key in Wright&#39;s <a href="http://www.drcraigwright.net/jean-paul-sartre-signing-significance/">post</a> is this:</p>
<div class="highlight"><pre><code class="language-" data-lang="">------------------------- Signature File -------------------------
MEUCIQDBKn1Uly8m0UyzETObUSL4wYdBfd4ejvtoQfVcNCIK4AIgZmMsXNQWHvo6KDd2Tu6euEl1
3VTC3ihl6XUlhcU+fM4=
------------------------- End Signature --------------------------
</code></pre></div>
<p>Now we can use some bash utilities:</p>
<ul>
<li>base64, that translates encoded ASCII text;</li>
<li>hexdump, that displays hexadecimal contents from the input;</li>
<li>cut, used to remove the binary part of the input;</li>
<li>tr, used to delete spaces and carriage return from the input;</li>
</ul>
<div class="highlight"><pre><code class="language-" data-lang="">base64 -d &lt;&lt;&lt;'MEUCIQDBKn1Uly8m0UyzETObUSL4wYdBfd4ejvtoQfVcNCIK4AIgZmMsXNQWHvo6KDd2Tu6euEl13VTC3ihl6XUlhcU+fM4=' | hexdump -C| cut -b 11-60| tr -d ' \n'
3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce
</code></pre></div>
<p>Let&#39;s analyze the command one by one:</p>
<ul>
<li><code>base64 -d</code> decodes the redirected string, the output is some gibberish characters so I won&#39;t display them here;</li>
<li><code>hexdump -C</code> is used with a pipe to convert to hexadecimal:</li>
</ul>
<div class="highlight"><pre><code class="language-" data-lang="">00000000 30 45 02 21 00 c1 2a 7d 54 97 2f 26 d1 4c b3 11 |0E.!..*}T./&amp;.L..|
00000010 33 9b 51 22 f8 c1 87 41 7d de 1e 8e fb 68 41 f5 |3.Q"...A}....hA.|
00000020 5c 34 22 0a e0 02 20 66 63 2c 5c d4 16 1e fa 3a |\4"... fc,\....:|
00000030 28 37 76 4e ee 9e b8 49 75 dd 54 c2 de 28 65 e9 |(7vN...Iu.T..(e.|
00000040 75 25 85 c5 3e 7c ce |u%..&gt;|.|
</code></pre></div>
<ul>
<li>cut -b 11-60 displays only the characters from column 11 to 60:</li>
</ul>
<div class="highlight"><pre><code class="language-" data-lang="">30 45 02 21 00 c1 2a 7d 54 97 2f 26 d1 4c b3 11
33 9b 51 22 f8 c1 87 41 7d de 1e 8e fb 68 41 f5
5c 34 22 0a e0 02 20 66 63 2c 5c d4 16 1e fa 3a
28 37 76 4e ee 9e b8 49 75 dd 54 c2 de 28 65 e9
75 25 85 c5 3e 7c ce
</code></pre></div>
<ul>
<li><code>tr -d &#39; \n&#39;</code> is used to delete spaces and carriage returns from the output so that is shown in one line and it gives us the final result:</li>
</ul>
<div class="highlight"><pre><code class="language-" data-lang="">3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce
</code></pre></div>
<p>If you noticed, there is also another cleartext string at the beginning of Wright&#39;s post:</p>
<div class="highlight"><pre><code class="language-" data-lang="">$ base64 -d &lt;&lt;&lt;'IFdyaWdodCwgaXQgaXMgbm90IHRoZSBzYW1lIGFzIGlmIEkgc2lnbiBDcmFpZyBXcmlnaHQsIFNhdG9zaGkuCgo='
Wright, it is not the same as if I sign Craig Wright, Satoshi.
</code></pre></div>
<p>Now let&#39;s head to blockchain.info.
Blockchain.info has a little <a href="https://blockchain.info/decode-tx">utility</a> to get hexadecimal informations out of a transaction on the blockchain, so let&#39;s use it to get the related info about this transaction:</p>
<p><a href="https://blockchain.info/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe">tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe</a>
<a href="https://blockchain.info/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe?format=hex">tx/828ef3b079f9... in hexadecimal</a></p>
<p>As you can see the entire output of the first bash command, that is
<code>
3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce
</code>
is contained in:
<code>
&quot;script&quot;:&quot;483045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce01&quot;
</code>
except for the 48 at the beginning and the 01 at the end.</p>
<p>That is a signature hash:
this <a href="https://en.bitcoin.it/wiki/List_of_address_prefixes">page</a> explains that the 48 is just a decimal prefix given to uncompressed transactions, and the 01 at the end is just a SIGHASH_ALL <a href="https://bitcoin.org/en/glossary/signature-hash">code</a> that flags the end of the signature.</p>
<h2 id="so-is-it-a-fake">So, is it a fake?</h2>
<p>Yes, indeed.
At the end, I ask, why would you choose anything else than the easiest and most conclusive way to prove something?</p>
<p><img src="/wp-content/uploads/2016/satosh.jpg" alt="Wright &quot;signs&quot; the blockchain"></p>
</div>
<div class="post">
<h1 class="post-title">
<a href="/pescewanda/2016/04/17/wright-nakamoto/">
#JeSuisSatoshiNakamoto
</a>
</h1>
<span class="post-date">17 Apr 2016</span>
<p>Ieri mattina appena sveglio mi sono imbattuto in questo <a href="http://gavinandresen.ninja/satoshi">post</a> di Gavin Andresen, uno dei più importanti membri della Bitcoin Foundation.
In quelle righe Gavin attribuisce l&#39;identità di Satoshi Nakamoto, il padre dei Bitcoin, a Craig Wright, un imprenditore australiano.
Sono stato subito scosso dall&#39;articolo, dove si spiega:</p>
<blockquote>
<p>Part of that time was spent on a careful cryptographic verification of messages signed with keys that only Satoshi should possess.</p>
</blockquote>
<p>Continuo la mia navigazione imbattendomi nei seguenti titoli di alcune testate italiane:</p>
<ul>
<li>Repubblica: <a href="http://www.repubblica.it/tecnologia/2016/05/02/news/l_imprenditore_australiano_craig_wright_sono_io_il_creatore_del_bitcoin_-138896449/?ref=HREC1-12%22">&quot;Bitcoin: il creatore sono io&quot;, l&#39;imprenditore australiano Craig Wright esce allo scoperto</a></li>
<li>La Stampa: <a href="http://www.lastampa.it/2016/05/02/economia/imprenditore-australiano-fa-coming-out-sono-linventore-del-bitcoin-l6G9XXHlFGXOavjRv4snQL/pagina.html">Imprenditore australiano fa coming out: sono linventore del Bitcoin</a></li>
<li>Il corriere della sera: <a href="http://www.corriere.it/economia/16_maggio_02/bitcoin-la-bbc-padre-l-australiano-craig-wright-ba2124ec-1043-11e6-aba7-a1898801ab6b.shtml">per la «Bbc» il padre è laustraliano Craig Wright</a></li>
<li>Il sole 24 ore: <a href="http://www.ilsole24ore.com/art/finanza-e-mercati/2016-05-02/scoperto-l-inventore-bitcoin-e-imprenditore-australiano-111525.shtml?uuid=ACMVhYJD">Scoperto linventore del Bitcoin: è un imprenditore australiano</a></li>
<li>Il Post: <a href="http://www.ilpost.it/2016/05/02/craig-wright-bitcoin/"> questuomo linventore dei Bitcoin?</a></li>
</ul>
<p>Gli articoli da clickbait e la completa mancanza di spiegazioni tecniche hanno fatto squillare immediatamente il mio campanello antibufala.
Voglio approfondire la questione in questo post.</p>
<h2 id="prova-numero-1-il-post-ufficiale-di-wright">Prova numero 1: il post ufficiale di Wright</h2>
<p>Craig Wright in data 2 maggio ha pubblicato sul suo sito personale questo <a href="http://www.drcraigwright.net/jean-paul-sartre-signing-significance/">articolo</a> dove spiega che utilizzando 10 chiavi private associate agli indirizzi utilizzati da Satoshi ha firmato dei messaggi inviati da alcuni giornalisti e mostra gli script utilizzati per la firma sotto forma di screenshots.
Prima di tutto, ad un&#39;analisi più attenta si vede che lo script di Wright ha un <a href="http://imgur.com/IPDPXZm">typo</a> e quindi non è eseguibile.
Il motivo per cui ho dubitato maggiormente però è il fatto che nonostante Wright abbia speso molto tempo nel suo blog post ha evitato di darci una prova riproducibile del fatto che la chiave privata di uno dei genesis block sia in suo possesso.
Quindi il post di Wright non basta a verificare che egli sia in effetti Nakamoto.</p>
<h2 id="prova-numero-2-jon-matonis-e-gavin-andresen">Prova numero 2: Jon Matonis e Gavin Andresen</h2>
<p>Il primo post che ho letto e che inizialmente mi aveva convinto della sincerità di Wright è stato il quello di Andersen. A poche ore da quella lettura ho appreso grazie ad un <a href="https://twitter.com/petertoddbtc/status/727078284345917441">tweet</a> che è stato revocato a Gavin l&#39;accesso ai commit relativi allo sviluppo di Bitcoin in quanto si sospetta che sia stato hackerato.
Così il post di Gavin ha perso ogni valore nel tentativo di chiarire la vicenda.
Invece ho ancora molti dubbi relativamente al post di <a href="http://themonetaryfuture.blogspot.sg/2016/05/how-i-met-satoshi.html">Matonis</a> (uno dei fondatori della Bitcoin Foundation) dove afferma che a Marzo Wright si è rivelato a lui firmando in sua presenza un messaggio con le chiavi crittografiche del blocco #1 e del blocco #9.
Queste sarebbero le prove decisive per dimostrare l&#39;autenticità delle affermazioni di Wright, ma non ne abbiamo prove pubbliche e riproducibili. Anzi, dal post si deduce che Wright abbia utilizzato il suo laptop personale piuttosto che un computer sicuramente non manomesso in precedenza.</p>
<h2 id="prova-numero-3-gavin-su-reddit">Prova numero 3: Gavin su Reddit</h2>
<p>Alcuni redditor in risposta al post di Gavin hanno chiesto a lui stesso maggiori dettagli. Questa è stata la <a href="https://www.reddit.com/r/btc/comments/4hfyyo/gavin_can_you_please_detail_all_parts_of_the/d2plygg">risposta</a> di Gavin:</p>
<blockquote>
<p>Craig signed a message that I chose (&quot;Gavin&#39;s favorite number is eleven. CSW&quot; if I recall correctly) using the private key from block number 1.
That signature was copied on to a clean usb stick I brought with me to London, and then validated on a brand-new laptop with a freshly downloaded copy of electrum.
I was not allowed to keep the message or laptop (fear it would leak before Official Announcement).
I don&#39;t have an explanation for the funky OpenSSL procedure in his blog post.</p>
</blockquote>
<p>Dall&#39;articolo di <a href="https://www.wired.com/2016/05/craig-wright-privately-proved-hes-bitcoins-creator/">Wired</a>:</p>
<blockquote>
<p>Andresen says an administrative assistant working with Wright left to buy a computer from a nearby store, and returned with what Andresen describes as a Windows laptop in a “factory-sealed” box.</p>
</blockquote>
<p>Naturalmente queste non sono prove sufficenti poichè non abbiamo la certezza che il portatile sia stato manomesso in anticipo.</p>
<h2 id="prova-numero-4-gli-articoli-di-bbc-ed-economist">Prova numero 4: gli articoli di BBC ed Economist</h2>
<p>Wright ha avuto un colloquio privato con la <a href="http://www.bbc.com/news/technology-36168863">BBC</a> e un giornalista dell&#39;Economist ed ha fornito delle prove che loro ritengono sufficenti a verificare le sue affermazioni.
Vorrei poter andare più in profondità con le affermazioni delle due testate, ma esse stesse non forniscono alcuna dimostrazione concreta delle procedure che Wright ha eseguito.
Si legge:</p>
<blockquote>
<p>At the meeting with the BBC, Mr Wright digitally signed messages using cryptographic keys created during the early days of Bitcoin&#39;s development. The keys are inextricably linked to blocks of bitcoins known to have been created or &quot;mined&quot; by Satoshi Nakamoto.</p>
</blockquote>
<p>In mancanza di una spiegazione più approfondita e prettamente tecnica non vedo perchè dovrei prendere queste parole per certe.</p>
<h2 id="prova-numero-5-gran-finale">Prova numero 5: Gran Finale</h2>
<p>L&#39;unica prova concreta che tutta la community ha a disposizione è la firma che Wright ha utilizzato per autenticarsi firmando il discorso in cui Sartre spiega perchè rinuncia al premio Nobel.
Questa firma: <code>MEUCIQDBKn1Uly8m0UyzETObUSL4wYdBfd4ejvtoQfVcNCIK4AIgZmMsXNQWHvo6KDd2Tu6euEl13VTC3ihl6XUlhcU+fM4=</code> non è altro che la versione esadecimale della <a href="https://blockchain.info/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe">transazione</a> che Satoshi ha fatto nel 2009.
Quella stringa (in base64) non è affatto una firma, bensì è un messaggio in chiaro: &quot;Wright, it is not the same as if I sign Craig Wright, Satoshi.\n\n&quot;.</p>
<hr>
<!--![Wright firma il genesis block](http://francescomecca.eu/wp-content/uploads/satosh.jpg)-->
<h1 id="wikihow-how-to-claim-you-39-re-satoshi">wikiHow: how to claim you&#39;re Satoshi</h1>
<p>Charlie Lee, il creatore dei Litecoin su medium ci ha dato una <a href="https://decentralize.today/satoshilite-1e2dad89a017#.xljsji88r">dimostrazione</a> semplice e concisa di come il vero Satoshi si sarebbe dovuto autenticare.
Non abbiamo bisogno di colloqui privati, laptop nuovi di fabbrica e screenshot di script. Nei primi blocchi, i genesis blocks, rimangono registatrate un numero sufficiente di chiavi pubbliche appartenenti al creatore della blockchain.
Chiunque dichiari di essere Satoshi deve poter firmare un messaggio utilizzando una di quelle chiavi. Questo è quello che il creatore dei Litecoin mostra in 4 righe.
Ogni altra prova è discutibile e non necessaria.</p>
<h2 id="edit-22-12">EDIT 22:12</h2>
<p>Su Twitter il profilo ufficiale di Electrum <a href="https://mobile.twitter.com/ElectrumWallet/status/727366861592076288">scrive</a>:</p>
<blockquote>
<p>Note: There was no download of a signature file of electrum (.asc file) from a UK IP on Apr 7th.</p>
</blockquote>
<p>Questo significa che il 7 Aprile, quando Wright ha mostrato a Gavin le sue chiavi utilizzando Electrum, nessuna delle due parti si è preoccupata di verificare che il client fosse autentico. Questo invalida ulteriormente tutte le affermazioni di Gavin.</p>
</div>
<div class="post">
<h1 class="post-title">
<a href="/pescewanda/2016/04/17/kpd-player/">
Kyuss Music Player
</a>
</h1>
<span class="post-date">17 Apr 2016</span>
<p>For a long time I have been using Clementine music player on my workstation. Recently I reinstalled Gentoo on my desktop and I wanted to avoid installing QT libraries of any sort.
So I switched to <a href="https://www.musicpd.org/">mpd</a> and I have fallen in love with it. It is very flexible, fast and enriched by a lot of community software.
For some weeks I used mpc client as my primary client for mpd but I was not satisfied with it. Even though it is pretty minimal but packed with every feature mpd permits, the search feels uncomfortable because is case sensitive and need artist, album, etc. flags before any entry.
This is why I have written kpd together with Francesco Gallà</p>
<h2 id="kyuss-player-client">Kyuss Player Client</h2>
<p>kpd is an acronym for Kyuss Player Client because we have been listening only to <a href="https://en.wikipedia.org/wiki/Kyuss">Kyuss</a> while programming this client.
We have reimplemented the search functions to suit our habits. No more case sensitive, optional &#39;artist, album, title&#39; flags.
kpd accepts only one string as the search argument and implements optional filter arguments to narrow the search in a grep like way.
I welcome you to read the <a href="http://francescomecca.eu:3000/pesceWanda/kpd">readme</a> in my git to understand how the search works.
Anyway in this post I want to explain bits of the code.</p>
<h3 id="main">Main</h3>
<p>The main kpd file invoked when the command is run in the console is kpd.py
The most interesting part in this file IMHO is these lines:</p>
<figure class="highlight"><pre><code class="language-python" data-lang="python">
<span class="k">for</span> <span class="n">el</span> <span class="ow">in</span> <span class="n">argsOrder</span><span class="p">:</span>
<span class="k">if</span> <span class="n">dictArgs</span><span class="p">[</span><span class="n">el</span><span class="p">]</span> <span class="o">!=</span> <span class="bp">False</span><span class="p">:</span>
<span class="n">client</span><span class="o">.</span><span class="n">update_status</span> <span class="p">()</span>
<span class="n">methodToCall</span> <span class="o">=</span> <span class="nb">getattr</span> <span class="p">(</span><span class="n">util</span><span class="p">,</span> <span class="n">el</span><span class="p">)</span>
<span class="n">retUtil</span> <span class="o">=</span> <span class="n">methodToCall</span> <span class="p">(</span><span class="n">client</span><span class="p">,</span> <span class="n">dictArgs</span><span class="p">[</span><span class="n">el</span><span class="p">],</span> <span class="n">searchRes</span><span class="p">)</span></code></pre></figure>
<p>argsOrder is a list of the arguments on the command line in the order the user wrote them.
kpd uses a dictionary to store for every argument the corrispective string for the function that will be invoked using getattr.
In this way any argument can be added to the main file without writing any other line of code. WE used this method to avoid using switch alike solutions.</p>
<h3 id="util">Util</h3>
<p>The util.py source file is a pretty easy source file to read. It contains every function that can be invoked by command line arguments. Every function has the same &#39;prototypes&#39; so that they can be called using the method explained above.
To implement <code>no-output</code> and <code>output</code> function I have used a class:
to suppress the output on the console the program assign to <em>sys.stdout</em> a dummy class that save the original stdout on a variable and replaces write and flush functions so that they are just pass. and no output is written.
To permit output after suppression the program just reassing the original value to sys.stdout.</p>
<h3 id="database-search">Database Search</h3>
<p>In MPDdatabase.py we have written the search functions.
Originally we intended to just read and import in a dictionary the whole mpd database that is stored compressed in the home directory.
This list of dictionaries stores every entry related to the song and if any of them matches the search string or the filter string (considering also flags if any) the related song is printed on the output and saved in a list so it can be added by the add function.
This approach result very efficent in term of precision but it lacked speed. For a database of about 77 thousand songs (about 550k lines) a search query could last almost 2 seconds.
To improve the speed of the search we used the pickle module. The pickle module allows kpd to dump the data structure used to store the database in memory on a file that can be read easily by using the <code>pickle.load</code> function.
In this way the search lasts about 40 milliseconds on the same database that wastes about 16MiB of memory on disk.</p>
<h2 id="conclusion">Conclusion</h2>
<p>This was really fun. It was our first hand on python project and the first real program we have written since we started learning programming at our university.
I discovered that programming allows me to relax and that is really cool to have custom software for activities you do every day.
The source for our program is stored in my git <a href="http://francescomecca.eu:3000/pesceWanda/kpd">here</a> and you are free to modify it.</p>
</div>
<div class="post">
<h1 class="post-title">
<a href="/pescewanda/2016/04/10/short-lesson-from-reddit/">
Bright Father
</a>
</h1>
<span class="post-date">10 Apr 2016</span>
<blockquote>
<p>My father used to tell us ridiculous false information all the time. The catch was if we could catch one out and prove him wrong he&#39;d give us a dollar. As we got older it would got a little less outrageous, but we&#39;d still get that dollar if we could prove it. Looking back it was a good way to get us to think for ourselves.</p>
</blockquote>
<p><a href="https://www.reddit.com/user/zedoriah">zedoria</a> on <a href="https://www.reddit.com/r/AskReddit/comments/u1ili/what_did_school_teach_you_that_was_blatantly/?ref=search_posts">reddit</a></p>
</div>
<div class="post">
<h1 class="post-title">
<a href="/pescewanda/2016/04/10/lifehacks/">
Lifehacks
</a>
</h1>
<span class="post-date">10 Apr 2016</span>
<ul>
<li><p>Even though you may be nervous about talking to random people, the worst you can get is &quot;Go away&quot;.</p></li>
<li><p>Do not buy your girlfriend or wife flowers in an attempt to make nice after you pissed her off. Every
time she looks at the flowers, she will just be reminded that you pissed her off, unless she has the
memory span of a goldfish.</p></li>
<li><p>To keep lettuce fresh for days longer, wrap it in paper towels instead of inside a plastic bag, it
works very well.</p></li>
<li><p>Cubes of sugar in biscuit barrels help the biscuits stay crisp.</p></li>
<li><p>To clear your sinuses, eat a lot of wasabi. It will hurt tons, but your sinuses clear almost
instantaneously.</p></li>
</ul>
</div>
</div>
<div class="pagination">
<a class="pagination-item older" href="/page3">Older</a>
<a class="pagination-item newer" href="/">Newer</a>
</div>
</div>
</body>
</html>