Clete's Blog

I apologize for not posting in a (very) long time. I have been busy. Additionally, I haven’t had many topics to talk about.

Currently, I’m in limbo waiting for the new MacBook Pro laptops to be released. It is rumored that a refresh might happen at Apple’s January tablet event. I’m purchasing a MacBook Pro due to the endless volley of issues being thrown at me directly by Dell’s abomination of a service department.

School has started back. I will be listing my schedule below:

MWF Fundamentals of Calculus 8:30-9:20

MWF Operations Research 2:30-3:20

TTH Personal Finance 8:30-9:45

TTH Database Systems 1:00-2:15

TTH English Composition II 2:30-3:45

TTH Astronomy 5:00-6:15

Monday Committee Meetings at 6:30-7:30

Work:

Monday 1:00-2:30

3:30-4:30

Tuesday 12:00-1:00

Wednesday 1:00-2:30

3:30-4:30

Desk hours: 9:30-12:30

Duty on some Sundays and every other Thursday night.

A few weeks ago, a worm that targeted jailbroken iPhones was released. This worm worked by exploiting a very simple security vulnerability. When installing SSH on a jailbroken phone, a default password is assigned and the user is not forced to change  it. That’s the only problem. This worm scanned for open SSH ports in IP ranges reserved by telecoms. When it found an open SSH port, it tried to login as root with the default password. If that succeeded, it would change the wallpaper to this:

It was only a matter of time until someone exploited the vulnerability — for real. Now, there is a worm out using the same exploit that allows the hacker full control over the phone and also spoofs a bank login page to steal bank credentials.

Really, this is equivalent to installing a web server, turning the firewall off, allowing SSH access, and setting your root password to ‘root.’ The problem here is that the average person who jailbreaks knows little to nothing about security.

Whoops!

Recently, I found this graphic on the internet. It annoys me to no end that most people do not understand the difference between “I could care less” and “I couldn’t care less.”

There are so many posts out on the internet about router security. Well, here is another one.

In my house, I receive at least 6 WAPs in some spots of my house. Over the few years that we have lived in our current house, I have seen router security improve.

However, people take the first step to securing their router and then they stop there. They do the basic WEP encryption and then just leave their router alone. This is a bad practice. WEP isn’t enough.

If you’re sending packets over your network using a short key for your passcode, you’re at high risk. Most people don’t realize that there are tools available like aircrack-ng and LiveCDs like backtrack available that are made specifically for quickly cracking low-security networks. These tools can crack your password in a number of minutes if you’re actively using the internet. Once your network security is compromised, it’s all over. The perpetrator can intercept (and if he has enough knowledge, he can even inject) packets from your network and find out anything that he wants to know.

That’s why I must say: Use WPA2-Personal encryption as a minimum for your home network!

That’s all.

I have 30 Google Wave invitations available. I have posted this on many places on the internet, so I won’t be upset this time about outsiders.

Comment with your GMail address to get one.

Revision: I am out of Google Wave invites until further notice. I will post again once I receive more invitations.

Here is my second project on the Arduino.

I had the idea to expand the LCD project that I previously posted here to add a little bit of customization.

What I did was set it up so that I could type in text on a web page (remotely) and have it show up on the Arduino.

I set up a small PHP script that will allow you to enter text, which is then saved to a text file. I run a Python script that checks that file for changes every ten seconds. If it detects changes, it will write VIA serial to the Arduino and give it the text to send.

Below is a video demonstration. See it on YouTube here.

Here is the code:

index.php:

<?php

$filename = “lcd.txt”;

?>

Insert text to show on the arduino LCD:

<form method=”GET”>
<input type=”text” name=”textToShow” />
<input type=”submit” value=”Submit” />
</form>

<?php

if(isset($_GET['textToShow'])){

?>

<br /><br />
The following text should be displayed on the LCD:

<?php

echo $_GET['textToShow'];

$file = fopen($filename, “w”);
fwrite($file, $_GET['textToShow']);
fclose($file);

}

?>

<br /><br />
To see the contents of <?=$filename;?>, click <a href=”<?=$filename;?>”>here</a>.

serialChecker.py:

import serial
import time
import urllib

# Create serial connection to arduino
ser = serial.Serial(‘COM4′, 9600, timeout=0)
url = ‘link-to-lcd.txt (can be remote)’
previousMessage = ”;

while(True):
message = urllib.urlopen(url).read()
if(previousMessage != message):
ser.write(message)
previousMessage = message
print message
time.sleep(10)

Arduino Code:

#include <LiquidCrystal.h>

// LiquidCrystal display with:
// RS, EN, D4, D5, D6, D7
// or: RS, R/W, EN, D4, D5, D6, D7
// or: RS, EN, D0, D1, D2, D3, D4, D5, D6, D7
// or: RS, R/W, EN, D0, D1, D2, D3, D4, D5, D6, D7

// In this case, the minimum: RS, EN, D4, D5, D6, D7
LiquidCrystal lcd(7, 8, 9, 10, 11, 12);

void setup()
{
Serial.begin(9600);

lcd.begin(2,16);
}

void loop()
{
if(Serial.available() > 0){
lcd.clear();
lcd.setCursor(0,0);

for(int i = 0; Serial.available() > 0; i++){
if(i == 16){
lcd.setCursor(0,1);
}
lcd.print(Serial.read(), BYTE);
}
}
delay(1000);
}

Connectify is a new program that turns your Windows 7 PC into a Wi-Fi hotspot. It’s interesting because Microsoft had announced that this feature would be built into Windows 7 on release, but never got around to finishing it. Interestingly, enough code was left in the operating system to make it easy to code a program to implement what Microsoft had originally intended to do.

It’s possible to run your PC as a Wi-Fi hotspot if you don’t run Windows 7, but it is pretty difficult.

I’m interested to see if this actually runs in station (SoftAP) mode or in ad-hoc mode. We will see.

Connectify is a free beta download, though I wouldn’t be surprised if they charge once the final version is released.

I will be giving out 8 Google Wave invitations. The first 8 people who post comments here using their GMail address as the contact for the comment will get them.

I apologize for those who read my blog regularly. Someone posted this at Overclockers UK and sent a bunch of people who have never even seen my blog over here. It was a low move and I will find ways to make it more fair next time.

Yes, this means that I am out of nominations.

Since I’ve been fooling around with an Arduino in Windows 7 (64-bit if it matters), I figured I would share some tips to help get the compiler to work properly and the drivers to work.

First off, download Arduino .0017. If you run it, you will notice that it works properly, but graphical glitches exist in it. To get rid of these, download the latest JRE in 32-bit (even if you run 64-bit). Copy the Java folder from Program Files. Then, delete the Java folder in the Arduino folder and replace it with the one from your Program Files. This will fix it. (it’s possible that just deleting the Java folder from the Arduino folder will work; so long as java.exe is in your PATH variable)

Another thing you may encounter is that either the drivers don’t work properly or your computer hard crashes (e.g. no bluescreen, just a total freeze; can’t even move the mouse) after you upload a few times to your Arduino. To fix this, download the drivers from this page and install them:
http://www.ftdichip.com/Drivers/VCP.htm

There, I saved you the time I took to figure these idiosyncrasies out (e.g. the time I spent on Google). :-/

I’ve been playing around with the great Arduino kit I recently purchased. It has been a great learning experience so far — and surprisingly easy to use. I have completed my first “project” (although I do hope to expand it in the future). Below is a YouTube video I made for it (yuck, I hate youtube!) and below that is a higher-quality video.

Higher Quality Video