#qi-hardware IRC log for Friday, 2013-10-18

DocScrutinizer05I'm sure a DamnSmallLinux will run happily as DHCP/NAT on that thing, even with its 128MB RAM00:01
DocScrutinizer05just the ethernet is crap, damn00:03
DocScrutinizer05maybe 2 PCI cards will do00:04
DocScrutinizer05roh: how's about your milling skills and opportunities?00:05
wpwrakDocScrutinizer05: considering to go from "case buyer" to "case maker" ?00:37
DocScrutinizer05spacer layer00:37
DocScrutinizer053mm ABS00:37
DocScrutinizer05should be "easy"00:37
wpwrakconstant height ? or with variations along the Z axis ?00:39
rohDocScrutinizer05: depends... rather a question of mounting it01:49
rohdunno about abs.. never milled it. what about delrin? (POM)01:50
DocScrutinizer05whatever works02:12
DocScrutinizer05wpwrak: needs some 3D modelling as well02:12
rohif you have any cad data, send a mail, and i'll see whats possible or if it needs more work02:14
wpwrakyeah, i can generate STL now ;-) not entirely sure if it's correct - in meshlab, the colors don't look right, but that could be just meshlab having a problem02:23
wpwrakthis one: http://downloads.qi-hardware.com/people/werner/anelok/tmp/top-mesh.png02:24
wpwrakthis is something i can run on my mill. just need to find time to go buy some more acrylic - this needs 7 mm and i only have 5 mm at home02:25
rohwpwrak: / DocScrutinizer05 upload to camgeeks.de - recieve a quote ;)04:21
wpwrakroh: your 3D prints look surprisingly smooth. they didn't come out of the machine like this, did they ?09:06
rohwpwrak: most of them did.. which picture exactly do you mean?10:48
wpwrakboth the white holder on the pole and the "OH". that's really without surface treatment ?12:47
rohwpwrak: basically yes14:18
rohi'm not sure these pics were printed here, but there is so much going on that its hard to keep up14:18
rohbut yes, thats both fdm stuff without chemical rework14:19
rohusually you use a cutter and remove some supportstruts which need to be made to build overhangs and such stuff like stringing, but the surfaces get quite nice14:19
rohdepends a lot on layer thickness setting s etc14:20
piyush_prlsir plz help me out15:50
piyush_prltoday my pen driver got wet in water15:51
piyush_prlwhat to do15:51
kyakmake it dry16:00
DocScrutinizer05wtf is a pen driver?16:40
DocScrutinizer05pen drive == flash stick?16:59
DocScrutinizer05we'll prolly never know. (s)He's gone17:00
wpwrakpenetration drive ? maybe some kind of drilling machine ?17:12
DocScrutinizer05I already wondered if that's been a carefully crafted social bot standard opening17:14
wpwrakjust had an idea for improving random number generation: since we have nearly infinite storage (in relation to what we actually need), let the user add a file with random bits. then use bits from that file.18:55
larscrand() { return 4; /*choosen by fair diceroll */ }18:56
wpwrak(and mix them into the RNG we already use. so even if that one is - unknown to us - is compromised/weak, we can still get decent entropy)18:56
wpwrakwell, worst case is that the user gives us a string of zeroes or such. in which case we're not worse off than with using the existing RNG.18:57
larschow hard is it to integrate a real hw rng?18:58
wpwrakthere's one in the transceiver18:58
larscbut it's too slow?18:58
wpwrakit's about 1 Mbps. that should be sufficient, i guess.18:59
wpwrakthe question is whether it's truly random. there's always the risk that a RNG is biased, be it by defect, by design flaw, or by NSA.19:00
eintopfyou need a webcam and a lavalamp19:01
eintopffor a hw random generator19:01
rohdoes that really matter on such a soc?19:01
rohwith no real protetion against hw level attacs19:01
wpwrakyou could still attack things other than the physical device. e.g., RF or backups of your password data19:02
rohjup. so at some point it makes no sense making one part of the crypto toolchain perfect, as long as the other parts aren't on the same level19:03
wpwrakyou can also harden physical security. e.g., by adding a seal between top and bottom shell.19:03
rohi guess as long as the rng is working well and has no known or measureable defects one would need to worry about physical security measure before going further19:04
wpwrakattackers may not have uniform preferences for their attacks19:04
wpwrakand you could always wear your anelok on your body, making it difficult to mess with it. leave it in a safe when you go to the gym :)19:05
wpwrak(attackers) e.g., a pickpocket in the subway will find a physical attack easy but will probably despair on the crypto. on the other hand, the autistic blackhat somewhere in his mother's basement in utah is very unlikely to even want to leave the house, let alone travel to berlin to steak your anelok19:08
wpwrakbut he may have all the resources needed to break your weak IVs19:09
wpwrak(plus the knowledge that goes with it)19:09
wpwrakwhat doesn't make sense is to add weak obstacles in paths where attackers will already have overcome much stronger obstacles of a similar nature. so don't rot13 your twofish-encrypted conspiracy memoirs19:13
wpwrakthat is, sometimes even such a thing could help, if the attack is not against elements in the crypto chain but the entire chain. e.g., if the attack is based on guessed plaintext, a rot13 may shift you out of the profile the attacker assumes19:15
wpwrakof course, once they find out that you were using rot13, it's trivial for them to generate another set of vectors that will fit this time19:16
rohwell.. if you got any files for us to print or try mill...19:17
wpwrakfor now, i'll try to make do with what i can make at home. i expect this to be good enough for prototypes quantities. i can even run small batches of a few dozen units, if needed. my mill doesn't mind working at night ;-)19:20
wpwrakof course, there are numerous limitations to that approach. but after that, i need to look into higher-volume processes anyway.19:21
rohheh. i just got spammend by http://www.dgmtmold.com/ some weeks ago19:28
rohhow fitting19:28
wpwrakyeah, that's the sort i'll eventually want :)19:33
--- Sat Oct 19 201300:00

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!