UrlBlogGrey

Since learning of the PIC2 Micocontroller Programming Kit, I began wondering if I still had my prototyping breadboards from my Electrical Engineering classes at UC Davis. After 10 minutes of going through boxes, I found my two breadboards: the Jameco JE26 (left), and the "Global Specialties" proto-board 10 (right).

The JE26 was purchased late in the quarter of my Circuits 2 (EEC100) class to accomodate my larger projects. It is three-times as large as the proto-board 10. I found some Integrated Circuits (ICs) left on the JE26 from my last project. They include some Operational Amplifiers (Op-Amps) and Multi-Input NAND gates. I'm sure I'll find a use for them in a future project.

I showed the protoboards to Natalie, and she remarked that I must have looked like a total geek while carrying the protoboards around campus. She's certainly right, but I thought of it more as a source of pride at the time. It isn't often that computer scientists can put their hands on a physical representation of their work.

Posted by Scott at 12:56 PM | Permalink | Comments (1)

It had been about two months since I last purchased music, so a few weeks ago I shelled out $60 for some CDs that I've been admiring. Those include the latest from Broken Social Scene, Ulrich Schnauss, and old releases from Built to Spill and Modest Mouse. I'll write up a review of the Broken Social Scene album soon, but in the meantime I'll just say that it's a wonderful example of what indie rock ought to sound like right now. With the sudden expanse of my music collection, and my habit of playing podcasts during my commute, I won't be without listening good material.

Posted by Scott at 10:03 PM | Permalink

I read a great article in the latest copy of Make magazine about using PIC microcontrollers in hobby electronics projects. I used PICs in a couple of Electrical Engineering courses at UC Davis, and found a lot of joy in having a program written in C and assembly language take on a physical representation through a combination of integrated circuits (ICs), resistors, LEDs and such. Upon graduating, I became very software-oriented and left my EE work behind.

Microcontrollers are general-purpose, low-power, programmable computers that can be found in any number of household devices. Any time you use an electrical device requiring some degree of logic (i.e. microwave, VCR, etc) but not a full-fledged computer, it's likely that you're interacting with a microcontroller. The potential for creating fun embedded-programming projects is huge!

It's amazing how inexpensive the hardware has become: the industry-leading company Microchip produces microntroller starter kits ranging from $36-$50. They feature microcontroller programmers with USB interfaces, and can be used with a broad range of computing platforms (including Mac OS X). I'm probably going to buy the PICkit 2 product, which supports 8-,14-, and 20-pin microcontrollers. The additional pins typically provide more input/output lines. The only additional tools required are electrical components (resistors, capacitors, switches, LEDs, etc) and a regulated power supply. The later might be the most expensive component, but I should be able to get a low-end model since PIC projects usually require just a fixed 5-volt power supply.

Posted by Scott at 10:20 AM | Permalink

In a previous post, I described a repair I made on my 1998 BMW 323is involving the replacement of the secondary air pump. The pump failure was accompanied by the triggering of a 'check engine' fault which has been on for far too long (over a year...). I became worried when the 'check engine' light remained active after replacing the pump. I verified that the pump did in fact work, so it wasn't a major concern.

Fortunately, the check engine light became inactive on January 15. I had replaced the pump on December 22, which means that it took about 3.5 weeks for the diagnostic system to give the "okay" to the newly-installed pump. I had hoped that the fault would be cleared automatically so as to avoid paying $30+ for a mechanic to use a blessed tool to clear the fault.

Posted by Scott at 1:09 PM | Permalink

I read an interesting article on Bruce Schneier's blog regarding a possible solution to the problem of "trusting trust". The basis of the problem is that a chain of trust is formed between source code compilers, and has the potential for exploitation if the first compiler in the chain contains malicious directives. The first compiler could modify all compilers and debuggers it builds to propagate any of its malicious directives.

The role of a compiler is generally to produce a machine-readable form of human-readable source code. The compiled output can take the form of machine-code (native binary), or intermediate byte-code (as in the case of Java and its Virtual Machine). A Java program represented by byte-code is interpreted at run-time by a machine-code program. Frequently, Java programmers will adopt a false sense of security because their programs are represented by byte-code running in a Virtual Machine (VM); however, the VM is a machine-code program that is as vulnerable as any other machine-code program. The difference is that a higher degree of trust is placed on the VM machine-code than on one's own program. The merits of this outcome are debatable. Because the operating system is built using a source code compiler, it is vulnerable, too.

Schneier suggests that having two root compilers with equivalent functionality and different sources can remedy the problem. It's sort of like having two separately-designed factories responsible for producing a widget; if both factories receive the same specifications from the widget designers, there is no need to trust one factory more than another since their output must be the same. If it is not the same, then at least one is incorrect. It is possible for both factories to be wrong, but not in identical ways.

Posted by Scott at 9:35 AM | Permalink

There's a great extension called Enigmail for the Thunderbird e-mail client that provides integration with the GNU Privacy Guard implementation of PGP. Enigmail makes encryption, decryption, and signing activities incredibly easy. It also provides a great tool for searching and importing public keys into a local truststore. I'm going to start using PGP to secure e-mail communications whenever possible. I've published my PGP public key to the PGP Global Directory, and can be referenced directly using the identifier E80DCE23. Here are some screeshots of Enigmail in action:

Posted by Scott at 10:35 AM | Permalink

I've been struggling with the speed and lack of features present in the Mail.app program included in the Panther and Tiger versions of Mac OS X. I've also been experimenting with PGP a lot lately, and Apple's lack of direct support for PGP plugins has led me to migrate my mail messages to the Mozilla Thunderbird e-mail client

Thunderbird is a cleanly-designed e-mail client available for all popular computing platforms (Windows, Mac, Linux, etc.) and is part of the Mozilla family of Open Source products. I was expecting some difficulty in migrating my e-mail data since I was ultimately unable to get my messages out of Microsoft Outlook when moving to the Mac over 2 years ago. This wasn't the case with Thunderbird. Information on the Thunderbird website led me to believe that I could simply copy my "mbox" directories into the Thunderbird library directory and be done with it. Unfortunately, this applies only to the first version of Mail.app, which is not included on Mac OS X Tiger (10.4) (version 2 is included, instead). A quick Google search led me to a blog entry that then directed me to the Apple support site which recommended a program for converting Mail.app's "emlx" files into Thunderbird-friendly "mbox" files.

In 15 minutes, I was working in Thunderbird with all of my old mail messages looking pristine as ever. Now the Thunderbird just needs to tie in to the Mac OS X Addressbook. Then I would be in heaven!

Posted by Scott at 4:50 PM | Permalink | Comments (2)

While reading the book 'Crypto' by Steven Levy, I became enamored with the idea of writing a tool to simplify the use of Pretty Good Privacy (PGP) to secure e-mail communications. I should have known better after having read about the pitfalls that dragged down PGP, RSA and others. I'm sure that the NSA is pleased with the outcome: the Common Access Card (CAC) has achieved widespread use in the U.S. Department of Defense with strong crypto for e-mail, while no such solutions exist in the public domain.

In any case, I came upon a nice set of cryptography APIs from Bouncy Castle for Java that perform common PGP operations such as key creation, signature verification, and stream encryption. Next, I set about to create a Java Swing GUI for creating a PGP keychain and key. This was pretty easy, but I have not been successful in verifying message signed using other PGP tools. Hopefully, I'll be able to solve the problem of verifying messages tomorrow. The next step I'd like to take is to provide for the specification of the PGP keyring filesystem location, and the importing of other people's public keys. Here's a screenshot of the 'keyring creation' dialog:

At this point, I'm afraid of wasting more time in pursuit of a convenient tool to encrypt & sign messages since it seems that after 15 years PGP is still not ready for prime-time. I don't think it's the result of a design flaw in PGP; rather, it seems that the infrastructure and standards aren't firm enough to ensure compatibility and ease of use.

It's really a shame that the continued lack of a Certificate Authority for PGP keys has been the downfall of secure e-mail. Without a CA, the dreaded "web of trust" as described by Bruce Schneier prevails. Users are required to trust one another based on credibility of a mutually known and trusted third-party. The credibility of the web’s connections decreases as it grows.

Posted by Scott at 4:25 PM | Permalink

Natalie and I visited Monterey on Sunday and Monday to close up some lose ends since we left in November/December. While driving from Oakland on Sunday afternoon, we decided it would be a good idea to get some drinks from Starbucks. I mean, how long could it take? For us - long time.

We took 4 exits over a 60 mile span looking for Starbucks near Highway 101, but had no luck. To make matters worse, we are both very familiar with the route and have each driven it dozens of times. We eventually settled on going to the location in Gilroy that we typically visit while driving between Monterey and the Bay Area. All told, we spent over 45 minutes looking for a Starbucks during a trip that should take only 90-120 minutes. So much for instant gratification!

Once in Monterey, we had a good time visiting our old neighborhood and catching up with friends. We went by our old apartment building to determine if any improvements had been made since we left. The clothes dryer had been missing the lint trap for about 1 month when we left, and we were certain that the building would have caught fire and burned to the ground by now. No such luck - they had installed brand-new washer and dryer units, and threw on a couple more layers of paint onto the existing 20-30 layers. Our apartment was run by slum-lords, and I think that the fact it was Natalie and my first place together is the only thing that over-shines the squalor of it all.

We took some fun photos around town, including one of our favorite bar, Alfredo's. It was where Natalie and I went with some of her friends on her birthday right around the time we met. Naturally, we've got a lot of personal attachment to the place.

We also drove by the house I was living in when Natalie and I began dating. Meow!

Posted by Scott at 8:43 PM | Permalink

I've been a follower of the "Getting Things Done" (GTD) methodologies since reading the book last January. The first and most "sticky" change I made was to use 3"x5" index cards to record items I need to do. The idea is to perform a brain-dump as soon as an idea occurs because the human brain does a poor job of recalling things out of context.

I've read a lot on the 43 Folders website about the popularity of the trendy Moleskin pocket notebooks. I have preferred the 3"x5" index card solution because it affords me the ability to dispose of cards that were for one-time notes (i.e. write e-mail to parents, etc.). Putting such notes in a Moleskin seems bad because those notes stick around for the life of the notebook. So, I've put off getting a Moleskin until a week ago when Natalie and I were buying art supplies for a drawing class I'm taking.

I finally figured out a good application for the Moleskin: lists. Long-term lists. Here's a good example: I'm at the grocery store looking for a bottle of wine. I know that I've tried many of them before, but can't remember which I liked and disliked. Maintaining a list of favorite wines would help solve the problem. Another good application would be too keep a list of favorite restaurants organized by type of food or environment.

Through the GTD methods, I've learned that I'm really good at solving immediate problems, but suffer at maintaining information about experiences had during abnormal contexts. Persisting that information in an organized medium seems like a good solution. I'm going to give it a try and will report on the success at a future date.

Posted by Scott at 4:49 PM | Permalink

I began working for EMC Documentum in November, 2005, in Pleasanton, California. My previous job was with SRA International as a government contractor in Monterey. I am now completely aware of why people from the San Francisco retreat to Monterey on the weekends. Simply put, it's a rat race up here.

Monterey is an extraordinarily beautiful area. Unfortunately, the real cost of living is much more expensive than neighboring area, including the S.F. Bay Area. The lack of technology jobs in the area severely restricted my opportunities.

So, we've since moved to a beautiful apartment in the Oakland/Piedmont area. I have no complaints about our current living arrangement, but I can't help comment on the growth trends I've seen in the Bay Area since moving. The office I work at is located in Pleasanton, which is a booming part of Alameda County. There are hundreds, if not thousands, of single family homes and condominiums being built on what once served at ranchland. It's simply astonishing and revolting to look at. Fortunately, my evening commute takes me back to the less-densely populated Oakland/Berkeley area; however, I see thousands of cars trapped in gridlock as they travel from the business hubs of the Bay Area (S.F., Oakland, Berkeley, Walnut Creek) to the suburbs of Pleasanton, Dublin, and Livermore.

I think that it is human nature to screw up the first time. Initial construction or development is the byproduct of short-term thinking designed to address an immediate concern. It is hard to understand what your requirements will be like 20, 50, or 100 years into the future. I frequently encounter similar situations in software development. Only when presented with an existing infrastructure and the need to expand is an engineer forced to sit down and contemplate their choices. This process of screwing up initially and then performing repairs is timeless.

In software engineering, and traditional architectural engineering, there are patterns that aid designers in their work. Patterns represent ideas that are known to work well. Good engineers rely heavily on patterns for a myriad of reasons: they reduce the workload, serve a common language among engineers, and reduce risk. What bothers me about the growth in the Pleasanton area is how closely is mirrors the growth of the Pleasant Hill & Walnut Creek areas in the 1950's. Those areas reserved little real estate for commercial ventures. Fifty years later, the majority of residents are left commuting ridiculous distances to work, spending less time with their families and friends, and feeling less connected to the cities in which they live. I have a strong feeling that the Pleasanton area is going to face a similar fate.

I feel extremeley fortunate to be living in the Oakland area. It is simply beautiful and home to a diverse population. I could work in the Oakland/Berkeley area if I chose. Sure, I can't afford a 2500 square-foot home here, but I'm enjoying my time renting.

Posted by Scott at 3:48 PM | Permalink

We recently recorded (or as Natalie says, "taped") an episode of Austin City Limits on Tivo that featured the bands Modest Mouse and Guided by Voices. I watched the first 10 minutes of the Modest Mouse performance and was reminded of how much I loved the band back in 2002 and 2003. I imported four of their albums into my iTunes library a long time ago. This is the beauty of iTunes, and digital music jukeboxes in general: music you haven't listened to in years is as easy to locate and listen to as music you've been listening to repeatedly for the last couple days. Not so with CDs: you keep a couple CDs in your car trunk, at your desk, on top of the stereo at home, etc. At no point is all of the music located in a single place. In this case, I just looked up my old Modest Mouse albums, transferred them to my iPod in less than a minute, and was listening to some nostalgic tunes during my morning commute to work.

Modest Mouse produced some really amazing albums in their early days ("Moon and Antarctica", "Lonesome Crowded West"), but have been diluted in recent years ("Good News for People Who Love Bad News"). I stopped listening to them in 2004 when Natalie started giving me a hard time about the popularity of "Good News..." with the O.C. crowd. I have since arrived at the conclusion that the O.C. crowd can have the "Good News..." album, and I'll take the rest. What is it that makes the quality of a band's work degenerate so? I read a review of their "Lonesome Crowded West" album that said "...Modest Mouse made better music when they were all drunk and on acid." Maybe so. Here's to booze and acid...

My favorite Modest Mouse albums are:

The Moon & Antarctica

Lonesome Crowded West

Posted by Scott at 9:19 AM | Permalink

Natalie bought a new desk from Crate & Barrel as my Christmas present. I assembled it last weekend and situated the Mac Mini on it. I think that the modern styling of the Mini, monitor, speakers and desk provide a very cohesive look. I can't wait to receive the new chair I've ordered so that I can actually make use of the desk! Here are some photos of the setup:

Posted by Scott at 2:39 PM | Permalink

I've been facing the problem of securely mirroring my security credentials across our two Macs at home. The solution I've gone with is to use a Sandisk USB flash drive containing an encrypted, password-protected keychain.

The Apple Keychain is a great application that integrates nicely with any application capable of using its various APIs (Applescript, Cocoa, Carbon, etc). Rather than commiting to memory dozens of usernames and passwords for various web sites and programs, you can consolidate them in a password-protected keychain. Applications like Safari and Mail can then request access to a user's keychain to obtain security credentials.

Having a single keychain per machine would be like keeping your house keys at home, and your work keys at work. It doesn't make sense. Consolidating all of your keys onto a single, portable keychain improves the manageability of the keys and makes them less vulnerable. Imagine leaving on the surface of your desk the key to a filing cabinet located in your office. When you aren't at your desk, the key can be used without your knowledge. Such an opportuntiy for theft would not exist if you took the key with you on a keychain.

So, placing all of your digital credentials on a portable keychain has the ability to improve your overall information security. But it's extremely important that you protect the keychain. Just as with your real keys, anyone who gets your keys has access to your home, office, and car. Therefore, it's important that you protect your digital credentials as much as, if not more than, your real keys. Protecting the keychain in Mac OS X is easy since the keychain is password protected and encrypted. By choosing a strong password for the keychain, you can ensure that anyone who surreptitiously gains physical access to the digital keychain won't be able to view your credentials.

So far, I've had a good experience with my digital flash drive. While switching between my Powerbook and Mini, I simply bring the flash drive with me. Mac OS X automatically refers to the keychain when it is available. I wish that a similar facility were available for Windows PC's so that I could securely store and access my credentials at work.

Posted by Scott at 10:55 AM | Permalink

The D-Link 802.11 b/g wireless network adapter we've been using with our Tivo for the last 6 months has worked flawlessly. The only downside has been Tivo's lack of support for Wi-Fi Protected Access (WPA) authentication. Tivo only supports Wired Equivalent Privacy (WEP), which is vulnerable to attacks using widely-available hacking tools. The lack of WPA support has forced us to downgrade the security of our entire network.

A few days ago I received the new Netgear FA120 USB Ethernet adapter. I plugged it into the Tivo's USB port and was immediately connected to the LAN and Internet. Problem solved.

Next, I upgraded the wireless security on the Linksys WRT54GS access point to use WPA2 authentication. WPA2 uses military-grade 128-bit AES encryption, and an ever-changing key to eliminate the threat of record-playback attacks. Take that, evil hax0rs and governments snoops!

Posted by Scott at 10:24 AM | Permalink

I came across a post on BoingBoing referencing some Motorola advertisements from the 1960's portraying homes of the future. Most of the homes are truly fantastic to look at, but they are completely impractical and idealistic. Some of the recurring themes I noticed in these images and others like them are the enormous glass windows, serene natural settings and sparse, clean living spaces. It's like the huge windows are used to emphasize the contrast between the primitive and modern. Looking out through those windows is as engaging as staring at a television screen.

Posted by Scott at 11:08 AM | Permalink

Our cat, Iphigenia, seems like the bah-humbug type throughout the year. But during the holidays he gets in a really festive mood. Here's to a great holiday season and a wonderful new year!

Posted by Scott at 10:49 AM | Permalink