News

3617 Articles

TI And Cadence Make PSpice Free

September 20, 2020 by 29 Comments

We like simulation software. Texas Instruments long offered TINA, but recently they’ve joined with Cadence to make OrCAD PSpice available for free with some restrictions. You’ve probably heard of PSpice — it’s widely used in academia and industry, but is usually quite costly. You can see a promotional overview video below.

The program requires registration and an approval step to get a license key. The downloaded program has TI models along with other standard models. There seem to be few limits as long as you stick to the supplied library. According to the datasheet, there are no size or simulation complexity limitations in that case. If you want to use other models, you can, but that’s where the limitations hit you:

There is no limitation of how many 3rd party models can be imported into the design. However, if 3rd party models are imported, a user will be able to plot a maximum of 3 signals at a time of their choice when any 3rd party model is imported from web.

We aren’t completely sure what “from web” means there, but presumably they just mean from other sources. In any event, you still get AC, DC, and transient analysis with plenty of options like worst-case timing analysis. Mixed signal designs are supported and there is a wealth of data plotting options, as you would expect.

This is a great opportunity to drive some serious software that is widely used in the industry. The only thing that bummed us out? It runs under Windows. We couldn’t get it to work under Wine, but a Windows 10 VM handled it fine, although we really hate running a VM if we don’t have to.

Still, the price is right and it is a great piece of software. We also liked the recent Micro-Cap 12 release, but we don’t expect any updates for that. Of course, LTSpice is quite capable, too.

Continue reading “TI And Cadence Make PSpice Free”

This Week In Security: AD Has Fallen, Two Factor Flaws, And Hacking Politicians

September 18, 2020 by 19 Comments

The big news this week is the huge flaw in Microsoft’s Active Directory, CVE-2020-1472 (whitepaper). Netlogon is a part of the Windows domain scheme, and is used to authenticate users without actually sending passwords over the network. Modern versions of Windows use AES-CFB8 as the cryptographic engine that powers Netlogon authentication. This peculiar mode of AES takes an initialization vector (IV) along with the key and plaintext. The weakness here is that the Microsoft implementation sets the IV to all zeros.

XKCD.com CC BY-NC 2.5

It’s worth taking a moment to cover why IVs exist, and why they are important. The basic AES encryption process has two inputs: a 128 bit (16 byte) plaintext, and a 128, 192, or 256 bit key. The same plaintext and key will result in the same ciphertext output every time. Encrypting more that 128 bits of data with this naive approach will quickly reveal a problem — It’s possible to find patterns in the output. Even worse, a clever examination of the patterns could build a decoding book. Those 16 byte patterns that occur most often would be guessed first. It would be like a giant crossword puzzle, trying to fill in the gaps.

This problem predates AES by many years, and thankfully a good solution has been around for a long time, too. Cipher Block Chaining (CBC) takes the ciphertext output of each block and mixes it (XOR) with the plaintext input of the next block before encrypting. This technique ensures the output blocks don’t correlate even when the plaintext is the same. The downside is that if one block is lost, the entire rest of the data cannot be decrypted Update: [dondarioyucatade] pointed out in the comments that it’s just the next block that is lost, not the entire stream. You may ask, what is mixed with the plaintext for the first block? There is no previous block to pull from, so what data is used to initialize the process? Yes, the name gives it away. This is an initialization vector: data used to build the initial state of a crypto scheme. Generally speaking, an IV is not secret, but it should be randomized. In the case of CBC, a non-random IV value like all zeros doesn’t entirely break the encryption scheme, but could lead to weaknesses. Continue reading “This Week In Security: AD Has Fallen, Two Factor Flaws, And Hacking Politicians”

Closely Examining How A PG&E Transmission Line Claimed 85 Lives In The 2018 Camp Fire

September 17, 2020 by 100 Comments

In 2018, the Camp Fire devastated a huge swathe of California, claiming 85 lives and costing 16.65 billion dollars. Measured in terms of insured losses, it was the most expensive natural disaster of the year, and the 13th deadliest wildfire in recorded history.

The cause of the fire was determined to be a single failed component on an electrical transmission tower, causing a short circuit and throwing sparks into the dry brush below – with predictable results. The story behind the failure was the focus of a Twitter thread by [Tube Time] this week, who did an incredible job of illuminating the material evidence that shows how the disaster came to be, and how it could have been avoided.

Mismanagement and Money

The blame for the incident has been laid at the feet of Pacific Gas and Electric, or PG&E, who acquired the existing Caribou-Palermo transmission line when it purchased Great Western Power Company back in 1930. The line was originally built in 1921, making the transmission line 97 years old at the time of the disaster. Despite owning the line for almost a full century, much of the original hardware was not replaced in the entire period of PG&Es ownership. Virtually no records were created or kept, and hardware from the early 20th century was still in service on the line in 2018.

Continue reading “Closely Examining How A PG&E Transmission Line Claimed 85 Lives In The 2018 Camp Fire”

Underwater Datacenter Proves To Be A Success

September 17, 2020 by 65 Comments

Back in 2018, Microsoft began Project Natick, deploying a custom-designed data center to the sea floor off the coast of Scotland. Aiming to determine whether the underwater environment would bring benefits to energy efficiency, reliability, and performance, the project was spawned during ThinkWeek in 2014, an event designed to share and explore unconventional ideas.

This week, Microsoft reported that the project had been a success. The Northern Isles data center was recently lifted from the ocean floor in a day-long operation, and teams swooped in to analyse the hardware, and the results coming out of the project are surprisingly impressive.

Continue reading “Underwater Datacenter Proves To Be A Success”

Autodesk Announces Major Changes To Fusion 360 Personal Use License Terms

September 16, 2020 by 314 Comments

Change is inevitable, and a part of life. But we’re told that nobody likes change. So logically, it seems we’ve proved nobody likes life. QED.

That may be a reach, but judging by the reaction of the Fusion 360 community to the announced changes to the personal use license, they’re pretty much hating life right now. The clear message from Autodesk is that Fusion 360 — the widely used suite of CAD and CAM software — will still offer a free-to-use non-commercial license for design and manufacturing work, with the inclusion of a few very big “buts” that may be deal-breakers for some people. The changes include:

  • Project storage is limited to 10 active and editable documents
  • Exports are now limited to a small number of file types. Thankfully this still includes STL files but alas, DXF, DWG, PDF exports are all gone
  • Perhaps most importantly to the makerverse, STEP, SAT, and IGES file types can no longer be exported, the most common files for those who want to edit a design using different software.
  • 2D drawings can now only be single sheet, and can only be printed or plotted
  • Rendering can now only be done locally, so leveraging cloud-based rendering is no longer possible
  • CAM support has been drastically cut back: no more multi-axis milling, probing, automatic tool changes, or rapid feeds, but support for 2, 2.5, and 3 axis remains
  • All support for simulation, generative design, and custom extensions has been removed

Most of these changes go into effect October 1, with the exception of the limit on active project files which goes into effect in January of 2021. We’d say that users of Fusion 360’s free personal use license would best be advised to export everything they might ever think they need design files for immediately — if you discover you need to export them in the future, you’ll need one of the other licenses to do so.

To be fair, it was pretty clear that changes to the personal use license were coming a while ago with the consolidation of paid-tier licenses almost a year ago, and the cloud-credit system that monetized rendering/simulation/generative design services happening on the Autodesk servers. Features removed from the free license in this week’s announcement remain in place for paid subscriptions as well as the educational and start-up license options.

The problem with these personal use licenses is that it’s easy to get used to them and think of them as de facto open-source licenses; changing the terms then ends up leaving a bad taste in everyone’s mouth. To their credit, Autodesk is offering a steep discount on the commercial license right now, which might take some of the sting out of the changes.

Update 09-25-2020: Autodesk has announced that STEP file export will remain in the free version of Fusion 360

Improving More Leaf Design Flaws

September 16, 2020 by 19 Comments

[Daniel] was recently featured here for his work in improving the default charging mode for the Nissan Leaf electric vehicle when using the emergency/trickle charger included with the car. His work made it possible to reduce the amount of incoming power from the car, if the charging plug looked like it might not be able to handle the full 1.2 kW -3 kW that these cars draw when charging. Thanks to that work, he was able to create another upgrade for these entry-level EVs, this time addressing a major Leaf design flaw that is known as Rapidgate.

The problem that these cars have is that they still have passive thermal management for their batteries, unlike most of their competitors now. This was fine in the early ’10s when this car was one of the first all-electric cars to market, but now its design age is catching up with it. On long trips at highway speed with many rapid charges in a row the batteries can overheat easily. When this happens, the car’s charging controller will not allow the car to rapid charge any more and severely limits the charge rate even at the rapid charging stations. [Daniel] was able to tweak the charging software in order to limit the rapid charging by default, reducing it from 45 kW to 35 kW and saving a significant amount of heat during charging than is otherwise possible.

While we’d like to see Nissan actually address the design issues with their car designs while making these straighforward software changes (or at least giving Leaf owners the options that improve charging experiences) we are at least happy that there are now other electric vehicles in the market that have at least addressed the battery thermal management issues that are common with all EVs. If you do own a Leaf though, be sure to check out [Daniel]’s original project related to charging these cars.

Continue reading “Improving More Leaf Design Flaws”

GitHub’s Move Away From Passwords: A Sign Of Things To Come?

September 15, 2020 by 69 Comments

Later this month, people who use GitHub may find themselves suddenly getting an error message while trying to authenticate against the GitHub API or perform actions on a GitHub repository with a username and password. The reason for this is the removal of this authentication option by GitHub, with a few ‘brown-out’ periods involving the rejection of passwords to give people warning of this fact.

This change was originally announced by GitHub in November of 2019, had a deprecation timeline assigned in February of 2020 and another blog update in July repeating the information. As noted there, only GitHub Enterprise Server remains unaffected for now. For everyone else, as of November 13th, 2020, in order to use GitHub services, the use of an OAuth token, personal token or SSH key is required.

While this is likely to affect a fair number of people who are using GitHub’s REST API and repositories, perhaps the more interesting question here is whether this is merely the beginning of a larger transformation away from username and password logins in services.

Continue reading “GitHub’s Move Away From Passwords: A Sign Of Things To Come?”