Older blog entries for Chicago (starting at number 143)

Dual interface cards


It seems that some readers have problems when you are using cards with both mifare and ISO14443 cards (such as the Nokia 6131 or 6212). Devices have to … Guess which interface to use and from our experance different devices they have differing prioritys.

The omnikey 5321 we use here actually requires a registry mid to get the driver to change it’s order - not something you can do on the fly but also not as bad as some others which we have not yet found solutions to.

      

Syndicated 2008-10-16 10:37:52 from Holding the Soldering Iron by the Cold End

Systems Administrators vrs Engineers


So a few years back I was doing a fair bit of sys-admining, and a fair bit of programming. I would say probably 50-50 in my time. Since then I actually went down the route of doing a lot more programming, and as little sys-admming as possible. Im a firm beliver that programmers should be forced to do *Some* systems administration so that they understand the concepts and ideas behind security and the other issues that Sys-admins have to deal with, but I also believe that programmers shouldn’t be the sysadmins of the boxe’s they deploy to.

Of course in a small organisatio, you don’t get those kinds of options - its very hard to justify the expense of a specialist sys-admin where every month is another extension on the mortgage of the CEO (or whoever your startup financial backer is).

Anyways, my problem is that on my personal server, I’m not actually very comfortable in claiming to be the sys-admin of it anymore. I havn’t got a clue whats going on with it any more. Four years of solid programming with only minimal systems-administration in the mix. So this is why, when trying to get some of my new code (in Python - you hear that - I’ve broken my “all languages beginning with P are evil” habit) to start on the server, I broke *everything*.

Thank you, goodnight.

      

Syndicated 2008-09-22 10:26:29 from Holding the Soldering Iron by the Cold End

Electronics & Active Smart Posters


So you’ve all seen the video of me making the Prototype 1.2 (back in this post) but now we’re actually gearing up to make a real productised version of it. What this means is turning a prototype system into a single board working version. This presents me with a couple of challenges - mainly over licensing and IP.

I will be the first to recognise that what I’ve done in terms of hardware is hardly rocket science - I’ve taken a module from here, and a module from there, and wired the two together. My touch of genius has come in the form of the code sitting on the microprocessor (module 2) which is driving and controlling the first module.

Module 1 - the really tricky bit, actually isn’t a problem - we’ve paid for a license to use this circuit, and we pay a small royalty for each product we produce with it on.

Module 2 - the microprocessor board, is proving a little more difficult to source - my current build is based upon Arduino, that is I have developed a shield containing Module 1 on it. I was hoping that the license for Arduino would enable me to adapt the circuit design and build the entire board as one. However, Module 2 is released under Creative Commons Attribute Share-Alike License, which basically means if I use their schematics, I have to license the entire board as that.

And looking for other, more friendly “Open Source” schematics, is prooving very tricky to find, so I resorted to a different tactic - just designing the entire microprossor module myself. Actually, it wasn’t that hard - if your design (from the docs of the microprocessor you are building for) then there is only very small descions you can take. It turns out (after comparing my design against the Arduino, and about three other Atmel based prototyping microcontroller boards), that there is only very very slight differences in terms of schematic - and this will also be reflected in layout - following standard design layout “logic” will lead you to the same conclusion.

mmmm, final version sounds so near.

Syndicated 2008-09-09 22:48:25 from Holding the Soldering Iron by the Cold End

Glue4 becomes Proxama


I don’t work for a new company, we’ve just changed our name, so now, I am a honored employee of Proxama. Its been a very painful (for other people in the company) on choosing the new name - it has to be unique, not just in the UK but internationally, and it has to say something about the company. The reasons behind the Proxama brand, being based a little on the NFC world that we’re in, it is kinda nice.

proxama

Also, because we’ve been expanding (again), we’ve had a review of our “official” positions in the company, i.e. Job Titles. Mine’s changed and now I’m the “Systems Architect” which reflects the lower number of coding hours and the higher number of writing and documenting and drawing hours that I do. I like it.

Yes, actually I’m 6 days late in making this post, as it happend on Monday

Syndicated 2008-09-06 11:23:53 from Holding the Soldering Iron by the Cold End

AngryBot - easier .NET app to IRC interface


So I’ve been working a bit on Angrybot recently. For those of you who don’t know, AngryBot is a wrapper around meebey.net’s smartirc4net IRC interface (which can be found at  http://smartirc4net.meebey.net/jaws/ ). Anyways, the idea behind this wrapper was to provide a much simpler interface for people to use an IRC bot as a reporting tool, or as a method of communicating with the people that want to use it.

My view on it is that people are writing their own applications or deamons or services or whatever you want to call them, and want to call IRC functionality from that - they don’t want to be bothered with writing all the IRC handling stuff, (which to be fair, meebey’s code does a lot of it for you), but instead just has hooks into particular commands, or just has it sitting there as a class that they can call “send message” on.

Implementing a command at the moment requires a reference in the project to the Meebey dll, but I am wrapping around that soon.

Now I have a few bugs to fix, and I have to add the parrellism to the normal commands, but its certainly a good start to see it in a public place after sitting on my desktop for 2 years (in various states, including a poker playing bot).

In the mean time, I am currently trying to break/fix some stuff for a “top secret plan”…. mwhahaha haha haha haha ho ho.

Syndicated 2008-09-04 20:56:40 from Holding the Soldering Iron by the Cold End

Arduino as Digital Filter… Hopes downed, and then Revived


I had hoped in my previous post to sample the audio through the use of an analogue input pin on the Arduino, then do some bit manipulation in the form of a Digital filter before playing back. However, my hopes have been crushed with this system:

To test the feasability of this, the code was simple - define an int to store a sample in, call analogRead() to read a byte in, convert this value into a value suitable for the number of output pins, then pass it out.

AnalogRead reads in a value between 0 and 1024, which is a 10 bit number. Because I’ve only got a 6bit DAC, I decided to just take the top 6 bits (I should really try this again with scaling as opposed to just taking MSB).

Now, since starting to write this and battling with lots of media upload tools AND wordpress.com etc, I’ve realised two things. 1) I’m not actually taking the top 6 bits, I’m using the top 2 bits because of a stupidity. and 2) I should use Scaling instead of just using the top 6 bits. I have just tried it again using 6 bits and there is a large improvement, as for scaling, that will have to wait.

My code (which is BAD and WRONG):
void loop() {
  buffer = analogRead(analogPin);
  PORTD = (byte) buffer >> 4 ; // only use MSB 6 bits
}

The following is an MP3 hosted on SplashCast Here. The first sample is the sample I’m inputting into the arduino, the second and third is the output.

Syndicated 2008-08-28 22:35:53 from Holding the Soldering Iron by the Cold End

Arduino Audio Filter


Whats the difference between Noise Makers and Audio Filters - well, I would expect a level of control. A Noise Maker implies a lack of control - the difference between “din” and “music”. I’ll start this post off with this image, which is a Waterfall image. Waterfalls are spectrum over time - In this case, the frequency is up the side, and the time is across the bottom. The intensity of the colour indicates a voltage at that particular frequency.

Waterfall of Arduino Noise Maker

Waterfall of Arduino Noise Maker

What we are seeing is how the frequencies are changing over time when the dials on the board are swizzled, and by comparing this with other audio projects, we are able to see how various features and code changes change the output.

The next stage of the project is Filters - Filters are basically devices which limit frequencies that go through them - there are essentially two types of filters, High pass (which allow high frequencies to go through) and Low Pass (which allow low frequencies through). By combining these together, you can generate Band Pass filters and Notch Filters (although you might make notch filters in a different way).

By adding filters together, you can make filters which let multiple bands (a comb shape) or ban multiple bands. If you have control of your filters, you can change them and manipulate them over time, and apparently, if you generate white noise on one side, and use two bandpass filters, you can make sounds which sound like words - by moving the two filters in and out and widen and narrow.

Anyways, when I was at Uni, I learnt how to build Digital Filters, that is I learnt the electronics behind the DSP, and its quite simple - well, its a little tricky to get them efficient, but a problem that’s been solved time and time again. The system works by multiplying a set of samples in a fashion. Unfortuantly, my choice of modules (50% electronics or low level computing, 25% maths, and about 20% computing theory) means that… I didn’t do the Signals and Systems module because my Maths skills are troubled. I loose the decimal place ok?

So I’ve had a crash course in Fourier Transforms, which are the very basics behind working out the numbers that you need in the sample multipliers… Which is what I’m about to build on this new circuit. So far, I have an analog input (which is my sampling system) and an 6 Bit R2R DAC shield. The first test will be to act as a buffer. The second will to act as an Echo Box, and the third, to Filter.

Syndicated 2008-08-27 22:42:03 from Holding the Soldering Iron by the Cold End

Arduino Noise Maker


I’m so sorry that this blog does seem to be jumping around quite a bit at the moment - one moment its RFID / NFC reading and writing, the second its serial to eithernet connections, and the third its … digital synthesizers? And unfortunatly, this post will be soon followed by a post about IRC robots, when will the random jumble of stuff come together? Soon! Sooon I say SOOOON!

Basically David Reynolds and myself have been working on a Digital Synth on the Arduino board, and been set back by being unable to get components from local shops blah blah etc etc. But finally, tonight, we have had success in building a semi-clone of the Arduino Noise Maker, and this is where I post my Vimeo Video.

Before I do, I need to first apologise to anyone reading this on Advogato - last time I posted a Vimeo video, Advogato went mental and merged my post with the person who posted immediatly before (i.e. the post immediatly below mine). The RSS feed that wordpress generates does seem to be sane and ok, so it makes me wonder if its and Advogato RSS eating/spittingout bug?

First running complete circuit - similar to that of Little - scale on Blog Spot. I should also mention that the film was filmed by Dave on a camera phone, so apologies for the sound and video quality. I think you can also hear the Wii Brain Teaser in the back ground.

This is actually the second version because we had massive problems sourcing the components needed, and we tried using a second Arduino board to clone the missing chips.

In this one however, the main noise is being outputted to the Breadboard via 6 lines into a 6 bit R2R DAC. The schmitt triggers are mounted on a nuelectronics arduino board, which controls the vibrato and the wave selector units. The two extra pots on the breadboard are the pitch and speed selection pots.

Stay tuned for more - next version promises to have some midi integration!

Info:
* R2R info: en.wikipedia.org/wiki/Resistor_Ladder
* Original Design: little-scale.blogspot.com/2008/01/arduino-noise-maker-info.html

Syndicated 2008-08-24 00:46:04 from Holding the Soldering Iron by the Cold End

Lantronix Xport Direct … and its death


Lantronix make some awesome little chips which give you a serial connection to a TCP/IP connection… that is by sending “C” followed by an IP, then waiting for a “C” back, it connects to the remote host.

My Problem? When I started with my chip, there was a wiring accident and I think I’ve fried its serial connection. So I need to buy another chip to confirm whether its dead, and then, when I have, throw this one in the bin :(.

Syndicated 2008-08-16 18:54:45 from Holding the Soldering Iron by the Cold End

Media Bashing - Electronic Passports, and why should we care?


Todays link that popped up - and I don’t search for these , I just notice them on the tech feed of Google, is Guardian talking about how easy it is to clone an electronic passport (full link here and also the Times Online) and throughout the day popping up on other sources. The story is always basically the same - given a new passport, this guy has managed to create a “copy” of the passport but edited some of the data on the clone - to be precise he’s swapped the digital image of the person (and he’s used Osama and another terrorist to get the point across).

So what’s that these articles are getting at? Basically, this (And this applies to all smart-card technologies irrelevant of they are contactless or not) - a smart card uses a standard interface to talk over, which your reader calls function calls on the processor on the other side. Now, the functions it can call, even if they’re secret, eventually will be leaked or someone will work out how they work, and publish that info.

What happens then is this - people are able to read off the smart card a whole heap of information - for example, in a credit card, the reader is able to get the card number and the name on the card, as well as other useful information about the type of card etc - this is the whole point of the card. If it wasn’t possible to get this information off, then the card wouldn’t be any use in a merchant’s terminal - a passport which you could never get the details off, would be, well, about as useful as a brick.

The way the security often works however, is that a secret piece of data on the card is used to manipulate some other data - some transaction specific data. So the banks and the passport issuers put this secret on the card which can’t be retrieved (without going into discussions here about side channel attacks). Often this is in the form of a simple hashing algorithm. The Bank/Passport office know what this secret is, and the card does - so when the merchant (or if a passport, the border guard) passes the hash up, it can be confirmed by the computers.

So what is the media raving about? Basically, they’ve got a guy who’s created his own copy of the Passport’s chip - that is he’s taken an off the shelf chip and programmed it with a program which mimics the official program.

He’s then read a copy of the real passport, and read all the “public” data from it - that is he’s called each of the functions in turn and read back the data that the official program sends. He’s then plopped that data into his own version, and changed a bit here and there. Now, this is all very good apart from he can’t clone the secret - he can either do one of two things.

1) try and get by with the same data being returned every time (which the smart card app designers will have written guards in against hackers doing that), or

2) pick a random secret and use that to generate the data that he doesn’t know.

So what he’s done is that second one. And this (in my opinion) is what the news stories should really be focusing on:

According to the news results, whilst 44 countries have signed up to the Electronic Passport scheme, and have agreed to implement it to the same standards, only 5 of them have actually implemented the electronic checks which will confirm if the secret on the card is the correct secret. The message that being sent out by the media should not be “Can we create forged cards” - that, as always, is yes, but instead, it should be “Why haven’t the other 39 countries got their systems ready yet?”. Then the question is much simpler - “Can we spot the forged cards” - with the systems that have been specified in place, the answer will be yes.

So Smart Cards are the answer to All Security Problems. Ever.

I’m not saying that. There are a lot of situations where Smart Card security based solutions don’t quite work, for instance offline transactions where you can’t verify “on the spot” if the details inside the card are genuine. There is a lot of skill and a lot of time and effort being spent by Smart Card programmers to provide very good and very secure programs - if you create a smart card program and algorithm in an afternoon, its not going to be as secure as one that has been well researched, and analysed and so forth. But, they add an extra layer of security on top of the already difficult to forge documents.

Syndicated 2008-08-06 22:32:47 from Holding the Soldering Iron by the Cold End

134 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!