Your passwords sux!

I have facebooked that LastPass is the tool everyone needs to be using.  I am not always clear as to why I select the tools that deserve your attention.  Every week I get some news and security tidbits from the below podcasts.  What I love about this particular source of information is that Steve Gibson provides ALL the details, dives deep and leaves no stones unturned.  I know this is the second post in a row about Steve’s stuff – but I really did get a Facebook message from a cousin today asking why he should trust LastPass with his passwords.

The short answer is that LastPass does not get your passwords (not exactly).  All that is sent to them is your encrypted stuff.

Most if not all of the password decryption runs in your browser – but it may look like it is on their site.  I am no longer 100% clear on this but myself I will have to re-listed to the first podcast below.

Lastpass and why you can trust it:
Text http://www.grc.com/sn/sn-256.htm Audio http://media.grc.com/sn/SN-256.mp3

Lastpass and why you should use it:
Text http://www.grc.com/sn/sn-366.htm Audio http://media.grc.com/sn/SN-366.mp3

There are some password recovery items the paranoid should look into and disable (but think, know, trust, what you are doing when you do so).

Always Swim Up

Knowledge is the reset button

This post is about how knowledge and research can change your life.  A while back I made a simple internal pact with myself.  If I hit 200 LB I’ll just stop eating.  Funny thing is, that worked for three or more years.  I should mention there was a prior limit set at 195 LB.  Before that I was not really watching.  Weight gain was depressing and all, but not getting in the way as far as I could tell (my doctor had been saying otherwise, but it fell on deaf ears).  When I started to mull over setting the limit to 205 LB I had to put my mental foot down and say no.  At that point it came to starve a few extra hours a week to force the 200 LB limit into remaining valid.  That was probably going to be the rest of my days – fighting the 200 LB limit.  In fact I had already resigned to it.

Diets for me are transient.  I’ll start on one once in awhile.  Never with true intent.  Never with passion.  Never with any successes.  Sure a few pounds at the start – yippie!

The 200 LB limit sat at the back of my brain taking up undeserved space while injecting the fear of getting set higher and higher over time.  I did not want another diet, I did not want to exercise a ton, I wanted to make sustainable healthy changes that put my weight on a downward slope, however slight, just point it down.

Then I learned something.  In one hour.  I was lead down the simple path of well presented information to the knowledge that reset the way I look at everything.  I’ve recently “let my weight drop” and put it on that downward slope.  What a crazy sentence. It seems to imply I have control over the angle of the slope.  I do.  Today for instance I woke up to a 175 LB me. Nice!

What worked for me was simply adding quality knowledge about the human body to my brain. What is a protein, a fat, a carb, a sugar, a ketone.  What of these do I eat or process.  Knowing more about these; what simple changes can I make to effect the changes I have long desired?

It is difficult to find something that’s posted in/on the Internet without agenda.  I’ll try not to lie.  I want you to go out and learn how to learn.  How to filter the noise.  How to know when you don’t know.  I am not teaching these things, they are milestones on your way to finding the reset buttons in your life.

All I can share is what got me excited about learning to learn and to carve through the noise to find the pure notes of relevant research.

I listen to a security related podcast every week.  By Steve Gibson.  Called “Security Now”.  If you are in IT or a geek like me you’ll find it wonderful.  Regardless, what happened out of the blue one day was; Steve did a health related podcast about vitamin D.  Why?  I didn’t care, I got to listen to a very capable explainer explain all about vitamin D.  He consistently applies significant time and energy to each topic he presents on the podcast, this health episode was no different.  He even presented data he had collected from his own blood tests and experiments in sunbathing to collect vitiam D.

Fast forward a bit in time and there was another unexpected health related podcast – this time Steve had been experimenting on himself as it pertained to diet.  As like any security related podcast he taught you the basics and built upon them (over two podcasts this time).  By the end I knew I had started my next chapter in life.  I have since played the postcasts a few more times, bought and read two of the books Steve recommended, initiated simple changes in my daily food types, and lost 25 LB since May this year (4 months).  I have also since learned (as yet another chapter of life unfolds) that without quality data and research you are courting a mundane and manipulated life.

Question everything.  Question this blog post.  Research and return.  Question more.

 


 

Arduino IDE and Google Drive

Under the heading of “mental notes”:

The Arduino IDE has a setting for your sketch directory.  I have recently created a directory on my Google Drive and pointed the IDE to that directory.  Also in the Arduino directory I have created /libraries (lower case, plural) and put there the class files and libraries I download.

Now on any MAC (or PC) I can edit, compile and test code and no longer need to haul around a USB drive with projects.  More importantly I no longer have version splatter across the different machines – I am always working with the current versions.

To get the google drive as a native element of your MAC (or PC) you will need to download and install the Google Drive application.

New proposed TLD .pinkbunny

A new top level domain (TLD) is being proposed to  B’ecause’ I CAN as a safe alternative to existing domain name space.  The “.pinkbunny” domain will be aimed at those organizations requiring a high level of trust and security of their websites, such as kids with pink bunnies, those who may have lost a pink bunny and other critical infrastructure sites that deal with pink bunnies.
The proposal is that organizations successfully registering a site within the “.pinkbunny” domain space would need to undergo a thorough background check and also adhere to a number of strict security requirements such as photographic proof of said pink bunny and regular visits to the vet for checkups to ensure no virus infections.  Any sites not adhering to the security policies would be disconnected.  B(ecause) I CAN is currently reviewing submissions for new TLDs and is expected to publish its results over the coming weeks.

ThinkUp App has your back(up).

I have always believed in my notion that we live on the crest of (various) information waves.  Anything that will save us from living within a single distracted minute is a good thing.  ThinkUp can backup your social network data that’s flowing backward off the waves and out of site as you surf towards the infinit shore.  ThinkUp analyzes all the data it collects.  ThinkUp gives you insights and information previously the domain of the social networks and not shared with you.

ThinkUp is (today) still a bit more geek oriented than click and go user friendly.  For someone that cares about their data (analysis) and has an Amazon AWS account – very simple to install, run, and setup as the documentation is some of the best and most directly useful that I have ever read.  AWS Get Started @ ThinkUp.

For me the best page to read was this one about the inspiration(s) for ThinkUP.  I had no idea that even 3/4 of those companies/services existed.  I found it a quick guide to the current ‘state of the web’ for the core ideas ThinkUp has formed around.  I am glad to say I stand with ThinkUp as “the one” of these many I may be able to contribute to in the future.

http://thinkupapp.com/

Cut with LASER, TechShop an inventor’s gym

Stock bot needed a case.  Something blue and new.  I had a heck of a time learning 3D tools but a meetup friend helped me over the hump of simple box design.  Here is a picture of the resulting box for the Arduino Stock Bot project as it is so far.  Quite happy with the first ever attempt – fits like a glove.

 

Lots of LEDS – now I get it!

This is the page that allowed me my “Eureka” moment on how to drive a large number of outputs from a very few number of pins.  If you ever wished you could have 10 or a 100 more output pins – the shift register chips are ones to consider.  I won’t blabber on just follow the link watch the video and you know where to start if it can be applied to your own effort.

http://bildr.org/2011/02/74hc595/ 

Enjoy

Stock Bot – about the 4511 BCD to 7-segment decoder

Not to be trite but you may learn more here wikipedia.org, than here.  This post is intended to fill in some of the background of how the 4511 chip was used in the Stock Bot project.  Let’s dive in and see if it remains coherent.  The chip is designed (I presume) to enable one to use fewer data lines to drive a 7-segment display.  LED displays are common while the one in Stock Bot is a little less so.  A seven segment display has 7 inputs one for each light element.  You would need 7 data lines to drive a single digit and many more to drive additional digits.  This project does not use the data latching features that enables several 4511 chips to drive several digits while keeping the data line count to a minimum.  When you scale the number of digits you really save on data lines and the value of the chip becomes evident quickly.  To be brief, several digits can be managed (like a clock) by locking the current displayed value into each chip and then unlocking only one digit at a time to effect a change to that digit.  Quickly locking and moving on, unlocking change lock, continue.  If that made any sense you got the idea.  Do this fast enough and large multi digit displays can be managed – again with 4 data lines and the latch control logic.

Driving the single chip was a fun code experiment.  So let’s look at that.  Like I said on the Stock Bot page I had to learn (re-learn/hack in) C# for this.  When you drive the chip you are essentially sending it a binary code along 4 digital lines.  A 4 line data bus I guess.  Given an integer from 0 to 9 convert that to binary or otherwise figure out how to set your 4 data pins correctly.

A set of if statements would do that.  A switch statement would do that.  Both I tried as I had to get something started.  Neither felt clean enough to me (don’t get me wrong some of the code is still way to ugly to even tell you about yet/ever).  So I worked out what I have below because I knew in my mind something cleaner should exist.  Your improvements are welcome as comments.

    // helper class
    class BCDOutputClass
    {
        byte mask1 = 1;
        byte mask2 = 2;
        byte mask3 = 4;
        byte mask4 = 8;

        OutputPort Bin1 = new OutputPort(Pins.GPIO_PIN_D9, true);   // A
        OutputPort Bin2 = new OutputPort(Pins.GPIO_PIN_D12, true);  // B
        OutputPort Bin3 = new OutputPort(Pins.GPIO_PIN_D11, true);  // C
        OutputPort Bin4 = new OutputPort(Pins.GPIO_PIN_D10, true);  // D
        OutputPort CommaPin = new OutputPort(Pins.GPIO_PIN_D13, false);

        // Constructor
        public BCDOutputClass()
        {
            //
        }

        // Instance Method
        public void Display(byte a)
        {
            a = (a < 10)? a : (byte) 10;
            Bin1.Write((a & mask1) > 0);
            Bin2.Write((a & mask2) > 0);
            Bin3.Write((a & mask3) > 0);
            Bin4.Write((a & mask4) > 0);
        }

        public void Clear()
        {
            Display(10);
            Comma(false);
        }

        public void Comma(bool a)
        {
            CommaPin.Write(a);
        }

        // Destructor
        ~BCDOutputClass()
        {
            // Some resource cleanup routines
        }
    }

Most of this becomes clear if I just talk about the meat of the code in public void Display(byte a).  Maybe not but let’s start there as it is the crux of what makes this (IMHO) better over an if or switch statement.  I have, of course, not tried to figure out if this compiles to smaller code or not – that’s not a concern I have any interest in yet.

The function takes in a byte – the code when running sends in the values zero to 10 when all is normal.  10 is an exception and I should explain that first as the line first executed is a test for values over 10 and if over we revert a to 10. 10 in binary is 1 0 1 0.  Setting the 4 pin data bus to an invalid value.  1 0 1 x (where x means it’s not important) happens to BLANK the display.  This makes the code in the function public void Clear() fairly obvious now why it sends a 10 to Display().

The 4 pins how do they get set?  ok, let us use the digit 9 and now step through the rest of the function.  Pin 9 on the Netduino is connected to A or D0 on the 4511, the lowest order bit (ones). 12 is to B or the twos, 11 is to C or the fours and pin 10 to D the highest order bit the eights.  You can look to the mask declarations to get a feel for the positions too.

9 is binary 1 0 0 1

We need to set line A to true, line B to false, line C to false and line D to true.

(a & mask) what does that do?  “a” is type byte and mask1 is of type byte.  The & says do a bitwise AND of the two values.  What’s a bitwise and – (for now – Google it) but I’ll do the math here and might get it across.

1 0 0 1  (9)
0 0 0 1  (mask1)
-------  bitwise and says 1 only when all are one
0 0 0 1 (1)
Result = 1

1 0 0 1  (9)
0 0 1 0  (mask2)
-------  bitwise and says 1 only when all are one
0 0 0 0 (0)
Result = 0

1 0 0 1  (9)
0 1 0 0  (mask3)
-------  bitwise and says 1 only when all are one
0 0 0 0 (0)
Result = 0

1 0 0 1  (9)
1 0 0 0  (mask4)
-------  bitwise and says 1 only when all are one
1 0 0 0 (8)
Result = 8

Let’s take the results of the first operation.  We got a 1.  There’s more in that line of code (a & mask1) > 0

Greater than zero completes a comparison.  Results in a boolean.  True or False.  The first part will result in a zero when we need a false result and a true value when the result is anything else 1 or above.  In the case we just ran through we had a 1 and an 8, both greater than zero, and so had two lines (the first and last) set to true.

By now you’ve either gone Aha! or Duh or are scratching your head.  Either way I am done for now 🙂 enjoy.

Now learn that fun math

Not much to say here.  Just DO IT! http://www.khanacademy.org/ is a wonderful site. If you have a passion for learning or re-learning you will want to bookmark the site. I reconfirmed my ability to add and subtract 🙂 I am going to do every math lesson until I top out (maybe at division).

Free learning – if you have kids – create accounts now. This will help every kid and you’ll be sorry if you don’t also sign up like I have and sharpen you skills.

http://www.khanacademy.org/

Math is fun, yes indeed.

I love to listen to these guys chat, Leo and Steve.  Recently I needed to get a friend up to speed on secure key exchange. Not the simplest topic on the roster.  Just how do we share a secret over the Internet.  While we know others are watching and intercepting our communications.  We do it with math.  Math , when used like this, forces you to want to learn even more math.  Really, math is fun and you will be smart if you learn math.

The first 15 minutes of this podcast prove to me that the more math you can take in the better off you will be in life.

http://media.grc.com/sn/SN-034.mp3 100% relevant regardless of when it was recorded.