DocScrutinizer05 changed the topic of #qi-hardware to: Copyleft hardware - http://qi-hardware.com | hardware hackers join here to discuss Ben NanoNote, atben / atusb 802.15.4 wireless, and other community driven hw projects | public logging at http://en.qi-hardware.com/irclogs and http://irclog.whitequark.org/qi-hardware
<wpwrak> nicksydney: ah, and your editor seems to like putting spaces at the end of lines. it's better to remove them, so that a line really ends where one sees it end, kinda ASCII WYSIWYG :)
kilae has quit [Quit: ChatZilla 0.9.90.1 [Firefox 25.0.1/20131112160018]]
dandon has quit [Remote host closed the connection]
<wpwrak> nicksydney: btw, are you subscribed yet to the qi-hw list ? that's where everything surrounding qi-hw that's a little more permanent than IRC happens. http://lists.en.qi-hardware.com/pipermail/discussion/
pcercuei has quit [Read error: Connection reset by peer]
pcercuei has joined #qi-hardware
pcercuei has quit [Quit: dodo]
<qi-bot> [commit] Paul Cercueil: Output log to /var/log/gmenu2x.log (master) http://qi-hw.com/p/gmenu2x/246fd86
<qi-bot> [commit] Paul Cercueil: InputDialog: Make SETTINGS button confirm and MENU button cancel (master) http://qi-hw.com/p/gmenu2x/61a79cd
dos1 has quit [Ping timeout: 246 seconds]
michael_lee has joined #qi-hardware
<wpwrak> the bookshelf has new data sheets ! (cc2543)
xiangfu has quit [Remote host closed the connection]
jekhor has joined #qi-hardware
pcercuei has joined #qi-hardware
<wpwrak> "[Gitorious] Activity: nicksydney pushed 0 commits to mast..."
<wpwrak> somehow, their notifications seem to need a bit more work ;-)
<wpwrak> DocScrutinizer05: http://ohsw.org/ -> "You want to come? Fine!" that sounds a little odd, too :)
<wpwrak> (that sounds a bit like "if you insist, we'll reluctantly tolerate your presence" :)
<wpwrak> ;-)
<wpwrak> now add the speech bubble and a link to their site :)
<whitequark> yes, that's how I imagined it. also, with voice.
<whitequark> something along the lines of http://www.youtube.com/watch?v=tf6baKNrC48 (translation not required).
<larsc> oh, it's today already, totally missed that
<wpwrak> whitequark: marketing: WE NEED MORE ICONS !
<larsc> developers: FINE!
<larsc> ;)
Jay7 has quit [Ping timeout: 245 seconds]
<wpwrak> ((-:C
<wpwrak> whitequark: (no translation required) hmm. i can't quite decide whether that voice may be the GPS giving helpful instructions or someone in deep distress commenting on the journey
<whitequark> wpwrak: there's a phenomenon called 'tsundere'. http://en.wikipedia.org/wiki/Tsundere
<wpwrak> looking at the increasingly angry mob at myidkey, i wonder if it wouldn't be a good strategy to pledge a tiny amount on each kickstarter project that may compete with what you're doing, so that you can later on, when their feces hit the distribution device, place a friendly comment (for backers only) pointing to an alternative ...
<whitequark> both the picture and the voice are very typical for such characters, and the original phrase ("fine!") would be very, very typical too
ignatius has joined #qi-hardware
lekernel has joined #qi-hardware
<whitequark> but I guess there's no way to transmit my (admittedly quite hilarious) mental image through irc
<whitequark> pity
<wpwrak> ah, i see. not a novel idea a such ... but i must say, "a tsundere cafe" sounds special
<whitequark> wpwrak: http://www.youtube.com/watch?v=UzST_5FQ_II is how it could look
kilae has joined #qi-hardware
<ignatius> Anyone know where I place the .kmap file under the "Debian" image?
Jay7 has joined #qi-hardware
root_empire has joined #qi-hardware
michael_lee has quit [Ping timeout: 264 seconds]
<wpwrak> hmm. that RF kill switch is giving me a headache. to be 100% "trusted", it has to be all electromechanical. else, we wouldn't need it.
<wpwrak> there are various things it could do. one would be hold the transceiver in reset. with the cc25430, it seems that this along wouldn't prevent the MCU from using the transceiver, though, since it could just set it to debug mode. (which is activated with reset asserted - needs more checking)
<wpwrak> another approach would be routing transceiver power through the switch, and simply setting it to GND. that would surely disable it.
<wpwrak> another possibility would be to somehow disable the RF side. but that may be tricky, given that RF already is effectively shorted, and also considering that adding switch + traces to the RF signal would probably cause quite a mess
<wpwrak> and i don't want to add an RF switch IC.
<wpwrak> the problem with killing the transceiver completely is that this also takes away the crystal needed for USB. so if using USB, rf would have to be enabled again. and kill switch would therefore only be usable during a) operation without external communication (except the display), and b) transport.
<wpwrak> that could be avoided by giving the MCU its own crystal. then it could do USB without relying on the RF side. drawbacks: higher BOM cost, big component in a busy area of the PCB
<wpwrak> also, the cc2543 SoC has a lot of GPIOs, so it could be used as a GPIO expander for slow signals. that would take some pressure off the MCU. drawbacks: we'd be pretty much committed to the cc2543 then, since other transceivers don't have so many GPIOs, and it would of course be impossible to completely shut down the chip
<whitequark> wpwrak: how about killing some other signal which is vital for transmitting
<whitequark> like disconnecting SPI
<whitequark> I guess your MCU gets the clock from a dedicated pin on the transcieiver
<whitequark> you'd be fine with disconnected SCK I think
<whitequark> oh it uses I2C, same difference
jekhor has quit [Ping timeout: 246 seconds]
dandon has joined #qi-hardware
dandon has quit [Quit: .]
rz2k has joined #qi-hardware
dandon has joined #qi-hardware
dos1 has joined #qi-hardware
dandon has quit [Quit: .]
dandon has joined #qi-hardware
<nicksydney> wpwrak: hello
<nicksydney> wpwrak: time for some hardware love for me now :)...all sleeping nicely
<nicksydney> wpwrak: "a few things: does the kicad build problem from 2012 still strike ? seems that this should be long gone" ....not sure what you mean ? are you talking about the checkout with -r 3934 ?
<nicksydney> ok done modification for adding symlink and whitequark separate the instruction on how to download the ARM gcc compiler
<nicksydney> wpwrak: downloaded the new datasheet thanks
xiangfu has joined #qi-hardware
<DocScrutinizer05> wpwrak: (OHSW) yep, thought the same. But I'm not responsible for that page
<wpwrak> whitequark: the transceiver will be become a cc2543. so it has an independent CPU. no cutting of communication will affect it.
<wpwrak> nicksydney: (3934) yes, that one. i think you only got that problem because you were trying to build the old version
<whitequark> wpwrak: what are you trying to guard against?
<whitequark> if main MCU acts as a gateway to data, does it matter whether transceiver works or not?
<nicksydney> wpwrak: yeah i got the library problem when running kicad and the brd not showing ... with the latest update (checkout completely) i did not have any problem
<nicksydney> wpwrak: checking out the whole kicad (w/o rev number) i don't have to do any patched
<DocScrutinizer05> wpwrak: when you don't trust your own software on anelok, then you're doomed anyway
<DocScrutinizer05> or what whitequark said ;-)
<wpwrak> whitequark: i/m trying to guard against compromised firmware talking to its true masters. one thing would be to assume that the main exposure is when on the move. a stronger assumption would be that they may also have antennas watching the "safe" place where i use anelok (with a wire)
<whitequark> wpwrak: cc2543 firmware?
<whitequark> or main?
<wpwrak> whitequark: either
<DocScrutinizer05> it's hard to figure *ANY* attack vector that you could protect against with anything but a R/W-hardswitch to make your firmware immutable
<wpwrak> could of course also be accidental transmissions
ignatius has quit [Quit: Page closed]
<whitequark> wpwrak: why, exactly, cutting communication to transceiver won't work for you?
<DocScrutinizer05> if somebody gets malware on your anelok, you're screwed. Now RF killswitch will change that
<DocScrutinizer05> s/now/No/
<wpwrak> DocScrutinizer05: well,the scenario would be that you still use the device with cables. that means that it can try to do evil things, but doesn't get far. like a kitten.
<whitequark> DocScrutinizer05: well, one could assume cc2543 firmware is compromised by default
<wpwrak> i like that. "evil kitten mode". marketing, are you listening ?
<whitequark> and encrypt/hmac everything on main MCU
<whitequark> imo that would make sense either way
<whitequark> then you would just burn a fuse on the main chip
<whitequark> oh and along with a fuse, add a nonce which gets added to the encrypted data in eeprom
<whitequark> unique nonce
<wpwrak> whitequark: the kl2 will be able to flash the cc2543. that's how its firmware will be updated in the field. so the kl2 is ultimately in control. but ...
<whitequark> this way even if anyone erases and reprograms the thing, it will be immediately obvious
<wpwrak> whitequark: there could be a bug causing spurious transmissions, e.g., giving away your presence. there could be a bug where data it leaked. data that, with some effort, can be used against you.
<wpwrak> there could be a keylogger or a movement tracker that reports back to its masters when within reach of their antennas. of course, that would already be a high-profile attack.
<wpwrak> it would require either compromising the source (me or any other source the users decide to trust) the source's signature, or getting users to accept firmware from an untrustworthy source
<whitequark> wpwrak: regardless of other things, I believe unique per-firmware key is a good idea
<whitequark> which can't be read from usb/rf and is erased on reflash
<whitequark> an attack where someone gains physical access to device and reflashes it but doesn't know the unlock key is something I can easily see
<wpwrak> whitequark: yes, the KL2 will encrypt all data outside its physical (chip) boundaries with an "internal" key. so if you erase that, it loses all access.
<whitequark> awesome
<whitequark> is it also forcibly erased if you reflash it?
<wpwrak> whitequark: the cc2543 won't have such things. it's not expected to actually handle sensitive but unencrypted data. but it could of course still do bad things.
<wpwrak> that's the idea, yes. at least the manuals say it is :)
<wpwrak> in fact, i think you can't even erase the flash at that setting
<wpwrak> not that i had tried that feature yet :)
<nicksydney> reading through the mailing list lots of discussion for the anelok
<wpwrak> nicksydney: (merge request) hmm, i renamed the file to INSTALL. are we editing the same thing ? :)
<wpwrak> yup. plenty of stuff there :)
<nicksydney> didn't realise it was still using the old naming let me check
<nicksydney> long day for me
<nicksydney> yup edited the wrong file :(
<nicksydney> wpwrak: done..MR create
<DocScrutinizer05> wpwrak: ^^^
<DocScrutinizer05> BTLE
<DocScrutinizer05> 5:30
<wpwrak> bzip2 download is weird. will have to see what's behind that.
<nicksydney> when compiling kicad it download boost packages and that's the time it uses bzip2 ... remember i had that problem compilign kicad when it was looking for the package from sourceforge
<wpwrak> seems that the cherry-pick now worked :)
<wpwrak> yes, i remember. it's still weird, though :) who on earth would anyone download bzip2 ? it's already installed everywhere.
<nicksydney> i didn't have it installed on my machine :)
<wpwrak> aha !
<nicksydney> just for sanity sake i put the info there in case if anybody are going through the compilation process and found error they know what to do...safe time
<wpwrak> maybe try that approach ? first see if you can remove the one they installed and see if it tries to download it again. if yes, kill it again, install with apt-get, then run their process once more
<wpwrak> well, your instructions suggest that having it avoids the implicit installation. so maybe just have the apt-get there ? and skip downloading and self-building one of the most common packages ? :)
<wpwrak> DocScrutinizer05: the nRF24L01+ can't do BTLE ;-)
<wpwrak> DocScrutinizer05: which doesn't stop some twisted creatures from doing it anyway, of course :)
<DocScrutinizer05> :-P
<nicksydney> not sure i get you...maybe i misread you but what happen was ... during kicad compilation it complains not finding bzip2 package ... and what i did was just compile from source and install it and the compilation after that continues
<wpwrak> nicksydney: yes, but this looks like as if you didn't have bzip2 installed before. or did you have it, but it decided it didn't like your version ?
<nicksydney> no i did not have bzip2 installed on my machine that's why it was complaining
<wpwrak> because if it just wants bzip2, without being picky, what one shuold do is install it from the distribution, not build a local version
<nicksydney> wpwrak: agree...can't remember whether i tried doing apt-get bzip2 or not
<nicksydney> maybe we can just add doing apt-get and if it does not work for whatever reason than compile from source
<nicksydney> so at least they know that it is needed
<wpwrak> if apt-get works, we shouldn't even mention compiling it from source. i mean, EVERYTHING could be compiled from source. we wouldn't want a "building the universe in 189765289 easy steps" kind of guide ;-)
<whitequark> bzip2 is in the default install of debian
<whitequark> oh
<whitequark> weird
<wpwrak> yeah, that's why i wonder what happened there :)
<nicksydney> i also don't know why it was complaining....anyway i think you have a point wpwrak ...i'll remove that and put in apt-get
<nicksydney> to make it easier
<nicksydney> wpwrak: was reading this post http://lists.en.qi-hardware.com/pipermail/discussion/2013-September/010283.html and you mention......"By the way, "our" OLED also has an SSD1306 controller." ...... does this mean that the OLED already has a controller "built-in" into it ? like COG ?
<nicksydney> wpwrak: saw you comment for point no 9 ... was getting that error when compiling kicad too that's why i put that instruction there
<DocScrutinizer05> wpwrak: might as well have some nice RF
<wpwrak> (oled) yes, oled, lcd, etc. modules normally contain a controller. the matrix has a LOT of signals. you wouldn't want that outside the module
<wpwrak> nicksydney: (instructions for temporary setbacks) yeah, we need to avoid those detours, things will be messy enough as they are :)
<wpwrak> DocScrutinizer05: the audio is kinda nasty
<nicksydney> wpwrak: cool....learning something new :)
<DocScrutinizer05> [2013-11-30 15:46:27] <DocScrutinizer05> sounds is illegible
<whitequark> that didn't arrive
<wpwrak> the grinch ate it
<nicksydney> wpwrak: so for example if LCD has specification such as this one .. http://www.buy-display.com/default/5-5-0-tft-lcd-module-display-controller-board-w-serial-i2c-mcu-ra8875.html .. and it is mentioned there under the Description tab "IC or Equivalent - RA8875" it means that we can program the RA8875 from our MCU ?
<wpwrak> DocScrutinizer05: it's also a little annoying that the "Google" is just on top of the beginning of the title (in these slides)
<wpwrak> ah, getting better :)
<wpwrak> camera up 2 deg and it'll be great :)
<wpwrak> yeah, that works
<wpwrak> thanks !
<wpwrak> nicksydney: that board seems to have two controllers: that RA8875, which is basically a dedicated MCU, and the actually matrix controller in the display
<wpwrak> if the controller in the display is documented, you could get rid of the RA8875 and connect your MCU directly (if it has a suitable display interface)
<nicksydney> wpwrak: how to tell that is has a matrix controller in the display ? are you referring to this line " 6800 8-bit Parallel , 8080 8-bit Parallel , 6800 16-bit Parallel , 8080 16-bit Parallel , I2C, 3-Wire Serial SPI, 4-Wire Serial SPI" ?
<wpwrak> if the display doesn't have some O(pixels_X + pixels_Y + a dozen more) signals come out, then it has one ;-)
<wpwrak> e.g., early e-paper didn't have one. now you can get modules that integrate it
<wpwrak> and if you don't have a controller, you're in a world of pain. some, like the one i'm using, are even nice enough to take care of providing the high LCD voltage
<wpwrak> some don't, and you have to cook that on the outside. messy.
<wpwrak> DocScrutinizer05: audio getting worse
<DocScrutinizer05> yes, annoying
<wpwrak> ah, better :)
<DocScrutinizer05> I gave up on it long ago
<wpwrak> ;-)
<wpwrak> are you there ?
<DocScrutinizer05> already wondered if the guy might add a transcript later on
<DocScrutinizer05> no
<DocScrutinizer05> qhome
<DocScrutinizer05> @home even
<wpwrak> heh, i was wondering if they'd manage to drag you out of your cave ;-)
<DocScrutinizer05> they weren't
<DocScrutinizer05> maybe tomorrow
<wpwrak> when it's safe, when there are no cameras :)
<DocScrutinizer05> that too ;-)
<wpwrak> (transcript) what would be good is to a) upload the slides somewhere before the talk, b) put that URL in the description of the video, so that one can download them and read them locally
<wpwrak> with the camera fixed on the slides, it's not so bad, but it would still help
<wpwrak> BOOMING voice ;-)
<DocScrutinizer05> yeah
<DocScrutinizer05> weird
<wpwrak> nice scrambling ;-)
<DocScrutinizer05> [2013-11-30 16:09:07] <cmair_> my "loopback" is quite clear
<DocScrutinizer05> [2013-11-30 16:09:28] <DocScrutinizer05> yep, ~80% readability now
<DocScrutinizer05> [2013-11-30 16:10:16] <cmair_> The problem we have here: if the voice is too loud the software will try to adjust the level which results in a muted mic.
<DocScrutinizer05> [2013-11-30 16:10:22] <cmair_> :(
<wpwrak> vengeful software
<wpwrak> DocScrutinizer05: planning to show Neo900 off at FOSSDEM ? the timing may be quite compatible, in two months
<DocScrutinizer05> tempting, yes
<DocScrutinizer05> join #gta04 ?
* dos1 is looking forward to next LinuxTag
<wpwrak> ok, let's limit the off-topicness here
<dos1> there's #neo900 too :)
<wpwrak> int just_like_tv(void) { return -ETOOMANYCHANNELS; }
<DocScrutinizer05> hehe
<wpwrak> nicksydney: btw, there are two areas of the world of anelok you haven't touched yet: one is CNC, which is probably not useful for you (unless you have a mill, and even then the adaptation would be trivial, given that my process is streamlined for the MDX-15), but, related to it, you can also generate STL meshes from the 3D models, so you can at least see what a mill or 3D printer could make
xiangfu has quit [Remote host closed the connection]
xiangfu has joined #qi-hardware
<wpwrak> hmm, forcing cc2543 reset low may still do the trick. seems that you have to raise it (leaving reset) also in debug mode. so forcing it low would prevent the transceiver from doing things behind your back
<wpwrak> alas, that still leaves the xtal issue
<whitequark> wpwrak: route xtal from main mcu to cc2543?
<whitequark> or just drive it with something third hopefully smaller than second xtal?
<wpwrak> the cc2543 doesn't even seem to support an external digital clock input. also, if the experience with atben is any guide, that would get messy
<wpwrak> whitequark: are you subscribed to the qi-hw list ?
<whitequark> wpwrak: 406 unread
<wpwrak> ;-))
<nicksydney> wpwrak: sorry was occupied reading through the mailing list..i'm upto november
<wpwrak> whitequark: this was atben with the ben providing the clock for the transceiver: http://downloads.qi-hardware.com/people/werner/wpan/rework-20110112/
<wpwrak> this is atben with its own crystal: http://downloads.qi-hardware.com/people/werner/wpan/redesign-xtal/
<wpwrak> maybe start with the last to see just how bad it was before
<nicksydney> wpwrak: I don't have CNC neither mill and won't be having them :) ... but i'm interested to see the 3D models
<whitequark> wpwrak: oooooh
<wpwrak> nicksydney: excellent. that means that you'll need to build things from the cae-tools :)
<nicksydney> wpwrak: reading through the testing that you have with the MCU and power outputs already making me dizzy.....hahaa...but it's exciting :)
<wpwrak> namely poly2d and then cameo (the latter depends on the former)
<nicksydney> wpwrak: ok let me finish the november mailing list to keep myself up to date to the latest and then we move to CNC
<wpwrak> hehe :) just wait until you get to bluetooth ;-)
<nicksydney> wpwrak: bring it on i say :)
<nicksydney> wpwrak: ain't no ocean too deep :D
<DocScrutinizer05> https://www.youtube.com/watch?v=VWPmXxq1MdQ Neo900 the next N900 - Dr. H. Nikolaus Schaller
<nicksydney> DocScrutinizer05: is that you in that video ? :)
<DocScrutinizer05> no, Dr. H. Nikolaus Schaller
<nicksydney> wpwrak: reading this (http://lists.en.qi-hardware.com/pipermail/discussion/2013-November/010392.html) ... you mention "It also supports clock output so we could use it to provide the MCU with a crystal-based clock, like we currently do with the AT86RF232" .
<wpwrak> yup. the MCU needs a precise clock for USB.
<wpwrak> if not using USB, we can run with the internal RC clock
<nicksydney> wpwrak: to make it easy for me to understand....what you mean is that the output pin of the A7105 is use as input to MCU for clock instead of using an external crystal ? is this correct ?
<wpwrak> yes, or more general, that a pin of the transceiver (now at86rf232, in that post a7105, but today seems that it'll be the cc2543) provides a xtal-derived clock to the mcu
<nicksydney> ok got it..another lesson learned ;)
<wpwrak> i used that approach already in atusb
<nicksydney> so this means pretty much if any IC component can provide an output clock in one of their pin it can be used by the clock input pin of the MCU (taking into consideration the frequency is the same) ?
<whitequark> wpwrak: I think you could calibrate RC against SOF
<whitequark> vusb on at2313 uses that
<whitequark> but rc must be precise to at least 1%... it won't work with worse oscillators, or I believe that's what vusb developers say
<wpwrak> whitequark: yes, that may be an option. not sure if it'll work in this case. but it's something we could try.
<wpwrak> and yes, it works quite well in vusb. of course, they're low-speed. but silabs do something similar at full-speed.
<whitequark> cp2102 doesn't need an xtal too
<whitequark> in fact it doesn't need *any* external components which is pretty impressive
<whitequark> maybe a single bypass cap
<wpwrak> i think cp2101 is secretly a c8051fxxx
<whitequark> cp2102 doesn't have a core inside afaik
<whitequark> similar to ft232
<whitequark> they have a separate 8051-containing series
<wpwrak> that's the c8051fxxx. i used that a few times.
<wpwrak> even the first atusb prototype had one. then i switched to avr. now i finally found a chip i actually like, the kl2 (kl24 in this case, good and cheap)
<nicksydney> ok completed november list
<nicksydney> ok no december :)
<wpwrak> nicksydney: yes, basically any good enough clock source will do, as long as it's a suitable frequency (e.g., 2 MHz will be fine). of course, the only other item on the board that can be a clock source is the radio :)
<nicksydney> right..now let's get to CNC
<wpwrak> not yet ;-)
<wpwrak> (december)
<nicksydney> ok it's 3.12am now ... so will have 15min before heading off to bed and another weekend routine :)
<nicksydney> trying to build poly2d
<nicksydney> need CGAL for poly2d..
<wpwrak> yeah. CGAL, the 9th level of C++ hell.
<nicksydney> cameo and poly2d done
<wpwrak> whee ! :) that went smoothly
<nicksydney> yeah surprising eh..do i need to do make install by any chance ?
<wpwrak> naw, it's all relative paths
<wpwrak> now, to generate the STL ... lemme check ...
<nicksydney> ok
<wpwrak> you also need meshlab, for visualization
<wpwrak> (apt-get install ...)
<nicksydney> sudo apt-get install meshlab
<nicksydney> done
<wpwrak> and then, cd ybox/case && make stl && make view
<wpwrak> then press ^D for proper lighting
<nicksydney> make: *** No rule to make target `../ybox-all.pos', needed by `pos.inc'. Stop.
<nicksydney> i'm inside ybox/case
<wpwrak> ah, right. one of the gaps in automation
<wpwrak> you have to ... cd ybox; make brd; then File > Fabrication Outputs > Modules Position
<wpwrak> then select mm, one file for board, OK
<nicksydney> done that step
<nicksydney> anothere rro
<nicksydney> error
<nicksydney> .../bin/bash: /home/qi/cae-tools/cameo/fped2stl.pl: No such file or directory
<nicksydney> ahhh
<wpwrak> oh. lemme check ...
<wpwrak> do you have /usr/bin/perl /
<wpwrak> should be: do you have /usr/bin/perl ?
<nicksydney> after changing the wpwrak Makefile.cnc for the CAE_TOOLS to point to the right directory it worked
<nicksydney> originally it was
<nicksydney> CAE_TOOLS = /home/qi/cae-tools
<wpwrak> oh ! where did i put that hair shirt ?
<nicksydney> ok i've done the make view
<nicksydney> meshlab pops up
<nicksydney> but the middle screen is black
<wpwrak> ^D
<whitequark> is that a smiley?
<wpwrak> no, Ctrl-D, to turn on the lights in meshlab :)
<nicksydney> ok it comes out with grab in the middle instead of black after pressing Ctrl-D
<nicksydney> i presume need to use some keys to look at it :)
<nicksydney> woohooo
<nicksydney> got it
<wpwrak> so you can see it now ? it's the part on the left on this image: http://downloads.qi-hardware.com/people/werner/anelok/tmp/ybox-paint-knife-strip.jpg
<wpwrak> yeah, that's it !
<nicksydney> what about the right side ?
kilae has quit [Quit: ChatZilla 0.9.90.1 [Firefox 25.0.1/20131112160018]]
<wpwrak> meshlab bot.stl
<wpwrak> still looking for a "nice" way to merge them
<nicksydney> very nice !
<nicksydney> ok i'm off for now...see you tomorrow....
<wpwrak> there's one more ... lemme fix the makefile ...
<wpwrak> please git pull then cd anelok/case && make stl # takes a while
<wpwrak> and then make view
<wpwrak> that shows an obsolete version of the top. need to update that and also make the bottom.
<wpwrak> ah, right. next task: search my drawer of never used components for that balun i once got .... see if it's the one the cc2543 uses
xiangfu has quit [Ping timeout: 264 seconds]
<wpwrak> okay, if any of the THREE i never used ...
<wpwrak> but no, no such luck
<wpwrak> whoa, exponential growth, here we come. just had a sneak preview on this month's statistics. #qi-hw got really busy
<wpwrak> and the milkymist folks did the same on their mailing list.
<wpwrak> well, still about 20 hours to go before the numbers will stabilize
qwebirc66591 has joined #qi-hardware
qwebirc66591 has quit [Quit: Page closed]
<DocScrutinizer05> I wonder what will be the statistics on neo900 page
<wpwrak> you already have one more
<wpwrak> 13 to go :)
<DocScrutinizer05> yeah, that's pretty normal
<DocScrutinizer05> 1 or 2 donations per day
root_empire has quit [Ping timeout: 265 seconds]
<wpwrak> +1. seems that this will be a good day :)
<DocScrutinizer05> ohyes, 3 is already fine
<wpwrak> the magic of the presentation is spreading :)
jekhor has joined #qi-hardware
kristianpaul has quit [Ping timeout: 265 seconds]
kristianpaul has joined #qi-hardware
kristianpaul has joined #qi-hardware
<wpwrak> hmm, one of these days i should teach cameo to use multiple threads ... generating toolpaths for a complex 3D model is slooow ...
<DocScrutinizer05> wpwrak: what's your take on trustzone? Evil? Smart? Nonsense? Great?
<wpwrak> first time i hear of it
<wpwrak> dunno. "The advanced system provides a cost-effective platform for digital rights management (DRM)" sounds a bit suspicious
<wpwrak> but then, maybe it's dual-use and can actually do something good ...
<wpwrak> hw arch looks a bit as if they had reinvented kernel mode :)
<wpwrak> but there seem to be some crypto blocks on the bus as well
<wpwrak> perhaps the most important question: can you actually use it without an NDA ? :)
<DocScrutinizer05> the question is: will any hardware manufacturer let *you* use it at all
<DocScrutinizer05> the whole purpose of such thing is to protect the system from user
<wpwrak> yeah, of course. DRM says that. but if you're the hw manufacturer ...
<DocScrutinizer05> yeah, then you can make sure that nothing else but Windows is running on your devices
<DocScrutinizer05> and windows can make sure no software but that one M$ has signed will ever run on the device
<DocScrutinizer05> ~trust
<DocScrutinizer05> *cough*
<wpwrak> of course, of course. but you were asking as a hw manufacturer, right ? we already know that from a user's POV such things are generally bad
<wpwrak> (unless nice guys like us are making the hw)
<DocScrutinizer05> the question I came from: are Jolla nice guys?
<DocScrutinizer05> was Nokia nice when they used that crap in N9 Aegis?
<DocScrutinizer05> >> These applications are validated by the device OEM to ensure quality, << (from http://www.arm.com/products/processors/technologies/trustzone/index.php) -- wrong approach
<DocScrutinizer05> evidence: none of this exists on PCs (yet) - and everybody in FOSS community hopes it will never change
<wpwrak> mission "enduring crappiness" :)
<DocScrutinizer05> can there ever be something like a "nice guy hw manufacturer that exploits BzstZone but still is somebody you would want to support"?
<wpwrak> dunno. if you can find a use to make, say, a password safe safer, that could be a good thing
<wpwrak> of course, if you just make it less transparent, it's not safer by definition
<DocScrutinizer05> I don't see any reasonable design that would need to use BustZone for that
<DocScrutinizer05> the sole purpose of BustZone is tivoization
<DocScrutinizer05> since you need to block user access to monitor mode and secure world and allow it only to the guy with the key aka cert. Otherwise BustZone is void and moot
<DocScrutinizer05> NB there is no way to esablish a secure system starting with an insecure one
<DocScrutinizer05> this type of security has to start with CPU reset
<DocScrutinizer05> so you either have a tivoized system, or you (hw manuf) send the unique root cert private key printed on a card together with the device
<DocScrutinizer05> >> These applications are validated by the device OEM to ensure quality, << only works when all apps are signed with the same key, but none of the users ever gets his fingers at that key
<DocScrutinizer05> which in the end means, the OEM decides when your device becomes obsolete from on day to the next
<DocScrutinizer05> there's a reason why ROM-BootLoader starts in secure mode and checks xloader (next stage bootloader) for correct signature. If that signature doesn't fit, device doesn't start
<DocScrutinizer05> xloader usually does same with uBoot, and when signature of uBoot isn't valid, the xloader either refuses to start it, or xloader switches device into tampered mode that is irreversible except by boot, and also may protect some flash areas from getting written
<DocScrutinizer05> xloader usually sets a "tampered" flag in that flash area, before switching to tampered mode. So you can effectively nuke your device irreversibly by trying to boot a patched system
<DocScrutinizer05> so when OEM decides to implement a BustZone based security scheme, you don't own the device anymore. OEM owns and controls it
<DocScrutinizer05> to do no evil, OEM needs to provide a signed xloader that doesn't lock the device
<DocScrutinizer05> and that inevitably breaks the whole concept, so BustZone is worth nothing then
<wpwrak> well, you can still have a secure system that allows you to bypass that security. e.g., that's what i have in mind for the pw safe. by default, it only accepts signed fw updates. but you can add signatures, if you want.
<DocScrutinizer05> how would you add signatures?
<wpwrak> well, public keys. of people whose signature you'll accept.
<DocScrutinizer05> don't you think such signature package needs to be signed, by a signature that's already on the system?
<wpwrak> naw, you need to unlock the safe and then it'll tell you what it found. then you decide whether you trust it
<DocScrutinizer05> uhuh, and how do you stop malware from doing exactly that?
<wpwrak> to make you decide you trust it ? well, if you're the gullible type, you may find life inconvenient in general ...
<DocScrutinizer05> huh?
<wpwrak> you as the user will have to accept a) any new public keys, and b) any updates
<DocScrutinizer05> nah, malware does exactly what you just suggested user should do
<wpwrak> sure. but if you always follow orders, it may just tell you "mail the password for your e-banking to crook@evil.ru"
<DocScrutinizer05> and I fail to understand the security concept in what you sketched
<DocScrutinizer05> this is NOT about anybody following orders
<DocScrutinizer05> malware can do that for you
<wpwrak> again, you the owner have to explicitly authorize any such options
<wpwrak> how ?
<DocScrutinizer05> yes, exactly. HOW?
<DocScrutinizer05> paricularly how in a way that malware can't emulate
<DocScrutinizer05> "click green button for >trust<" ??
<wpwrak> spin the wheel of the device to enter your code, then read the warning, spin wheel to select "accept", press button, etc. ?
<DocScrutinizer05> the code you have to enter needs to get placed on the device first
<wpwrak> if your malware sends autonomous robots to operate your device, then you lose :)
<wpwrak> yes
<wpwrak> you enter it after unwrapping the device
<DocScrutinizer05> who's doing that, and when? how make you sure that this is not already malware that does it?
<wpwrak> that's a packaging issue :)
<DocScrutinizer05> aha
<wpwrak> make a package you can't re-seal
<DocScrutinizer05> so we're again back to packaging
<wpwrak> another option would be to ship the device unprotected and you do the initial flashing (and locking) yourself
<wpwrak> sure, if you buy the device already compromised, you have a problem
<DocScrutinizer05> I suggested to add a card with the code to the package, you say you make sure that the device can't have been confronted with malware before user does the code printing
<wpwrak> there could also be hw backdoors we don't know about
<DocScrutinizer05> it's basically the same thing
<wpwrak> sure, that's the usual sort of procedures. use a fancy bag that can't be resealed. have an initial PIN, etc.
<wpwrak> you can also ship PIN and device by different channels.
<wpwrak> but of course, the PIN alone doesn't ensure it's not been compromised :)
<wpwrak> but the device can show you a code, too. that can be protected.
<DocScrutinizer05> btw all this is feasible without trustzone
<wpwrak> of course, if you trust nobody, then you need a "blank" device and do the initial programming yourself
<wpwrak> of course
<wpwrak> the purpose of DRM is not to make the world a better place ;-)
<DocScrutinizer05> yes, exactly, and trustzone is about DRM
<DocScrutinizer05> there is no other reasonable use for it
<DocScrutinizer05> since you just explained every other level of security is possible without bustzome
<wpwrak> trust is confinement, torture is care, friends are enemies, ... welcome to 1984, 28th annual update :)
<DocScrutinizer05> eh?
<wpwrak> err, 29th. fencepost error :)
<DocScrutinizer05> about trustzone in N9:
<DocScrutinizer05> http://www.developer.nokia.com/Community/Wiki/Harmattan:Developer_Library/Developing_for_Harmattan/Harmattan_security/Security_guide , or "The purpose of this framework is: ... to make sure that the platform meets the requirements set by third party software that requires a safe execution environment.", or http://en.wikipedia.org/wiki/Trusted_Computing#Criticism,
<wpwrak> ah well, stay away from it :)
<DocScrutinizer05> yes, TrustZone *could* get used to allow user to have absolute control over his device (so for example no thief could access the data on it), but you need to sacrifice the "Purpose" as of above then
<DocScrutinizer05> and root cert is flashed to CPU fuse ROM
<DocScrutinizer05> so you already are lost regarding xloader
<DocScrutinizer05> OEM can't allow user to mess with xloader
<DocScrutinizer05> xloader *could* fetch the cert to verify uBoot from flash that user can alter
<DocScrutinizer05> but xloader's signature key is in OEM's vault
<DocScrutinizer05> actually N900's xloader doesn't care about any cert or signature, it simply enters tampered mode but doesn't lock any hardware
lekernel has quit [Ping timeout: 252 seconds]
lekernel has joined #qi-hardware
jekhor has quit [Ping timeout: 252 seconds]
lekernel has quit [Quit: Leaving]
<wpwrak> there goes another hour of my life. or was it two ? just wish watching a CNC mill do its thing wasn't quite to hypnotizing ...
rz2k has quit []