Author: Martin

The Nibbler 4-Bit CPU Project – Flashing The ROMs

Tl866a-flash-hardwareThere we go, soldering the Nibbler circuit board is almost complete. One thing I've never done before, however, is to flash ROM chips, which is required for the two Microcode ROMs and the program ROM. In other words, that part is black magic tor me. But even black magic can be tackled given the right equipment.

In my case I bought a TL866A Flash programmer which seems to flash pretty much every Flash and EPROM on the planet. Having ordered it at a store in Germany it cost me around 90 euros. Yes, I know, it can be had for much less via eBay straight out of Hong Kong, but I wanted to have it quick and hassle free. I expected some major hardware Vodoo before the microcode and programs would end up in the ROM chips but the whole process was surprisingly hassle free. Selecting the IC type, selecting the ".bin" binary file to be flashed which just has to be the same size or smaller than what the Flash or ROM chip can handle and then pressing the "Program" button and the job was done in 10 seconds per IC. The software also lets one read the IC to verify afterward if program has actually ended up on it.

Flash-programmer-screenshotEverything looks good now, my 3 ICs are programmed so I'm ready to go. The two images on the left show the TL866A Flash programmer connected to the PC and a screenshot of the software. Obviously I immediately got comments from friends pointing out that I've strayed from my "Linux-only" on the desktop at home approach. Agreed, a small "OS sin" on my part but since it was my first time I didn't want to start using the hardware via Windows in a virtual machine. Now that I know how things work, I'm pretty confident that that would work as well, so the "OS sin" would at least be jailed in a virtual machine 🙂

5G Above 5GHz – More Than Just A Few Meters?

Last month I had a post about 5G heavily relying on spectrum beyond 5 GHz and the catch that today's consumer devices using such spectrum can only cover a few meters. In other words, using spectrum in the 30 or even 70 GHz range (called millimiter-waves, or mmW for short) won't work for cellular networks where base stations are several hundreds of meters apart from each other even in dense population areas. Fortunately, not everybody agrees.

After I posted my article I was made me aware of this very interesting IEEE article in which the authors describe their study of how such ultra high frequency ranges could become usable in a cellular environment. Their conclusion, based on experiments in a real environment, is that by using a high number of tiny antennas for beamforming in mobile devices and base stations, it's possible to overcome the high attenuation of the air interface in the 30 and 70 GHz bands and thus significantly increase the transmission range. They predict that the combination of beamforming and using large 1 GHz carriers can increase overall air interface capacity by an order of a magnitude compared to the 20 MHz carriers used for LTE today.

As antennas are small, a space in a smartphone of 1.5 to 1.5 centimeters could hold 16+ tiny antennas which would be enough to achieve the desired beamforming effect. The authors note, however, that with the current approach of treating each signal path separately it is not feasible to process so many inputs and outputs and that new methods have to be found, especially on the smartphone side, to master this new level of complexity while keeping the amount of energy necessary for the processing in check.

Another challenge pointed out by the authors is indoor coverage, because even with beamforming, millimeter waves are still not penetrating walls and other solid obstacles well. In other words, mmW base stations must also be put inside buildings to also go beyond today's data rates there. In many cases it's unlikely that several operators can deploy their mmW equipment inside a single building so the authors note that a new business model might be required where a third party offers mmW access equipment for interconnection to traditional mobile backhaul networks.

While beamforming holds the solution to extending the range of millimeter-wave systems to usable distances one issue that is created by this is how synchronization and broadcast channels that have to be transmitted omnidirectionally can reach devices. In addition, the channel state from and to each device needs to be continuously tracked in order to keep the beams aligned to individual devices. This is likely going to impact a device's power saving abilities as the transmitter can't be off for long periods even if no data has to be transmitted.

The authors list many further points that have to be considered due to the completely different nature of using mmW in combination with beamforming compared to today's LTE systems. It's by far not a drive-by read so bring some time if you want to explore the paper, it's definitely worth it.

Thanks to Guy Daniels for pointing this the paper via his article on the topic here!

 

The Nibbler 4-Bit CPU Project – Soldering Things Together

Nibbler-solderingA few days ago, the printed circuit board (PCB) for my 4-bit do-it-yourself CPU project has arrived. The next step was to get the parts together. That's a bit of a tricky thing as many components, especially the 74HC181 chip that implements the Arithmetic Logic Unit (ALU), while having been quite popular in the 1970's, are a bit on the antique side these days.

In the end, I bought the parts in 3 different stores. Most of the parts came from Digikey in the US and I was surprised how fast they delivered. I ordered on a Monday evening European time and the parts were delivered two days later on Wednesday morning. As I was ordering parts for more than 65 euros, delivery to Europe was free of charge and Digikey took care of customs procedures, taxes. etc. An incredible turn-around time, looks their logistics are quite optimized.

Other, more common parts, like most logic chips came from an electronics store in Germany with an equally impressive turn-around time. The 74HC181 ALU IC was a special case, neither Digikey nor the German electronics store had that part in stock. Thanks to Google, I was able to find the ALU at Darisus, another electronics mail delivery company in Germany that had it in stock. All parcels arrived Wednesday so I was set to go in less than two days. Quite a difference to the days when you ordered by mail and expected a response a week or two later…

The picture on the left shows my current progress. Most parts and the IC sockets are already soldered, the next step is to flash the microcode- and the program ROMs.

3G Mobile Video Calls Are Dead – Long Live Mobile Video Calls

Incredible, I made my first video call only or already a decade ago, depending on how you look at it. At the time I was convinced it would become a mass market phenomenon once more people had 3G phones. It didn't really work out like that, however, and I have to admit that the service never really became popular, perhaps because most network operators massively overpriced the service and failed to continuously innovate and evolve the service.

Today, 3G video calling is still in the same state as it was 10 years ago. For today's devices the resolution and frame rate of the video is far too low and picture quality on the large screens of today's devices is far from what people expect. In the meantime some network operators have even given up on the service entirely and have begun blocking the service for new subscriptions.

But I'm glad that others haven't given up and have continued to innovate. Facetime on mobile has reached some popularity, e.g. see my post from New York from back in 2011. Personally, I use Skype for smartphone and tablet video telephony. Over LTE and even 3G, the video resolution and frame rates are fantastic. These days, I'm seeing more and more people engaged in video calling, especially at airports. Still a niche when compared to the billions of voice minutes generated every day, I agree, but nevertheless quite mature and useful today.

Book Review: CHRONOS

ChronosApart from books on computing history, well written techno-thrillers are another favorite of mine. I’m quite picky when it comes to this genre and I can’t stand novels with unrealistic plots or technology descriptions. Quite some time has passed since I read a techno-thriller so I was glad when William Hern, a long time colleague of mine approached me earlier this year and asked me if I was interested in proof-reading the novel he was working on.

The book’s called “CHRONOS” and the plot is as geeky and realistic as it can possibly be in a techno-thriller. The book starts with a quote that so very much describes the real world that I have to repeat it here:

“… most of the people in this world accept the fruits of technology in about the same way as a kitten accepts milk”

Jerry Pournelle

I could start talking about the story line now but as it twists and turns right from the beginning I would just end up writing a spoiler. So I won’t and just leave you with my recommendation that if you are into realistic techno-thrillers, want to learn a few interesting things along the way and if you know or do not know who Satoshi Nakamoto is, this is the book for you. Ups, already a spoiler right there…

Have fun!

Old DVDs And New Drives Don’t Make A Good Pair – Hello Old PC

Optical DVD drives are getting out of fashion in notebooks these days. In theory, that's not a bad thing as it saves space and weight and one can always buy an external USB DVD drive for a few euros should one really need one. The problem is that those I tried in recent weeks are of such bad quality that they fail to read many of the DVDs and CDs I wanted to read.

Read issues often do not appear at first when inserting a CD or DVD but only later when I'm already halfway or two thirds through the content. Sometimes, a DVD that can't be fully read in one drive but works o.k. in another and vice versa. Sometimes a DVD fails in both but at different locations. Quite a mess.

But then I remembered that I have a 15 year old PC still standing around in the corner with 2 DVD drivers from back then, solidly built and quite expensive at the time. Despite their age, though, they've so far been able to read each and every DVD and CD that was partially unreadable on those crappy USB connected DVD drives for a couple of euros.

Perhaps it's time to convert my CDs and DVDs while that computer still works…

The Nibbler 4-Bit CPU PCB Has Arrived

Nibbler-pcb-smLast month, I've reported about a great 4-Bit Self-Made CPU project called "The Nibbler". It continues to fascinate me as the tools that are freely available such as an assembler and a simulator for it help me to get a deeper understanding of how "computers" work at their core. But while simulating the CPU is great fun I'd really like to build the real thing myself. Wire wrapping is not my thing so I went ahead and ordered the printed circuit board for self assembly. Despite being shipped out of Canada it only took a week to arrive. I was quick to order it because there were only a few left. In the meantime the PCB is sold out but there's a waiting list. I guess if there are enough requests there might be second batch. Great, now the hunt for the parts begins 🙂

HTTPS Public Key Pinning (HPKP) Is Great – But Mobile Support Is Only Half Baked So Far

A couple of months ago, Chrome, Firefox and perhaps other browser have begun to 'pin' the HTTPS certificates used by Google, Twitter and others for their web pages. This significantly improves security for these web pages as their certificates can no longer be signed by any of the hundreds of Certificate Authorities (CAs) that are trusted by web browsers but only by one or a few select ones. So far, this functionality was part of the web browser's code. Recently, however, most desktop and mobile browsers have added support for the generic HTTPS Public Key Pinning (HPKP) method standardized in RFC 7469 that enables any HTTPS protected web site to do the same. Time for me to add it to my Owncloud and Selfoss servers too to protect myself from man-in-the-middle attacks.

HPKP-headerHPKP works by adding a public key pin header string to the HTTP response header section that is returned to the web browser each time a web page is loaded. On first request, the web browser stores these and whenever the page from the same domain is loaded again afterward compares the hashes of the HTTPS certificate it receives with those previously stored. If they don't match the page load process is aborted and an error message is shown to the user that can't be overridden. For the details of how to generate the hashes and how to configure your webserver have a look here and here.

The first screenshot on the left (taken from Firefox'es Webdeveloper Network console) shows how the public key pin looks like in the HTTPS response header of my web server. In my case I set the validity of the pinning to 86400 seconds, i.e. to one day. This is long enough for me as I access my Owncloud and Selfoss servers several times a day. As I don't change my certificate very often I decided not to pin one of the CA certificates in the chain of trust but be even more restrictive and pin my own certificate at the end of the chain.

On the PC I successfully verified that Firefox stores the pin hashes and blocks access to my servers by first supplying a valid certificate and a corresponding public pin hash and then removing the pin header and supplying a different valid certificate. Even after closing and reopening the browser, access was still blocked and I could only access my Owncloud instance again after I reinstated the original certificate again. Beautiful.

Opera-hkpk-errorOn Android, I tried the same with Firefox Mobile and Opera Mobile. At first I was elated as both browsers block access when I used a valid certificate that was different from the one I pinned before. The second screenshot on the left shows how Opera Mobile blocks access. Unfortunately, however, both browsers only seem to store the pin hashes in memory. After restarting them, both allowed access to the server again. That's a real pity as Android frequently terminates my browser when I switch to other large apps. That's more than an unfortunate oversight, that's a real security issue!

I've opened bug reports for both Firefox and Opera mobile so let's see how long it takes them to implement the functionality properly.

Stagefright 2 – And Nobody Cares?

News is inflationary… Back in August there was a big wave in the press when it was discovered that Android, through all versions, had a couple of pretty serious remote code execution and privilege escalation vulnerabilities in the libstragefright libraries which are called every time a video is shown or previewed. The wave was as big as it was as the vulnerabilities are easily exploitable from the outside by embedding videos in web pages or messages. Device companies promised to patch their devices in a timely fashion and promised to change they way security patching would be done in the future. For some devices this has even happened, but for many older devices (read 2+ years old) nothing was done. But since the news broke, things have calmed down again. Then, in early October, another batch of serious Stagefright issues was discovered that are as exploitable as the first ones. This time, however, the echo was quite faint.

It really makes me wonder why!? Perhaps this is a result of the vulnerabilities not having been exploited on a large scale so far? Which makes me wonder why not, black hats are usually quite quick to exploit things like that. Does nobody know what to do with smartphones under their control? Or perhaps the bad guys are not yet familiar with coding in assembly language on ARM and how to use the Google Android API? If so then the latest episode was perhaps one of the final warning shots before things get real. Let's hope the good guys use the time well to fortify the castle.

On the positive side, Google has patched the vulnerable code in the meantime and so did CyanogenMod, so my devices are patched.

The Politics Behind LTE-Unlicensed

For some time now, interested companies in 3GPP are pushing for an extension to the LTE specifications to make the technology also usable as an air interface technology for the 5 MHz unlicensed band, currently the domain of Wi-Fi and other radio technologies for which no license is required to operate (i.e. it's free for everyone to use). I wrote about the technology aspects of this earlier this year so have a look there for the details. Apart from the technical side, however, another interesting topic is the politics behind LTE-Unlicensed as not everybody seems to be thrilled by LTE marching into unlicensed territory.

Some parties in 3GPP are totally against LTE becoming usable in an unlicensed band, fearing competition from companies that haven't paid hundreds of millions for beachfront spectrum property. Some cautiously support it in it's current incarnation, which is referred to as LTE-LAA (License Assisted Access), as it requires an LTE carrier in a licensed band to control transmission of an LTE carrier in an unlicensed band. In effect that keeps the would be upstart competition at bay. And then there are those who want to completely release the breaks and extend LTE to make it usable in a standalone way in unlicensed bands. Perfectly irreconcilable. I'm writing all of this because I recently came across an article that sheds some light on what's going on which I found quite interesting.