HR Geeks

The Lockheed newsletter had a review of one of their FIRST teams, Miss Daisy, of the Delaware Valley, who took top honors at the FIRST championships.

article

The last paragraph has some interesting info I am going to look into:

Robotic Simulation

In addition to providing monetary support for the FIRST teams, Lockheed Martin also provides software that allows students to simulate FIRST Robotics competition.

Known as 5th Gear, the software was developed in 2008 by a group of Lockheed Martin FIRST mentors.

It simulates FIRST matches, giving students the ability to practice and try out different strategies before they finish building their robot. Up to six players can compete virtually on personal computers using Xbox 360™ controllers. Lockheed Martin makes 5th Gear available for all FIRST competing teams at no charge, as part of its sponsorship of the program.

I know, one mans old 486 is another man’s firewall or router, but there is a point at which it really is time to get rid of those old electronics sitting around, and that time is quickly approaching.

It’s time for the annual Keep Norfolk Beautiful Electronics Recycling Day, April 19th. Keep Norfolk Beautiful assists residents yearly with disposing of their electronic goods which can be nasty little time bombs in landfills.

Adam has upgraded WP and there is a new and nicer admin interface.

Also at my request he has added the WP plug-in Linkle:

“This plugin allows you to easily insert a wide variety of links into your wordpress documents with the following tag style:

[ ln wikipedia]topic[/ln]
[ ln php]htmlentities[/ln]
[ ln amazon]978-0321396853[text]Eclipse Web Tools Platform[/text][/ln]

NOTE: I had to add the “[<space>” in order for the code to show, remove the space before using.

Or you can add links by clicking the ‘ln’ button inside of the wysiwyg editor. This will bring up a dialog box where you enter in the necessary data for that particular link

The following types of links are currently supported by default (with more on the way):

• amazon
• gravatar
• php
• twitter-rss
• wikipedia
• wppost”

I recently was linked to Flash Earth. This site allows you to switch between satellite map views with a click of the mouse. Compare Google, Yahoo!, Microsoft VE (Virtual Earth), Ask.com, OpenLayers, and NASA Terra.

Images are presented via an all Flash interface and the speed you can switch between services and at which the overlays are changed is quite amazing.

I thought Google had really good images of Norfolk till I switched over to Microsoft VE. Here is an example of the Norfolk Southern coal yard and train depot. (Left: Microsoft VE,Right: Google)

Thanks Erin.

NORFOLK: In what appears to be breaking new, er news, Ethan mounts his Segway again after being tossed and battered (deep fried salad?) only months ago. Is the leg ready to travel? Does his insurance know about this? Looks like its charged and ready to go and Ethan is poised to take on Norfolk Police again Segway style.

Something curious I noticed today. Login to Newegg using Firefox and you are forced to use a CAPTCHA, use IE and its not there. I’m going with IE here because I couldnt figure out if it was showing me a “Z” or and “N” and neither would work!

Now while I am generally a fan of CAPTCHA, I am an even bigger fan of using the computer for good; enter reCAPTCHA. Essentially, a Carnegie Mellon team led by Luis von Ahn noticed that during the process of digitizing books there are words during scanning process which cannot be converted by OCR software to text. “Each word that cannot be read correctly by OCR is placed on an image and used as a CAPTCHA.”

Here’s how it works:

“Each new word that cannot be read correctly by OCR is given to a user in conjunction with another word for which the answer is already known. The user is then asked to read both words. If they solve the one for which the answer is known, the system assumes their answer is correct for the new one. The system then gives the new image to a number of other people to determine, with higher confidence, whether the original answer was correct.”

By reCAPTCHA’s estimates about 60 million CAPTCHAs are solved by humans every day, equating to more than 150,000 hours of work each day worldwide. Thats a lot of potentially useful computing power for the general good by taking the effort spent solving CAPTCHAs online into “reading” books.

Okay, sure I could have purchased the 50-Piece resistor assortment pack from Radio shack for $6, but why bother when you can goto China and eBay and for $25 get 2500 resistors.

I will never go wanting again.

This place might join my list of favorite China direct companies Sun-Pec.

My others include:

LED Shoppe

Cell Phone Shop

Who do you use for China-direct stuff other than China-Mart, err.. Wal-Mart.

In case you haven’t been following the developments with the Mifare RFID system here is what is going on:

So whats happening in this picture?

Here’s the backstory; Most of the RFID vendors keep the inner working secret. Deep inside a one millimeter chip, a small proprietary encryption routine is held. Virtually impossible to reach, spread over five extremely thin wafers that are all interconnected.

Good luck taking that apart to see if you can reverse engineer the algorithm … or at least that must have been the thought of the inventors of the Mifare RFID system. Unfortunately for them, some German researchers did just that … take the one square millimeter chip apart.

And at the latest CCC congress in Berlin, Karsten Nohl and Henryk Plötz gave a about their findings (google video or MP4).

Here is a fascinating description of what they accomplished:

“With a lot of patience, they managed to slice off the top of the chip and reach the first layer. Using a 500X magnifying microscope they took a high resolution picture of this layer. They then used some very fine polish and ‘really really carefully’ polished away the first layer, making the second layer visible. And took another picture. And so on. The story does not say in how many tries they succeeded to make five high quality images, but it must have been a hell of a job. Not to mention laying these images on top of each other and trying to make sense out of it. According to the researchers this all was ‘painful work’. “

They managed to reverse engineer the Mifare encryption algorithm. So long Mifare RFID system.

From Blackbag by Barry comes a description;

“Mifare heavily relies on keeping the encryption scheme secret. The problem is cheap/affordable RF-ID chips do not have enough CPU to do serious crypto, so keeping the inner working secret is the only defense. And during the research many more weaknesses in the Mifare system were found. Even if you do not understand everything, I strongly encourage everyone to view the video of the presentation. It is inspiring to say the least, and shows with determination even the most complex problem can be tackled (well …. almost).”

“The real lesson learned is that security through obscurity does not work, and only buys you some time. But it will bite you in the long run when using it in widely deployed systems. The problem now is millions of Mifare chips are deployed in the field in a huge install base. And most of the users are completely unaware of the disaster that is coming …”

“So far the users are ’safe’. The researchers have not given out the full details on Mifare…. yet. But please take their advice serious: “If you rely on Mifare for anything, start migrating!”. More information about the mifare hack can be expected in the very near future.”

Now step forward a couple of months and:

Roel Verdult of Nijmegen’s Radboud university demonstrated on Dutch television (WMV or Youtube) how he hacked the disposable RFID public transport card. Roel created a small device called ‘ghost’ that is capable of cloning disposable cards and re-use them over and over again. Total hardware costs around 40 euro. And Roel thinks as soon as the German researchers release their information on Mifare classic, the ‘more secure’ subscription tickets can also be cloned .

Then on 12 March 2008 comes word from the Dutch Ministry of Internal Affairs website:

“With little effort abuse is possible and cards can be cracked and copied easily.

This concerns all (access control) cards containing the so called ‘mifare classic-chip’, used in applications that do not rely on additional security measures (like our nation wide transport card).

We guess around two million access control cards are in use in the Netherlands, worldwide we assume two billion.

In various Governmental and private sector this chiptechnology is in use.

Our national intelligence agency (AIVD) has, on my request, checked the method at the Radboud University, and confirmed their claim is correct and works.”

Absolutely fascinating stuff the impact of which could be pretty big when the next unbreakable technology is widely adopted, implemented and cracked! Oh that was Microsoft’s Windows Media DRM, no wait or was it Apple’s FairPlay, no wait it was… Good luck.

Here is the press release from the Digital Security Group of Radboud University detailing their findings on the Mifare Classic security weakness.

UPDATE
Radboud university came out with a video and a report (ENG PDF) on the Mifare hack.

stand by for freely available software!

You might have missed this a few days ago but I saw it being touted in a recent television ad; “Cavalier Goes Google”

Users will find The Google application suite via a Cavalier web domain which will provide Gmail, Google Calendar, Google Shopping, Google Picasa, and the Google Start Page feature allowing subscribers to create a home page. Cavalier claims to be the first company in the communications industry to launch these services.

Cavalier is starting right off using the Google brand to their advantage through their advertising. I can imagine that people are more apt to pick an ISP who uses the Google logo stamped on the front page on in their television ad.

I can also see why an ISP would want to outsource their mail, video hosting services, etc… to Google.

First, I dare say that most ISP’s use horrible webmail systems both on the front AND backend. The goal here is to make a buck and not everyone can afford a fully implemented MS, Lotus or Sun solution. The more affordable solutions lack advanced spam blocking features, calendaring, collaboration and other tools that make email more usable.

Second, Google with its power over the internet has become the one who sets defacto standards across the internet for ISP’s and others to follow. If everyone used and learned it people could easily switch between ISP’s or simply be able to help others with problems quicker.

Third, I could see ISP’s lowering their costs not having to deal with the support and maintenance issues associated with Google Apps equivalent services. I don’t even use the “extras” (email, webspace, etc) with my COX account. Provide me pure connectivity and no add-ons. But then again, these companies are out to make a dollar so I don’t see the pricing going down anytime in the near future.

I can see benefits for an ISP and users, but the lack of options and privacy issues could pose a potential hazard. Unwittingly or being forced to give up your privacy to Google is the biggest danger I see.