Secure Shell

If you work in IT sooner or later, if not every day, you will use secure shell as part of your every day work. You may even be using a secure shell connection without even being aware, such is its ubiquity. It’s an essential piece of the 21st century operation and interaction between computer systems, one which even IT professionals sometimes take for granted.

SSH is the protocol used for secure shell and provides secure (encrypted) connections to remote machines. It is most commonly evoked with the ssh command, which I had mistakenly taken to be merely a secure ‘telnet’ remote connection. However the secure shell protocol is much more capable than just providing a remote shell console.

Once established, the secure shell connection can operate more like a tunnel allowing multiple channels connecting services simultaneously to ports on the remote machine. The most obvious example of this is when you ssh connect to a machine and include a connection with X Windows. Your connection will present the command shell in the terminal window (or equivalent putty, for instance, if on Windows) and also create a channel to connect your X Windows server for the remote machine to display windowed applications on your local machine.

For a clear explanation I can recommend this YouTube video ‘How Secure Shell Works’ from the Computerphile channel where Dr Steve Bagley walks through how it all works.

Tesla in Pwn2Own 2019

Image from mariordo59’s photostream

Tesla, in putting up the Model 3 as the top (non-cash) prize in this year’s Pwn2Own, is throwing down the gauntlet to other car companies.

In addition to the cash prizes there are two Model 3 cars up for grabs, with one going to the person with the most ‘Master of Pwn’ points and the other for going to the hacker with the first successful exploit of the event.

TargetPrize
Modem or Tuner$100,000
Wifi or Bluetooth$60,000
Gateway, Autopilot or VCSEC$250,000
Autopilot DOS attack$50,000
Key fobs or phone-as-key$100,000
Persistence$50,000
CAN Bus$100,000

I suspect their competitors are not there because they are not ready. Given what we have seen from the automotive industry to date, I suspect most of Tesla’s competitors vehicles would be highly vulnerable to skilled hackers.

Tesla’s more traditional automotive rivals are, with the launch of luxury electric models, trying to take back the ground they have lost to Tesla (particularly in the US market). This prominent public display of Tesla’s willingness to be security tested in such an openly public arena is raising the cost of a ticket to the game for its competitors.

From the outset Tesla have operated differently from the rest of their industry. They have their own operating platform built from the ground up. With respect to their car operating system they have behaved more like a software company, with security inherent in their design process from the outset. For instance Tesla has run a bug bounty program since 2014, although the initial prizes were much more modest.

Despite their best efforts, recently there was an issue with the early model S keyless entry systems, though that was mitigated promptly with a software update to the cars that allows owners to set a PIN to augment the security.

Repairable

Today I had to replace the screen on my trusty Dell D820. Coming up on 12 years old only the case and motherboard are original, pretty much everything else has either been upgraded or replaced. The backlight has been failing for a while, this morning it became terminal, so I popped in the replacement I ordered from Ebay a couple of months ago.

The Dell D series laptops were built to last and be maintained, a complete contrast to the Apple I’m currently writing this on. The D820 is still in use on a weekly if not daily basis and provides music and some other services. It’s also my goto machine for running Spinrite to maintain and fix hard drives. I also have a D410 that still runs Debian, but is rarely used.

I somehow doubt that any machine bought today will withstand regular use over 12 years.

Crypto-Gram security podcast

Today the Crypto-Gram 15th December podcast episode dropped into my podcatcher. This podcast is a reading of Bruce Schneier’s monthly Crypto-Gram Security Newsletter.

Bruce Schneier is a renowned American cryptographer, computer security professional, privacy specialist and writer. Dan Henage reads the latest newsletter and provides it as a podcast feed as a service to the security and IT community. The newsletter is a monthly summary of all the security topics that have caught Bruce’s attention. So it is a terrific resource to keep up to date on the major security news and topics of the day.

Crytpo-Gram can be found on the Schneier on Security blog and the podcast can be found on Dan Henage’s Libsyn feed.

How to listen to podcasts

Well, Simon Mayo and Mark Kermode on their eponymous film review podcast would say “You just listen to podcasts”. For the uninitiated, this is their standard response to any tech. related question, such say “How do you Snapchat?”. However the way I listen to podcasts has changed considerably since I first discovered them, and it certainly wasn’t that easy back in 2006.

My first discovery of podcasts came soon after winning a 2GB iPod Nano from a prize draw that I was inadvertently entered into for buying a Virgin Lobster phone back in 2006. I needed a discrete mobile to chase interviews for a new job at the time, so just bought the lowest cost small pay as you go phone and two weeks later received the iPod in the post. A very nice surprise.

Although most people would have used iTunes to fill their iPod I was using Ubuntu Linux at the time and had to use a pod-catcher, GPodder I think, to collect the episodes. Then they had to be transferred to the iPod, that involved installing some other software to manage the proprietary Apple file transfer.

By the time the iPod died in 2008 (inevitable as my pocket has proven to be an arduous place for technology to survive), I had a more capable Nokia 6800 (the Batman phone) that could also play MP3s; so this became the target for my pod-catcher’s transfers.

Once I moved on to my HTC Desire S, with the Android OS, I tried a number of pod-catcher apps eventually settling upon Pocket Casts. The podcast app made things so much easier with episodes downloading automatically whenever WiFi was available. I’ve stuck with Pocket Casts since and it has improved with further updates, an is now on version 7.

Internet Arcade

Archive.org is one of the massive projects that the Internet has spawned. Its premise is to preserve our digital history. They preserve items from the web, text, audio, video, books and software. There are a number of projects such as the way-back-machine which allows you to see websites as they were at particular dates in the past.

The project that recently came to my notice is the Internet Arcade. Its remit is to preserve arcade games in a playable format. It holds a library of ROM images from early arcade machines that can be played in the browser. This is achieved by using jsmame, which is a port of the Multi Arcade machine Emulator (MAME) to a javascript run time. 

The games can be played in Chrome or Firefox, it works best with the keyboard mappings and gamepad drivers on a Windows machine and is said to operate more smoothly in Firefox. It sort of works on OSX but Safari has no sound and I had problems with key mappings. More on compatibility has been posted here at Jason Scott’s Weblog.  

Open Bionics

Bionic 3D-printed arm ‘gives confidence’ to young amputees

https://www.bbc.co.uk/news/av/technology-46432642/bionic-3d-printed-arm-gives-confidence-to-young-amputees

I saw this story from the BBC today. Back in January 2015 I did an interview with Joel Gibbard about the Open Hand project for the Hacker Public Radio podcast. His Open Hand project has since evolved into Open Bionics which is now delivering his goal of providing affordable prosthetic hands, £5,000 rather than £50,000. Before Open Bionics, because of the cost of prosthetic hands, it has not been affordable to provide hands for children who need a series of different sized custom prosthetics as they grow. 

In the interview Joel spoke about the goals for Open Hand and Open Bionics, it is great to see this amazing project starting to deliver low cost prosthetics to amputees. The Open Bionics Hero Hand has come a long way from the early prototypes.

The interview is still available on the Hacker Public Radio archive, and can be listened to at: https://hackerpublicradio.org/eps.php?id=1686

Core Memory and the Apollo Guidance Computer

Before semiconductor memory, from around 1955 to the mid 1970’s computers used magnetic core memory. This required use of a little magnetic ring for each bit (binary digit) of information. Wires threaded through the rings were used to set the magnetic state of the rings, to clear and to read off the state (1 or 0) of each ring.

When I started training in electrical/electronic engineering I recall seeing examples of core memory in cabinets (like trophy cabinets) in the corridor at the college.

Magnetic core memory

Magnetic Core Memory – CC licensed by OpenCage.info

Over the years the memory was miniaturised to a point where manufacturing required the wires to be threaded through the rings by workers using microscopes. The state of the art enabled densities of up to 32 kilobits per cubic foot. Magnetic core memory like that shown in the image above was read write memory.

For applications that required a computer program to be held in a read only memory there was core rope memory. A notable example of core rope memory use was the guidance computer used by the Apollo missions.

Apollo core rope memory

Apollo Core Rope Memory – image from Wikipedia

The core rope memory was more densely packed and required each bit to be threaded as a 1 or a 0.

This MIT video includes a tour of the construction of the Apollo guidance computer where you can see the incredible effort that was required to produce the computer and its rope memory modules.

A Logic Named Joe

“A Logic Named Joe” was published in 1946 in Astounding Science Fiction and in one short story predicts the Internet and some of the dilemmas that it poses society. Murray Leinster (the nom-de plume of William Fitzgerald Jenkins) wrote more than 1500 short stories, but this is probably the best known.

This story is available in a number of ways, the craziest is to listen to the over-the-top1950 dramatisation from NBC’s DimensionX

The dramatisation was broadcast again in a 1955 X-Minus One episode which has been cut into 3 YouTube non-videos (included here mainly for decorative purposes).

Alternately, and probably better, you can read the original story in the Baen Free Library.

When you’ve finished, ask Alexa who the first president of the United State was. Then look up how to make ‘Dart Poison’ on your favourite search engine.

It could be argued that this story predicts the ubiquity of the Internet, Alexa, Skype, Google the jeopardy to personal privacy and the ensuing concerns about the propagation of harmful information about weapons and explosives. I was going to write more about the story but then found that there is a very good write-up in The Register from 2016 accompanied by a lively debate about the prescience of science fiction in the comments.

I’m Missing Maplin – the Courtesy Light

On our T5 Camper van conversion I had to replace the side door step which was quite badly worn during it’s previous life as Kombi van. The original step had a courtesy light in the rear end of the step, the after market replacement does not, and its not a simple task to fit one as they are designed to fit into a slight recess, so it’s not just a case of cutting a hole. I considered making a custom foot light unit with white LEDs that would fit there. On consideration I decided not to though. There is already an LED light fitting above the rear sliding door so it would be nice if that were to come on when the door was opened.

The rear lighting in the camper consists of 5 LED units supplied by the leisure battery and switched through its own circuit. One of the LED fittings is directly above the door opening. I need just this one LED fitting to illuminate as a courtesy light. The courtesy light circuit is supplied from the main vehicle battery and that power source should not be mixed with the power from the leisure battery. The answer to this problem is to connect the over door LED to both circuits via a diode from each circuit. Diodes are the electrical equivalent of a 1 way valve, so using a diode between each circuit and the LED will allow it to be powered by either circuit without the power flowing back to the other circuit, keeping the leisure battery light circuit separate from the courtesy light circuit and sharing the one fitting.

A potential problem with the silicon diodes is that there is a forward voltage drop across them of 0.6 volts or more. This would make the over door LED slightly less bright than the others. The solution is to use a Shottkey Diode which has only 0.2V forward voltage drop.

I few months ago I would have been able to pop down to Maplin and buy a couple of diodes, but now I’m having to wait for them to arrive via Internet Mail order and pay almost £5 post and packing (they weigh about 5 grams or less).