#qi-hardware IRC log for Saturday, 2013-11-30

wpwraknicksydney: ah, and your editor seems to like putting spaces at the end of lines. it's better to remove them, so that a line really ends where one sees it end, kinda ASCII WYSIWYG :)00:17
wpwraknicksydney: btw, are you subscribed yet to the qi-hw list ? that's where everything surrounding qi-hw that's a little more permanent than IRC happens. http://lists.en.qi-hardware.com/pipermail/discussion/00:55
qi-bot[commit] Paul Cercueil: Output log to /var/log/gmenu2x.log (master) http://qi-hw.com/p/gmenu2x/246fd8601:29
qi-bot[commit] Paul Cercueil: InputDialog: Make SETTINGS button confirm and MENU button cancel (master) http://qi-hw.com/p/gmenu2x/61a79cd01:29
wpwrakthe bookshelf has new data sheets ! (cc2543)02:46
wpwrak"[Gitorious] Activity: nicksydney pushed 0 commits to mast..."09:55
wpwraksomehow, their notifications seem to need a bit more work ;-)09:55
wpwrakDocScrutinizer05: http://ohsw.org/ -> "You want to come? Fine!" that sounds a little odd, too :)09:57
wpwrak(that sounds a bit like "if you insist, we'll reluctantly tolerate your presence" :)09:59
Action: whitequark . o O ( http://img1.ak.crunchyroll.com/i/spire1/588124c957afade58779748e20bbbefc1330880330_full.png )10:02
wpwraknow add the speech bubble and a link to their site :)10:04
whitequarkyes, that's how I imagined it. also, with voice.10:05
whitequarksomething along the lines of http://www.youtube.com/watch?v=tf6baKNrC48 (translation not required).10:05
larscoh, it's today already, totally missed that10:06
wpwrakwhitequark: marketing: WE NEED MORE ICONS !10:08
larscdevelopers: FINE!10:11
wpwrakwhitequark: (no translation required) hmm. i can't quite decide whether that voice may be the GPS giving helpful instructions or someone in deep distress commenting on the journey10:14
whitequarkwpwrak: there's a phenomenon called 'tsundere'. http://en.wikipedia.org/wiki/Tsundere10:17
wpwraklooking at the increasingly angry mob at myidkey, i wonder if it wouldn't be a good strategy to pledge a tiny amount on each kickstarter project that may compete with what you're doing, so that you can later on, when their feces hit the distribution device, place a friendly comment (for backers only) pointing to an alternative ...10:18
whitequarkboth the picture and the voice are very typical for such characters, and the original phrase ("fine!") would be very, very typical too10:18
whitequarkbut I guess there's no way to transmit my (admittedly quite hilarious) mental image through irc10:20
wpwrakah, i see. not a novel idea a such ... but i must say, "a tsundere cafe" sounds special10:21
whitequarkwpwrak: http://www.youtube.com/watch?v=UzST_5FQ_II is how it could look10:23
ignatiusAnyone know where I place the .kmap file under the "Debian" image?10:26
wpwrakhmm. that RF kill switch is giving me a headache. to be 100% "trusted", it has to be all electromechanical. else, we wouldn't need it.11:14
wpwrakthere are various things it could do. one would be hold the transceiver in reset. with the cc25430, it seems that this along wouldn't prevent the MCU from using the transceiver, though, since it could just set it to debug mode. (which is activated with reset asserted - needs more checking)11:16
wpwrakanother approach would be routing transceiver power through the switch, and simply setting it to GND. that would surely disable it.11:17
wpwrakanother possibility would be to somehow disable the RF side. but that may be tricky, given that RF already is effectively shorted, and also considering that adding switch + traces to the RF signal would probably cause quite a mess11:19
wpwrakand i don't want to add an RF switch IC.11:19
wpwrakthe problem with killing the transceiver completely is that this also takes away the crystal needed for USB. so if using USB, rf would have to be enabled again. and kill switch would therefore only be usable during a) operation without external communication (except the display), and b) transport.11:21
wpwrakthat could be avoided by giving the MCU its own crystal. then it could do USB without relying on the RF side. drawbacks: higher BOM cost, big component in a busy area of the PCB11:22
wpwrakalso, the cc2543 SoC has a lot of GPIOs, so it could be used as a GPIO expander for slow signals. that would take some pressure off the MCU. drawbacks: we'd be pretty much committed to the cc2543 then, since other transceivers don't have so many GPIOs, and it would of course be impossible to completely shut down the chip11:24
whitequarkwpwrak: how about killing some other signal which is vital for transmitting11:28
whitequarklike disconnecting SPI11:28
whitequarkI guess your MCU gets the clock from a dedicated pin on the transcieiver11:28
whitequarkyou'd be fine with disconnected SCK I think11:28
whitequarkoh it uses I2C, same difference11:29
nicksydneywpwrak: hello12:32
nicksydneywpwrak: time for some hardware love for me now :)...all sleeping nicely12:32
nicksydneywpwrak: "a few things: does the kicad build problem from 2012 still strike ? seems that this should be long gone" ....not sure what you mean ? are you talking about the checkout with -r 3934 ?12:33
nicksydneyok done modification for adding symlink and whitequark separate the instruction on how to download the ARM gcc compiler12:49
nicksydneywpwrak: downloaded the new datasheet thanks12:56
DocScrutinizer05wpwrak: (OHSW) yep, thought the same. But I'm not responsible for that page13:27
wpwrakwhitequark: the transceiver will be become a cc2543. so it has an independent CPU. no cutting of communication will affect it.13:32
wpwraknicksydney: (3934) yes, that one. i think you only got that problem because you were trying to build the old version13:34
whitequarkwpwrak: what are you trying to guard against?13:34
whitequarkif main MCU acts as a gateway to data, does it matter whether transceiver works or not?13:35
nicksydneywpwrak: yeah i got the library problem when running kicad and the brd not showing ... with the latest update (checkout completely) i did not have any problem13:36
nicksydneywpwrak: checking out the whole kicad (w/o rev number) i don't have to do any patched13:36
DocScrutinizer05wpwrak: when you don't trust your own software on anelok, then you're doomed anyway13:38
DocScrutinizer05or what whitequark said ;-)13:39
wpwrakwhitequark: i/m trying to guard against compromised firmware talking to its true masters. one thing would be to assume that the main exposure is when on the move. a stronger assumption would be that they may also have antennas watching the "safe" place where i use anelok (with a wire)13:39
whitequarkwpwrak: cc2543 firmware?13:40
whitequarkor main?13:40
wpwrakwhitequark: either13:40
DocScrutinizer05it's hard to figure *ANY* attack vector that you could protect against with anything but a R/W-hardswitch to make your firmware immutable13:41
wpwrakcould of course also be accidental transmissions13:41
whitequarkwpwrak: why, exactly, cutting communication to transceiver won't work for you?13:41
DocScrutinizer05if somebody gets malware on your anelok, you're screwed. Now RF killswitch will change that13:41
wpwrakDocScrutinizer05: well,the scenario would be that you still use the device with cables. that means that it can try to do evil things, but doesn't get far. like a kitten.13:42
whitequarkDocScrutinizer05: well, one could assume cc2543 firmware is compromised by default13:42
wpwraki like that. "evil kitten mode". marketing, are you listening ?13:42
whitequarkand encrypt/hmac everything on main MCU13:42
whitequarkimo that would make sense either way13:43
whitequarkthen you would just burn a fuse on the main chip13:43
whitequarkoh and along with a fuse, add a nonce which gets added to the encrypted data in eeprom13:44
whitequarkunique nonce13:44
wpwrakwhitequark: the kl2 will be able to flash the cc2543. that's how its firmware will be updated in the field. so the kl2 is ultimately in control. but ...13:44
whitequarkthis way even if anyone erases and reprograms the thing, it will be immediately obvious13:44
wpwrakwhitequark: there could be a bug causing spurious transmissions, e.g., giving away your presence. there could be a bug where data it leaked. data that, with some effort, can be used against you.13:45
wpwrakthere could be a keylogger or a movement tracker that reports back to its masters when within reach of their antennas. of course, that would already be a high-profile attack.13:46
wpwrakit would require either compromising the source (me or any other source the users decide to trust) the source's signature, or getting users to accept firmware from an untrustworthy source13:47
whitequarkwpwrak: regardless of other things, I believe unique per-firmware key is a good idea13:49
whitequarkwhich can't be read from usb/rf and is erased on reflash13:49
whitequarkan attack where someone gains physical access to device and reflashes it but doesn't know the unlock key is something I can easily see13:50
wpwrakwhitequark: yes, the KL2 will encrypt all data outside its physical (chip) boundaries with an "internal" key. so if you erase that, it loses all access.13:52
whitequarkis it also forcibly erased if you reflash it?13:52
wpwrakwhitequark: the cc2543 won't have such things. it's not expected to actually handle sensitive but unencrypted data. but it could of course still do bad things.13:53
wpwrakthat's the idea, yes. at least the manuals say it is :)13:53
wpwrakin fact, i think you can't even erase the flash at that setting13:53
wpwraknot that i had tried that feature yet :)13:54
nicksydneyreading through the mailing list lots of discussion for the anelok 13:55
wpwraknicksydney: (merge request) hmm, i renamed the file to INSTALL. are we editing the same thing ? :)13:58
wpwrakyup. plenty of stuff there :)13:58
nicksydneydidn't realise it was still using the old naming let me check14:00
nicksydneylong day for me 14:00
nicksydneyyup edited the wrong file :(14:00
nicksydneywpwrak: done..MR create14:06
DocScrutinizer05wpwrak: ^^^14:10
wpwrakbzip2 download is weird. will have to see what's behind that.14:11
nicksydneywhen compiling kicad it download boost packages and that's the time it uses bzip2 ... remember i had that problem compilign kicad when it was looking for the package from sourceforge14:14
wpwrakseems that the cherry-pick now worked :)14:15
wpwrakyes, i remember. it's still weird, though :) who on earth would anyone download bzip2 ? it's already installed everywhere.14:15
nicksydneyi didn't have it installed on my machine :)14:16
wpwrakaha !14:17
nicksydneyjust for sanity sake i put the info there in case if anybody are going through the compilation process and found error they know what to do...safe time14:17
wpwrakmaybe try that approach ? first see if you can remove the one they installed and see if it tries to download it again. if yes, kill it again, install with apt-get, then run their process once more14:18
wpwrakwell, your instructions suggest that having it avoids the implicit installation. so maybe just have the apt-get there ? and skip downloading and self-building one of the most common packages ? :)14:19
wpwrakDocScrutinizer05: the nRF24L01+ can't do BTLE ;-)14:21
wpwrakDocScrutinizer05: which doesn't stop some twisted creatures from doing it anyway, of course :)14:22
wpwrakyou may find this one a fun read: http://dmitry.gr/index.php?r=05.Projects&proj=15&proj=11.%20Bluetooth%20LE%20fakery14:24
nicksydneynot sure i get you...maybe i misread you but what happen was ... during kicad compilation it complains not finding bzip2 package ... and what i did was just compile from source and install it and the compilation after that continues14:25
wpwraknicksydney: yes, but this looks like as if you didn't have bzip2 installed before. or did you have it, but it decided it didn't like your version ?14:25
nicksydneyno i did not have bzip2 installed on my machine that's why it was complaining14:26
wpwrakbecause if it just wants bzip2, without being picky, what one shuold do is install it from the distribution, not build a local version14:26
nicksydneywpwrak: agree...can't remember whether i tried doing apt-get bzip2 or not14:26
nicksydneymaybe we can just add doing apt-get and if it does not work for whatever reason than compile from source14:27
nicksydneyso at least they know that it is needed14:27
wpwrakif apt-get works, we shouldn't even mention compiling it from source. i mean, EVERYTHING could be compiled from source. we wouldn't want a "building the universe in 189765289 easy steps" kind of guide ;-)14:29
whitequarkbzip2 is in the default install of debian14:31
wpwrakyeah, that's why i wonder what happened there :)14:33
nicksydneyi also don't know why it was complaining....anyway i think you have a point wpwrak ...i'll remove that and put in apt-get14:35
nicksydneyto make it easier14:36
nicksydneywpwrak: was reading this post http://lists.en.qi-hardware.com/pipermail/discussion/2013-September/010283.html and you mention......"By the way, "our" OLED also has an SSD1306 controller." ...... does this mean that the OLED already has a controller "built-in" into it ? like COG ?14:36
nicksydneywpwrak: saw you comment for point no 9  ... was getting that error when compiling kicad too that's why i put that instruction there14:37
DocScrutinizer05https://www.youtube.com/watch?v=3bbfT-Qqw1M&noredirect=1 smart watches14:38
DocScrutinizer05wpwrak: might as well have some nice RF14:39
wpwrak(oled) yes, oled, lcd, etc. modules normally contain a controller. the matrix has a LOT of signals. you wouldn't want that outside the module 14:45
wpwraknicksydney: (instructions for temporary setbacks) yeah, we need to avoid those detours, things will be messy enough as they are :)14:47
wpwrakDocScrutinizer05: the audio is kinda nasty14:48
nicksydneywpwrak: cool....learning something new :)14:48
DocScrutinizer05[2013-11-30 15:46:27] <DocScrutinizer05> sounds is illegible14:48
whitequarkthat didn't arrive14:48
wpwrakthe grinch ate it14:49
nicksydneywpwrak: so for example if LCD has specification such as this one .. http://www.buy-display.com/default/5-5-0-tft-lcd-module-display-controller-board-w-serial-i2c-mcu-ra8875.html .. and it is mentioned there under the Description tab "IC or Equivalent - RA8875" it means that we can program the RA8875 from our MCU ?14:50
wpwrakDocScrutinizer05: it's also a little annoying that the "Google" is just on top of the beginning of the title (in these slides)14:51
wpwrakah, getting better :)14:52
wpwrakcamera up 2 deg and it'll be great :)14:52
wpwrakyeah, that works14:52
wpwrakthanks !14:52
wpwraknicksydney: that board seems to have two controllers: that RA8875, which is basically a dedicated MCU, and the actually matrix controller in the display14:54
wpwrakif the controller in the display is documented, you could get rid of the RA8875 and connect your MCU directly (if it has a suitable display interface)14:55
nicksydneywpwrak: how to tell that is has a matrix controller in the display ? are you referring to this line " 6800 8-bit Parallel , 8080 8-bit Parallel , 6800 16-bit Parallel , 8080 16-bit Parallel , I2C, 3-Wire Serial SPI, 4-Wire Serial SPI" ?14:57
wpwrakif the display doesn't have some O(pixels_X + pixels_Y + a dozen more) signals come out, then it has one ;-)14:58
wpwrake.g., early e-paper didn't have one. now you can get modules that integrate it14:58
wpwrakand if you don't have a controller, you're in a world of pain. some, like the one i'm using, are even nice enough to take care of providing the high LCD voltage14:59
wpwraksome don't, and you have to cook that on the outside. messy.14:59
wpwrakDocScrutinizer05: audio getting worse15:01
DocScrutinizer05yes, annoying15:01
wpwrakah, better :)15:02
DocScrutinizer05I gave up on it long ago15:02
wpwrakare you there ?15:02
DocScrutinizer05already wondered if the guy might add a transcript later on15:02
DocScrutinizer05@home even15:02
wpwrakheh, i was wondering if they'd manage to drag you out of your cave ;-)15:03
DocScrutinizer05they weren't15:04
DocScrutinizer05maybe tomorrow15:04
wpwrakwhen it's safe, when there are no cameras :)15:04
DocScrutinizer05that too ;-)15:05
wpwrak(transcript) what would be good is to a) upload the slides somewhere before the talk, b) put that URL in the description of the video, so that one can download them and read them locally15:07
wpwrakwith the camera fixed on the slides, it's not so bad, but it would still help15:08
wpwrakBOOMING voice ;-)15:08
wpwraknice scrambling ;-)15:10
DocScrutinizer05[2013-11-30 16:09:07] <cmair_> my "loopback" is quite clear15:11
DocScrutinizer05[2013-11-30 16:09:28] <DocScrutinizer05> yep, ~80% readability now15:11
DocScrutinizer05[2013-11-30 16:10:16] <cmair_> The problem we have here: if the voice is too loud the software will try to adjust the level which results in a muted mic.15:11
DocScrutinizer05[2013-11-30 16:10:22] <cmair_> :(15:11
wpwrakvengeful software15:11
wpwrakDocScrutinizer05: planning to show Neo900 off at FOSSDEM ? the timing may be quite compatible, in two months15:15
DocScrutinizer05tempting, yes15:15
DocScrutinizer05join #gta04 ?15:16
Action: dos1 is looking forward to next LinuxTag15:16
wpwrakok, let's limit the off-topicness here15:17
dos1there's #neo900 too :)15:18
wpwrakint just_like_tv(void) { return -ETOOMANYCHANNELS; }15:19
wpwraknicksydney: btw, there are two areas of the world of anelok you haven't touched yet: one is CNC, which is probably not useful for you (unless you have a mill, and even then the adaptation would be trivial, given that my process is streamlined for the MDX-15), but, related to it, you can also generate STL meshes from the 3D models, so you can at least see what a mill or 3D printer could make15:23
wpwrakhmm, forcing cc2543 reset low may still do the trick. seems that you have to raise it (leaving reset) also in debug mode. so forcing it low would prevent the transceiver from doing things behind your back15:30
wpwrakalas, that still leaves the xtal issue15:31
whitequarkwpwrak: route xtal from main mcu to cc2543?15:31
whitequarkor just drive it with something third hopefully smaller than second xtal?15:31
wpwrakthe cc2543 doesn't even seem to support an external digital clock input. also, if the experience with atben is any guide, that would get messy15:32
wpwrakwhitequark: are you subscribed to the qi-hw list ?15:33
whitequarkwpwrak: 406 unread15:33
nicksydneywpwrak: sorry was occupied reading through the mailing list..i'm upto november15:34
wpwrakwhitequark: this was atben with the ben providing the clock for the transceiver: http://downloads.qi-hardware.com/people/werner/wpan/rework-20110112/15:34
wpwrakand http://downloads.qi-hardware.com/people/werner/wpan/rework-20110113/15:34
wpwrakthis is atben with its own crystal: http://downloads.qi-hardware.com/people/werner/wpan/redesign-xtal/15:35
wpwrakmaybe start with the last to see just how bad it was before15:35
nicksydneywpwrak: I don't have CNC neither mill and won't be having them :) ... but i'm interested to see the 3D models 15:35
whitequarkwpwrak: oooooh15:35
wpwraknicksydney: excellent. that means that you'll need to build things from the cae-tools :)15:36
nicksydneywpwrak: reading through the testing that you have with the MCU and power outputs already making  me dizzy.....hahaa...but it's exciting :)15:36
wpwraknamely poly2d and then cameo (the latter depends on the former)15:36
nicksydneywpwrak: ok let me finish the november mailing list to keep myself up to date to the latest and then we move to CNC15:37
wpwrakhehe :) just wait until you get to bluetooth ;-)15:37
nicksydneywpwrak: bring it on i say :)15:38
nicksydneywpwrak: ain't no ocean too deep :D15:38
DocScrutinizer05https://www.youtube.com/watch?v=VWPmXxq1MdQ  Neo900 the next N900 - Dr. H. Nikolaus Schaller15:43
nicksydneyDocScrutinizer05: is that you in that video ? :)15:46
DocScrutinizer05no, Dr. H. Nikolaus Schaller15:46
nicksydneywpwrak: reading this (http://lists.en.qi-hardware.com/pipermail/discussion/2013-November/010392.html) ... you mention "It also supports clock output so we could use it to provide the MCU with a crystal-based clock, like we currently do with the AT86RF232" .15:55
wpwrakyup. the MCU needs a precise clock for USB.15:55
wpwrakif not using USB, we can run with the internal RC clock15:56
nicksydneywpwrak: to make it easy for me to understand....what you mean is that the output pin of the A7105 is use as input to MCU for clock instead of using an external crystal ? is this correct ?15:56
wpwrakyes, or more general, that a pin of the transceiver (now at86rf232, in that post a7105, but today seems that it'll be the cc2543) provides a xtal-derived clock to the mcu15:57
nicksydneyok got it..another lesson learned ;)15:57
wpwraki used that approach already in atusb15:57
nicksydneyso this means pretty much if any IC component can provide an output clock in one of their pin it can be used by the clock input pin of the MCU (taking into consideration the frequency is the same) ?15:58
whitequarkwpwrak: I think you could calibrate RC against SOF15:59
whitequarkvusb on at2313 uses that15:59
whitequarkbut rc must be precise to at least 1%... it won't work with worse oscillators, or I believe that's what vusb developers say16:00
wpwrakwhitequark: yes, that may be an option. not sure if it'll work in this case. but it's something we could try.16:01
wpwrakand yes, it works quite well in vusb. of course, they're low-speed. but silabs do something similar at full-speed.16:02
whitequarkcp2102 doesn't need an xtal too16:02
whitequarkin fact it doesn't need *any* external components which is pretty impressive16:03
whitequarkmaybe a single bypass cap16:03
wpwraki think cp2101 is secretly a c8051fxxx16:03
whitequarkcp2102 doesn't have a core inside afaik16:04
whitequarksimilar to ft23216:04
whitequarkthey have a separate 8051-containing series16:04
wpwrakthat's the c8051fxxx. i used that a few times.16:05
wpwrakeven the first atusb prototype had one. then i switched to avr. now i finally found a chip i actually like, the kl2 (kl24 in this case, good and cheap)16:05
nicksydneyok completed november list16:12
nicksydneyok no december :)16:12
wpwraknicksydney: yes, basically any good enough clock source will do, as long as it's a suitable frequency (e.g., 2 MHz will be fine). of course, the only other item on the board that can be a clock source is the radio :)16:12
nicksydneyright..now let's get to CNC16:12
wpwraknot yet ;-)16:12
nicksydneyok it's 3.12am now ... so will have 15min before heading off to bed and another weekend routine :)16:13
nicksydneytrying to build poly2d16:14
nicksydneyneed CGAL for poly2d..16:17
wpwrakyeah. CGAL, the 9th level of C++ hell.16:19
nicksydneycameo and poly2d done16:19
wpwrakwhee ! :) that went smoothly16:20
nicksydneyyeah surprising eh..do i need to do make install by any chance ?16:20
wpwraknaw, it's all relative paths16:20
wpwraknow, to generate the STL ... lemme check ...16:21
wpwrakyou also need meshlab, for visualization16:21
wpwrak(apt-get install ...)16:22
nicksydneysudo apt-get install meshlab16:22
wpwrakand then, cd ybox/case && make stl && make view16:22
wpwrakthen press ^D for proper lighting16:22
nicksydneymake: *** No rule to make target `../ybox-all.pos', needed by `pos.inc'.  Stop.16:23
nicksydneyi'm inside ybox/case16:24
wpwrakah, right. one of the gaps in automation16:24
wpwrakyou have to ... cd ybox; make brd; then File > Fabrication Outputs > Modules Position16:26
wpwrakthen select mm, one file for board, OK16:27
nicksydneydone that step16:28
nicksydneyanothere rro16:28
nicksydney.../bin/bash: /home/qi/cae-tools/cameo/fped2stl.pl: No such file or directory16:28
wpwrakoh. lemme check ...16:31
wpwrakdo you have /usr/bin/perl /16:31
wpwrakshould be: do you have /usr/bin/perl ?16:32
nicksydneyafter changing the wpwrak  Makefile.cnc for the CAE_TOOLS to point to the right directory it worked 16:33
nicksydneyoriginally it was 16:33
nicksydneyCAE_TOOLS = /home/qi/cae-tools16:33
wpwrakoh ! where did i put that hair shirt ?16:33
nicksydneyok i've done the make view16:34
nicksydneymeshlab pops up16:34
nicksydneybut the middle screen is black16:34
whitequarkis that a smiley?16:39
wpwrakno, Ctrl-D, to turn on the lights in meshlab :)16:40
nicksydneyok it comes out with grab in the middle instead of black after pressing Ctrl-D16:41
nicksydneyi presume  need to use some keys to look at it :)16:42
nicksydneygot it16:42
wpwrakso you can see it now ? it's the part on the left on this image: http://downloads.qi-hardware.com/people/werner/anelok/tmp/ybox-paint-knife-strip.jpg16:43
wpwrakyeah, that's it !16:44
nicksydneywhat about the right side ?16:44
wpwrakmeshlab bot.stl16:45
wpwrakstill looking for a "nice" way to merge them16:46
nicksydneyvery nice !16:46
nicksydneyok i'm off for now...see you tomorrow....16:47
wpwrakthere's one more ... lemme fix the makefile ...16:47
wpwrakplease git pull  then cd anelok/case && make stl  # takes a while16:49
wpwrakand then  make view16:49
wpwrakthat shows an obsolete version of the top. need to update that and also make the bottom.16:50
wpwrakah, right. next task: search my drawer of never used components for that balun i once got .... see if it's the one the cc2543 uses16:54
wpwrakokay, if any of the THREE i never used ...16:57
wpwrakbut no, no such luck16:57
wpwrakwhoa, exponential growth, here we come. just had a sneak preview on this month's statistics. #qi-hw got really busy17:39
wpwrakand the milkymist folks did the same on their mailing list.17:41
wpwrakwell, still about 20 hours to go before the numbers will stabilize17:42
DocScrutinizer05I wonder what will be the statistics on neo900 page18:00
wpwrakyou already have one more18:00
wpwrak13 to go :)18:00
DocScrutinizer05yeah, that's pretty normal18:02
DocScrutinizer051 or 2 donations per day18:03
wpwrak+1. seems that this will be a good day :)19:03
DocScrutinizer05ohyes, 3 is already fine19:14
wpwrakthe magic of the presentation is spreading :)19:17
wpwrakhmm, one of these days i should teach cameo to use multiple threads ... generating toolpaths for a complex 3D model is slooow ...20:23
DocScrutinizer05wpwrak: what's your take on trustzone? Evil? Smart? Nonsense? Great?20:33
wpwrakfirst time i hear of it20:42
wpwrakdunno. "The advanced system provides a cost-effective platform for digital rights management (DRM)" sounds a bit suspicious20:42
wpwrakbut then, maybe it's dual-use and can actually do something good ...20:42
wpwrakhw arch looks a bit as if they had reinvented kernel mode :)20:43
wpwrakbut there seem to be some crypto blocks on the bus as well20:43
wpwrakperhaps the most important question: can you actually use it without an NDA ? :)20:44
DocScrutinizer05the question is: will any hardware manufacturer let *you* use it at all20:47
DocScrutinizer05the whole purpose of such thing is to protect the system from user20:48
wpwrakyeah, of course. DRM says that. but if you're the hw manufacturer ...20:48
DocScrutinizer05yeah, then you can make sure that nothing else but Windows is running on your devices20:49
DocScrutinizer05and windows can make sure no software but that one M$ has signed will ever run on the device20:49
wpwrakof course, of course. but you were asking as a hw manufacturer, right ? we already know that from a user's POV such things are generally bad20:50
wpwrak(unless nice guys like us are making the hw)20:50
DocScrutinizer05the question I came from: are Jolla nice guys?20:51
DocScrutinizer05was Nokia nice when they used that crap in N9 Aegis?20:51
DocScrutinizer05>> These applications are validated by the device OEM to ensure quality, << (from http://www.arm.com/products/processors/technologies/trustzone/index.php) -- wrong approach20:52
DocScrutinizer05evidence: none of this exists on PCs (yet) - and everybody in FOSS community hopes it will never change20:53
wpwrakmission "enduring crappiness" :)20:53
DocScrutinizer05can there ever be something like a "nice guy hw manufacturer that exploits BzstZone but still is somebody you would want to support"?20:54
wpwrakdunno. if you can find a use to make, say, a password safe safer, that could be a good thing20:55
wpwrakof course, if you just make it less transparent, it's not safer by definition20:55
DocScrutinizer05I don't see any reasonable design that would need to use BustZone for that20:55
DocScrutinizer05the sole purpose of BustZone is tivoization20:57
DocScrutinizer05since you need to block user access to monitor mode and secure world and allow it only to the guy with the key aka cert. Otherwise BustZone is void and moot20:59
DocScrutinizer05NB there is no way to esablish a secure system starting with an insecure one21:00
DocScrutinizer05this type of security has to start with CPU reset21:00
DocScrutinizer05so you either have a tivoized system, or you (hw manuf) send the unique root cert private key printed on a card together with the device21:02
DocScrutinizer05>> These applications are validated by the device OEM to ensure quality, <<  only works when all apps are signed with the same key, but none of the users ever gets his fingers at that key21:03
DocScrutinizer05which in the end means, the OEM decides when your device becomes obsolete from on day to the next21:04
DocScrutinizer05there's a reason why ROM-BootLoader starts in secure mode and checks xloader (next stage bootloader) for correct signature. If that signature doesn't fit, device doesn't start21:09
DocScrutinizer05xloader usually does same with uBoot, and when signature of uBoot isn't valid, the xloader either refuses to start it, or xloader switches device into tampered mode that is irreversible except by boot, and also may protect some flash areas from getting written21:12
DocScrutinizer05xloader usually sets a "tampered" flag in that flash area, before switching to tampered mode. So you can effectively nuke your device irreversibly by trying to boot a patched system21:13
DocScrutinizer05so when OEM decides to implement a BustZone based security scheme, you don't own the device anymore. OEM owns and controls it21:17
DocScrutinizer05to do no evil, OEM needs to provide a signed xloader that doesn't lock the device21:18
DocScrutinizer05and that inevitably breaks the whole concept, so BustZone is worth nothing then21:19
wpwrakwell, you can still have a secure system that allows you to bypass that security. e.g., that's what i have in mind for the pw safe. by default, it only accepts signed fw updates. but you can add signatures, if you want.21:20
DocScrutinizer05how would you add signatures?21:23
wpwrakwell, public keys. of people whose signature you'll accept.21:23
DocScrutinizer05don't you think such signature package needs to be signed, by a signature that's already on the system?21:24
wpwraknaw, you need to unlock the safe and then it'll tell you what it found. then you decide whether you trust it21:24
DocScrutinizer05uhuh, and how do you stop malware from doing exactly that?21:25
wpwrakto make you decide you trust it ? well, if you're the gullible type, you may find life inconvenient in general ...21:26
wpwrakyou as the user will have to accept a) any new public keys, and b) any updates21:27
DocScrutinizer05nah, malware does exactly what you just suggested user should do21:27
wpwraksure. but if you always follow orders, it may just tell you "mail the password for your e-banking to crook@evil.ru"21:28
DocScrutinizer05and I fail to understand the security concept in what you sketched21:28
DocScrutinizer05this is NOT about anybody following orders21:28
DocScrutinizer05malware can do that for you21:29
wpwrakagain, you the owner have to explicitly authorize any such options21:29
wpwrakhow ?21:29
DocScrutinizer05yes, exactly. HOW?21:29
DocScrutinizer05paricularly how in a way that malware can't emulate21:29
DocScrutinizer05"click green button for >trust<" ??21:30
wpwrakspin the wheel of the device to enter your code, then read the warning, spin wheel to select "accept", press button, etc. ?21:31
DocScrutinizer05the code you have to enter needs to get placed on the device first21:32
wpwrakif your malware sends autonomous robots to operate your device, then you lose :)21:32
wpwrakyou enter it after unwrapping the device21:33
DocScrutinizer05who's doing that, and when? how make you sure that this is not already malware that does it?21:33
wpwrakthat's a packaging issue :)21:33
wpwrakmake a package you can't re-seal21:33
DocScrutinizer05so we're again back to packaging21:34
wpwrakanother option would be to ship the device unprotected and you do the initial flashing (and locking) yourself21:34
wpwraksure, if you buy the device already compromised, you have a problem21:34
DocScrutinizer05I suggested to add a card with the code to the package, you say you make sure that the device can't have been confronted with malware before user does the code printing21:35
wpwrakthere could also be hw backdoors we don't know about21:35
DocScrutinizer05it's basically the same thing21:36
wpwraksure, that's the usual sort of procedures. use a fancy bag that can't be resealed. have an initial PIN, etc.21:36
wpwrakyou can also ship PIN and device by different channels.21:36
wpwrakbut of course, the PIN alone doesn't ensure it's not been compromised :)21:37
wpwrakbut the device can show you a code, too. that can be protected.21:37
DocScrutinizer05btw all this is feasible without trustzone21:37
wpwrakof course, if you trust nobody, then you need a "blank" device and do the initial programming yourself21:37
wpwrakof course21:37
wpwrakthe purpose of DRM is not to make the world a better place ;-)21:38
DocScrutinizer05yes, exactly, and trustzone is about DRM21:38
DocScrutinizer05there is no other reasonable use for it21:38
DocScrutinizer05since you just explained every other level of security is possible without bustzome21:39
wpwraktrust is confinement, torture is care, friends are enemies, ... welcome to 1984, 28th annual update :)21:39
wpwrakerr, 29th. fencepost error :)21:40
DocScrutinizer05about trustzone in N9:21:41
DocScrutinizer05http://www.developer.nokia.com/Community/Wiki/Harmattan:Developer_Library/Developing_for_Harmattan/Harmattan_security/Security_guide , or "The purpose of this framework is: ... to make sure that the platform meets the requirements set by third party software that requires a safe execution environment.", or http://en.wikipedia.org/wiki/Trusted_Computing#Criticism,21:41
wpwrakah well, stay away from it :)21:43
DocScrutinizer05yes, TrustZone *could* get used to allow user to have absolute control over his device (so for example no thief could access the data on it), but you need to sacrifice the "Purpose" as of above then21:43
DocScrutinizer05and root cert is flashed to CPU fuse ROM21:44
DocScrutinizer05so you already are lost regarding xloader21:45
DocScrutinizer05OEM can't allow user to mess with xloader21:45
DocScrutinizer05xloader *could* fetch the cert to verify uBoot from flash that user can alter21:46
DocScrutinizer05but xloader's signature key is in OEM's vault21:46
DocScrutinizer05actually N900's xloader doesn't care about any cert or signature, it simply enters tampered mode but doesn't lock any hardware21:48
wpwrakthere goes another hour of my life. or was it two ? just wish watching a CNC mill do its thing wasn't quite to hypnotizing ...23:24
--- Sun Dec 1 201300:00

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!