It's just that I object folks who would be good community contributors being lured into being unpaid employees instead.
Say how do feel about idiots working for corporations contractually enmeshed with the US military-industrial-surveillance complex. Why no spittle-laced hate for them?
The GNU Radio project was funded in part by a United States intelligence agency. They paid good money and the result is under GPL. What's not to like?
Compare-and-exchange and mfence would be doing cache flush all of the way to RAM and global cache line invalidation, wouldn't they? So, they can potentially be used to hammer too.
Multi-threaded programs really do need those cache flushes to implement their interprocessor communications, don't they? It seems to me that they would be the ones most likely to hit this problem.
It has yet to be established whether hammer techniques can result in a correct data+ECC pattern. If so, it should be possible to permute the memory in a way that defeats this, either on the memory module or the memory controller.
That would make a good research paper for someone.
Yes, you beat me to it. A correctly-configured ECC motherboard with real ECC memory would defeat this. Watch out for fake ECC memory that just simulates the correction bits.
Once memory starts being vulnerable to row interference, having a machine without ECC becomes much more dangerous, regardless of this exploit.
You have the Part 15 and ISM services for that. You really can buy a microwave link that's metropolitan-distance and legal to use.
We lost much of our 440 capability to PAVE PAWS in California. Remember, Amateur Radio is not the primary service on many bands. The military is on 440.
If you want that nearly infinite microwave spectrum, you have the Part 15 and ISM services. Absolutely nothing is stopping you. Power is not the issue with those frequencies, it's line of sight and Fresnel zones.
No, I absolutely do not have to prefix my words with anything. You do that by posting as an anonymous coward. I use my real name to indicate that I stand behind my words.
OK, no real technical data and some absurd claims here.
First all-digital transceiver? No. There have been others. Especially if you allow them to have a DAC and an ADC and no other components in the analog domain, but even without that, there are lots of IoT-class radios with direct-to-digital detectors and digital outputs directly to the antenna. You might have one in your car remote (mine is two-way).
And they have to use patented algorithms? Everybody else can get along with well-known technology old enough that any applicable patents are long expired.
It would be nicer if there was some information about what they are actually doing. If they really have patented it, there's no reason to hold back.
With luck, they'll start incorporating our radio transceivers. I hear that SpaceX flies with several USRPs now, so that's not completely unrealistic. That might be as close as I can get. Anyone who can get me a base invitation, though, would be greatly appreciated and I'd be happy to do some entertaining speeches while there. I need a base invite for Vandenberg, too. I got in to the official viewing site for the first try of the last launch (and that scrubbed too), but this next one is on Pad 6.
I was in Florida to speak at Orlando Hamcation and went to see the DISCOVR launch at Kennedy Space Center. I paid $50 to be at LC-39 for the launch, an observation tower made from a disused gantry on the Nasa Causeway between the pads and the Vehicle Assembly Building. A crawler was parked next door! A hot sandwich buffet, chips, and sodas were served. It was cold and windy! I watched for a few hours and unfortunately the launch scrubbed due to high stratospheric winds.
The next day, Delaware North Corporation, which operates tourism at KSC, decided not to open LC-39 or the Saturn 5 center for the launch. This was the third launch attempt and I guess they decided most people had left. I was annoyed.
The closest beach was going to be closed in the evening, it's a sensitive ecological area. I ended up seeing the launch from Jetty Park. This turned out not to be such a great location, the tower wasn't visible at all and the first 10 seconds of the rocket in flight were obscured before we saw it over a hill.
Test equipment is allowed to transmit and receive on those frequencies. If it looks like a radio, it can't. I have a number of cellular testers hanging around here that can act like base stations, mostly because I buy them used as spectrum analyzers and never use the (obsolete) cellular facilities. Government has different rules regarding what it can and can't do in the name of law enforcement, although FCC has been very reluctant to allow them to use cellular jammers.
If you can afford it, something from Ettus would better suit your application.
We think after we build this new PCB we can go for the croudfunded manufacturing run. It's mostly surface-mount, and we expect to sell assembled boards in this run, and then the next version will be fully-packaged radios.
Matt Ettus has a story about a Chinese cloner of the USRP. The guy tells Chinese customers that it is illegal for them to buy from Ettus, they must buy from the cloner instead. Then, when they have problems and require serivce, he tells them to get it from Ettus. Who of course made nothing from their device sales and can not afford to service them.
This is not following the rules of Open anything. It's counterfeiting.
So, sometimes it is necessary to change the license a little so that you will not be a chump. I discussed the fact that the hardware is fully disclosed but not Open Hardware licensed with RMS, the software is 100% Free Software, and there is a regulatory chip you can't write. We can go for Respects Your Freedom certification that way..
I've paid my dues as far as "Open" is concerned, and Chris has too. This is all we can give you this time.
The case selection was so that we'd have at least one case that would work. We did not take much time on it. We'd be happy to have other people designing and selling cases.
The version after this one requires cases that look like real radios. That is going to be a bigger problem. We don't yet have a mold-design partner, etc.
We implement it as a chip that intercepts the serial bus to the VFO chip, and disallows certain frequencies. On FCC-certified equipment we might have to make that chip and the VFO chip physically difficult to get at by potting them or something. This first unit is test-equipment and does not have the limitation.
Anyone who is good at electronics can get around regulatory lockouts. We're not allowed to make it easy. But nor are we technically able to make it impossible.
U.S. regulation only allows Part 95 certified radios to be used on GMRS, and Part 95 requires that the radio be pretty well locked down. But all of those Asian imports are certified for Part 90 and there are lots of users putting them on both Amateur and GMRS. If FCC wanted to push the issue with any particular licensee, they could.
The D-STAR issue is not really ICOM's fault. JARL designed D-STAR (not ICOM) and put the AMBE codec in it because nobody believed that you could have a good open codec at the time. We now have Codec2 (a project I evangelized and recruited the developer) which is fully open. And we do have a software AMBE decoder in Open Source, although the patents won't let us use it. That is why I am working on the patent issue (as noted in the last slide of the presentation).
I know about the counterfeit FTDI chips, and Matt Ettus told me what has happened with the Chinese clone of USRP. We know what to do.
And it's because of No-Code. We looked at the licensing statistics and thought we'd preside over the end of Amateur Radio in our own lifetimes. That's the main reason I worked on no-code. There was really strong opposition among the old contingent, and ARRL fought to preserve the code for as long as they could. Someone even asked me to let Amateur Radio die with dignity rather than sully it with no-code hams. Gee, I am glad that fight is over.
Though a nice compromise might be to allow such things in certain bands only.
That is why there are different radio services. Hams really only have a few corners here and there of the radio spectrum. There really is a service for everyone, although you should be aware that the entire HF spectrum would fit in a few WiFi channels, and all of the Amateur HF spectrum would fit in one. So, we don't really have the bandwidth at all. And people who want the bandwidth on UHF already have WiFi and the various sorts of RF links, etc.
The internet really sucks and we don't want another one on ham radio. Nor could we possibly have the bandwidth to support one. The entire HF spectrum fits in just a few WiFi channels.
To satisfy the demands of the "it should be anything goes" crowd, we have CB radio. And there are all of the common carriers, etc.
So, I can't sympathize, and even if I did, there are not the technical resources there.
I am afraid that's not the way it works. Public-key encryption doesn't really give you the capability to decode the communication of two other parties unless you get the secret (rather than public) key, which they have no reason to give you. There is also a session key that is randomly generated and lives only for the duration of the connection, and there is the potential for VPNs or tunneling that further obscure the actual communication. It's actually very difficult for a monitoring station to even get 100% of the packets reliably, although the two stations in the communication do get them. So you may not be able to reconstruct all of the bits in the stream, and this will break decryption too.
All of this adds up to so many technical hurdles that in practice you have to be NSA to decode the communication, hams who are attempting to self-regulate will not have the appropriate resources.
TDMA is time-division multiple access. It just means dividing the channel into time-slots, where each is some number of milliseconds. So, say we had two slots, each 20 ms long. We could receive for 20 ms, and then re-transmit what we received in the next 20 ms. No duplexers, no front-end overload, just one frequency. Works really well with digital modems and voice codecs.
Slashdot Mirror
It's just that I object folks who would be good community contributors being lured into being unpaid employees instead.
The GNU Radio project was funded in part by a United States intelligence agency. They paid good money and the result is under GPL. What's not to like?
Keep all of the idiots that want to work for a millionare for nothing. Fire the others.
Anyone with sense has by now joined a non-profit project.
Compare-and-exchange and mfence would be doing cache flush all of the way to RAM and global cache line invalidation, wouldn't they? So, they can potentially be used to hammer too.
Multi-threaded programs really do need those cache flushes to implement their interprocessor communications, don't they? It seems to me that they would be the ones most likely to hit this problem.
It has yet to be established whether hammer techniques can result in a correct data+ECC pattern. If so, it should be possible to permute the memory in a way that defeats this, either on the memory module or the memory controller.
That would make a good research paper for someone.
Yes, you beat me to it. A correctly-configured ECC motherboard with real ECC memory would defeat this. Watch out for fake ECC memory that just simulates the correction bits.
Once memory starts being vulnerable to row interference, having a machine without ECC becomes much more dangerous, regardless of this exploit.
You have the Part 15 and ISM services for that. You really can buy a microwave link that's metropolitan-distance and legal to use.
We lost much of our 440 capability to PAVE PAWS in California. Remember, Amateur Radio is not the primary service on many bands. The military is on 440.
If you want that nearly infinite microwave spectrum, you have the Part 15 and ISM services. Absolutely nothing is stopping you. Power is not the issue with those frequencies, it's line of sight and Fresnel zones.
No, I absolutely do not have to prefix my words with anything. You do that by posting as an anonymous coward. I use my real name to indicate that I stand behind my words.
Yes. The usual mechanism here would be WiFi security, with HTTPS or SSL inside of it.
OK, no real technical data and some absurd claims here.
First all-digital transceiver? No. There have been others. Especially if you allow them to have a DAC and an ADC and no other components in the analog domain, but even without that, there are lots of IoT-class radios with direct-to-digital detectors and digital outputs directly to the antenna. You might have one in your car remote (mine is two-way).
And they have to use patented algorithms? Everybody else can get along with well-known technology old enough that any applicable patents are long expired.
It would be nicer if there was some information about what they are actually doing. If they really have patented it, there's no reason to hold back.
I saw a 'gator right at the edge of the VAB parking lot last month. In a drainage ditch, up to the fence, cars parked right on the other side.
With luck, they'll start incorporating our radio transceivers. I hear that SpaceX flies with several USRPs now, so that's not completely unrealistic. That might be as close as I can get. Anyone who can get me a base invitation, though, would be greatly appreciated and I'd be happy to do some entertaining speeches while there. I need a base invite for Vandenberg, too. I got in to the official viewing site for the first try of the last launch (and that scrubbed too), but this next one is on Pad 6.
I was in Florida to speak at Orlando Hamcation and went to see the DISCOVR launch at Kennedy Space Center. I paid $50 to be at LC-39 for the launch, an observation tower made from a disused gantry on the Nasa Causeway between the pads and the Vehicle Assembly Building. A crawler was parked next door! A hot sandwich buffet, chips, and sodas were served. It was cold and windy! I watched for a few hours and unfortunately the launch scrubbed due to high stratospheric winds.
The next day, Delaware North Corporation, which operates tourism at KSC, decided not to open LC-39 or the Saturn 5 center for the launch. This was the third launch attempt and I guess they decided most people had left. I was annoyed.
The closest beach was going to be closed in the evening, it's a sensitive ecological area. I ended up seeing the launch from Jetty Park. This turned out not to be such a great location, the tower wasn't visible at all and the first 10 seconds of the rocket in flight were obscured before we saw it over a hill.
What's a better viewing location?
Test equipment is allowed to transmit and receive on those frequencies. If it looks like a radio, it can't. I have a number of cellular testers hanging around here that can act like base stations, mostly because I buy them used as spectrum analyzers and never use the (obsolete) cellular facilities. Government has different rules regarding what it can and can't do in the name of law enforcement, although FCC has been very reluctant to allow them to use cellular jammers.
If you can afford it, something from Ettus would better suit your application.
We think after we build this new PCB we can go for the croudfunded manufacturing run. It's mostly surface-mount, and we expect to sell assembled boards in this run, and then the next version will be fully-packaged radios.
Hi AC,
Matt Ettus has a story about a Chinese cloner of the USRP. The guy tells Chinese customers that it is illegal for them to buy from Ettus, they must buy from the cloner instead. Then, when they have problems and require serivce, he tells them to get it from Ettus. Who of course made nothing from their device sales and can not afford to service them.
This is not following the rules of Open anything. It's counterfeiting.
So, sometimes it is necessary to change the license a little so that you will not be a chump. I discussed the fact that the hardware is fully disclosed but not Open Hardware licensed with RMS, the software is 100% Free Software, and there is a regulatory chip you can't write. We can go for Respects Your Freedom certification that way..
I've paid my dues as far as "Open" is concerned, and Chris has too. This is all we can give you this time.
The case selection was so that we'd have at least one case that would work. We did not take much time on it. We'd be happy to have other people designing and selling cases.
The version after this one requires cases that look like real radios. That is going to be a bigger problem. We don't yet have a mold-design partner, etc.
We implement it as a chip that intercepts the serial bus to the VFO chip, and disallows certain frequencies. On FCC-certified equipment we might have to make that chip and the VFO chip physically difficult to get at by potting them or something. This first unit is test-equipment and does not have the limitation.
Anyone who is good at electronics can get around regulatory lockouts. We're not allowed to make it easy. But nor are we technically able to make it impossible.
U.S. regulation only allows Part 95 certified radios to be used on GMRS, and Part 95 requires that the radio be pretty well locked down. But all of those Asian imports are certified for Part 90 and there are lots of users putting them on both Amateur and GMRS. If FCC wanted to push the issue with any particular licensee, they could.
The D-STAR issue is not really ICOM's fault. JARL designed D-STAR (not ICOM) and put the AMBE codec in it because nobody believed that you could have a good open codec at the time. We now have Codec2 (a project I evangelized and recruited the developer) which is fully open. And we do have a software AMBE decoder in Open Source, although the patents won't let us use it. That is why I am working on the patent issue (as noted in the last slide of the presentation).
I know about the counterfeit FTDI chips, and Matt Ettus told me what has happened with the Chinese clone of USRP. We know what to do.
And it's because of No-Code. We looked at the licensing statistics and thought we'd preside over the end of Amateur Radio in our own lifetimes. That's the main reason I worked on no-code. There was really strong opposition among the old contingent, and ARRL fought to preserve the code for as long as they could. Someone even asked me to let Amateur Radio die with dignity rather than sully it with no-code hams. Gee, I am glad that fight is over.
That is why there are different radio services. Hams really only have a few corners here and there of the radio spectrum. There really is a service for everyone, although you should be aware that the entire HF spectrum would fit in a few WiFi channels, and all of the Amateur HF spectrum would fit in one. So, we don't really have the bandwidth at all. And people who want the bandwidth on UHF already have WiFi and the various sorts of RF links, etc.
The internet really sucks and we don't want another one on ham radio. Nor could we possibly have the bandwidth to support one. The entire HF spectrum fits in just a few WiFi channels.
To satisfy the demands of the "it should be anything goes" crowd, we have CB radio. And there are all of the common carriers, etc.
So, I can't sympathize, and even if I did, there are not the technical resources there.
Sorry.
I am afraid that's not the way it works. Public-key encryption doesn't really give you the capability to decode the communication of two other parties unless you get the secret (rather than public) key, which they have no reason to give you. There is also a session key that is randomly generated and lives only for the duration of the connection, and there is the potential for VPNs or tunneling that further obscure the actual communication. It's actually very difficult for a monitoring station to even get 100% of the packets reliably, although the two stations in the communication do get them. So you may not be able to reconstruct all of the bits in the stream, and this will break decryption too.
All of this adds up to so many technical hurdles that in practice you have to be NSA to decode the communication, hams who are attempting to self-regulate will not have the appropriate resources.
TDMA is time-division multiple access. It just means dividing the channel into time-slots, where each is some number of milliseconds. So, say we had two slots, each 20 ms long. We could receive for 20 ms, and then re-transmit what we received in the next 20 ms. No duplexers, no front-end overload, just one frequency. Works really well with digital modems and voice codecs.