Elektro Ljubljana power outages

22.02.2014 17:50

Today is Open Data Day. Unfortunately our little local group didn't have an organized event this year, so I thought I would contribute by releasing a little project of my own.

During the glaze ice disaster this month I've been collecting data from Elektro Ljubljana to share with family and friends living on the affected areas and keep them up-to-date with the situation.

Elektro Ljubljana is one of the larger distributors of electrical energy in Slovenia. It maintains the distribution infrastructure in the central and southern regions of the country, including our capital city Ljubljana. They cover 36% of the population according to their website. From the beginning of the crisis they have been publishing reports on the state of their infrastructure several times per day. They continue to do so, since emergency crews still haven't been able to reach some damaged parts of their network.

Distribution network of Elektro Ljubljana

Image by Elektro Ljubljana d.d.

I've downloaded these hand-written reports and converted them into machine-readable JSON format through a hastily written Python scraper (not proud of parsing HTML with regular expressions, but I've been in a hurry). The data starts at the first report on January 31 and continues to the latest report published today.

You can get the extracted data on GitHub as well as scripts that have been used to extract it:

$ git clone https://github.com/avian2/elektro-ljubljana-outages.git

The following graph shows the number of clients without electrical power (red), affected transformer stations in the whole network (green) and affected transformer stations in the Logatec region (where, in addition to my family, also the Log-a-tec network resides):

Elektro Ljubljana outages due to glaze ice

The animation below shows the development of the outages over time. The color of each region shows the number of transformer stations without power. It would be better if the percentage of affected stations would be shown, but unfortunately I do not have data on the total number of stations in each region.

Posted by Tomaž | Categories: Life | Comments »

Story of ice and more ice

20.02.2014 21:36

As you might have heard, the beginning of February has been kind of crazy regarding weather.

I spent the last week of January with my parents in Austrian alps, enjoying a vacation away from the grid. During the days when we were planning to travel back home more than 2 meters of snow fell in the south of the country. This record snow-fall was too much even for the industrious Austrian road services and all connections with Slovenia were closed. We were lucky to be able to wait it out a warm place.

When the Austrian roads cleared on Saturday we headed home. Unfortunately, the worst was still waiting for us on the other side of the border. When we arrived at my parents', the country was covered in perhaps half-meter snow and encased in an inch or so of ice. Trees were already falling due to heavy glaze ice and we narrowly escaped a trunk falling on the road. It took picks and dirt shovels and heavy work until nightfall to dig ourselves through the snow and ice on the driveway to the house.

That evening first the cable TV went dark and soon after that the power grid. The night was something straight out of a nightmare. It wasn't a storm. Just a persistent slow drizzle freezing on everything it touched. There were constant flashes of incredibly bright blue-green light reflected from the overcast sky. Some close, some far away, from shorted transmission lines. The neighbor's house alarm was triggered by the loss of power and then died down. After that the only thing that could be heard from the dark were loud cracks from trees splintering under the weight of ice.

The next morning there was hardly a tree still standing on my parents' yard. The ice was still thickening and wouldn't clear for a week. Most of the country was in state of emergency due to closed roads and destroyed electrical transmission lines. Logatec, city my parents live in, was among the ones that were hit the hardest by ice.

Glaze ice in Logatec

It's a scary feeling to be in a situation like that. The local supermarket opened running on an emergency generator. We were let in through the staff entrance in the back. It was dark, with only the cash registers powered up. The refrigerators with frozen goods were locked. A customer was yelling loudly at a lady behind the counter how outraged he was that he couldn't get fresh bread. I kept thinking whether I should buy more food than usual in case this situation will last more than a few days and whether that would look weird.

It's amazing to what degree we take electric power for granted today. Water and heat run out surprisingly fast without it. Checking for announcements on local government web site becomes highly nontrivial when the battery in your mobile phone runs down and later when the generator at the GSM base station runs out of fuel. Surprisingly, the only service that was working almost without interruptions, at least at my parents' house, was the telephone land-line.

In the age of electric stoves and kilowatt hair dryers mere 2 kW from a generator is preciously little. Even when you think you have everything prepared for an emergency there are still surprises. My father bought a generator exactly for a contingency like this. He serviced it yearly and kept it in good order, but it still took a few overhauls until it was running smoothly under the load of the central heating system. Many people found out that their generators were out of oil or fuel after a few years of gathering dust.

The server handling this website, my mail and a few other services was also knocked off-line. I had an automated duplicity backup, which I regularly used to restore an odd file or two. I was confident that I could rely on it. When I tried restoring the full backup however I hit two bugs that made moving my things to other servers far less than trivial.

According to reports at the height of the crisis one-fifth of the country was without power and the distribution infrastructure in the Notranjska region was almost completely destroyed. While a temporary line was established to my parents' neighborhood after a week and a half, there are still frequent day-long outages.

Even though my place in Ljubljana never lost power, I now keep a few spare batteries and a battery powered FM radio in the top drawer. And I have even more respect for people I know that volunteered in local emergency services and did long shifts to help people in need.

Posted by Tomaž | Categories: Life | Comments »

On forgetting passphrases

01.01.2014 19:57

If you're using encryption to protect your mail and personal files you might find this lesson useful. This goes double if you are (like me) trying religiously to avoid any holes or bit rot in your personal project archive. The gist of it is that you will sooner or later forget a password or a passphrase that you are not actively using.

Consider the case of changing your expired GPG key. If you forget the passphrase for the expired GPG key, you will lose access to your old encrypted mail. It seems obvious in hindsight, but I only realized that after finding out that after a few months of disuse I am unable to recall the old passphrase. I had to say goodbye to an (admittedly small) part of my mail archive.

On a similar note, an encrypted home directory on an old computer will soon be a bag of random bits after you switch to a new machine and change your user password. If forgetting old passwords used to be easy to circumvent (with init=/bin/bash and other venerable tricks), it's impossible now unless you can recall the keyboard sequence from muscle memory. I thoroughly clean out old hardware that leaves my hands. However if a laptop just ends up sitting in a drawer somewhere I'm usually sloppy enough that I often need to lift some old project files from a disused disk drive.

It's easy to avoid this problem once you know it exists. You can write the old GPG passphrase down somewhere or even remove it from the old secret key, depending how concerned you are about the content of old mail. Or you can keep the passphrases for old keys in sync with the new key. And move files you want to retain from old hardware. That saves it from stuck disk bearings as well.

Posted by Tomaž | Categories: Life | Comments »

Jahresrückblick

21.12.2013 18:31

It is that season again that makes power-hungry notebooks double as lap warmers and is conductive to large hacker Congresses in the north. Before I go catch this year's last few deadlines, attend festivities with my family and then lose myself among the blinkenlights in Hamburg, I thought I might join the custom of writing a personal year review.

Well, it's been an unusual year.

If anything has marked it for me it has been travel around Europe. I am pretty sure that I did more kilometers by plane, car or train than in any other single year in my life. If I count only longer trips, I've been to Athens, Brussels, Cologne, Ghent, Ilmenau, Ludwigsburg, Munich, Paris and more places in northern Great Britain than I can remember. I visited most of these places because of my job at the Institute, others for less formal meetups or simply running away from it all for a while.

The list would even be one city longer if I weren't rushed to surgery at one point which left me grounded and limited to the neighborhood of my doctor's office for a month or so.

Maybe because of travel or other things, I found it hard to concentrate on any really important thing this year. I've noticed that my context switches are getting longer. I can hardly work on two serious projects on two consecutive days. Since this is hardly compatible with looming deadlines and overflowing lists of tasks it has led to a lot of frustration and burn out on my part. If it's an effect of trying to focus on harder problems now, it sure feels often like I'm just wasting time on unimportant details.

The Slovenian Open Data group has been a most welcome source of motivation when all other things seemed to move in a wrong way. It's incredibly inspiring to talk with people honestly doing their best to improve the world.

It's been the year when Kiberpipa was shut down and when I more or less lost contact with the Computer Museum.

A new Debian was released which in one way or another broke many work flows I have been using for years. It left a strong impression that desktop software is slowly going the way of the dodo. Together with the continuing confirmations of surveillance on the Internet it has contributed significantly to the feeling of impending doom and doubts regarding where technology is headed today.

Perhaps because of that I also spent more time than I want to admit on pastel colored cartoon ponies. Even though I occasionally fear that this subculture is all a massive viral marketing campaign it's been at times weirdly fascinating to explore. It was a fun way to forget more serious things for a while. It got me to experiment with drawing and writing fiction which was an interesting new experience, even if most of what I made is laughably unoriginal or has been described as too depressing.

"You're discussing cartoons while your country is falling apart" was a comment I once heard that probably contains more truth than I would wish and maybe sums it all up pretty well. 2013 for me has been mostly about vastly more ideas than time and energy to properly implement them and no good way to select that one idea out of nine that would be worth focusing on.

Posted by Tomaž | Categories: Life | Comments »

UHF receiver redesign

03.12.2013 16:10

I'm currently in the middle of designing a new version of the UHF receiver for VESNA sensor nodes. It has been over a year and a half since I designed the first version. In this time I learned a lot about spectrum sensing and so I now have a much better understanding of the state of the art in this field. It has been obvious for quite a while that the design needs to be upgraded in order to keep up with the latest research.

In this time also came to know the capabilities of the VESNA platform much better and can now work on a design that will have a much better match between what is done in hardware and what can be left to digital signal processing in software. The whole idea is to keep it as flexible as possible while staying compatible with low-powered systems like VESNA (and not go for a full-blown software-defined radio approach).

Unfortunately, this project of mine has been taking way too long, with work-related and personal things interfering at the most inconvenient times. Right now I'm optimistic that I will have the hardware design finalized by the end of the year.

Last Friday I should have had a presentation on the topic of the UHF receiver redesign for our research group at the Institute. Sadly I had to cancel, but I am now publishing the slides I prepared for it here.

SNE-ESHTER block diagram slide.

Get the slides in the PDF format.

Posted by Tomaž | Categories: Life | Comments »

VESNA reliability and failure modes

23.11.2013 22:08

As you might know from my previous writings and talks, Jožef Stefan Institute runs an experimental wireless communications testbed as part of an European FP7 CREW project. Testbed is located in Logatec, a small city around 30 km from Ljubljana is unimaginatively called Log-a-tec. It consists of 54 VESNA devices mounted outside on street lights.

Wireless sensor node in the Log-a-tec testbed.

Each node has 24-hour power supply, but no wired communication lines to other nodes. Instead it has three separate radios. One of them is used to connect to a ZigBee mesh network that is used for management purposes. The other two are used to set up experimental networks and perform various measurements of the usage of the radio frequency spectrum.

The testbed is divided into three separate clusters. One ZigBee coordinator node per cluster provides a gateway from the mesh network to the Internet.

Combined map of the Log-a-tec testbed.

The testbed was deployed in steps around June 2012. It has been operating continuously since and while its reliability has been patchy at best it has nevertheless supported several experiments.

In the near future we are planning the first major maintenance operation. Nodes that have failed since deployment have already been unmounted. They will have failed components replaced and will at one point be mounted back on their positions on street lights. Therefore I think now is the perfect time to look back at the last year and a half and see how well the testbed has been doing overall.

First, here are some basic reliability indicators for time between August 2012 and November 2013:

  • Average availability of nodes (ping): 44.6%
  • Average time between resets (uptime): 26 days
  • Number of nodes not seen once: 24% (= 13/54)

Following two graphs show availability and uptime per individual node, colored by cluster. 13 nodes that have never been seen on the network are not shown (they have 0% availability and 0 uptime). Also note that when a coordinator (node00) was down, that usually meant that the whole cluster was unreachable.

VESNA outdoor node availability from August 2012 to November 2013

VESNA outdoor node uptime from August 2012 to November 2013

I have also been working on diagnosing specific problems with failed nodes. Unfortunately because sometimes work has been somewhat rushed due to impending deadlines, my records are not as good as I would wish for. Hence I can't easily give an exact breakdown of how much downtime was due to what problem. If at one point I will have time to go through my mail archive and gather all my old notes I might write a more detailed report.

However, Since I am getting a lot of questions regarding what exactly went wrong with nodes, here is a more or less complete list of problems I found, divided between those that have been seen once and those that were occurring more frequently.

A box of unmounted VESNA sensor nodes.

Recurring failures, ordered roughly by severity:

  • Broken boxes. VESNA nodes have been mounted in boxes certified for outdoor use. Nevertheless, a lot of them have cracked since deployment. This often resulted in condensation and in at least one case a node that was submerged in water. A lot of other failures on this list were likely indirectly caused by this.
  • I have already written about problems with Atmel ZigBit modules. While intermittent serial line problems have been mostly worked around, the persistent corruption of ZigBit firmware was one of the most common reasons why a node would not be reachable on the network. A corrupted ZigBit module does not join the mesh and requires firmware reprogramming to restore, something that can not be done remotely.
  • There have been some problems with an old version of our network driver that would sometimes fall into an infinite loop while it kept resetting the watchdog. Since we have no means of remotely resetting a node in that case, this bug has caused a lot of downtime in the early days of deployment. It proved so hard to debug that I ended up rewriting the problematic part of the code from scratch.
  • Texas Instruments CC-series transceiver degradation. While this has not resulted in a node downtime (and is not counted in the statistics above) it has nonetheless rendered several nodes useless for experiments.
  • Failed microcontroller flash. Due to an unfortunate design of VESNA's bootloader, it reprograms a block of flash on each boot. For nodes that were rebooting frequently (often because of other problems) this feature commonly resulted in stuck bits and a failed node.
  • Failed SD card interface. For mass storage, VESNA uses an SD card and on several nodes it has become inoperable. Since the SD card itself can still be read on another device, I suspect the connector (which was not designed for outdoor use).
  • Failed MRAM interface. In addition to SD card there is a small amount of non-volatile MRAM on board and on several nodes it has failed for an unknown reason.
  • People unplugging UTP cables and other problems with Internet connectivity at the remote end beyond our control.

One-time failures:

  • Digi Connect ME module SSL implementation bug.
  • Failed Ethernet PHY on a Digi Connect ME module. While these two problems only occurred once each, they were responsible for a lot of downtime for the whole City center cluster.
  • Failed interrupt request line on a CC1101 transceiver. Unknown reason, could be bad soldering.
Posted by Tomaž | Categories: Life | Comments »

Masters of Doom

28.10.2013 19:16

Recently I finished reading Masters of Doom by David Kushner. It came on my radar because of a post on Hacker News that said this was a book that inspired Alexis Ohanian and Steve Huffman to make Reddit.

The story follows John Carmack and John Romero from childhood, through the founding of id software, later successes and failures of games they developed and concludes with the founding of Armadillo Aerospace. Compared to other books I read about ups and downs of US start-up companies (like The Facebook Effect or Dreaming in Code) it presents a more personal view of people in it. It often goes into first-person details of how someone felt about other people or the way some project was going. That makes for an interesting description of dynamics in a team and how they led their lives. It also makes me wonder how much of these details can genuinely be learned through interviews and how much has been added later to make for a more interesting read.

While this part of the book is quite well written in my opinion, the author fails horribly at describing technical details or any of Carmack's many breakthroughs in computer graphics. Even though I knew beforehand many details of id game engines I was constantly baffled by their descriptions in the book and went several times to Wikipedia to check my memory (by the way, the best description of Carmack's smooth-scrolling trick in Commander Keen I could find is on this Wikipedia talk page). Even more puzzling is the wrong explanation of gamer slang telefrag. Thankfully only a small part of the content is dedicated to technical topics, but it makes me wonder how such mistakes could have happened when the author describes himself in the epilogue as a hacker that was himself involved in the gaming culture.

In the end I still enjoyed reading the book. It included many events I remember reading about in magazines years back and presented them from the other point of view. The story also gives a quite good time line of events and gives a genuine impression of the amazing speed at which advances in technology happened at that time.

According to the book, Doom was half-jokingly made to be the number one cause of decreased productivity in businesses around the world. If designers of Reddit took that as inspiration for their website you could certainly say their success was along the same lines.

Posted by Tomaž | Categories: Life | Comments »

Comments closed

19.07.2013 9:38

Number of comments submitted to posts on this blog has gone through the roof recently as you can see on the graph below. Of course, practically all of these are spam. Unfortunately moderating this flood of crappy advertisements and link baits is now starting to take more of my time than I am willing to spend on it. Since I want to keep my little corner of the web a clean and friendly place I'm closing the comment submission until I come across some viable solution. In the mean time if you have a question or want to contribute something to one of my posts, feel free to sent me an email.

Number of submitted comments versus time.

While Akismet has been doing a pretty good job of automatically filtering comment spam for me, it's been letting a non-trivial amount of it through in the recent months. Considering the increase in volume, that might not even be due to decreased accuracy.

The kind of spam I'm seeing is kind of surprising. Spammer fetches the blog post that contains the comment submission form, submits a comment and fetches the post again to verify that his comment is visible. After these three HTTP requests the originating IP is never seen hitting my server again, making me think this is done via a botnet or some other distributed operation like that. There is no obvious sign of crawling so I don't know how they get the URLs to spam. They use realistic looking user agent headers and the only obvious difference to a real browser is that they don't fetch any of the resources (images, CSS, ...) referenced in the HTML document.

The content varies, but a lot of the comments I've been removing manually these days look like bug reports ("the sidebar is not rendering correctly on my browser", "search doesn't work" and such) that are only given away by the obvious keyword stuffing in the author name and the URL (or when they are complaining about bugs in features this website doesn't have). They target both new and old blog posts, so just shutting down comments on old posts doesn't seem to be a solution.

Posted by Tomaž | Categories: Life | Comments »

Missile Gap

13.07.2013 20:58

Recently I read Missile Gap by Charles Stross (first 9 chapters seem to be freely available on the web). It's a fascinating little hard-science fiction story that mixes Earth from the cold war era and a completely outrageous premise that the world has suddenly become a flat disc.

I can just imagine this started as a crazy idea in the form of "well, I wonder what would happen if the Earth was flat" and then brought to the logical conclusion, with the politics of the 70s thrown in to make for a more captivating story. I think Missile Gap shows in the best possible way how a science fiction story can start with a completely unbelievable event and then build a world and extrapolate a line of believable events around it that makes for an enjoyable read that doesn't force you to suspend the rational part of your mind. Many stories I come across these days have less outrageous plot devices, but then continue to break known laws of physics like crazy during their course.

What also kept me turning pages is the inclusion and logical continuation of quite real, but obscure research projects that both superpowers were working on at that time. For someone like me who has spent too many hours reading up on canceled concepts of nuclear powered airplanes and rockets this was like icing on a cake.

Visualization of Missile Gap by Charles Stross

Anyway, the other day I needed something to occupy my mind and having the book handy on my Kindle and an idle Python interpreter on my laptop, I drew the visualization above. It shows Missile Gap's 17 chapters in three colors, to show three separate personal stories the book revolves around. The length of the boxes is proportional to the number of words while the accumulative number of words is shown on the scale on the right (click on the image for a larger version).

Posted by Tomaž | Categories: Life | Comments »

SIGINT 2013

10.07.2013 22:47

Last weekend Jure and I visited this year's iteration of the SIGINT conference in Köln, Germany. SIGINT is a conference organized by the Chaos Computer Club and like the Chaos Computer Congress has a bit of history. Previous years it felt more like a local event and I didn't consider visiting it. This year however I decided to give it a try since the announcement gave the impression that they were aiming for a more international audience, for instance with the preference for English talks in the Call for papers.

SIGINT 2013 logo

At the first impression, the event looked much like a summer version of the Congress. Instead of one big hall the conference was split between two buildings with three lecture rooms, two halls and an obligatory basement hack center with copious amounts of reasonably priced Club Mate. Beyond the Fairy dust you could see some usual suspects from past winter events in Hamburg and Berlin like the All Colors Are Beautiful blinking IKEA boxes installation, Rarity hacked Brother embroidery machine and Nick Farr in his trademark suit.

The talks were a mix of social and political topics, computer security and various other curiosities that I came to expect from hacker conferences like this. The society track was unsurprisingly dominated by the recent leaks about United States data collection. From these I can recommend watching the keynote by Meredith L. Patterson and the Politics of Surveillance by Rainey Reitman. On the computer security topic there were perhaps a few more talks by people that can read x86 assembly by heart than you could find at 29C3 (where I believe a lot of this crowd opted to go to BerlinSides instead). Embedded device security nightmares and Car immobilizer hacking rang close to home for me. Also worth watching once the video recordings are published is the Secure Exploit Payload Staging which gives a good impression of how little trace someone can leave after breaking into your server. From the retro-computing scene, I liked the The DRM of Pacman talk about vintage hardware copy protection schemes in game cabinets of old. And finally, I thoroughly enjoyed the Making music with a C compiler lecture, which made me think again about the complex synthesizer I implemented on VESNA. By the way, slides for my lightning talk on that topic are already on-line, although the original blog post is probably more informative.

In conclusion, it was a nice event with an appropriately lazy pace for an extended summer weekend. My only complaint would be that the crowd felt less open than what I'm used to at the Congresses. It was hard to strike an English conversation with someone and looking back I didn't really had any interesting chats at the event beyond me asking a few stupid questions regarding projects exhibited in the hallways. I couldn't help overhearing a few comments regarding how different the event was compared to previous years, so perhaps it's just a sign that most people there were still used to a more local audience. In any case that's a completely subjective feeling and it's perfectly possible that I wasn't in my most sociable mood either. I'm starting to fear that I might have slightly overbooked my travel plans for this summer.

Posted by Tomaž | Categories: Life | Comments »

Decline and fall of Kiberpipa

08.06.2013 16:50

I guess by this time it's a well known fact around here that Ljubljana's hackerspace Kiberpipa has come to the end of its days, at least in its current place and form. A farewell party has been held, good byes have been said and all it remains now is to start unplugging the server rack.

If you haven't been following the news, the simple story is that Kiberpipa's parent organization twice removed decided to convert the place into a restaurant. Destruction of a hackerspace is merely a collateral damage in a grand scheme of converting an old building full of non-profit student and art organizations into a very for-profit hotel in a sweet spot near the center of the city. As it's usual in such cases there's also a back story that involves removing opposition through legalistic procedures and suspicions of personal interests. It was all done under cover and the community found this out only after the contracts have been signed through rumors, hearsay and digging through meeting minutes. An official statement has only been made when media started asking questions even though Kiberpipa had a representative that should be kept up to date with such things.

Kiberpipa storage room.

I'm not and never was involved in the internal politics of Kiberpipa's tenuous relationship with its masters. For me, Kiberpipa was foremost a place to go to after lectures and later after work where I could meet the kind of people that enjoyed idly chatting about technology and various other geeky topics instead of sports events and daily politics. As I was involved in Kiberpipa from the start I did use to have daily responsibilities there, like administration of servers and taking care of network security. Kiberpipa was also the place of my attempt at running a serious free software project. Many hours were spent at weird hours in a cramped server room and I learned a lot from these jobs, but unlike other hackerspaces, Kiberpipa's attractiveness was rarely about having access to equipment that I wouldn't have otherwise. It was foremost the social aspect that kept me returning to the place. I found many valuable personal connections that later led me to start ups and other interesting volunteering work.

That said, Kiberpipa never felt like a tightly knit community. People that frequented the place or used its name on projects were always divided into groups that did not communicate well with each other. Contrary to most other hackerspaces, Kiberpipa was from the start tied to a relatively large non-profit that ran several other, mostly artistic operations, under control of the Student organization of the University of Ljubljana. For majority of my time in Kiberpipa they were kind of a fuzzy entity that only showed itself only when it exercised its power over some official aspect of the organization or left the place in ruin after an unannounced party. Ties between the more technical hacker crowd and arts communities were rarely relaxed. Often there was an unusual reversal of roles where artists were the ones supplying money through various public grants and technical people perceived as moochers playing with their toys. In its early days there was also a strong political activism side to Kiberpipa with which I didn't particularly identify myself either.

Kiberpipa server room.

When a rare project that involved collaboration happened, it was often setup and discussed outside of general channels like the member's mailing list. It's not surprising then that in all years of its existence and numerous formal and less formal meetings and discussions it was never possible to come up with a mission statement or give an answer what Kiberpipa was that everyone would agree with.

Even with hindsight it's hard to say what could have been done differently. It's doubtful that Kiberpipa would be this successful without its partnership with the student organization that ultimately led to its destruction. It provided an accessible, rent-free place and connections to government subsidies that removed the need for membership fees. With them the place would certainly attract a lot less people. Kiberpipa's community also showed a lot of flexibility, changing over the years its external face from mostly being a free cybercafé to a place to go to for lectures and workshops about various topics. Part of this probably comes from the fact that the community never learned how to transfer knowledge between generations, but still it's impressive enough that comments can be heard from old members that they never though the place would survive for 13 years.

Kovchek, Kiberpipa's old mobile video streaming server.

Although I mostly kept myself in the background and had my share of conflicts and grief there, Kiberpipa has been a big part of my life and I'm sad to see it end like this. Things may not be as bad as they look though. The latest generation of Kiberpipa's members are looking for ways of continuing the story in an independent fashion and although I'm not actively involved in that effort I hear that the outlook is good. I'm usually too pessimistic in such writings anyway. For better or worse I am quite certain though that Kiberpipa 2.0 will be quite different from the dark and smelly open source cellar we started 13 years ago.

Posted by Tomaž | Categories: Life | Comments »

World wide wheel, reinventing of

09.05.2013 22:00

The direction browsers and web technology are moving these days truly baffles me. As usual in the software world, it's all about piling one shiny feature on top of another. Now, I'm not against shiny per se, but it seems that a lot of these innovations are by people that haven't even took an hour to look at the already existing body of knowledge and standards that has accumulated over the years. With the frenzy of rolling releases and implementation-is-the-standard hotness, it's not even surprising that those are then implemented by browsers before someone with a long enough beard can stand up and shout Hey! We already thought of that in this here RFC.

Take for example all the buzz about finally solving the problem with authentication on the web. Finally, there's a way to securely sign into a website without all the mess with hundreds of hard-for-me-to-remember yet easy-to-guess-by-the-cracker user name and password combinations. Wonderful. Except that this exact thing existed on the web since people did cave paintings and used Netscape to browse the web. It's called SSL client side certificates and, amazingly, worked well enough for on-line banking and government sites even before the invention of pottery and cloud-based identity providers.

But that's just the most glaring case. Another front where this madness continues is pushing things from the old HTTP headers to the fancy new HTML5. Take for example a proposal to add a HTML attribute that defines whether a browser should display something or save it to disk by default. This functionality has existed for ages in the form of a HTTP header, yet this is somehow dismissed as a server-side solution (what does that even mean?).

I wonder how many web developers today are even aware that there exists a mechanism for a client to tell the browser which language the user prefers (but we most certainly need the annoying language selection whole-screen pop-up-and-click-through!). Or that the client can tell the server whether it would rather have a PNG for downloading or a friendly HTML page for viewing in a browser (meh, we'll just fudge that with some magic on-click Javascript handlers).

Now I can see someone laughing and saying how ridiculous this idea is and if I have ever even tried to use one of those ancient features. No it's not, and I have. It's consistently painful. But it's only so because for some reason, browsers long ago decided to make the most horrible interface to such functionality imaginable to man and then forgot to ever fix it. Mostly it's hidden 10 levels down in some obscure dialog box and if banks wouldn't give you click-by-click instructions on how to import a certificate, 99% of people would give up after a few hours and continue chiseling clay tablets. Now imagine if a tenth of time spent in reinventing the wheel would be spent just improving the usability of existing features. Why can't I go to a web page and get a prompt: Hey! This web page wants you to login. Do you want me to use one of these existing certificates or generate a new, throw-away one?. World would be just a tiny bit better, believe me.

In the end, I think modern browsers have focused way too much on improving the situation for the remote web page they are displaying and neglected the local part around it. And I believe this direction is bad in the long run. Consider also the European cookie directive. I'm pretty sure this bizarre catch-22 situation where web pages are now required to manage cookie preferences for you would not be needed if browsers provided a sane interface for handling these preferences in the first place. My Firefox has three places (that I know of!) where I can set which websites are allowed to store persistent state on my computer. Plus it manages to regularly lose them, but that's a different story.

Posted by Tomaž | Categories: Life | Comments »

Cost of a Kindle server

01.05.2013 10:48

I was wondering how much running a Kindle as an always-on, underpowered Debian box was costing me in terms of electricity. So I plugged it into one of the Energycount 3000 devices and monitored its power consumption over the last 4 days. This took into account the power consumption of the Kindle as well as the efficiency of a small Nokia cell phone charger I'm using to power it.

ec3k reported an average power of 1.0 W (and maximum 2.6 W). Dividing the watt-seconds count with time also yielded 1 W to three decimal places. This nice round number makes me suspect that it's due to limited precision of the measurement, but let's consider it accurate for the moment.

1 W is equal to 0.72 kWh per month. With the current prices I'm paying for electricity this costs me 0.083 € per month. For comparison, a cup of synthetic-tasting coffee from a machine at work costs around twice as much and running my desktop machine all the time would be around a hundred times as expensive.

Posted by Tomaž | Categories: Life | Comments »

Interesting battery failure mode

28.04.2013 13:29

Thanks to my previous posts about Amazon Kindle, I have another broken specimen on my desk now. This one seems to have experienced an interesting battery failure.

Amazon Kindle 3 batteries

Kindle's battery has 4 terminals: ground, a positive terminal for power and SDA and SCL pins for I2C communication with the integrated battery management circuit. On a normal battery, the positive terminal is around 3.7 V above ground, depending on the charge level of the Li-ion cell and the I2C lines are on ground level, because they need external pull-ups.

This broken battery however has the positive terminal at 0 V compared to ground terminal while the I2C pins are at -2.5 V. I can't imagine what kind of failure mode could cause pins to go lower than ground, unless the polarity of the cell got reversed somehow. I don't see any way how a failure in the battery management circuit or a loose connection somewhere could cause such readings. I'm pretty sure it's not an artifact of my multimeter either, because the battery can draw some milliamps of current from the ground to one of the I2C pins. For the record, this looks like an original 1830 mAh battery. Date of manufacture is April 2011 and type is 170-1032-01 Rev. A.

The master I2C interface on the Kindle wasn't damaged though, because it boots and reads out battery state just fine when attached to a different battery. There does seem to be a problem with bad a connection somewhere on the motherboard, because it crashes if I lightly knock on the CPU package. Possibly a hairline crack in some solder joint. But that's a topic for some other time.

Posted by Tomaž | Categories: Life | Comments »

Contiki and libopencm3 licensing

19.03.2013 18:08

At the beginning of March a discussion started on Contiki mailing list regarding merging of a pull request by Jeff Ciesielski that added a port of Contiki to STM32 microcontrollers using the libopencm3 Cortex M3 peripherals library. The issue raised was the difference in licensing. While Contiki is available under the permissive BSD-style license, libopencm3 uses GNU Lesser General Public License version 3. Jeff's pull request was later reverted as the result of this discussion and was similar to my own effort a while ago that was also rejected due to libopencm3 license.

Both the thread on contiki-devel and later on libopencm3-devel might be an interesting read if you are into open source hardware because they exposed some valid concerns regarding firmware licensing. Two topics got the most attention: First, if you ship a device with a proprietary firmware that uses a LGPL library, what does the license actually require from you. And second, whether the anti-tivoization clause is still justified outside of the field of consumer electronics.

I'll try to summarize my understanding of the discussion and add a few comments.


Only the libopencm3-using STM32 port of the Contiki would be affected by LGPL. Builds for other targets would be unaffected by libopencm3 license and still be BSD licensed, since binaries would not be linked in any way with libopencm3. Still, it was seen as a problem that not all builds of Contiki would be licensed with the same license. Apart from added complexity, I don't see why that would be problematic. FFmpeg is an example of an existing project that has been operating in this way for some time now.

LGPL requires you to distribute any changes to the library under the same license and provide means of using your software with a different (possibly further modified) version of the library. The second requirement is simple to satisfy on systems that support dynamic linking. However this is very rare in microcontroller firmware. In this case, at the very least you have to provide binary object files for the proprietary part and a script that links them with the LGPL library into a working, statically-linked firmware.

I can see how this can be hard to comply with from the point of the typical firmware developer. Such linking requires an unusual build process that might be hard to setup in IDEs. Additionally, modern visual tools often hide the object files and linking details completely. Using proprietary compilers it might even be impossible to have any kind of portable binary objects. In any way, this is seen by some as enough of a hurdle to make reimplementation of LGPL code easier than complying with the license.

From this point of view, GPL and LGPL licenses don't seem to have a lot of difference in practice (note that libopencm3 already switched from GPL to LGPL to address concerns that it should be easier to use in commercial products). SDCC project solved this problem by adding a special exception to the GPL.


The other issue was the anti-tivoization clause. This clause was added to the third revision of the GNU public licenses to ensure that freedom to modify software can't be restricted by hardware devices that do cryptographic signature verification. This was mostly a response to the practice in consumer electronics where free software was used to enable business models that depended on anti-features, like DRM, and hence required unmodifiable software to be viable. However in microcontroller firmware there might be reasons for locking down firmware reprogramming that are easier to justify from engineering and moral standpoints.

First such case was where software modification can enable fraud (for instance energy meters) or make the device illegal to use (for instance due to FCC requirements for radio equipment) or both. In a lot of these cases however there is a very simple answer: if the user does not own the device (as is usually the case for metering equipment), no license requires the owner to enable software modification or even disclose the source code. Where that is not the case, usually the technical means are only one part of the story. The user can be bound by a contract not to change particular aspects of the device and subject to inspections. The anti-tivoization clause also does not prevent tampering indicators. However it might be that in some cases software covered by anti-tivoization might simply not be usable in practice.

The other case was where changed firmware can have harmful effects. Some strong opinions were voiced that people hacking firmware on certain dangerous devices can not know enough not to be a danger to their surroundings. This is certainly a valid concern, but the question I see is, why suddenly draw the line at firmware modification?

Search the web and you will find cases where using a wrong driver on a laptop can lead to the thing catching fire, which can certainly lead to injuries. Does that mean that people should not be allowed to modify operating system on their computers? A similar argument was made years ago in computer security, but I believe it has been proved enough times by now that manufacturers of proprietary software are not always the most knowledgeable about their products. I am sure that every device that can be made harmful with a firmware update can be done so much easier with a screwdriver.

In general, artificially limiting the number of people tinkering with your products will limit the number of people doing harmful things, but also limit the number of people doing useful modifications. A lot of hardware that was found to be easily modifiable has been adopted for research purposes in much more fancy institutions than your local hackerspace.

I haven't been involved in the design of any truly dangerous product, so perhaps I can't really have an opinion about this. However I do believe that responsibility of a designer of such products ends with a clear and unambiguous warnings as to the dangers of modification or bypassing of safety features.

Posted by Tomaž | Categories: Life | Comments »