Thursday, March 31, 2011

Tentative launch date for GAGA-1: April 10, 2011

In my original post on GAGA-1 I said that I'd like to launch in time for the 50th anniversary of Yuri Gagarin's 1961 flight. It looks like I might manage.

The most recent predictions show the wind dropping next week making a weekend flight possible. The kind folks at CUSF have agreed to help out on the day. Thanks, guys!

So, tentative launch date is April 10, 2011. Hoping for a morning UTC launch. I'll be following along in a car (which will be trackable on the tracker using the comic callsign CarCar-1, GAGA-1 will be transmitting RTTY with call sign GAGA-1 on 434.650 Mhz SSB).

Of course, between now and then the wind could change, but here's hoping...

Even if I don't launch it's going to be a busy weekend, two launches are planned for April 9.

How not to post a security article

Yesterday a story from NetworkWorld did the rounds making the amazing claim that Samsung installs keylogger on its laptop computers with a follow up called Samsung responds to installation of keylogger on its laptop computer.

Everything about these articles set off alarm bells for me. And not alarm bells about Samsung, but about the authors.

The first article begins:
Mohamed Hassan, MSIA, CISSP, CISA graduated from the Master of Science in Information Assurance (MSIA) program from Norwich University in 2009.
This is a really bad way to start an article because it's an appeal to authority. It screams someone saying "Hello, look at me, I have all these qualifications". In computer security (and in general) I would prefer to read the results before who did the work.

The next paragraphs are about the Sony rootkit fiasco which has nothing to do with the rest of article (except for the claim that Sony == Samsung with respect to naughty low-level computer manipulation).

Then we get to the meat:
While setting up a new Samsung computer laptop with model number R525 in early February 2011, I came across an issue that mirrored what Sony BMG did six years ago. After the initial set up of the laptop, I installed licensed commercial security software and then ran a full system scan before installing any other software. The scan found two instances of a commercial keylogger called StarLogger installed on the brand new laptop. Files associated with the keylogger were found in a c:\windows\SL directory.
OK, sounds really suspicious. But then we get:
According to a Starlogger description, StarLogger records every keystroke made on your computer on every window, even on password protected boxes.
What an odd thing to say (for a security professional)? Of course keyloggers can capture passwords, they are logging keystrokes and don't care where they are going. He goes on:
This key logger is completely undetectable and starts up whenever your computer starts up.
No self-respecting security person would claim something was completely undetectable, especially after having said a couple of paragraphs before that they detected it using commercial software and that it can be found in a directory called C:\WINDOWS\SL.

Then we get:
Research online brought up a discussion of "Samsung rootkit" from May 2010 in which contributors reported a freeze on rootkit scans of Samsung laptop computers.
This seems completely irrelevant to the article since we are not talking about a rootkit, but a keylogger.

In the follow up article we get Samsung's response in the form of a quote from a second-level technical support person:
The supervisor who spoke with me was not sure how this software ended up in the new laptop thus put me on hold. He confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, "monitor the performance of the machine and to find out how it is being used."
This too seems unbelievable to me. We are meant to believe that (a) Samsung installed a shareware keylogger on its systems and that (b) their technical support people are aware of it and that (c) no one noticed this before. This seems very unlikely. If Samsung really wanted to do this they'd not use some old piece of shareware and they'd keep it a secret.

A follow up by NetworkWorld says that Samsung are investigating the matter. But Samsung themselves seem to say this is a false positive from the VIPRE tool that the 'researcher' used.

I figured that would be worth checking. So I took a fresh Windows VM and downloaded VIPRE Premium and ran a scan. All it found were a few cookies.

So then I figured I'd just create a directory called C:\WINDOWS\SL and for good measure I put something in it (another directory called JGC).

And the I reran VIPRE Premium and bam it told me I had Starlogger. Since I don't this is clearly a false positive. Which brings me to something very silly that the original author said:
The findings are false-positive proof since I have used the tool that discovered it for six years now and I am yet to see it misidentify an item throughout the years.
Poppycock! Any self-respecting security person would know that false positives are possible and real.

Now, Samsung claim that the SL folder was created for Slovenski language support for Microsoft Live (I assume they mean Windows Live Essentials).

On a fresh VM I installed Windows Live Essentials and, as Samsung says, it does create a folder called C:\WINDOWS\EN if I select English as my language.

So, how did they get an SL folder? That would have been installed when selecting Slovenski as the language. I still haven't confirmed the exact reason and I wonder if this is because of a selection that the 'researcher' made when setting up the laptops. Perhaps there's some family or personal connection that made him install the Slovenski version of Windows Live.

The moral of the story is that you shouldn't believe people who tout their credentials over details of the problem they are talking about. The authors could have gone much further with their investigation (such as seeing if the logger was running, tracking network connections to see if data was being sent and, if so, where to). But it looks to me like they stopped investigating once the antivirus software told them something was up and went ahead with quite wild accusations.

In the coming days I'd imagine that the authors and NetworkWorld are going to be forced into a public apology and that the 'researcher' will be lucky if he avoids a lawsuit for defamation.

Thursday, March 24, 2011

GAGA-1: Parachute Test

As a small test of the opening of the GAGA-1 parachute I attached it to a bag containing 1kg of sugar using the same cord as will be used for the flight and with the assistance of a colleague threw it out of the window of our office.

We are 8 stories up, so we get a bit of flight time. Here's the video:



The parachute opened nicely and the bag of sugar survived the fall.

Tuesday, March 22, 2011

The Piral

Do you ever think to yourself, "If I took the first 400 digits of pi and drew lines proportional to each of the digits with a fixed angle between each line what it would look like? And then if I change the angle what an animation of that would look like?" Probably not, but I did on the bus home tonight and so with a bit of Processing here's a little animation that I'm dubbing "The Piral".

It starts with the angle between segments as 90 degrees and works its way up to a straight line. The length of each little segment is proportional to the digit of pi (i.e. 3x, 1x, 4x, 1x, 5x, etc.). As pi swirls around it sometimes stretches itself out, and sometimes bunches together, ultimately it spirals ever larger until it becomes a line.



Strangely pleasing to watch.

PS Before you ask. Here's the code
int w = 1024;
int h = 768;

float ad = 90;

void setup()
{
  size( w, h );
  strokeWeight(2);
  background(255);
  frameRate(30);
}

String pi = "314159265358979323846264338327950288419716939937510
58209749445923078164062862089986280348253421170679821
48086513282306647093844609550582231725359408128481117
45028410270193852110555964462294895493038196442881097
56659334461284756482337867831652712019091456485669234
60348610454326648213393607260249141273724587006606315
58817488152092096282925409171536436789259036001133053
0548820466521384146951941511609";
  
void draw()
{
  background(255);
  float cx = w / 2;
  float cy = h / 2;
  float angle = 0;
  
  for ( int i = 0; i < pi.length(); ++i ) {
     float d = float(pi.substring(i,i+1))+1;
     float ex = cx + d * cos(radians(angle)) * 3;
     float ey = cy + d * sin(radians(angle)) * 3;
     line( cx, cy, ex, ey );
     
     stroke(255/d, 25*d, 64/d);
     angle += ad;
     if ( angle >= 360 ) {
       angle -= 360;
     }
     cx = ex;
     cy = ey;
  }
  
  ad -= 0.06;
  if ( ad < 0 ) {
    noLoop();
  }
}

The Geek Atlas and Japan Disaster Relief

Today, March 22, my book The Geek Atlas is part of a special O'Reilly Deal of the Day. Here are the details:
O'Reilly, No Starch Press, and Tidbits will donate all revenues, less author royalties, from "Deal of the Day" sales to the Japanese Red Cross Society.

Thanks to the Internet, we understand more deeply than ever that everyone on the planet is connected. The disasters that have hit Japan feel close to home, and those of us at O'Reilly, No Starch, and Tidbits want to do something to help the Japanese people recover and rebuild. We know many of you do, too. Working with the O'Reilly Tokyo office, we will ensure that your valued contribution goes to the relief of those most in need. We'll update the total amount donated throughout the day, as well as the final amount.
That's a great deal since all the revenue will go to the Japanese Red Cross. You can take advantage of this deal with the code DDJPN.

But there's one part that makes me uncomfortable. Although O'Reilly is giving almost every penny they receive to this cause, they are going to pay me my royalty. That's 10% of whatever people pay O'Reilly for the eBook of The Geek Atlas using that code.

I can't in good conscience promote this deal and then accept money. So, if you buy The Geek Atlas eBook today using that code please email me the receipt from O'Reilly and I will donate 10% of what you paid O'Reilly to the Japanese Red Cross so that 100% of what you pay to O'Reilly ends up helping victims of the earthquake and tsunami, and so that I don't profit from this disaster.

Monday, March 21, 2011

CNN: sounding authorative while talking nonsense about radiation

Here are Anderson Cooper and Dr Sanjay Gupta spouting nonsense about suits that protect you from gamma rays and masks that filtering out the "gamma radiation" circulating in the air. Neat trick that. These guys should STFU and just read Wikipedia.


But perhaps the worst part is when Anderson Cooper tells us how excited he is to have his mask and suit. Oh, yes, folks, the best part about the nuclear disaster is the stuff you get to buy.

And then there's the laughable nuclear meltdown explained using pasta:

Dear BBC News, are you writing your stories too fast?

There's a story on BBC News titled Crowd-sourcing aids Japan crisis and points to a web site where people can submit radiation readings from around Japan. That site is RDTN.org.

The BBC says:
To contribute to the RDTN site people will have to purchase a radiation detection device and the site directs people to four sources of such equipment. A typical device currently sells on Amazon for around £78.
So I followed the link to RDTN and then to the Amazon.com link they provide. It takes you to an Amazon.com search for radiation detection devices. Now can we find in that list a radiation detector selling for about £78?

Oddly, the first item on the list Electronics for Radiation Detection (Devices, Circuits, and Systems) is a book selling for $127.90 (which in Sterling is... £78.64). Now, I'm not saying that the BBC wrote this story so fast that they just clicked through and wrote down the first thing they saw, but...

... if you flick through all three pages of results you won't find anything that detects ionizing radiation (there are a few EMF detectors) and nothing else costing £78. Suspicious?

Update. Sometime after I wrote that the text changed to:
To contribute to the RDTN site people will have to purchase a radiation detection device and the site directs people to four sources of such equipment. A typical device currently sells on Amazon for around $78 (£47).
Still can't find the detector they are talking about...

And, the article still doesn't quote anyone saying the service 'aids Japan crisis', nor does it claim this is helping at all.

Update. This morning, Tuesday, March 22, the article has been updated again and the offending paragraph says:
To contribute to the RDTN site people will have to purchase a radiation detection device and the site directs people to four sources of such equipment.
So, any reference to the equipment on Amazon.com has been removed. Oddly, you wouldn't know that the article had been updated this (or the previous time) because the "Last Updated" time hasn't changed since the article was originally posted.

Thursday, March 17, 2011

Defaulting to private browsing mode

It's common lore that the private browsing modes are there so that people surfing for Internet pornography can hide their tracks from others with whom they share a machine. But I've recently switched to using private browsing mode all the time.

And now I wish browsers allowed me to configure them to, by default, always operate in private browsing mode. I'd like to flip the logic and have an explicit public browsing mode when I want the browser to remember where I've been and what I've entered.

In private browsing mode the browser:

1. Forgets the history once I close it. Handy since I rarely need to review my history and no one needs to know that I spend my time browsing web sites about this.

2. Deletes any cookies. So, this helps to foil tracking by advertising companies and since I never use those 'remember me' options on web sites I don't need cookies to hang around between sessions.

3. Forgets about anything I enter into forms. This seems like a sensible security measure. Really no reason for the browser to be remembering my address, or credit card number or other sensitive data.

4. Forgets any passwords. I have a whole scheme for dealing with passwords and use two-factor authentication when it's available. No need for the browser to be storing them.

So, which browser is going to be the first to offer a by default incognito mode?

Wednesday, March 16, 2011

A Nobel for Valor

Watching the events in Japan as a small team of people is working on site to try to stabilize six nuclear reactors in the most difficult circumstances I can't help thinking that an international award that recognizes bravery is needed.

Britain awards the George Cross for "acts of the greatest heroism or of the most conspicuous courage in circumstances of extreme danger", Frenchman could be given the Legion d'Honneur and there is an existing International Maritime Organization award for Bravery At Sea.

But the situation at the Japanese nuclear plant can be viewed as a global threat requiring a global response. The men (and, I assume, women) who are staying at the plant are trying to protect their own land as well as the lives of others in other countries. They are clearly in danger themselves from a very unstable and changing situation.

It might seem exaggerated to think that the Japanese nuclear situation is a global threat, but it's certainly a cross-border threat as we saw with the Chernobyl Accident. And thus international recognition is appropriate. It will not be sufficient for Japan alone to recognize their actions as their actions have international consequences.

Thus, I propose the creation of a Nobel Prize for Valor (or something similar perhaps to be awarded by the UN) to be awarded when necessary to those men and women who have stood between danger and humanity. We should all hope it does not need awarding frequently.

Sunday, March 13, 2011

Geek Weekends

Here's a quick summary of all the "Geek Weekend" posts I've made.
  1. Bletchley Park, Bletchley
  2. The Brunel Museum, London
  3. The Curie Museum, Paris
  4. Foucault's Pendulum, Paris
  5. The Arago Medallions, Paris
  6. Institut Pasteur, Paris
  7. Kew Bridge Steam Museum, Kew
  8. London Transport Museum, Acton Depot
  9. Charles Darwin's Home

GAGA-1: The Stack

I'm calling the combination of balloon, parachute and capsule "the stack". Here's a diagram of how GAGA-1 will fly:

The balloon is attached to 2mm climbing cord which has a strength of 120 daN (decanewtons). That corresponds to roughly 120x the force of gravity on a 1kg mass. As the capsule has a mass of roughly 1kg there's plenty of safety margin (unless things get really hairy in the jet stream).

4m of cord attach the top of the parachute (where is has an X for that purpose) to the balloon. The balloon is 4m above the parachute so that when the balloon bursts the remnants fall well clear of the parachute and don't get tangled. Note that the parachute is open at all times, when ascending it's pulled taut by the lift from the balloon; once the balloon is gone the parachute simply opens slowing the descent.

To keep the remnants hanging down on 4m of cord away from the capsule there are 8m of cord between the bottom of the parachute and the capsule attachment. You can see the cord bundles in the photograph above. They are attached to the parachute using double bowline with a stopper.

On the capsule there are cords that pass through the polystyrene itself (I pierced it with a long metal skewer and threaded the cord through). Here's a shot of the capsule hanging by its four cords. On the top are the two GPS antennas, the GSM backup antenna for the recovery computer, and the small black tube is the external temperature sensor sticking through.

On the bottom you can make out the UHF antenna that will transmit telemetry to the ground (there's a cardboard cover protecting it which will be removed before flight).

Here's the underside showing the cord threaded through.

And here's the top where the cords come through both the capsule and its cover.

Saturday, March 12, 2011

Geek Weekend: Charles Darwin's Home

A few weekends ago I went to visit Down House where Charles Darwin and his family lived from 1842. It's very close to London and an easy drive. The house is managed by English Heritage and contains a combination of restored rooms and an exhibition covering Darwin, his family life and his work. It was completely restored in 1996.

The museum explains how Darwin ended up thinking about natural selection and contains a large selection from Darwin's own collection. There are his original notebooks on display as well as items he collected, such as these Galapagos finches:

His family life is covered, including the death of his daughter Annie aged 10. This log book details Darwin's observations of his daughter's health and treatments tried.

It's clear that Darwin had a lot of affection for his children. This is a slide he had built that attached to the staircase inside the house to his children could slide down on pillows.

The museum has many parts that are suitable for children. Here's a game that explains how traits are passed down in birds and there's another that shows the link between the number of cats at Down House and the amount of clover growing on the lawn (cats kill mice, mice attack bee hives, bees pollinate; increase the cats and you get more clover).


Darwin himself wasn't averse to a good game. There's a room in the house dedicated to billiards where Darwin would go to relax from the strain of the public reaction to his theory of natural selection.

In his study, there's his armchair which he modified so that it had wheels attached. This allowed him to scoot around the room to get books or specimens without having to get up. Since he would be sitting with a board across his lap for writing it was more efficient to glide around.

Lest you think Darwin was physically lazy any trip should end at the bottom of the large garden with a walk around Darwin's sandy thinking path inside a copse. Darwin had it constructed so he could take a daily constitutional walk while thinking. He would walk around the path using a pile of stones to count the number of circuits he'd done while thinking.