# Ask Hackaday: Security Questions And Questionable Securities

Your first school. Your mother’s maiden name. Your favorite color. These are the questions we’re so used to answering when we’ve forgotten a password and need to get back into an account. They’re not a password, yet in many cases have just as much power. Despite this, they’re often based on incredibly insecure information.

Sarah Palin’s Yahoo account is perhaps the best example of this. In September 2008, a Google search netted a birthdate, ZIP code, and where the politician met her spouse. This was enough to reset the account’s password and gain full access to the emails inside.

While we’re not all public figures with our life stories splashed across news articles online, these sort of questions aren’t exactly difficult to answer. Birthdays are celebrated across social media, and the average online quiz would net plenty of other answers. The problem is that these questions offer the same control over an account that a password does, but the answers are not guarded in the same way a password is.

For this reason, I have always used complete gibberish when filling in security questions. Whenever I did forget a password, I was generally lucky enough to solve the problem through a recovery e-mail. Recently, however, my good luck ran out. It was a Thursday evening, and I logged on to check my forex trading account. I realised I hadn’t updated my phone number, which had recently changed.

Upon clicking my way into the account settings, I quickly found that this detail could only be changed by a phone call. I grabbed my phone and dialed, answering the usual name and date of birth questions. I was all set to complete this simple administrative task! I was so excited.

“Thanks Lewin, I’ll just need you to answer your security question.”

“Oh no.”

“The question is… Chutney butler?”

“Yes. Yes it is. Uh…”

“…would you like to guess?”

Needless to say, I didn’t get it.

I was beginning to sweat at this point. To their credit, the call center staffer was particularly helpful, highlighting a number of ways to recover access to the account. Mostly involving a stack of identification documents and a visit to the nearest office. If anything, it was a little reassuring that my account details required such effort to change. Perhaps the cellular carriers of the world could learn a thing or two.

In the end, I realised that I could change my security question with my regular password, and then change the phone number with the new security question. All’s well that ends well.

## How do You Deal with Security Questions?

I want to continue taking a high-security approach to my security questions. But as this anecdote shows, you do occasionally need to use them. With that in mind, we’d love to hear your best practices for security questions on accounts that you care about.

Do you store your answers in a similar way to your passwords, using high entropy to best security? When you are forced to use preselected questions do you answer honestly or make up nonsensical answers (and how do you remember what you answered from one account to the next)? When given the option to choose your own questions, what is your simple trick that ensures it all makes sense to you at a later date?

We’d love to hear your best-practice solutions in the comments. While you ponder those questions, one mystery will remain, however — the answer to the question that nobody knows: Chutney butler?

# Network Analysers: The Electrical Kind

Instrumentation has progressed by leaps and bounds in the last few years, however, the fundamental analysis techniques that are the foundation of modern-day equipment remain the same. A network analyzer is an instrument that allows us to characterize RF networks such as filters, mixers, antennas and even new materials for microwave electronics such as ceramic capacitors and resonators in the gigahertz range. In this write-up, I discuss network analyzers in brief and how the DIY movement has helped bring down the cost of such devices. I will also share some existing projects that may help you build your own along with some use cases where a network analyzer may be employed. Let’s dive right in.

# Network Analysis Fundamentals

As a conceptual model, think of light hitting a lens and most of it going through but part of it getting reflected back.

The same applies to an electrical/RF network where the RF energy that is launched into the device may be attenuated a bit, transmitted to an extent and some of it reflected back. This analysis gives us an attenuation coefficient and a reflection coefficient which explains the behavior of the device under test (DUT).

Of course, this may not be enough and we may also require information about the phase relationship between the signals. Such instruments are termed Vector Network Analysers and are helpful in measuring the scattering parameters or S-Parameters of a DUT.

The scattering matrix links the incident waves a1, a2 to the outgoing waves b1, b2 according to the following linear equation: $\begin{bmatrix} b_1 \\ b_2 \end{bmatrix} = \begin{bmatrix} S_{11} & S_{12} \\ S_{21} & S_{22} \end{bmatrix} * \begin{bmatrix} a_1 \\ a_2 \end{bmatrix}$.

The equation shows that the S-parameters are expressed as the matrix S, where and denote the output and input port numbers of the DUT.

This completely characterizes a network for attenuation, reflection as well as insertion loss. S-Parameters are explained more in details in Electromagnetic Field Theory and Transmission Line Theory but suffice to say that these measurements will be used to deduce the properties of the DUT and generate a mathematical model for the same.

# General Architecture

As mentioned previously, a simple network analyzer would be a signal generator connected and a spectrum analyzer combined to work together. The signal generator would be configured to output a signal of a known frequency and the spectrum analyzer would be used to detect the signal at the other end. Then the frequency would be changed to another and the process repeats such that the system sweeps a range of frequencies and the output can be tabulated or plotted on a graph. In order to get reflected power, a microwave component such as a magic-T or directional couplers, however, all of this is usually inbuilt into modern-day VNAs.

In a laboratory grade VNA, we have two or four ports where a DUT is connected and the software does everything else for you. The only downside is that these instruments are very very expensive and price varies depending upon the range of RF frequencies or RF band coverage.

# A DIY Scalar Network Analyzer

Let’s simplify things a bit. Say I have a simple filter I want to characterize in which case phase may not be necessary for my particular applications. I would just like to obtain the frequency-attenuation plot for the circuit so that I can use it correctly. In such cases, the DIY approach is the best and I would like to highlight a project on Hackaday.io for beginners. The idea is simple and involves using the Analog devices AD9851 to generate the desired signals.

The received signal power levels are converted into a voltage using the AD8307 logarithmic amplifier (datasheet, PDF). This voltage is read by a microcontroller and the results, in this case, are plotted using a Python script. Another restriction to this design is the 70 MHz upper limit though it may work for a lot of people getting started with such projects.

In my quest for a simple experiment, I purchased some AD9850 modules, op-amps, and other tidbits from eBay and made a PCB in KiCAD. I built the project in the Arduino UNO shield layout because my intention was to test it on an Arduino and then move up to an STM32 Nucleo which was also bought on the cheap. My revision 1.0 had some basic bugs so it is still a work in progress but I am sure it will work the same as the above project. Feel free to explore it and make one for yourself. Mine is shown below in OshPark Purple.

I did salvage the connectors from an old DVR board I had lying around so I suggest you replace that footprint with whatever you intend to use in your build.

# More serious projects

If you are more comfortable with RF circuits and want a more serious project, there is another by [Henrik Forstén] that works from 30 Mhz all the way up to 6 Ghz. The difference here is that his design uses a lot of planning as well as specific RF chips to do the job.

The AD985x is replaced by the MAX2871 and the detector is replaced by an LMH2110. All the files are available on GitHub for our experimentation pleasure though this may not be everyone’s cup of tea. Though if you are getting a little bit interested in this stuff, be sure to check out the website for all the nice info provided.

# Vector Network Analysers

The Vector Network Analyzer is able to generate phase relationships in addition to the magnitude measurements. This allows us to generate complex math models for the components under test and helps identify the capacitive and inductive properties as well. In addition to the above-mentioned applications in the DIY field, VNAs are important tools for analysis of dielectric properties of materials as well. When working with materials such as ceramics in a research environment, a simple method is to apply the silver paste to opposite faces and then use a network analyzer to measure the various parameters. This method is commonly known as capacitance method for measuring complex permittivity.

For higher frequencies where the EM wave needs a waveguide, transmission/reflection methods are preferred. In this method, the material under test is placed inside a waveguide and there is no electrical contact between the terminals and the DUT. This method is commonly called the transmission/reflection line method and is usually employed in the laboratory.

It’s also possible to extend this to make free space measurements, where horn antennas are employed and the DUT is suspended in free space. This allows for the material to be heated or cooled without affecting the instrument or the antennas and is commonly used for temperature analysis of materials.

# Measurement Methods for Materials

Once S-parameters are obtained from experiment, this data can then be converted into dielectric properties. Some conversion methods (PDF) are:

• Nicolson-Ross-Weir method,
• NIST iterative method,
• New non-iterative method,
• Short circuit line method.

The most common parameter evaluated is permittivity or more specifically complex relative permeability (mu-r). The real part is the dielectric constant which is a measure of the amount of energy from an external electrical field stored in the material. The imaginary part is the loss factor and is the amount of energy lost due to external fields. The dielectric constant usually varies with the frequency which means that the same electrolytic capacitor won’t behave the same at all frequencies.

There has been a lot of research invested in creating new materials that will behave favorably at higher frequencies. Today there is a variety of materials being employed to create these devices and research involves characterization of the materials involved.

Another important term is loss tangent (tan delta) and is the ratio of the two. If you are interested in the subject, then I recommend reading the Rhode and Schwarz application note linked just above, as well as papers here and here.

Note: I have not tried to discuss methods like cavity perturbation though it may be of interest to some and can be explored on its own. Take a look at this application note from Keysight (PDF) for more information on the subject.

# A short note on VSWR

To complete this write-up, I am going to talk a bit about VSWR which is more associated with antenna and radio setups than materials and VNA. A scalar network analyzer used in HAM radio setups is used to measure a number of things including the Voltage Standing Wave Ratio or VSWR. This parameter is a ratio of energy that was put into an antenna or RF line and the amount of energy that bounced back out of it due to imperfect matching. So essentially, the standing wave ratio (SWR) is a measure of how efficiently RF power is transmitted from the power source, through the transmission line, and into the load. It is ideal to have all the signal converted into RF energy or EM waves at the antenna, however, practically if the impedance of the amplifier and antenna are mismatched, some part will be reflected back just like we discussed in the initial sections. A scalar network analyzer can measure these as well as impedance at various frequencies. RF couplers assist in reducing the mismatch and improving performance in these cases.

# What next?

The idea was to explain network analyzers and their applications in brief. You can extend this article by diving into radios and antennas, RF instrumentation, or get into microwave materials for high-frequency applications. For someone working with such materials, a VNA is indispensable as it does the heavy lifting of analysis and presents results in a very straightforward manner.

We are moving into ceramics that have a low-temperature coefficient i.e. the dielectric constant remains constant over temperature and LTCC or Low-Temperature Co-fired Ceramics. LTCC allow us to layer components together enabling high-density electronics manufacturing. All that requires analysis which is possible thanks to a combination of advanced instrumentation as well as mathematical algorithms.

# Linux Fu: X Command

Text-based Linux and Unix systems are easy to manipulate. The way the Unix I/O system works you can always fake keyboard input to another program and intercept its output. The whole system is made to work that way. Graphical X11 programs are another matter, though. Is there a way to control X11 programs like you control text programs? The answer to that question depends on exactly what you want to do, but the general answer is yes.

As usual for Linux and Unix, though, there are many ways to get to that answer. If you really want fine-grained control over programs, some programs offer control via a special mechanism known as D-Bus. This allows programs to expose data and methods that other programs can use. In a perfect world your target program will use D-Bus but that is now always the case. So today we’ll look more for control of arbitrary programs.

There are several programs that can control X windows in some way or another. There’s a tool called xdo that you don’t hear much about. More common is xdotool and I’ll show you an example of that. Also, wmctrl can perform some similar functions. There’s also autokey which is a subset of the popular Windows program AutoHotKey.

# Inventing The Induction Motor

When you think of who invented the induction motor, Nikola Tesla and Galileo Ferraris should come to mind. Though that could be a case of the squeaky wheel being the one that gets the grease. Those two were the ones who fought it out just when the infrastructure for these motors was being developed. Then again, Tesla played a huge part in inventing much of the technology behind that infrastructure.

Although they claimed to have invented it independently, nothing’s ever invented in a vacuum, and there was an interesting progression of both little guys and giants that came before them; Charles Babbage was surprisingly one of those giants. So let’s start at the beginning, and work our way to Tesla and Ferraris.

# Spy Tech: Nonlinear Junction Detectors

If you ever watch a spy movie, you’ve doubtlessly seen some nameless tech character sweep a room for bugs using some kind of detector and either declare it clean or find the hidden microphone in the lamp. Of course, as a hacker, you have to start thinking about how that would work. If you had a bug that transmits all the time, that’s easy. The lamp probably shouldn’t be emitting RF energy all the time, so that’s easy to detect and a dead give away. But what if the bug were more sophisticated? Maybe it wakes up every hour and beams its data home. Or perhaps it records to memory and doesn’t transmit anything. What then?

High-end bug detectors have another technique they use that claims to be able to find active device junctions. These are called Nonlinear Junction Detectors (NLJD). Spy agencies in the United States, Russian and China have been known to use them and prisons employ them to find cell phones. Their claim to fame is the device doesn’t have to be turned on for detection to occur. You can see a video of a commercial NLJD, below

# The Narrowing Gap Between Amateur and Professional Fabrication

### Unparalleled Access to Formerly Professional-Only Tools

But access to high end tools has never been easier. Hackerspaces and tool libraries alone have revolutionized what it means to have access to those machines. There are four or five Bridgeports (or similar vertical mills) at my hackerspace and I believe they were all donated. For the cost of membership, plus the time to get trained in and checked out, you can mill that part for cheap. Repeat with above-average 3D printers, CNC mills, vinyl cutters, lasers. The space’s South Bend lathe (pictured) is another example of the stuff most people don’t have in their basement shops. This group ownership model may not necessarily grant you the same gear as the pros, but sometimes it’s pretty close.
Continue reading “The Narrowing Gap Between Amateur and Professional Fabrication”

# There Is No Such Thing As An Invalid Unit

The Mars Climate Orbiter was a spacecraft launched in the closing years of the 1990s, whose job was to have been to study the Martian atmosphere and serve as a communications relay point for a series of other surface missions. It is famous not for its mission achieving these goals, but for the manner of its premature destruction as its orbital insertion brought it too close to the planet’s atmosphere and destroyed it.

The cause of the spacecraft entering the atmosphere rather than orbiting the planet was found in a subsequent investigation to be a very simple one. Simplifying matters to an extent, a private contractor supplied a subsystem which delivered a reading whose units were in the imperial system, to another subsystem expecting units in the SI, or metric system. The resulting huge discrepancy caused the craft to steer towards the surface of the planet rather than the intended orbit, and caused the mission to come to a premature end. Billions of dollars lost, substantially red faces among the engineers responsible.

This unit cock-up gave metric-using engineers the world over a brief chance to feel smug, as well as if they were being honest a chance to reflect on their good fortune at it not having happened on their watch. We will all at some time or another have made an error with respect to our unit calculations, even though in most cases it’s more likely to have involved a simple loss of a factor of ten, and not with respect to a billion dollar piece of space hardware.

But it also touches on one of those fundamental divides in the world between the metric and imperial systems. It’s a divide that brings together threads of age politics, geography, nationalism, and personal choice, and though it may be somewhere angels fear to tread (we’ve seen it get quite heated before to the tune of 885+ comments), it provides a fascinating subject for anyone with an interest in engineering culture.