Apple Aftermath: Senate Entertains A New Encryption Bill

If you recall, there was a recent standoff between Apple and the U. S. Government regarding unlocking an iPhone. Senators Richard Burr and Dianne Feinstein have a “discussion draft” of a bill that appears to require companies to allow the government to court order decryption.

Here at Hackaday, we aren’t lawyers, so maybe we aren’t the best source of legislative commentary. However, on the face of it, this seems a bit overreaching. The first part of the proposed bill is simple enough: any “covered entity” that receives a court order for information must provide it in intelligible form or provide the technical assistance necessary to get the information in intelligible form. The problem, of course, is what if you can’t? A covered entity, by the way, is anyone from a manufacturer, to a software developer, a communications service, or a provider of remote computing or storage.

There are dozens of services (backup comes to mind) where only you have the decryption keys and there is nothing reasonable the provider can do to get your data if you lose your keys. That’s actually a selling point for their service. You might not be anxious to backup your hard drive if you knew the vendor could browse your data when they wanted to do so.

The proposed bill has some other issues, too. One section states that nothing in the document is meant to require or prohibit a specific design or operating system. However, another clause requires that covered entities provide products and services that are capable of complying with the rule.

A broad reading of this is troubling. If this were law, entire systems that don’t allow the provider or vendor to decrypt your data could be illegal in the U. S. Whole classes of cybersecurity techniques could become illegal, too. For example, many cryptography systems use the property of forward secrecy by generating unrecorded session keys. For example, consider an SSH session. If someone learns your SSH key, they can listen in or interfere with your SSH sessions. However, they can’t take recordings of your previous sessions and decode them. The mechanism is a little different between SSHv1 (which you shouldn’t be using) and SSHv2. If you are interested in the gory details for SSHv2, have a look at section 9.3.7 of RFC 4251.

In all fairness, this isn’t a bill yet. It is a draft and given some of the definitions in section 4, perhaps they plan to expand it so that it makes more sense, or – at least – is more practical. If not, then it seems to be an indication that we need legislators that understand our increasingly technical world and have some understanding of how the new economy works. After all, we’ve seen this before, right? Many countries are all too happy to enact and enforce tight banking privacy laws to encourage deposits from people who want to hide their money. What makes you think that if the U. S. weakens the ability of domestic companies to make data private, that the business of concealing data won’t just move offshore, too?

If you were living under a rock and missed the whole Apple and FBI controversy, [Elliot] can catch you up. Or, you can see what [Brian] thought about Apple’s response to the FBI’s demand.

Remote Sensing Bombs Could Stem Terrorism

If you understand technology, there were a lot of things hard to explain on Star Trek. Transporters, doors that were smart enough to open unless you hit them during a fight, and the universal translator all defy easy explanation. But one of the hardest things to explain were Mr. Spock’s sensors. From the ship or with a tricorder, Spock could sense at a distance just about anything from chemical compositions, to energy, and even the presence of life (which, today, at least, is difficult to determine even what that means).

Remote sensing would have a very distinct use in today’s world: finding terrorist bombs earlier. A recent article published on New Scientist by [Debora MacKenzie] points out that stopping attacks like the recent one in Brussels is difficult without increasing congestion. For example, putting checkpoints at doors instead of inside transit stations is common in Asia, but causes lines and delays.

detecThe United States has used ion mobility spectrometry (IMS) to detect explosive traces on swabs (using machines like the one on the left). However in the early 2000’s they experimented with a version of the device that used puffs of air to determine if people had explosives while they passed by the machine. By 2010, officials decided the machines broke down too often and stopped using them.

Remote Sensing in Practice

According to an expert at Rand Corporation, remote sensing is likely to employ imaging or sniffers. However, imaging solutions are easy to fool since a bomb can take the shape of an ordinary object. Sniffers, including biological sniffers (known as dogs), are harder to fool. The problem is that deploying thousands of dogs to cover the world’s airports is difficult.

Continue reading “Remote Sensing Bombs Could Stem Terrorism”

The Curse Of The 40673: Zombie Components That Refuse To Die

As a fresh-faced electronic engineering student while the first Gulf War was raging in a far-off desert, I learned my way through the different families of 74 logic at a university in the North of England. 74LS was the one to use, the story went, because it’s quick and doesn’t use much power. At the time, there was an upstart on the scene: 74HC. Now that’s really quick. New. Exotic, even.

Thus an association was formed, when you want a quick logic function then 74HC is the modern one to go for. It could have been a lifelong love affair, but over twenty years, after many factors of speed increases and some RF tricks with gates we wouldn’t have dreamed of back then, it’s over. There is a whole world of newer logic families to choose from, and while HC is still good at what it does, it’s well past time to admit that it may just have been superseded.

40673s, probably now worth more by weight than anything else on four legs.
40673s, probably now worth more by weight than anything else on four legs. (Thanks are due to [Brandon Dunson] and Tanner Electronics)
 A tendency to cling to the past with logic families is pretty harmless. Like [Adam Fabio]’s TIP power transistors they’re pretty cheap, still very much in production, and still do most jobs demanded of them excellently. But what prompted this piece was a far more egregious example of an old component still being specified: the RCA 40673 dual-gate MOSFET. Launched in the mists of time when dinosaurs probably still roamed the earth, this static-sensitive four-pin TO72 found a home in a huge variety of RF amplifiers, oscillators, and mixers. It worked well, but as you might expect better devices came along, and the 40673 was withdrawn some time in the 1980s.

Unfortunately, nobody seems to have told a section of the amateur radio community about the 40673’s demise. Or perhaps nobody’s told them that many scrap analogue TV tuners of a certain age will yield a perfectly good newer replacement for free. Because even today, thirty years after the 40673 shuffled off this mortal coil, you can still find people specifying it. If you have a stash of them in your junk box, they’re worth a small fortune, and yours could be the bench with the throng of people at the next ham radio convention.

A different but equally annoying manifestation of the phenomenon comes when the device everyone likes to specify is not very old and very much still in production, but the designer hasn’t taken the time required to check for a cheaper alternative. Nobody ever got fired for buying IBM, they say, but perhaps they should be fired for specifying an AD8307 logarithmic amplifier in an amateur radio power meter. Don’t take this the wrong way, it’s a beautiful chip and probably a lot of work at Analog Devices has gone into laser-trimming resistors to make it perform to an extremely demanding specification. But eleven dollars for a chip? When a cursory search will turn up Maxim’s MAX9933 which does a perfectly good job in this application at well under two dollars? Someone isn’t doing their homework.

Sometimes there are components for which there are no perfect replacements. Germanium point-contact diodes, for example. 1N34As and OA91s are becoming like hen’s teeth these days, and though Schottky diodes can replace them in many applications, there are still a few places if you’re a radio person you’ll hanker for the original.  There are suppliers on Alibaba who claim to manufacture 1N34s, but the pictures always look suspiciously like 1N4148s, and anyway who can find a home for a hundred thousand diodes? (Hang on, this is Hackaday. There will be someone out there with a hundred-thousand-diode project, you can count on it.)

OK, maybe germanium diodes are an edge case and the examples above have a radio flavour, but you get the picture. What the full-blown rant in the previous paragraphs has been building up to is this: a plea for designers to do their homework. Please try to design every project for the next two decades, and as though any extras in the component price come from your company’s bottom line. (We’ll make exceptions for building something for which the whole point is a retro circuit. An Apple I replica like the Mimeo 1 needs old logic chips for artistic purposes.)

Is there a vital electronic engineering skill that’s being lost here perhaps? Back when the Internet was the sole preserve of boffins and Tim Berners-Lee hadn’t yet plugged his hypertext ideas into it, we relied on catalogs. Big paper-bound books the size of telephone directories were our only window into the exciting world of electronic components. If you’re an American yours was probably from Radio Shack, but for most UK-based hackers and makers who couldn’t get their hands on a commercial account from RS or Farnell that meant the Maplin catalogue. Before they moved in a consumer-electronics direction, they were a component specialist whose catalogue with its distinctive spaceships on the cover could be bought at large newsstands.

It’s difficult to describe the impact of electronics catalogues in the ’70s and ’80s to someone who has known only the abundance of information from the WWW. These publications were our only window into the world of electronic components. They contained significant excerpts from semiconductor data sheets, and we read their wealth of information from cover to cover. We knew by heart what each device was capable of, and we eagerly devoured each new tidbit of information as it arrived.

In short, when we specified a component, we did so with a pretty good knowledge of all the components that were available to us.

By comparison, nowadays we can quickly buy almost any device or component in production from a multitude of suppliers. There are millions more devices available, and if RS or Farnell don’t have the part then Mouser or Digi-Key are sure to provide. The WWW allows us to find what we need in short order, and the miracle of global distribution means that we can have it delivered within 48 hours almost wherever we live.

CPC's very aptly-named Big Book
CPC’s very aptly-named Big Book

Which means that all the new devices are available to us, but we’ve lost the ability to keep on top of them. We’ve become information rich, but knowledge poor. Printed catalogs still exist, but the sheer volume of information they contain forces brevity upon their entries and expands the size of the publication to the point at which it becomes an unwieldy work of reference. We therefore tend to stick with the devices and components we know, regardless of their cost or of whether they have been superseded, and our work is poorer for it.

We need to relearn the skill of inquisitiveness when it comes to the parts we use, and to rediscover the joy of just browsing, even if the medium is now a huge suppliers’ web site rather than a paper catalog. Otherwise we’ll still be looking at circuit diagrams containing 74LS logic and 40673 MOSFETs in the 2030s, and that can’t be a good thing!

There is of course also a slightly macabre alternative scenario. The highest online price we found for 40673s was over $30 each, so if a producer can make that kind of silly money then there’s a danger that RCA’s successors will see a business model in exhuming the corpse and re-animating it, thus ensuring that we’ll never be free of the undead. We need to make sure that doesn’t happen!

Zombie image credit: By Fabien Rougié (Own work) [CC BY-SA 3.0 (http://creativecommons.org/licenses/by-sa/3.0)], via Wikimedia Commons

It’s Time the Software People and Mechanical People Sat Down and Had a Talk.

With the advances in rapid prototyping, there’s been a huge influx of people in the physical realm of hacking. While my overall view of this development is positive, I’ve noticed a schism forming in the community. I’m going to have to call a group out. I think it stems from a fundamental refusal of software folks to change their ways of thinking to some of the real aspects of working in the physical realm, so-to-speak. The problem, I think, comes down to three things: dismissal of cost, favoring modularity over understanding, and a resulting insistence that there’s nothing to learn.

Continue reading “It’s Time the Software People and Mechanical People Sat Down and Had a Talk.”

The New Heathkit Strikes Again

Alright, this is getting embarrassing.

The rebooted Heathkit has added another kit to its offerings. This time it’s an inexplicably simple and exorbitantly priced antenna for the 2-meter band. It joins their equally bizarre and pricey AM radio kit in the new product lineup, and frankly we’re just baffled by the whole affair.

About the most charitable thing you can say about their “Pipetenna” is that it’ll probably work really well. Heathkit throws some impedance and SWR charts on the website, and the numbers look pretty good. Although Heathkit doesn’t divulge the design within the “waterproof – yes, waterproof!” housing, at 6 dBi gain and only five feet long, we’re going to guess this is basically a Slim Jim antenna stuffed in a housing made of Schedule 40 PVC tubing. About the only “high-end” component we can see is the N-type coax connector, but that just means most hams will need and adapter for their more standard PL-259 terminated coax.

Regardless of design, it’s hard to imagine how Heathkit could stuff enough technology into this antenna to justify the $149 price. Hams have been building antennas like these forever from bits and pieces of wire lying around. Even if you bought all new components, including the PVC pipe and fittings, you’d be hard pressed to put $50 into a homebrew version that’ll likely perform just as well.

The icing on this questionable cake, though, is the sales copy on the web page. The “wall of text” formatting, the overuse of superlatives, and the cutesy asides and quips remind us of the old DAK Industries ads that hawked cheap import electronics as the latest and greatest must-have device. There’s just something unseemly going on here, and it doesn’t befit a brand with the reputation of Heathkit.

When we reviewed Heathkit’s AM radio kit launch back in December, we questioned where the company would go next. It looks like we might have an answer now, and it appears to be “nowhere good.”

When Are 8 Bits More Than 32?

Whenever we write up a feature on a microcontroller or microcontroller project here on Hackaday, we inevitably get two diametrically opposed opinions in the comments. If the article featured an 8-bit microcontroller, an army of ARMies post that they would do it better, faster, stronger, and using less power on a 32-bit platform. They’re usually right. On the other hand, if the article involved a 32-bit processor or a single-board computer, the 8-bitters come out of the woodwork telling you that they could get the job done with an overclocked ATtiny85 running cycle-counted assembly. And some of you probably can. (We love you all!)

redblue_pillWhen beginners walk into this briar-patch by asking where to get started, it can be a little bewildering. The Arduino recommendation is pretty easy to make, because there’s a tremendous amount of newbie-friendly material available. And Arduino doesn’t necessarily mean AVR, but when it does, that’s not a bad choice due to the relatively flexible current sourcing and sinking of the part. You’re not going to lose your job by recommending Arduino, and it’s pretty hard to get the smoke out of one.

But these days when someone new to microcontrollers asks what path they should take, I’ve started to answer back with a question: how interested are you in learning about microcontrollers themselves versus learning about making projects that happen to use them? It’s like “blue pill or red pill”: the answer to this question sets a path, and I wouldn’t recommend the same thing to people who answered differently.

For people who just want to get stuff done, a library of easy-to-use firmware and a bunch of examples to crib learn from are paramount. My guess is that people who answer “get stuff done” are the 90%. And for these folks, I wouldn’t hesitate at all to recommend an Arduino variant — because the community support is excellent, and someone has written an add-on library for nearly every gizmo you’d want to attach. This is well-trodden ground, and it’s very often plug-and-play.

Continue reading “When Are 8 Bits More Than 32?”

How I Embraced my Introvert and Joined the Hacker Community

For some people to join a new group is an exciting proposal, to meet new people and interact with them to accomplish a goal is their idea of a good time. If this describes you then you’re all set to jump in there and make some new friends! There are other people who see social interaction as not such a good time. They would rather avoid that situation and go on about their normal day, I get it. In general my level of comfort is inversely proportional to the number of people with me. This is not a character trait that I chose, I’m an introvert by nature.

The stereotype depicts hackers, nerds, or geeks as people without many friends who spend most of our time alone or you might just call us “loners”. I should make it clear that I’m writing this article from a table for 1 at my local diner and it would be out of the ordinary if there was another person at this table with me. Just in case someone feels the need to speak to me I’m wearing headphones as a deterrent, audio delivery is not their use at this time (headphone hack). I can feel the first comment brewing so let me nip that in the bud real quick: I’m in a restaurant AND actively being alone because there are often too many distractions at home to get things done in a timely manner. And I like the pancakes.

Before I climb up on this soapbox let me say that many of you are already involved in the community and are doing a great job, in fact I’m pretty sure many of the old-timers I talk about are Hackaday readers. This article is a result of my self reflection regarding my lack of community involvement as of late. I can’t think of any reasons why I shouldn’t take myself down a peg or two publicly, enjoy.

I won’t bother with the “Ra-Ra! Team Spirit!” garbage to get you all jazzed up to be a part of the team. But I will tell you what you’re missing out on by not being active and participating. It’s similar to the saying “You can lead a horse to water but you can’t make that horse join a group of like-minded horses that would all benefit from a wealth of horse-knowledge.” The saying changes depending on where you’re from, that’s how it was told to me.

Continue reading “How I Embraced my Introvert and Joined the Hacker Community”