Richi's blog

Category: Uncategorized

  • Pilot 4 a day with a Jaguar driver

    Every once in a while I get to do a pilot for a day. That’s our premium offer at paraeasy.ch, and admittedly the most fun to do. Depending on the weather we either do a cross country flight or multiple flights from various mountains. This time, the weather looked promising, but not good enough for cross country. So we set out to do the first flight early from the Rigi. Christoph, todays passenger came with a beautiful Jaguar E-Type, and he is also member of the Jaguar Driver’s Club. The residual cloud cover that should disappear quickly in the morning was lower and more durable than was predicted. So we spent more than an hour para-waiting in the fog. When the fog finally lifted, we had a nice flight with some weak thermals and a couple of tight circles down to Goldau.

    After having lunch on a lakeview terrace in Lauerz, we drove with our two Jaguars to Brunnen. Then we headed to the Fronalpstock. From the main takeoff, we followed the ski slope down to Stoos, flying along the rock cliffs to the alp above Morschach. Next, I took course straight to Brunnen and with lots of excess altitude, we floated around and did some sightseeing. The smooth landing was on the Auslandschweizerplatz, one of my favorite landing zones, near to the lake front.

    For the third flight I came up with something very special. With the steam boat we crossed the lake, and took the bus and cablecar to the Niederbauen. Like on the other mountains before, the view was marvelous. Sadly, the wind at takeoff had an unusually suboptimal direction, hence I was not certain if we really could cross the lake. We took off, and heading towards Seelisberg town I grew more and more confident that we would make it. Along the rock cliffs of the Seelisberg mountain we soared with the birds, making ground without loosing altitude. Above the lake, we did another photo session, and we even had enough altitude left to fly to the Auslandschweizerplatz.

  • Full disk encryption with the crypto stick

    Last week I finished the udacity applied cryptography course. I did not as well as in the other courses, nonetheless I learned a lot and it was (as always) really interesting. We learned about symmetric and asymmetric encryption, hashes as well as key exchange and management. Each week in addition to the regular homework, we got a challenge question. For most of them, I invested some time, but then had to surrender. Well, I still managed to complete some of the challenges. The most fun for me was a side channel attack on the diffie hellman key exchange protocol. We had information on how many multiplications were required for the fast exponentiation of the RSA key on one end. That was enough to decypher the secret message. It was a good illustration of what has to be taken into account when developing real world cryptographic algorithms. And it reminded me of how some smart cards were hacked by closely monitoring the power consumption.

    Now, it was time to put my crypto stick to use. My netbook still ran Ubuntu Maverick due to the horrible graphics card (gma500). So I waited for the release of Linux Mint 13 LTS. In the 3.3 line of kernels there is a poulsbo driver already included.

    First I prepared the crypto stick according to this tutorial. After initially generating the keys on the stick for maximum security, I let myself convince to generate them on the computer to be able to make backups. I could not regenerate the authentication key so far, and thus I can’t use it for ssh at the moment. I’m still looking for a solution on that.

    Then I installed the operating system along with the full disk encryption according to this tutorial. At first it didn’t work, but then I discovered that there was a mount command missing in the tutorial and thus the generated ramdisk was not written to the correct boot partition.

    Here is how it works (as I understand it):

    • grub loads the kernel along with the initial ramdisk which contains everything necessary to communicate with the card.
    • The ramdisk also contains the keyfile for the encrypted root partition. Upon entering the correct pin, the smart card decrypts the key file (asymmetrically).
    • The key file in turn is used to (symmetrically) on the fly decrypt (and encrypt) all accesses to the root partition.

    It was new to me how to put stuff into the vmlinuz ramdisk. Apparently the script to ask for the key and decrypt the key file, as well as the keyfile itself and all the other required stuff can be added by installing a hook that is executed whenever a new ramdisk is created. For example when installing a new kernel.

    Not that I would have something stored on the harddisk, that would require such a level of security. But it’s interesting to set up and see how it works in action. The crypto stick adds a fair bit of security. As it has a smart card built in, a trojan couldn’t get hold of the private key, and a 2048 bit key is way harder to crack than a password that one can remember and type in every time.

  • Driving assistant

    Recently I completed the udacity class “programming a robotic car”, where Sebastian Thrun thought us what makes the self driving cars tick. He drew from his experience of winning the DARPA grand challenge in 2005. Now he’s leading the Google self driving car project. It was a very interesting course. Some stuff was already covered in the ai-class, but was a lot more detailed this time. We got homework assignments in python that we could complete directly within the website’s integrated editor. So, we implemented some of the key components in simpified form. Namely Kalman Filters, Particle Filters, Motion Planners with smoothing, and last and most interresting, SLAM.

    So, a while ago an idea started forming in my head. Todays smartphones should be powerfull enough to run some computer vision algorithms to help the driver identify obstacles, or warn him when he’s about to leave the lane. In fact, some premium cars already have such systems installed. First I looked in the android market, but found nothing. So I started looking around for how to integrate OpenCV in Android. I knew this part had been done before. I was not too keen to start yet another time consuming toy project, as I’m very busy at the moment. Another more extensive search in the Android market revealed some apps. And I was releaved to find some that implemented just what I was thinking about. There are two that I installed on my phone and am currently testing. Although I must confess, instead of increasing the security, they can also distract.

    Drivea

    The first app that I installed was Drivea. It may not be as polished as competing apps, but I like it when yu have the feeling, you know how it works. On my Galaxy S it runs smoothly without any problems other than some inaccuracies in the classifiers. Would be great if ot were opensource, so we all could learn from it, and maybe even contribute to the evolution.

    iOnRoad

    A bit too shiny for my taste. The core of it works really smooth. The classifiers and filters are better tuned than with the competing apps I tested.

  • Jaguar drivers club excursion

    It’s almost ten years ago, when I bought my vintage Jaguar XJS. And in two years time it will turn 30, thus gain official classic status. That means a huge drop in insurance and tax fees. It’s a grand tourer coupe with an incredibly smooth running V12 engine, sporting 294 horsepower. Because it shares the same comfort suspension with the XJ saloon, the regular version is not so great for racing.

    I learned long ago, that there were some XJS used for racing. I saw reports of increasing the displacement from 5.3 to 10 lites or mounting a dual compressor, thus reaching 1’000 horsepower. But only when reading the latest issue of the JDCS Tribune, I learned that the XJS was in fact Jaguar’s most successful racing car. When you read about Jaguar racing cars, what you usually find, are the legendary XK120 to XK150, C-Type, D-Type, the Silk-cut cars, and maybe something about the XJ13. There are some cool old looking videos on youtube.

    But the reason I write about all this is that I was, after years of absence, finally driving with the Jaguar driver’s club again. Levin, my older son, is the biggest fan of cars that I know, and he was looking forward to this day for a month. He was totally excited seeing all these beautiful cars. And during the drive he observed every car he could see, following them and trying to identify.

  • Playing with Smart-Cards

    Ever since reading the book “Kryptographie und IT-Sicherheit” where I first learned about how SmartCards work, I wanted to do some SmartCard programming. In the book it describes some inner workings of Smart Cards, and that some of them have a small Java VM inside. But it turned out that the entry was not as easy as in many other fields. First of all, you have many smart cards (SIM of your mobild phone, Credit Card, Debit Card, Health insurance card, …), but usually they are protected so you can’t install anything of your own. Technically, it would be possible to have many applications on the same card, like CreditCard, DebitCard, HealthInsurance, PublicTransport, and so on. But with very few exceptions, the issuers don’t feel confortable sharing a card with someone else. Then there seem to be many different standards, and the companies seem to bee keen to obscure as much as they can. And then you also need kind of specialized hardware, but that’s the easier part.

    (more…)

  • Installing to an external harddisk with qemu

    The harddisk of my aunt’s pc was broken, and I had an old disk around that I could use for replacement. Now I wanted to install it prior to go there. Of course there is the option to take my harddisk out, and use my PC to install her harddisk. But I wanted to use my machine for other things during that time. So I checked, if I can configure VirtualBox to use an external harddrive connected with an IDE to USB converter. I didn’t find such an option. So I read up a bit on qemu. I used qemu before, and quite liked it. Qemu is fully commandline which is cool sometimes, while other times I like to have a GUI such as with VirtualBox. This time it didn’t matter, I only needed to be able to install an iso onto the external harddisk. And it’s as easy as this:

    sudo qemu -boot d -cdrom ~/Downloads/linuxmint-12-gnome-dvd-32bit.iso -hda /dev/sdc -m 512

    The sudo is only required because as a regular user I don’t have write permissions on /dev/sdc.

    edit 5.Aug 2012:

    On Ubuntu 12.04 replace qemu with qemu-system-i386 or qemu-system-x86_64

  • Reviving my vintage 3d shutter glasses

    Many people don’t even know that there were 3d rushes before the one that’s currently fading. In a previous one, some ten years ago, I bought a very expensive ASUS graphics card with shutter glasses. It was really cool for gaming with the 21 inch CRT, but nothing compared to the graphics of today’s games. I still have the glasses, and I wondered many tmes, if I could use them with current equipment. There have been pages on that topic for a long time, but only now I found a page that has all the details to get me interested enough. It features a preload library with which you can hook into the process of switching the image. It has different color schemes as well as sequential for shutter glasses. It uses the V-Sync of the VGA connector to trigger the glasses. But VGA is not so common these days. Luckily, the preload lib is opensource. That allowed me to modify it so as to communicate to an Arduino or orher micro controller through USB FTDI.

    (more…)

  • A sink for the kids to play

    When the new kitchen was installed in our camper, I didn’t throw everything of the old one away. Only the part with Mirella’s bad memories. I kept the faucet so that I could use it for the kids one day. Recently I exchanged the pump and the water tank. With the old parts I had almost everything I needed. The only things left to buy were a crate and a drain. Mirella gave me a bucket where I could drill a hole for the drain. Assembling it was easy, and Levin was lost in playing for hours…

  • Robot arm part 2 : ROS connection

    As the name implies, ROS is not just another library to get familiar with. It is an operating system for robots. That is also quite different to a traditional operating system. As I didn’t want to learn a whole bunch of stuff first, I learn about the concepts and facilities as I move along.

    After I modeled the robot arm with a urdf xml file, and it moved in the simlator, I wanted to connect ros to the physical arm. I found some tutorials for rosserial on how to connect to an arduino. So, I adapted these examples to the robot arm. The microcontroller board has many similarities to an arduino, but some things are different. First, I compiled the firmware. I had to copy some files from rosserial_arduino, and modified them accordingly. Hooking up the servos as ros subscribers is actually quite easy. The arduino examples use a standard python script on the computer. It looked as if I could use the same. But the robot arm only runs when the RTS level is high. As most libs and programs don’t do that by default, my robot arm did nothing. So, I copied some scripts from rosserial and modified them. In the process I learned about the statserial program that displays the status of the different serial pins. Now, the arm moved to the initial position and waited. Meanwhile I tried to connect to it with the modified python script, but I still got “Lost sync with device, restarting…”.

    (more…)

  • Optimizing compile time of a large C++ project

    The codebase of our PointLine CAD is certainly quite large. sloccount calculated roughly  770’000 lines of C++ code. I know, this is not a very good metric to describe a project, but it gives an idea. Over time the compile time steadily increased. Of course we also added a lot of new stuff to the product. We also used advanced techniques to reduce the risk of bugs, that have to be paid with compile time. But still, the increase was disproportionate. We mitigated it by using IncrediBuild. Just like distcc, it distributes the compilation load across different machines on the LAN. If I’m lucky, I get about 20 cores compiling for me.

    About once a year, one of us does some compile time optimization and tunes the precompiled headers. I did so about three years ago, and then this week it was my turn again. Reading what I could find about precompiled headers on the internet and applying that, I could get only a small speedup, roughly 10%. So I cleaned up the physical structure of the codebase. Here are some things I performed: (more…)