Blog‎ > ‎

LTE-M, Tesla Crash, Securing Ubuntu, TCP Stack, Cracking FDE, Local Tech Guy

posted Jul 5, 2016, 8:33 PM by Sami Lehtinen   [ updated Jul 5, 2016, 8:36 PM ]
  • Checked out LTE-M and compared it against Sigfox and LoRa. IoT future is here. 'Best' solution for depends from the needs of the actual application is being used for. In Finland Operators haven't forgotten M2M market at all. But maybe situation has been different in other countires. Depending from use case the main problem is the modem cost. But now you can get really cheap GRPS modems from China. Yet those naturally aren't LTE modems.
  • Tesla Autopilot crash: A bad joke, but this somehow reminded me about: Darwin Awards movie, Autopilot Cruise Control scene. Afaik, Tesla Autopilot is an assistant, not a fully autonomous driving system. Which inherently means that it requires constant supervision. Using boats or planes autopilot won't either relieve you from monitoring where you're going to end up. Some of the news articles were titled with pure lies. 'Autonomous car crashed and killed', hmm, nope. Tesla isn't one. It's always important to acknowledge the true capabilities of a system and even then not blindly trust it. We all knew it was going to happen sooner or later.
    This is closely related to the many of the topics I've posted earlier where people trust systems without questioning those and well, we all know what's going to happen. Same rules applies to anything like fully automated stock investing. It can just go awry at times. Even if it would work perfectly in "normal market conditions" there are situations which will throw it totally off and that's the time when you're going to pay. Luckily that causes only loss of money, not loss of life.
  • My First 10 Minutes On a Server - Primer for Securing Ubuntu - A nice very basics article. Yet it didn't contain anything new. Btw. With dynamic IP you can add your service providers IP range(s). It isn't perfect, but it's still much smaller portion of IP addresses than leaving SSH open globally. This is where the IPv6 helps a lot, because you've probably got just a few /32 ranges to add. If you want to know more details you should check out some of the proper OS hardening guides.
  • Great post about TCP stack by Julia Evans - Sure. As with everything else, there's no perfect fits everyone solution. Many embedded devices use very small fixed Window with TCP. In general that was just same question as it is with standards, frameworks or something else. Use light simple one, use one mega bloated 'fits for everything' one. Or build your own. Which one happens to be the best solution. Also the build your own can be very highly optimized for your needs, but it also might require a lot more work than you initially thought it would. This is just like the question why we use TCP instead of UDP. most often it's just not worthwhile to re-invent something which is already working well enough.
    As example UDP networking and DHT turned out to be really hard for OpenBazaar team. You don't even know what kind of trouble you're going to get into before you try. There are just so many cases and 'problems' to deal with. Naive implementation might barely work, and it's guaranteed to be worse than Linux Kernel TCP.
  • Breaking Android Full Disk Encryption - Let's see. Very long post, but it's all good and worth of reading. Yet again in this case again, it wasn't the magic AES-256 which was broken. But steps related to key management. It's with of noting that even using TrustZone and Hardware-backed Keystore (KeyMaster / TEE) protection didn't protect the key. I'm sure there are many other defected encryption products out there, it's just the case that probably no-one has bothered to take a good look at those.
  • It's so nice to be IT department and tech guy and local support for all the friends & family. Helped people to change and use (proper) passwords, tether laptop and tablet with mobile phone. As well as consulted on VPN services & Torrent Seedboxes & Cloud Torrent Clients, install WiFi Repeaters so that whole terrace gets properly covered. - Something different than programming, operating systems and cloud servers this time.