#qi-hardware IRC log for Tuesday, 2014-09-02

nicksydneywpwrak: another day another WiFi https://www.indiegogo.com/projects/xwifi-a-fingertip-sized-wifi-module-open-source :)00:00
DocScrutinizer05duh! 19 "free" modules available still (1$ + facebook-like)00:18
DocScrutinizer05too bad, I got no facebook account ;-P00:18
whitequarkI don't get one thing though, is 00:20
whitequarkit doesn't seem to have any kind of security measures00:20
whitequarkso anyone on your network could do whatever they want00:20
whitequarkasked them00:24
DocScrutinizer05I think you need to set the password via USB or whatever?00:27
DocScrutinizer05or it has hardcoded password ;-P00:27
whitequarkif it's just password, then it's shit00:28
whitequarkanyone with a sniffer on the same network figures it out in a minute00:28
DocScrutinizer05well, I mean that WPA thing 00:28
whitequarkno difference if WPA or dedicated password00:29
whitequarksuppose you want to control it remotely -- you're screwed00:29
DocScrutinizer05sorry, you lost me00:29
whitequarkif the protocol itself doesn't have any kind of request signing and/or encryption, you can't just port forward it and control it remotely00:29
whitequarkexposing it to the internet00:29
whitequarkif the protocol does and the firmware is not written by morons (it probably is, but another story), you can00:30
DocScrutinizer05err, I don't think this is a regular WiFi adapter00:30
whitequarkwhat do you mean?00:30
DocScrutinizer05InternetOfThings, it's meant for remote control, not general purpose internet data transfer00:31
whitequarksure. so?00:31
DocScrutinizer05So I guess it has a way to set WPA-passphrase and that's it00:31
whitequarkwell, and that's dumb.00:31
DocScrutinizer05WPA2 maybe even00:31
whitequarkadding request signing with sha256 is like an hour of work and it already makes requests unforgeable00:32
whitequarkencrypting them is a bit harder, but still can be done00:32
DocScrutinizer05WPA *is* encryption, no?00:32
whitequarkWPA only matters locally00:32
whitequarkand also00:33
whitequarkif the adversary is in your network, you're screwed00:33
DocScrutinizer05sorry, I don't get it00:33
whitequarkif you forward the traffic to this WiFi thing, you're screwed too00:33
whitequarkthe only case where you're protected by WPA is: 1) the device only EVER communicates inside the network and there is no way to address it from outside 2) ALL of the hosts on the network are trusted00:34
DocScrutinizer05ooh, you want it to have encryption on higher level, not on-the-air00:34
DocScrutinizer05so you could hook up the thing to arbitrary public hotspots00:34
whitequarknot necessarily00:34
whitequarkso I could just say to my home router "expose this IP:port to web"00:34
whitequarkand still be safe00:34
whitequarkthis will be a very common use case00:35
nicksydneyi think probably in terms of security it's not that strong 00:35
whitequarknicksydney: my point is that adding request signing is *trivial*00:35
whitequarkadding encryption is less trivial because you need to use a proper mode00:35
whitequarki.e. authenticated encryption00:35
whitequarkAES-GCM, or xsalsa20+poly130500:36
DocScrutinizer05you probbaly should implement such stuff on your firewall/router, or on a proxy resp concentrator in your network00:36
whitequark1) that's too much to ask of most users of the device00:36
whitequark2) if your network is insecure, and it is, it doesn't help00:37
DocScrutinizer05most users don't want to control the thing from remote via public internet00:37
whitequarkof course they do00:37
whitequarkthis is what already happens00:37
whitequarksource: several full internet scans, published recently00:37
DocScrutinizer05hmm, silly00:37
whitequarksee point 2 anyway00:38
whitequarkif your passphrase is "iloveyou" (it is), WPA2 is as good as open00:38
DocScrutinizer05my home automation works different: I have a CCU-1 embedded linux device that has a web frontend on intra(inter)net00:38
DocScrutinizer05this CCU-1 controls all the gadgets00:39
DocScrutinizer05well, for me it's simple since the gadgets all are 866MHz, not any WiFi and no TCP-IP either00:40
whitequarksure, I'm just saying that if you have real-world people who are not huge nerds and just want their problem solved00:40
whitequarkthis is how the device should work.00:40
DocScrutinizer05I can see how users buy such WiFi home automation gadgets since they want to communicate to them directly with their iPhone00:41
DocScrutinizer05then exposing them to the public net is a logical next step, though pretty silly00:41
whitequarkyes yes00:41
whitequarkexactly what I mean00:41
whitequarkit may be silly, but you can at least make it possible to have it secure00:42
whitequark(still have to not set the password to 123456! but oh well)00:42
DocScrutinizer05but probably those users don't even care ;-P00:42
DocScrutinizer05"duh! why should I worry when some idiot thinks it's funny to switch my living room light on and off?"00:43
DocScrutinizer05"such idiot cannot exist"00:43
whitequarkyou should have seen the recent VNC scan of entire web00:43
DocScrutinizer05I seen it00:44
whitequarkoh, yeah, it's amusing00:44
DocScrutinizer05well, maybe not the most recent00:44
whitequarka lot of german municipal systems exposed00:44
whitequarksewer control, power stations, etc00:44
DocScrutinizer05yeah, THAT is stupid00:44
whitequarkthe things I seen there are unbelievable00:45
DocScrutinizer05maybe I should scan my town's "IP-range" to find a few funny opportunities to save some money or do entertaining stuff ;-)00:46
mthI guy I knew in school thought it was funny to cycle through the neighbourhood, pointing a TV remote at random living rooms and see if their TV responded00:46
mthsince a lot of them used RC5, it worked pretty well00:47
mthso there is always someone who will prank you like that00:47
DocScrutinizer05yeah, we already improved that prank by using a 15W IR flood light00:47
mtheven more over the internet, where the chance of getting caught is a lot smaller00:47
whitequarkDocScrutinizer05: HAHAHA00:48
whitequarkthat's great00:48
DocScrutinizer05IR laser is also useful, for a slightly different "attack scheme"00:49
whitequarkyou're evil00:49
DocScrutinizer05I know ;-)00:50
ray__hi there can i use librewrt with tp-mr3420? wouter [20:10] <ray__> want sure new to this01:14
whitequarkDocScrutinizer05: any chance you know a good guide for building class E amplifiers?01:23
whitequarka book maybe01:23
DocScrutinizer05class E?01:23
whitequarkclass E.01:23
DocScrutinizer05I admit I don't even know class E01:23
whitequarkkeyed amplifier with LC matching network01:23
ray__ there can i use librewrt with tp-mr3420? wouter [20:10] <ray__> want sure new to this01:24
whitequarkI've been told it's a good idea to use a class E one for my PSU01:24
ray__whats oo01:24
whitequarkless power dissipation, simpler01:24
ray__white did you see my q01:24
DocScrutinizer05we see your q, we don't know an answer when we don't answer01:25
DocScrutinizer05whitequark: that sounds like class-D to me01:25
whitequarkclass-D is PWM, class-E is halfsine though01:26
whitequarkand I think there are other differences01:26
whitequarkhttps://en.wikipedia.org/wiki/Amplifier#Class_E has a good overview01:27
whitequarkThe class-E/F amplifier is a highly efficient switching power amplifier, typically used at such high frequencies that the switching time becomes comparable to the duty time. As said in the class-D amplifier, the transistor is connected via a serial LC circuit to the load, and connected via a large L (inductor) to the supply voltage. 01:27
whitequarkindeed, this is exactly my case01:27
ray__what happens if change subnet?01:27
DocScrutinizer05whitequark: yepo, I see01:27
ray__from the default01:27
whitequarkhm, maybe my Horowitz and Hill has it01:28
ray__what happens when i change default subnetmas?01:28
whitequarkno, doesn't cover PAs at all01:29
ray__white did you see my q about subnetmas01:31
whitequarkray__: I have no idea what are you asking at all01:31
ray__white sorry im austic01:32
whitequarkplease read http://www.catb.org/esr/faqs/smart-questions.html01:32
ray__white what if i change from befault subnet mas to sothing eles what will it do?01:32
DocScrutinizer05aaah, you're thinking about your 100W 12kV thing01:32
whitequarkDocScrutinizer05: sure01:33
whitequarkoh, found http://people.physics.anu.edu.au/~dxt103/class-e/01:34
ray__white did you understand my q that time01:34
ray__white lets try tyhis one more time01:36
DocScrutinizer05whitequark: there you are :-)01:36
DocScrutinizer05hail anu.edu.au01:36
ray__white what happnes if change the default subnet mask?01:36
DocScrutinizer05ray__: what's your topic?01:37
ray__want to knwo what dose changeing the default subnet mask dose?01:37
DocScrutinizer05nothing good01:37
ray__im just woundering01:37
DocScrutinizer05I'm pretty sure you're not supposed to change it01:38
ray__mine tell me i can DocScrutinizer05 01:40
DocScrutinizer05hehe! >>the proof of the pudding is in the eating<<01:53
DocScrutinizer05whitequark: no wonder I never heard of 2class E amp" before. In my book this classifies more for a TX oscillator than what I understand is an amplifier01:57
whitequarkI was surprised too01:58
DocScrutinizer05would be pretty hard to make a audio amp out of this ;-)01:58
whitequarkpfff, who needs audio01:59
DocScrutinizer05actually I wondered how the heck they would modulate that thing01:59
DocScrutinizer05100% preferably01:59
whitequarkyou just change the supply voltage of the amplifier01:59
DocScrutinizer05which is what they did, on a morse rate of 0.1 char/minute02:00
whitequarklike, use a controlled boost converter for that02:00
whitequarkat least that is what I will do02:00
ray__any one want some green apple cookie?02:02
ray__trying to be nice 202:05
ray__2+2= 402:05
DocScrutinizer05when that's a turing test then you didn't pass it yet ;-)02:07
ray__i know marry popion movie02:10
DocScrutinizer05alas I don't02:10
ray__DocScrutinizer05: you a bot?02:10
DocScrutinizer05maybe ;-)02:10
ray__DocScrutinizer05: so you are?02:10
DocScrutinizer05some think I am, yes02:10
ray__DocScrutinizer05: im for real02:10
ray__DocScrutinizer05: school starts soon02:11
DocScrutinizer05I'll proceed to the shower and see if any shorts are caused ;-)02:11
Action: DocScrutinizer05 waves02:12
DocScrutinizer05we shouldn't be hostile to him, eh?02:13
whitequarkDocScrutinizer05: btw, a less braindead version of that poettering thing02:15
whitequarkhttp://nixos.org/nixos/about.html outlines the benefits02:17
whitequarkwpwrak: remind me, which is the good rigol today?03:32
whitequarkthe *B series I can find here is either sold out or has very little RAM03:41
whitequark1074Z seems nicest so far. lot of RAM, big screen, four channels03:44

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!