Page 1
4 keyboards

Three delayed keyboards (or four future keyboards)

Anyone who has been involved with crowdfunding sites like Kickstarter and IndieGoGo, and particularly those who have backed hardware products, know all about product delays. I’ve written before about how crowdfunding sites are invigorating the hardware startup market, allowing hardware products to reach the market that would never have done so in the past. The flip side is of course that not all the hardware products that receive crowdfunding do in fact reach the market.

Many crowdfunded products have famously failed, such as the Eyez by ZionEyez HD video recording glasses whose principles seemed to simply disappear off the face of the planet without delivering any products (and it’s unclear if they ever worked on their product at all). That case was covered by Forbes and Network World, although it only raises about $350,000. More recently Kickstarter has made it harder for pie-in-the-sky hardware ideas to make it onto the site. One interesting case was the Skarp Laser Razor, which raised over $4 Million on Kickstarter before the site suspended their campaign. The company quickly switched to IndieGoGo and raised over $450,000. Whether Kickstarter was right and the project ultimately fails remains to be seen.

A product doesn’t need to be crowdfunded to be a colossal failure. The Gizmondo handheld gaming console built up a lot of hype before flaming out fast once they launched. I suppose it’s good they at least launched, although it was apparently the worst-selling console of all time, selling less than 25,000 units. The company behind it had apparently burned through $300 Million, most of it in the six months before it declared bankruptcy. In case you were wondering how a company could spend that much money in such a short period of time, you might remember the story of one executive of Gizmondo who the year following the bankruptcy crashed his $2 Million Ferrari Enzo into a poll on the Pacific Coast Highway at such a such speed that he literally split the car in two. It was later found that he had illegally imported over $10 Million worth of sports cars that were being leased in the UK to the US, and then stopped paying the leases.

Now I wanted to look at three keyboards I’ve previously discussed, and see where they fit into this story. I’m not saying these products will fail, and I certainly hope they do not, but some are examples of hardware crowdfunding projects that have been excessively delayed. Two keyboards, the King’s Assembly and the KeyMouse, were crowdfunded. One, the Kinesis Advantage, is an existing keyboard from a longtime keyboard manufacturer, that has been awaiting an update for many years (for example being announced as forthcoming in 2013).

Let’s start with the two crowdfunded keyboards, since they are incredibly similar. Both the King’s Assembly and the KeyMouse are split ergonomic keyboards whose halves can be moved as mice, allowing one to both type and use the mouse without having to ever move your hands off the keyboard. Both raised similar amounts of money (the KA raised just under $240K and the KM raised just over $150K. The KA cost $200 during the campaign (and is currently accepting pre-orders for $320), while the KM cost $299 during the campaign (and is slated to sell for $399 retail). Both keyboards launched their campaigns with non-mechanical key switches, and later updated their designs to support Cherry MX mechanical switches (I suppose if you’re buying a keyboard for $200-300 you expect quality switches). Both companies are beyond their promised ship dates.

The KeyMouse
The KeyMouse

For a long time I suspected the KeyMouse, even though it raised its money later than the King’s Assembly, would ship first. I thought that because the company was out there showing working demonstration hardware of their designs. The KeyMouse was shown at CES 2015 in Las Vegas, and won an Innovation Award at CES 2016, just a few months ago (it was actually announced in November 2015). I didn’t back the KeyMouse, and the updates they’ve posted have been made available only to backers, so it’s not entirely clear what is going on with the product. What I can glean from the comments is that they’ve offered all their backers full refunds, as well as a promise to sell them the final product when released at the same price they paid during the campaign. That seems like a very good way to deal with whatever problem they’re having. Most companies don’t ever offer refunds to Kickstarter campaigns, as it’s not required, and they’ve usually already spent the money. So while I don’t know what happened to cause KM to start offering refunds, it seems a good sign that they’re offering refunds, as it means they’re likely not insolvent. Maybe we’ll see products shipping from them, but don’t hold your breath on seeing it this year.


KA Beta Pair Pic from KS
King’s Assembly 3D-Printed Beta (from the back)

The King’s Assembly has never, to my knowledge, actually shown off its prototypes publicly. Some pictures have been released to backers in updates on Kickstarter, and recently they took orders for what they called Beta keyboards, basically prototypes with 3D-printed plastic parts, that they somehow managed to sell to people for $650 each before the Kickstarter units are ready to ship. I suppose it’s pretty clever getting people to pay for your beta testing hardware. It’s a little galling for some KA backers who paid for two units – a final unit when released, and a pre-production unit earlier. That pre-production unit was supposed to be ready a few months after the campaign ended in April 2014. Those backers, who paid $350 for the privilege of getting an early unit in addition to the final one, don’t get the Beta units. I guess if the money and testing received through the beta program help get the product finished, however, people will be happy to get their products in the end. At this point even the Beta units haven’t shipped yet, although they seem to be in some form of final assembly. Once they get to Beta customers, it will be interesting to see people’s reaction to them. I wonder if Beta customers are restricted from posting photos of the units online. We’ll see what happens when they get into customer hands. Even assuming they get them out soon, and they all work perfectly, I wouldn’t expect a final unit to ship from KA before 2017. If they do get the Beta untis out, it will at least show they’ve managed to manufacture working units in some quantity, although that won’t prove that they can mass-produce the product using the money given them by backers in 2014.

Advantage Pro Keyboard
Kinesis Advantage Pro

Back in 2012, an employee of Kinesis started a thread on the Geekhack keyboard forum about what features people would like to see in a future version of the Kinesis Advantage contoured keyboard. I’ve written about the Advantage before (Why haven’t there been any keyboard innovations in decades? and How I would re-design the Kinesis Advantage keyboard). It’s a great keyboard, and I’ve used one myself on and off for years. The thread on Geekhack is actually still active, and there have been some interesting updates in the past four years. Of note, in early 2013, that same employee said the keyboard could be expected that year. As recently as last week, he was saying no date for the release, although other indications show that it is likely to come out this year (and in response to a tweet I sent them, they responded Q2). In the discussion online, it was revealed that the company only has about a dozen employees, and while the Advantage is the company’s most expensive keyboard, it isn’t the company’s most profitable. They sell many more of their less-expensive split adjustable Freestyle line of keyboards, which they’ve updated more frequently, adding for example Bluetooth support. In addition, they sell a line of foot pedals and other accessories.

Other priorities combined with some design problems has led to this delay now of more than four years. In the scheme of things, however, what’s four years? By my reckoning the last major update to the Advantage line was in 2002, when they introduced USB to the keyboard. That’s fourteen years since the last update. The overall design, however, hasn’t changed since it’s launch in 1996, which is twenty years ago. Twenty years selling the same design is pretty long by any reckoning, although Kinesis’ design is certainly modeled, at least in part, on the original Maltron keyboard that was designed in 1976 – so one could argue it’s a forty year old design. I’ve written how I would improve it, although my suggestions from 2014 are mostly functional, not design, changes. One design change that many people have asked for is the ability to split the keyboard into two halves, similar to their Freestyle keyboards. It seems that isn’t in the cards for the update planned this year, but they’ve said it’s not impossible in the future. It’s important to note that while this design update has been delayed, it’s not like the other keyboards which have backers that have put up money for them in advance. Kinesis certainly is under no obligation to update their keyboard, and while many people want an updated version, they’re not financially on the line if Kinesis never updates it.


Keyboardio Model 01
Keyboardio Model 01

I know the title of this post mentions three keyboards, but I’m going to mention one last keyboard because technically it’s not late yet. In fact I’ve mentioned this keyboard in at least two previous posts – A few interesting keyboards, nearly in existence… and The rise of hardware startups – thank you crowdfunding. The keyboard is the Keyboardio Model 01, and I’ve been following it for quite a long time. If you look at the two previous posts you can see quite a change in its appearance over time. Part of what has been interesting about this keyboard is how much information was shared about its design long before it was crowdfunded on Kickstarter. What started out as an, I guess obsession is not too strong a word, for its designer Jesse Vincent, has been shared all along the way. Jesse started by documenting his keyboard on his blog, as well is in keyboard forums. He went through many many prototypes, and landed in a hardware incubator called Highway1, where he further refined the design. Finally, after years of work, sharing his trials and errors, and even his code, he launched a crowdfunding campaign on Kickstarter.

The campaign was actually quite simple for a crowdfunding campaign. No stretch goals or other oddities. The keyboard was sold for $299. A $999 limited edition actually sold 11 units, amazing to me (to many people it’s probably harder to believe they sold over a thousand keyboards at $299, but while there are many keyboards available for over $299, I don’t know of too many over $999). The Keyboardio folk did a 25 State road trip during the campaign, driving from coast to coast and showing off the keyboard in various maker spaces. In the end, they raised over $650K, more than both the King’s Assembly and the KeyMouse combined. In addition, while I don’t expect the keyboard to ship by its April 2016 date (see, it’s not late yet), I do expect it to ship well in advance of the other two crowdfunded keyboards. There’s no question in my mind that the Keyboardio Model 01 will ship, and not many months after their original ship date.

One can certainly argue that the King’s Assembly and the KeyMouse are much more complicated than the Keyboardio, and that’s mostly true. The Keyboardio has no pointing device (although it can move the mouse position using keys), it doesn’t move, it has many fewer parts, less keys, etc. However, it’s clear from looking at the stories of these keyboards that the Keyboardio was planned out well in advance of being crowdfunded, while the other two were only rough prototypes then (and over a year later for both, they essentially still are).

In the end, we have four new keyboard designs all supposed to be released in the coming year. I hope they all make it to production, and sooner rather than later. This is, to some extent, the beginning of a keyboard renaissance, and in large part it’s due to crowdfunding expanding the hardware market (see The rise of hardware startups – thank you crowdfunding). While not all keyboard crowdfunding campaigns have ended well (such as the failed Multi-Touch glass keyboard), it seems that if keyboards like the above can all reach the market it will encourage others to experiment and come up with new keyboard designs. While hardware crowdfunding has almost always been associated with delays, it’s still a major driver of innovation, and I hope we’ll see more products soon (although if you really want to ship stuff on time, I won’t oppose that).

Apple Encryption Pop-Up

Who watches the watchmen? Apple vs. The FBI

The confrontation between the FBI and Apple over decrypting an Apple iPhone 5C used by Syed Rizwan Farook, one of the San Bernardino terrorists, who murdered fourteen and injured twenty two more on December 2, 2015, is a very interesting story.

At first blush the story seems quite simple. The FBI clearly wants to know what is on Farook’s phone, as it could potentially tell them if the terrorists had accomplices, as well as if they were in touch with other potential terrorists before the attack. Everyone involved (other than perhaps their accomplices if they exist) wants the FBI to get the information on the phone.

In fact, Apple assisted the FBI in getting all the information backed up to iCloud, and offered advice on how to retrieve the data from the locked iPhone. That advice was simply to plug in the phone in the presence of a known WiFi network, which might have triggered an automatic backup to iCloud of the more recent data. This would not have been affective if Farook had disabled backups, but otherwise would have sent a backup to iCloud that Apple would have been able to provide the FBI.

The reason this method didn’t work for the FBI was that they had the Farook’s employer, the San Bernardino County Department of Public Health, change the iCloud password for Farook’s phone “in the hours after the attack”. That action prevents the iPhone from automatically backing up to iCloud. In this case, it means that the most recent six weeks of data is not backed up, and now cannot be accessed without the user’s screen lock passcode. As part of the iPhone’s security, Apple automatically disables the phone is too many wrong passcodes are entered into the phone. That means the FBI cannot just enter the 10,000 possible passcodes sequentially until they get the correct one. It is this security feature – the disabling of the phone for repeated passcode attempts – that the FBI wants Apple to remove from the phone.

Let’s take a step back. Apple offers very clear guidelines to law enforcement, explaining what data Apple can provide them with with a proper warrant. The guidelines provide the exact text which they say needs to be in the search warrant for Apple to be able to comply, which is the following:

“It is hereby ordered that Apple Inc. assist [LAW ENFORCEMENT AGENCY] in its search of one Apple iOS device, Model #____________, on the _______ network with access number (phone number) _________, serial3 or IMEI4 number __________, and FCC ID#_____________ (the “Device”), by providing reasonable technical assistance in the instance where the Device is in reasonable working order and has been locked via passcode protection. Such reasonable technical assistance consists of, to the extent possible, extracting data from the Device, copying the data from the Device onto an external hard drive or other storage medium, and returning the aforementioned storage medium to law enforcement. Law Enforcement may then perform a search of the device data on the supplied storage medium.

It is further ordered that, to the extent that data on the Device is encrypted, Apple may provide a copy of the encrypted data to law enforcement but Apple is not required to attempt to decrypt, or otherwise enable law enforcement’s attempts to access any encrypted data.

Although Apple shall make reasonable efforts to maintain the integrity of data on the Device, Apple shall not be required to maintain copies of any user data as a result of the assistance ordered herein; all evidence preservation shall remain the responsibility of law enforcement agents.”

Note that Apple writes in the text that they “may provide a copy of the encrypted data to law enforcement but Apple is not required to attempt to decrypt, or otherwise enable law enforcement’s attempts to access any encrypted data.”

The FBI clearly already had such a search warrant issued, and Apple clearly already complied with it and provided them with the data that was more than six weeks old from the iCloud backup. Now the FBI wants that encrypted data, which Apple is fighting. Why is Apple fighting this? If they could access the data, then why wouldn’t just hand it over to the FBI like they did the iCloud backups? The answer is complicated. The short version is they have never done it, and if they do it now, they’ll be opening up the floodgates to probably thousands of iPhones in the possession of law enforcement that they want hacked.

The long version is that Apple looks at this as a civil rights issue. Apple has worked hard to make their devices secure for their customers. People trust their phones with all kinds of personal information, and don’t want that information available to the outside world. In addition, the FBI has used the All Writs Act of 1789 to pursue their unprecedented request for Apple to break into the iPhone in question. Apple feels that this is an attempt by the FBI to expand its powers using the 1789 law in a way that was never intended.

Apple responded with a letter to it’s customers, as well as a letter to it’s employees, outlining its opposition to creating such a backdoor to the iPhone.

Now begins the real battle. I think a few scenarios are worth taking a look at here.

  • Recently there have been a number of articles written wondering what would have happened if the phone in question had been an Android phone. The general consensus seems to be that the security of Android isn’t as strong as the iPhone’s, and it’s likely the phone would have been able to be broken into by the FBI without any help from the manufacturer. Part of the problem is that Android phones are not updated as regularly as Apple devices. Many Android phones get stuck at a certain Android version and never get updated. Apple has a much better record of getting their older phones updated with newer operating systems. In fact, the iPhone 5C in question here was released with iOS 7, which did not offer the level of encryption that is dogging the FBI right now. Only when the phone was updated to iOS 8 did the stronger encryption features kick in that are at the center of this case.
  • The cost of Apple to create an alternate version of their OS that is hackable is never really discussed. How many people work on iOS? How many people would be needed to implement this change? How much would it cost to keep such a version secure from other users cost? Apple wouldn’t have any problem doing any of this, but what if the device in question had been created by a startup? What if complying with the request would make them miss a market window (perhaps shipping in time for the holidays) and that could potentially send them into bankruptcy?
  • What would happen in the hacked version of iOS got out into the wild? Apple could build all kinds of safeguards into the software, such as only enabling it to work on Apple’s internal network, needing to get permission from a central server to operate, being linked to specific hardware, etc. but all of those things could be circumvented. It’s also clear that if it did get out into the wild, the people using it would be criminals, not the FBI. Criminals pay a lot better than the FBI.
  • The WSJ is reporting that the Justice Department already has a dozen iPhones it wants cracked by Apple, and none of those phones have anything to do with terrorism. This is the crack in the dam that Apple wants to make sure gets plugged. Apple knows they cannot offer to crack the phone in this case, and not crack the others if their requests are all based on the same All Writs Act.
  • This out out there, but worth considering. What if this is all an act? What if Apple already agreed to crack the phone, but wants cover from the FBI to insure their customers don’t know they’ve done it? In this stream, criminals and terrorists would probably switch to iPhones over Android phones, knowing Apple had fought the FBI successfully to prevent access. If Apple was secretly providing the data to the FBI, then this would be a great way to encourage switching to the devices that the FBI already has access to via Apple. If it seems the FBI and Apple are both making too big a deal of this issue, dragging into the public sphere what is usually very discrete, then this makes a lot more sense. For the record, I don’t believe this is the case, but in some ways it makes a lot more sense.

In light of the above, I thought it curious timing when I plugged in my iPhone to my computer and was presented with the following pop-up:

Apple Encryption Pop-Up

Now it’s possible this is coincidence. I don’t always have an iPhone cable in my office to connect to my computer. Maybe I haven’t plugged in my iPhone to my computer in a long time. The timing does make me wonder if other people have been asked by iTunes if they want to turn on backup encryption since San Bernardino entered the news. Have you seen this message recently? What are your thoughts on the Apple, FBI, and encrypted data?


An infographic for the keyboard-obsessed

The web site Go Mechanical Keyboard just released the results of their semi-annual keyboard survey in the form of a very nice infographic, which I’ve displayed below. You can view the raw data online if you want. 950 people responded from 49 different countries.

You need to be a bit obsessed with keyboards to understand everything in the infographic, although if you’ve been following my other posts on keyboards you should get most of it. Form factor? See my post “How many keys are there on a keyboard?“. Switch types? See my recent post “A keyboard with swappable switches” where I change the switches that came with the keyboard.

What do you think about the infographic?



Charles Brockden Brown on obsession

All men are, at times, influenced by inexplicable sentiments. Ideas haunt them in spite of all their efforts to discard them. Prepossessions are entertained, for which their reason is unable to discover any adequate cause. The strength of a belief, when it is destitute of any rational foundation, seems, of itself, to furnish a new ground for credulity. We first admit a powerful persuasion, and then, from reflecting on the insufficiency of the ground on which it is built, instead of being prompted to dismiss it, we become more forcibly attached to it.
Charles Brockden Brown, early American novelist

Backlight test middle

A keyboard with swappable switches

It started out with a post to Reddit that linked to a series of photos on Imgur of a new keyboard the user had ordered from the Chinese e-commerce site Taobao. Taobao, for those who don’t know, is a Chinese-language-only e-commerce site run by Alibaba Group that caters to residents of China and nearby countries where people speak Chinese. Many sellers on the site, even if you could navigate the site in Chinese, won’t ship outside of China. To meet demand, a whole crop of sites have sprung up just to help foreigners order products from Taobao. These ‘Taobao agents’ will order the product for you, receive the product in China, and then re-ship it to you wherever you are in the world. Of course, that service comes with a price, and in many cases that eliminates any cost savings you might get from ordering from Taobao. Occassionally, however, there are products on Taobao that are not available elsewhere. In this case, the user (redditsavedmyagain) ordered a keyboard that was in fact quite unique.

The keyboard is called the Team Wolf Zhuque+. I had never heard of it and before that post on Reddit most other people had never heard of it either. The keyboard was made of Aluminum, had folding feet on the bottom that could be used to angle the keyboard, and had LED backlights. Most interestingly, the keyboard was configured to allow switches to added without soldering (and removed without desoldering). The keyboard comes with blue Gaote Outemu switches, made special for the SMD LED underneath the switch. Most LEDs in keyboards go on the top of the switch, with the wires going through holes in the switch and then soldered to the circuit board underneath. Since this keyboard allows the switches to be removed, the LEDs are surface-mounted to the circuit board and have no connection to the switch. This is nice, but presents some problems. For one, the light is below the switch instead of on top of it, meaning the switch itself needs to either be transparent or have a hole to allow the light through. Also, since most switches are not designed with SMD LEDs in mind, they may not have enough room at the bottom for the LED. The Gaote switches used in this keyboard are specially designed for these kinds of LEDs, and are recessed at the bottom to leave room for the LED, have an extra large hole to allow light through, and while the bottom of the switch is white plastic, the top is transparent. This allows the light lots of room to shine.

Two things about the keyboard got users excited on Reddit. First, the swappable switches. It’s not the first keyboard to have swappable switches, but it definitely is one of the first. The second reason was the price. The keyboard cost only about $30-$40. That’s more or less unheard of for a metal-frame mechanical keyboard, especially one including Cherry MX-compatible switches. While lots of people on Reddit wanted to order the keyboard, they ran into a problem – there was no easy way to order it without speaking Chinese and probably having a shipping location in China. Some managed to do it, but most could not. Instead, something interesting happened. Users recruited representatives of Massdrop on Reddit to look into putting together a group buy on their site. That came together very quickly. Massdrop contacted the manufacturer, and offered two versions of the keyboard, the same TKL version shown on Reddit, and a Full Size keyboard as well (if you don’t know the difference between TKL and Full Size, see my article How many keys are there on a keyboard?). In addition to the keyboard, Massdrop allowed the user to bundle Gateron switches that were similarly configured to the Gaote switches, designed for use with SMD LEDs. The Gateron switches similarly had a gap for the LED, larger holes above the LED, and transparent tops. Massdrop offered the switches in a variety of types (brown, red, black, etc.) for $30 for a set. The price of the TKL keyboard was $59 (and an extra $20 for the Full Size) and while shipping in the US wasn’t too expensive, outside the US the shipping came to $30. That brought the price of the keyboard that was somewhere around $30-$40 on Taobao to $89 to people outside the US. A lot of people were annoyed at the big price hike. Of course, most people couldn’t order on Taobao, and certainly couldn’t get SMD LED compatible switches to go with the keyboard (specialist switches like this are incredibly hard to find in small volumes).

Another option popped up at the same time. Chinese site also followed the post, and offered the same TKL version from the original post for $59 on their site, including shipping anywhere in the world. While the Massdrop deal might be better in the US considering it could be bundles with extra switches and you could get the Full Size version, the Banggood deal was better for most people outside the US as the price was the same and the shipping was free.

One big difference between Massdrop and Banggood in terms of this keybaord, is that Massdrop sold a set amount, and now you need to wait until Massdrop decides there’s enough interest to have another group buy for the keyboard. Banggood is a normal e-commerce site, and you can still buy the keyboard from them for $59. As long as there is interest in it, presumably they’re continue to replenish stock.

So I bought a keyboard through BG. It’s true that I can’t find the special SMD LED switches myself, but I read that other switches could work. I happened to have a bag of normal Gateron switches, and figured I could make them work. If not, I could always use the keyboard with the Gaote switches it came with.

This is what the keyboard looked like on arrival:

Close up of Team Wolf keyboard with original keycaps

For more (and better) images see the original photos on Imgur linked to from Reddit, as well as another review on Imgur (I can’t find the post that linked to this review).

So a few things about the stock appearance. Note the white keycaps with translucent legends. The stencil-like appearance of the legends is, how do I put this, not very appealing. I I like the FN (function) key that lets me use all the secondary functions, such as the media keys and the backlight controls.

The keyboard comes with a keycap remover, and a switch remover. The keycap remove wasn’t particularly good, but I had a different one which made it easier to remove all the keycaps:

Team Wolf keyboard close-up with keycaps removed

The switches are blue tactile clicky Gaote Outemu switches. Note the bottom half is white plastic, and the top is transparent. The first thing I noticed when I removed the keycaps was that the switches are mounted upside down. It took me a few moments before I realized all the keycaps I had removed had their legends on the top half of the keycap. The switches were mounted upside down so the opening for the LED underneath the switch would be underneath the legends. Normally the LEDs that are mounted on top of a switch are on the lower half of the switch, so in order to have the light on the top half of the keycap they needed to be upside down.

The next step was removing the switches from the keyboard. In a normal mechanical keyboard, you would need to desolder the switches from the circuit board, and then remove the switches. A normal switch has two contacts that would have to be desoldered. If there were LEDs, depending on the type, you would need to desolder either two or four contacts. That’s per switch. These LEDs have two contacts, so four contacts per switch, times 87 keys, is 348 contacts to desolder to replace all the switches in a normal mechanical keyboard of this size. I’m okay with soldering, but let me say that I hate desoldering. That’s one of the reasons this keyboard appealed to me. Here’s the switch removal tool that comes with the keyboard. It takes all of a couple of seconds to remove the switches:

Removing a switch

Removing the switches leaves you with an empty space in the top plate over the circuit board. Below you can see the four arrow key switches removed, with one of them flipped over so you can see the bottom of the switch. Note the two contacts, and the receiving point in the circuit board those would go into. You can also see the LED mounted on the circuit board, and the big hole in the switch which goes over that LED. The big circle in the middle of the switch is there to help hodl the switch in place, and you can see the corresponding hole in the circuit board where that goes.

Switches removed with one upside down

A look at the keyboard with all the switches removed. You might notice that the LEDs for some key locations are different than others. That’s because the LEDs are different colors. The letters and the right-side keys all have blue backlighting. The modifier and function keys all have white backgrounds, while the number keys have green backgrounds. The stabilizers, the white plastic pieces on either side of the large key locations (Backspace, Return and Shift) are not a type of stabilizer that I had ever seen before, but luckily they worked just fine with the other set of keycaps I wanted to use.

Team Wolf keyboard with switches removed

Before putting in new switches, I wanted to see what was on the back of the circuit board. I removed all the screws and removed the top plate and circuit board, and then flipped it over. You can clearly see the black units that receive the switch contacts:

Bottom of Team Wolf circuit board showing switch receivers

Here you can see the side of the circuit board that sits underneath the right side of the keyboard, where everything that makes the keyboard tick is placed:

Bottom of Team Wolf circuit board showing resistors

Once I took a look I put everything back together, and put all the screws back. The next step was preparing the switches. I didn’t have the special SMD LED switches, only plain Gateron brown switches. The switches I had were actually made for use directly on a PCB, so they had two extra small posts coming out of the bottom of the switch that would normally fit into matching holes in the PCB. Since I was plate-mounting these switches, and the PCB didn’t have matching holes, I had to do a little switch circumcision and snip the two posts off each switch:

Switch circumcision

The next step was to deal withy the fact that these switches were not designed to be used with SMD LEDs. The goal of those switches is to allow more light through the switch, both by having a larger hole above the LED and by having transparent switch tops. Standard Gateron switches like the ones I had are slightly translucent white plastic, but not fully transparent. Luckily I had a bag of transparent switch tops, and just needed to swap out the tops of each switch. For that purpose I have a 3D-printed switch opener that does the trick nicely:

Switch opener

It’s a little hard to tell from the picture, but basically you lower the switch on to the black plastic opener, and small wedges in the opener pry open four connection points on the switch and allow the top to be pulled up from the switch. After swapping the switch cover you can see the difference in the switch appearance:

Switch cover comparison

I also considered making a larger hole in the bottom of the switch to try to match somewhat with the switches that came with the keyboard, but I figured it didn’t matter too much since the Gateron bottoms were somewhat translucent, and the light would shine through the whole switch.

Here’s a look at the bottoms of the two switches. On the left is the Gaote switch that came with the keyboard. Note the opaque white plastic, and the large hole for the LED. It’s a little hard to see but the hole sits above a small gap that allows more room for the LED. The Gateron on the right, however, is made of translucent plastic, and has very small holes for the LED (because for these switches the LED would normally be on top, and the two contacts from the LED would pass through those tiny holes).

Bottom of Gaote and Gateron switches

One other minor modification was for the switch to be used for the space bar. It’s normal for the space bar to have a stronger spring than the other keys. I started out with a clear Gateron switch, and removed the cover, spring, and plunger from the switch. I then inserted the gold spring shown with a much higher resistance, and reinserted the plunger and added a transparent cover. I knew the space bar I was going to use didn’t have any opening for light, so putting the transparent cover on it was sort of a waste, but I figured I might as well keep it consistent.

Replacing the switch spring

This is what the switches looked like in place:

Team Wolf keyboard with brown Gateron switches close-up

They look pretty good, it’s almost a shame to cover them up with keycaps. Note that I had no trouble inserting these switches into the keyboard, event though the switches were not designed to work with SMD LEDs. It’s possible I’ll run into problems at some point because the switches are resting directly on the LEDs, although LEDs don’t generate a lot of heat, so it really should be too much of a problem.

I tested out the backlights before adding the keycaps, just to make sure they were all working:

Testing the backlights

Now that I knew all the switches were working I needed to add the keycaps. Before I could do that, however, I needed to get the stabilizers installed. Stabilizers are used by keys that are at least twice the width of a standard key. At that point the key can have problems without a stabilizer to keep the pressing of the key consistent. You don’t want there to be a problem when pressing the side of the key where the key just bends instead of pressing down the plunger on the switch. As I mentioned, I had never seen these kinds of stabilizers before, but they seemed fairly simple.

You start by removing the little plastic inserts from the old keys. Most keys have two stabilizers. Note the metal wire on either side of the stabilizer in the keyboard. You lift up the wire which is actually one U shaped wire, and position the plastic inserts onto those wires. The inserts fall into the stabilizer spaces, and when you push the keycap down all three plus-shaped pieces get pushed into the keycap (the two stabilizers and the switch itself in the middle):

Team Wolf keyboard stabs

After getting all the stabilized keys installed, started adding all the other keycaps:

Team Wolf keyboard half keycaps

These keycaps are Vortex Double-Shot PBT/POM keycaps. The black material is PBT, a higher-quality plastic than the standard ABS plastic used in most keycaps. The legends are injection-molded separately (the double-shot) out of POM, which is translucent.

Team Wolf keycaps with PBT keycaps

You can see that the legends are not the most readable. Here’s what they look like when the keyboard is plugged in:

Backlight test corner

Backlight test middle

Since these keycaps were not designed for this keyboard, the backlighting isn’t perfect. The biggest problem is that for numbers, the backlight is lighting up the shift value for each key instead of the primary value. Note how the !, @, #, etc. are all green while the numbers are not lit up at all. Here’s the full view:

Final keyboard Team Wolf

While not perfect, I’m definitely enjoying the Gateron brown switches, and I like the appearance of the Vortex PBT keycaps over the keycaps that came with the keyboard. The lack of backlight under the numbers is a bit distracting, however. It’s the same with any keycap that has two symbols on it, like the comma and period keys. You can understand now why the keycaps that came with the keyboard made the unusual design decision to put multiple symbols next to each other at the top, instead of the more standard one on top of the other. While I worked hard to maintain the backlighting, in the end it’s possible I’ll switch to regular keycaps that don’t support backlighting, to get a more consistent look for the keyboard. Maybe I’ll just switch the alphanumeric keys to standard keycaps, and leave everything else backlit. I’ll have to see if I can find keycaps that match the appearance of these Vortex keycaps, which may not be easy since these are PBT and any other keycaps I have, and most made, are ABS. One thing that bother me about the keyboard is the placement of the cable right in the middle of the case. I would have preferred to have it off to one side since I mostly work with a laptop and the cable gets in the way. A nice feature would have been to offer more than one exit point for the cable, and let the user decide which one to use.

I’m kind of amazed how much interest was generated for this keyboard by a single post in a forum. I hope Team Wolf is at least sending redditsavedmyagain some swag.


E-mail security stinks, and that makes hackers (and the NSA) happy

The Better Mousetrap

Making the perfect e-mail client seems like the build-a-better-mousetrap challenge of our day. Every year or so it seems there’s another amazing e-mail client released by a startup, that says it has ‘reimagined’ or ‘reinvented’ e-mail and how to use it. Some examples include Sparrow (launched in 2011, bought by Google and discontinued in 2012) and Mailbox (launched in 2013 and bought a month later by Dropbox, and announcement of its imminent retirement just this month). This is kind of ironic considering the move away from e-mail to other messaging services, particularly real-time services, such as Slack and Whatsapp.

Recently, perhaps due in part to the imminent shut down of Mailbox, another e-mail app called Polymail has been receiving a lot of hype. It is already the fourth most up-voted product on Product Hunt, and it hasn’t even launched yet. Seeing the latest e-mail-mousetrap launch reminds me about one of the inherent security problems all of these applications encourage.

A Question of Protocol

All of these apps rely primarily on the IMAP e-mail protocol (short for Internet Message Access Protocol). That makes a lot of sense as it keeps most of the e-mail management on the server, and allows app developers to release both desktop and mobile clients that can both share the same e-mail, including read status and folder structure. Many of the largest e-mail providers like Gmail, Yahoo, iCloud, and (the service formerly known as Hotmail) support IMAP, so these e-mail accounts are generally supported by these new e-mail clients.

In the old days, most e-mail was served up using a different protocol, POP, short for Post-Office Protocol (technically it is POP3, and IMAP is actually IMAP4). The truth is that both POP and IMAP date back to the 1980s. POP is only a couple of years older than IMAP, although IMAP received more ongoing attention in the 1990s. There are a lot of differences between POP and IMAP, but the main difference is that when you use POP, all of your messages are downloaded to your e-mail client, and then deleted from the server, while IMAP downloads a local copy, but leaves all the e-mail on the server.

Keeping e-mail on the server has many advantages, such as having a backup of your e-mail on a remote server, and allowing your phone, tablet and desktop to all access your e-mail. There are some minor problems with keeping your e-mail on the server, such as running out of server space (depends on your e-mail provider). One problem that is usually overlooked, however, is that if your e-mail is stored on the server, your e-mail is accessible at all times by hackers and the government. Let’s take a look at these two scenarios.

Scenario One: Hackers

In the old days e-mail was never encrypted. Nowadays more and more companies are trying to insure it is encrypted when in-transit between servers. Google offers an interesting view of their attempt to encrypt e-mail in transit to different providers, showing which companies they receive and send e-mail to that are fully encrypted, and which are not. This in-transit encryption prevents, or at least greatly lowers, the ability of third parties (criminal or government) to intercept your e-mails while they are traveling between servers, or from a server to your client device. That’s great, but there’s one problem they don’t usually talk about, which is that the e-mails are stored unencrypted on the server itself. Apple actually points this out in their iCloud security and privacy overview:


Now I’m sure most major e-mail providers have amazing security, but nothing is a guarantee. How many times have you received spam from a friend whose account on a major e-mail provider or social network had been hacked? I still remember the first time I received the ‘I’m stranded in X and need you to wire me money’ scam. If your e-mail is online, it’s available to those who can access the server. That could be high-level hacks that compromise the entire server, or simple hacks like guessing your password. Check out to search a database of over 250 million username/password credentials that have been hacked and leaked online and you may find your e-mail address there. Do you use the same password on multiple sites? how about the same password for your e-mail and for online sites? That’s a big no no, but when the most common password on the Internet is ‘password’ security isn’t a major concern for many.

Even if you use strong passwords and use different passwords on different sites, however, there are more intricate methods for gaining access to e-mail without having to hack the server directly. Take for example the teenager that gained access to the personal e-mail account of John Brennan, the director of CIA. He did a reverse-lookup of Brennan’s phone number, determined its provider (Verizon), and called Verizon pretending to be a Verizon technician. This is called social engineering, and it’s basically hacking without a computer. The teenager managed to get enough information from Verizon to then call AOL and reset the password on the e-mail account. This was the director of the CIA.

Scenario Two: The Government

Sure, everyone knows the NSA is listening. Edward Snowden’s revelations about the NSA have been news fodder for years. One of the most troubling images released by Snowden via The Guardian was this slide from a presentation on NSA’s PRISM electronic surveillance program:

PRISM E-mail Data Collection

The slide seems to suggest at which point each of these services were compromised by the NSA. Whether these services were hacked by the NSA or were given access by the providers isn’t shown. That distinctions is really irrelevant, it would seem. Does this mean that the NSA can read all of your Gmail, Yahoo and iCloud e-mails? That’s not clear, but it doesn’t seem that is what they mean. It is possible that this slide merely means that the NSA is capable of intercepting all e-mails being sent and received by these servers. For example, they connect to the data pipes in between the hosting location and the Internet provider they use. The NSA can just listen in to everything coming and going, and doesn’t need to access the servers at all. That might have been the impetus for Google’s increased focus on in-transit encryption as mentioned above.

Now you might say that a lot of these programs were shut down and are not active. That’s also irrelevant. You know why? Because you don’t need to be the NSA to access e-mails stored on servers. You don’t even need a warrant. You’re probably thinking that’s crazy, and of course law enforcement agencies would need a warrant to access your e-mail on the server. NOT. TRUE. The Electronic Communications Privacy Act of 1986 (ECPA) defines e-mail on a server that is more than 180 days old as abandoned. This dates back to a time when everyone used POP or a proprietary protocol to download their e-mails, and storage was so expensive that keeping everyone’s e-mails on the server seemed absurd. Back then the assumption was you could download your e-mail and then the server would delete it to make room. The problem is that this antiquated definition is still the law of the land, and a law enforcement agency can ask for all e-mails older than 180 days and doesn’t need a warrant to do so. That’s not to say e-mail providers haven’t fought against this definition, but the law is on the government’s side until it gets changed. Meanwhile, if the government wants to take a look at the e-mails you’ve downloaded to your computer, they need a warrant. So if you store your e-mails remotely (using IMAP), the government can simply ask for them with little justification. If you download all your e-mails (using POP) then the government needs to go to a judge and get a warrant to search your computer, which they obviously need to get from you physically. If an e-mail provider hands over all your e-mails to a law enforcement agency, how would you know it even happened?

The interesting thing then is that using the older POP protocol, you are in many ways more secure than if you use IMAP. If you’re using in-transit encryption, which both IMAP and POP support, then the only e-mails accessible to government agencies when they approach an e-mail provider are what are sitting there in between downloads to your client. It’s usually a pretty good bet that those are less than 180 old, which means the government cannot get access to any of your e-mails if you use POP, without a warrant.

Sure all of this is theoretical. I don’t assume anyone reading this is being pursued by law enforcement. That said, any loophole is exploitable. Just ask John Brennan.

Then What?

The obvious answer to e-mail security is to encrypt all e-mails all the time. That, however, is harder than it seems. First, you can’t force other people to send you e-mails that are always encrypted. Second, even setting up encryption for all of your outgoing e-mails is incredibly difficult. It doesn’t feel like so long ago that Phil Zimmerman had to publish the code to his PGP encryption software in a hard-bound book and put it up for sale, in order to allow it to be exported outside the US under the First Amendment. The problem at the time was that strong encryption was considered a munition under US law, and exporting it to many countries was illegal. Anyone with a copy of the book could rip off the cover, separate the pages, and then scan the pages and generate the source code. A project to do just that outside the US was set up to stay up to date with new versions, called the PGPi scanning project. Nowadays, those laws are more relaxed, and no scanning in foreign countries is required. It’s not a secret sauce anymore. Getting strong encryption code out into the wild was only part of the problem, however. The bigger problem turns out to be a question of how easy encryption is to use.

Many people have tried to make encryption easier to use so more people would use it, but no one has really succeeded. Phil Zimmerman himself advised Hushmail, and co-founded Silent Circle, both of which could be described as attempts to make encryption more accessible. More recently two other efforts are perhaps more interesting.

Will Ackerly, who used to work at the NSA, launched Virtru, a company that piggybacks on existing e-mail services like Gmail and adds strong encryption. Some of the things Virtru allows beyond encryption are the ability to allow or disallow an e-mail from being forwarded, and the ability to revoke an e-mail (i.e. delete it from the recipient’s computer) at will, or automatically after a set period of time. Additionally, recipients of encrypted e-mails don’t need to install special software to read messages sent via Virtru. Virtu currently offers Chrome and Firefox plug-ins for web-access to services like Gmail, and offers a plug-in for Outlook on the Windows desktop. They also offer iOS and Android apps. Virtru tries to be a simple end-to-end solution for secure e-mail, and it does seem to do things very well.

Another startup, Keybase, was founded by the former founders of online dating site OKCupid. Founding a dating site might not sound like the right pre-requisite for bringing encryption to the masses, but besides building OKCupid based on complex mathematical matching algorithms, they also managed to sell their company to for $50 million in cash. As proven entrepreneurs, they managed to convince the right people, and raised $10.8 million from major silicon investors just to get started on the problem. The idea behind keybase is to link your cryptographic key with your various social media profiles, making it much easier for people to locate your public key and communicate with you. For example, you might link your Facebook, Twitter, Instagram, and Reddit usernames to your public key, which you store on the Keybase server. The important part is not just finding the key, but finding the right key. Normally using PGP you need to establish trust based on who signs each key. The problem is that if you’re e-mailing someone new, you won’t necessarily know if the people signing the key are fake. If you can link the key to established accounts of the user and cross-reference them with other accounts, then you have a fairly safe and easy want to confirm the owner of a key. The encryption scheme started with PGP, but is now evolving to include NaCl. The idea addresses a significant problem with public-key encryption, but doesn’t fully remove the ease-of-use problem most people have with encryption. Hopefully those are also being addressed.

All of these efforts are great, but they’re not solutions most people will use – yet. In the mean time, the question is how accessible are your e-mails to snooping. While the latest whiz-bang e-mail applications support IMAP and storing e-mails on the server, most have left POP behind. It is possible to download all your e-mails locally using IMAP, and then delete them all from your server, but it’s not the default. Next time another web site is hacked (don’t forget to check your e-mail address on or another revelation about government snooping is revealed, you might wonder if storing everything locally, like POP does by default, might not be the better way to go.