web analytics

Brain Hacking

My Homemade tDCS Machine

I’ve had an extended break from blog since we visited the rainforest. We are getting some maintenance done and are “stuck” here in Palmas waiting for some parts and some expertise.

I just read an interesting science article (click here) about how a transcranial direct current stimulation (tDCS) device can be used to enhance creativity by “…temporarily suppressing a key part of the frontal brain called the left dorsolateral prefrontal cortex.”

The study showed an increase in creativity when electrical stimulation was applied across the cranium in a particular way. Lots of amateur “brain hackers” have already found this out in an anecdotal sense, and claim even more cognitive enhancements depending on how the brain is stimulated. I know something happens, it did with me in my experiments.

One of my big product ideas was to combine a tDCS and EEG to actually measure the effect of the stimulation and then build algorithms to modulate the stimulation to maximum effect. I wrote about my experiments from a couple years back. Still a great idea and I’d be surprised if someone isn’t trying something similar.


Posted in Hacking!, Journal by with comments disabled.

Shortwave Radio Antennas

Ok, this is a long post about diagnosing and fixing a shortwave radio antenna on our sailboat Good Karma. Not interesting for those who are not into technical detail.

On most bluewater sailing vessels there is a shortwave radio for communication, usually called an “SSB radio.” One thing every radio needs is a good antenna. On most sailboats, the antenna is the backstay of the mast, the cable that holds the main mast to the back of the boat. It’s a good choice because it’s basically a long wire that can be insulated easily (necessary for an antenna).

My radio could transmit and receive email and I was happy with it until I notice that the connection from the radio to the backstay was getting frayed (below). I was also having great difficulty with voice transmission to stations that should have been receiving me with no problem.

The antenna feed (white wire on left) was connected via an unprotected hose clamp to the backstay. The problem was this is exposed to the elements (water and salt air), not to mention the not-so-great mechanical connector that doesn’t protect against breakage of wire. At Spanish Wells I bought some new hardware (below):

Left to right: A cable clamp, a nut and a ring connector. The clamp would give me a solid connection to the backstay and the nut and ring connectors would grant a smooth mechanical connection between the antenna feed and backstay. The connection point needed to be about 8 feet off the deck and so I needed a ladder. I borrowed one from the marina but because of the tight space on the deck I could not deploy it completely, so I had to set it up with straps on each side to stabilize it, below:

I assembled a great backstay connection and insulated the connector from the elements with electrical tape, shown below:

Everything looked great but the radio happened to work worse than before! I didn’t get it and puzzled over this problem for days. I finally decided I needed to look at the other end of the antenna feed cable, which I had to move to get the backstay connection finished. That was it! Below is what the connector to the radio looked like, corroded and almost broken:

I replaced this connector as shown below:

The result was, so far, fantastic. I’m able to contact much more distant stations. The testing isn’t complete without a voice test but I’m optimistic.

 


Posted in Electronics and Radios, Hacking!, Sailing by with comments disabled.

Government Surveillance Demands

screen-shot-2016-09-15-at-3-14-32-pm

Yes, It Can Be Hacked!

For cyber security types, here is a good article providing evidence that the FBI’s arguments for coercing Apple to break into the San Bernardino terrorists iPhone 5c were essentially propaganda. The  FBI appeared to use this case to lobby for federal legislation to require “backdoors” to be built into smartphones, etc., so that law enforcement can gain easy access to any device.

The story went like this: The FBI wanted access to one of the San Bernardino shooters iPhones so they could check up on contacts, emails, text messages, anything that would help the FBI discover a potential (but as yet unproven) network or other terrorist contacts. The iPhone in question was locked with a passcode and if you make too many wrong entries trying to guess the code, the iPhone will erase  all it’s memory.

The FBI decided to ask Apple to unlock it. Apple said that the FBI mishandled the phone and prevented the phone from uploading its memory to the Apple cloud. Apple said it did not have a way to unlock the phone itself and this is very likely true. The FBI then asked Apple to use their intimate knowledge of the workings of the iPhone to figure out a way to unlock the phone, basically to hack into their own product. Apple refused. The FBI then went public and in a very high profile case, attempted to use legal means to force Apple to comply.

After a couple of weeks of very public bantering, the FBI claimed it found a way to hack into the phone and asked that the case to force Apple to break into it’s own product be dropped. Subsequently, the FBI made several well-publicized pleas to congress to come up with a law that would force companies to build in “backdoors” to their products so the FBI and other law enforcement would not have to resort to expensive hacking techniques or even necessarily get a warrant.

The argument they make is that it would be a valuable tool to prevent terrorism and crime. And maybe it would. But the complexities of this issue go far beyond the myopic FBI viewpoint. Here is why:

A backdoor is a cyber security term for a method to bypass a user’s security. You have your key to unlock your “front door,” and the FBI has a key (or method) to unlock a built-in “back door.” This would work if the FBI kept their key safe. But suppose they did not keep it safe? Suppose a future highly placed individual in the FBI decided to use these backdoor keys to gather compromising information about political figures in order to gain power. What would J. Edgar Hoover have done with such power? Or Vladimir Putin?

Apple was correct to deny the FBI their services. No one buys an Apple (or any other brand) product with an expectation that the manufacturer is going to hack it open on demand. Privacy is expected and the product should operate as intended. Also, engineers would have had to produce a new technique under coercion of the law. The FBI could likely then use this tool to break into any other iPhone as it desired (and the FBI confirmed they have many iPhones they want to open up). Can the government force a locksmith to create a two-key lock if the locksmith does not want to? Is that constitutional?

Ironically, when the news of this broke, techies on the internet were abuzz with an easy technique to break into the iPhone: Take it’s flash memory out, read it and “brute force” guess the password (try every one until you find it). This would prevent the memory from being erased. And this is exactly what the proof-of-concept paper referenced in the above hyperlink explains.

The FBI thought this technique was “impossible.” Apparently, engineers and hackers are now the power brokers in this country. 😉

 


Posted in Cyber Security, Hacking! by with comments disabled.

The National Security Agency’s Cyberweapon Leak

ant-product-banner-icons-tinyL

What Is Going On with the NSA?

The recent news stories about the cyber weapon leak by a group known as The Shadow Brokers is quite disturbing if true. The story is that this group “hacked” the National Security Agency, appropriated some advanced cyber weapons, and are now auctioning them to the highest bidder online.

The overriding questions are:

Is this real?

How did they do it?

Who are (or is) The Shadow Brokers?

Due to all the secrecy surrounding such agencies, we will probably never know for certain what has happened here, if anything. However, there is a large enough, highly skilled and credible cyber security community today that does not work for the government and their collective opinion should be highly regarded.

The consensus opinion is that yes, these are real weapons, though vintage 2013 or earlier and not the latest. They mention weapon names referred to in the leaked NSA ANT catalog. There is a lot of evidence that this catalog is real and was not leaked by Snowden, but some other NSA insider. I have an earlier post about how security measures I implemented in a product prevented the NSA from gaining access and thus “defeated” the IRATEMONK product in the ANT catalog.

The authenticity of the weapons was supported by evidence from The Guardian, who has access to all of Edward Snowden’s leaked NSA data. The Guardian has not publicly released all the Snowden files and it was confirmed that some information not released to the public was mentioned in the Shadow Broker’s data. There were other more subtle clues as well that pointed to these as being real NSA hacking tools.

How was the NSA hacked? No one knows for sure but most think the actual NSA wasn’t hacked, per se, but the tools were found, or taken from, a proxy server. This could have happened if the NSA was doing training “in the wild” and got sloppy and left their tools on a server instead of cleaning them up. Someone then found them. This is Snowden’s theory.

So who are (or is) The Shadow Brokers? A good theory is that the NSA has yet another insider taking information a la Snowden. It probably had nothing to do with Snowden, by the way, since the tools are dated about 6 months post-Snowden revelations. Another good theory is that a nation-state is taunting the US. Could be Russia. Could be China. Really, it could be Pakistan for all anyone knows about that. It’s very difficult to attribute such attacks in cyber space.

It really doesn’t matter who the hackers are if the NSA is getting this sloppy. How many spy agency leaks have you heard about from Russia? From Israel? From China or North Korea? Probably none. They all have spy agencies on par with the NSA, as do many countries.

Consider the danger of cyber weapons. They are probably as dangerous as physical weapons like missiles and nuclear bombs, especially to advanced, internet driven societies such as the USA, Europe and Japan. Yet cyber weapons are very much unlike physical weapons in that you cannot contain or control them. The NSA relies on secrecy and whether their employees follow good security practices and are loyal, and you see where that got them.

And us.


Posted in Cyber Security, Hacking! by with 1 comment.

Radio setup

Panel

You Might Be Happy Not to Have to Deal With This Every Day

IMG_1496

Pactor Modem (above, with lights) and Marine SSB Radio Below

One of the first systems I tackled on the Good Karma was the ssb radio. Nothing is easy and this proves the rule. The importance of this radio is that it is a long distance communication system, like over a thousand miles. This is necessary for ocean travel where your only communication link may be this radio. Here is my experience, skip this if you have no interest in radios:

This is a long-winded essay about how to patch together a circa 2002 model ICOM M710-RT marine band SSB radio, a Pactor modem, and a modern Macintosh MacBook Air to work as an email system. This is about hacking old technology and new, incompatible systems to make them work together, like something they’d do on Star Trek.

My recently acquired sailboat has a Marine Icom M710-RT SSB radio and a Pactor II Pro modem (with pactor III firmware upgrade). You can set this radio up to send and receive email over HF frequencies while out at sea far from land. The data rate is slow so only small data sizes are practical, like text email.

A system called “Sailmail” uses the marine bands to send and receive mail. Unfortunately, sailmail is a subscription service that costs a bit over $200 per year to use. Sailmail depends on a system called “winlink” to work. Winlink is a radio email service set up by amateur radio enthusiasts (hams).

Because amateur radio cannot charge for services, winlink is free IF you have one of the advanced amateur licenses AND an amateur radio. I have the license. All I needed was the radio set up on our boat.

Getting the radio set up was an issue. I have a Yaesu FT-993, a great amateur radio, but I would need to install it and supporting systems to get it to work. And on top of that I’d still need to keep my ICOM for marine band operation as the Yaesu would not operate on those frequencies. (Note: I probably will install my amateur radio in the future as it is a far more versatile radio on ham frequencies).

But I also knew that a trick radio manufacturers use to keep their costs down is to build one radio that they can enable for whatever market they want to sell into. So essentially the same generic radio can be built and then set to work on ham freqs or marine freqs or police freqs, for example. These radios can be enabled to work on all frequencies they are built for, the trick is to know the secret modification and do it yourself.

In the old days this was accomplished by cutting traces on a board or some simple hardware modification. Since the late 1990s, almost all radios can be changed by reprogramming the firmware.

So I knew both of these radios could be programmed to work on both amateur and marine freqs. And it seemed pretty straightforward to choose to reprogram the system I already had in place. Another technical reason to try to reprogram my ICOM – it is legal to use the marine radio to transmit on amateur freqs but NOT legal to use the amateur to transmit on marine band freqs. Why? Because the FCC wants only approved radios transmitting on controlled bands like marine, police, fire, etc. The amateur band allows a lot more leeway, you can pretty much use any radio as long as you don’t exceed the limits of the band, like keep the power under the legal limit. So the marine radio can transmit on ham bands, you must have an amateur license of course.

So I set out to get my marine band radio modified and working on ham bands.

The ICOM M710-RT is a great, though somewhat dated radio. I also have a Pactor II pro modem, an expensive system that would be quite expensive new, I believe greater than $1000 for an out-of-the box modern one. The modem can be controlled by a computer via a serial cable.

The system connection is as follows: Computer ——-Pactor Modem———Icom Radio

The connection between the modem and the radio is already in place and there is no need to mess with it. The computer-to-modem connection is an old 9-pin serial port, not built into Macs. Fortunately, there is also a Keyspan USB-to-serial adapter in place so at least I can use a USB port that IS on my Mac.

I consulted several web forums about getting this stuff to work together and what has been successful or not, and after experimenting a lot I finally got things working after about two weeks. I am an expert in software, devices and radios and this still took me about two weeks, it was NOT easy. Here’s why:

Winlink is a Windows program, there is no Mac version and I’m not sure if Winlink has been updated at all since 2008 or so. I have a Mac. You can run Windows programs on a Mac using various tools, some are better than others. A program called “Crossover” was recommended by many and so I bought that. Not too expensive if you don’t need tech support. Considering that we live in a world of shareware, it’s actually quite expensive however.

Then I needed to get the Keyspan USB driver for Mac. Pretty easy, it’s online. Unfortunately it took a while to realize there was no native driver available, my Mac did not warn me when I plugged the Keyspan in.

Getting Crossover to work was not difficult. I set it up to run a Windows 7 environment. Crossover does not come with a lot of OS support and you have to “install” utilities such as an unzip utility. This is required so that you can unzip the Winlink software and install it in your emulated Windows environment. There is also some funkiness setting up the serial COM port emulation to USB on a Mac, but not really difficult and there are good write-ups out there on the web about how to do this.

Winlink is not extremely user friendly but it’s not hard to figure out and there are youtube tutorials out there.

The big test was to determine if Winlink can talk to the Pactor modem. After a few tweaks, got it working and the first message to pop up was “You need Firmware version XXX to run Winlink on this modem.” I needed to update the Pactor modem firmware. That’s pretty easy to do, the company SCS has all the firmware and tools necessary to update the modem.

So, modem firmware updated. Next I tried to send some radio email via a Winlink station. No can do, my Icom would not allow those frequencies. Winlink won’t let you use the Marine frequencies either, you need Sailmail to do that.

Now it gets fun, trying to update my Icom firmware.

First I email Icom and ask for the tools. They said they can reprogram the radio but I have to get it to an Icom service center. That is absolutely ridiculous, I’d have to extract my radio and ship it to another state and wait for them to get around to it, and probably have to pay a few hundred dollars for the privilege.

I did some more digging around and found out that the Icom can only be programmed via a special DOS tool using a special cable. DOS. Didn’t that go away in the 80s? Wow. But not unheard of, it’s a legacy product supported by a legacy tool, not uncommon in the firmware industry.

What was more disturbing were claims that you needed to have a computer running DOS natively, not on top of Windows, and the machine had to have one of the old-style serial ports. Turns out that isn’t true if you get a good DOS emulator. That was better news. The recommended emulator was “Dosbox,” it’s free though they ask for a donation.

There is a Mac version of Dosbox that works well. Next, get the Icom software tool and a cable. Search around through the various forums and google, and you find references to an app called EX1726.EXE. The tool has been pirated and is out there if you look. The cable is an OPC-478.

Next get a USB-to-Serial programming cable for the Icom. Ebay has several so I ordered one, shipped to the marina in a couple of days. Plug it in to my computer and Icom radio (and another USB driver from the web). Set up a Dosbox serial port and run EX1726.EXE in my emulator.

Seemed to be working, but in reality I had no real feedback that it was working at all. This was a simple firmware read-modify-write program. I’ve written these apps and even had a patent on a certain aspect of reprogramming a device way back when. Anyway I knew what was “going on behind the curtain” so I tried the function that reads the memory and got a “clone error.” It wasn’t working.

I dug around a bit more and found a Yahoo group dedicated to the M710. I joined and bingo. All kinds of tech information on this radio and pirated software. Turns out the cable I got was for the M710 but doesn’t work on the M710-RT. The cable type for the RT version is OPC-552 Also, the app needed was called EX2144.EXE made specifically for the RT version. Ok. Well, I’m confident I could have modified the cable I had to work but I didn’t have the parts available. Found another cable supplier on Ebay and ordered another cable.

Cable came in, fired up the radio and YES, I could program the radio. I enabled all the ham HF bands and went back to Winlink. This morning I was able to send and receive email over my SSB radio on ham frequencies. Success, but not recommended for the faint of heart.


Posted in Electronics and Radios, Hacking!, Sailing by with 2 comments.