More Ham fun

I wanted to be able to reliably reach the local VHF/UHF repeaters, so I bought a 2 meter 1/2 wave antenna to mount outside the house and hook up to my handheld radio. It came over the weekend, and I installed it this afternoon. The antenna itself is a set of wires of specific lengths and impedances that you mount in 5 feet of PVC pipe. I hooked it up with a large diameter low loss cable, and used an adapter to connect to the SMA plug on my handheld. Works like a champ! I’m now able to reliably key repeaters 15 miles away with the 5 watt handheld.  I talked to a fellow Ham this evening via the repeater (W4AGC 2M on TV Hill in Durham), and he said I had excellent sound quality with no distortion. Also, was able to successfully test out an IRLP connection via the W4AGC 70cm repeater to my “beach” repeater in Newport, though my new Ham friend from Harker’s Island, KM4NRZ, didn’t answer. Also did a test of an IRLP reflector node, and heard my voice come back. Cool!

Clearwater 2016, v1

As my (one or two?) regular readers know, I like to visit a local “lake” that the TU chapter stocks with trout for a winter fishery. Let’s see, trout, hanging out with a few fellow anglers I don’t see often enough, only 15 minutes from my house, what’s not to like?

Joel netting trout

First fish of the day

On January 9th, I had one of my two seasonal visits to Clearwater. The fishing was slow, as recent rains had muddied the lake, but all the 8 anglers there each caught a handful of nice fish.  I caught mine on egg patterns, a fly that I’ve historically used in the winter with great success, but not at Clearwater. Great fellowship, and always fun to hang with my fishing buddy, Sam. Already looking forward to the next trip there!

Joel releasing a big trout

This one put a nice bend in the rod

TU said that they put a lot of browns in the lake this year, but I didn’t see any. Maybe next time.

APRS antenna update

As I wrote here previously, I’ve been exploring the APRS (Automatic Packet Reporting System) Ham Radio system. I noted that while I had the Kenwood TH-D72 radio configured correctly, it was not reliably getting its packets to the nearest digipeater to be ingested into the APRS/APRS-IS world. I suspected it was an antenna issue, as I was using the “rubber duck” that came with the radio. I replaced that with a Diamond SRH77CA and that’s made a huge difference. I’ve used it to have a “chat” with another local APRS user several miles away, though via the digipeaters, it’s possible to have a digital chat with an APRS user much further away (depending on mutual routing settings). Additionally, I noted that when the radio was inside a vehicle, it was unlikely to successfully send a packet unless the digipeater was just a couple miles away. So, I also got a Diamond MR73S, a small magnetic-mount external antenna with an SMA connector. With that on top of my truck, the APRS “smart beaconing” works perfectly, sending status packets with information that reliably shows position and turns. Interesting stuff.

APRS radio

I’ve been experimenting with APRS (Automatic Packet Reporting System) on HAM Radio. Interesting stuff! Essentially, it is a system that provides situational awareness and context for radio-enabled devices by capturing “beacons” from devices such as mobile radios, fixed point radios, weather stations, satellites, antennas, and creating a data stream that’s used to create a geo-enabled map of devices in real time…an organic “Internet of Things” (IoT) joined in the radio spectrum. As Bob Bruninga, the father of APRS says:

“Since the primary objective is consistent exchange of information between everyone, APRS established standard formats not only for the transmission of POSITION, STATUS, MESSAGES, and QUERIES, it also establishes guidelines for display so that users of different systems will still see the same consistent information displayed in a consistent manner (independent of the particular display or maping system in use)”

There are gateways to the traditional Internet for email, but the value of APRS is in the dynamic resource map it populates to RF contacts in the local area (and through data added to the APRS-IS, the Internet system, and thus generally available), and its ability to send messages between participants. It’s a peer-to-peer network that can grow organically with the addition of “digipeaters” to relay traffic, but still provides station to station information. As the APRS Wikipedia article states, “Anyone may place any object or information on his or her map, and it is distributed to all maps of all users in the local RF network or monitoring the area via the Internet.”

It does depend on access to a digipeater, and one thing I’ve found in a couple days of testing is that my HT 5w Kenwood TH-D72 transmits to the nearest repeater from Emerald Isle with sketchy regularity. It’s 10 air miles, and the standard antenna on the TH-D72 is reliably receives APRS packets from KD4KTO-4, but seems to get them there irregularly. Next week, I’ll be back in the Chapel Hill area, and it will be interesting to see how things fare there. I’ve ordered a better antenna for the radio as well, and that should help considerably with transmit range.

 

Finally have Apple Pay working again on Watch

As my faithful readers know 😉 , I really like the Apple Watch. I wrote in September about getting the wrist detection working again, and it’s been great since then…with one exception. Without wrist detection enabled, you can’t use Apple Pay (it won’t let you store cards without wrist detection enabled). When I turned wrist detection off, before that fix with OS 2, my Apple Pay configuration went away; that’s the way it works. This doesn’t sound so bad, but then when wrist detection was back, I couldn’t add cards to Apple Pay. They would be stuck being “activated.”

I did a fair bit of Googling on it, and it appeared to be an issue with some bit of iPhone storage not getting completely cleared out with card removal. Supposedly a restore of the phone fixed things for many folks.  However, I didn’t want to go to the trouble to do that, so I just ignored that one missing feature.  After December’s Watch and iOS updates, I decided to try again and lo and behold, it worked! I loaded up some cards and went Christmas shopping on Friday. Woohoo! I’m a happy camper.

Encryption, backdoors and spies, oh my!

Since the Paris terrorist attack and then the San Bernardino shootings (which now are confirmed to be an internationally inspired terrorist attack by a US lifetime resident and citizen) there has been much discussion among talking heads on screen and in print about needing to be able to eavesdrop on all communications. Many pundits, candidates, and congressmen have jumped all over this bandwagon, calling for more surveillance and calling for means to access any encrypted communication. Many of these same advocates for eavesdropping are ardent supporters of the 2nd Amendment, but forget about the rights for the people to communicate, assemble, and be protected from unreasonable searches and seizures (1st and 4th Amendments). However, putting aside the legal issues and politics that are wrapped up in the issue, this is technically a very bad idea.

First, let’s consider encryption alone, without considering some sort of backdoor or key escrow. Encrypted communication has been with us as long as there has been writing, and really, it’s been with us as long as there has been spoken language. Fundamentally, it’s communication that can’t be deciphered due to some sort of obfuscation. This can manifest itself as something intelligible only to the communicating parties such as a jumble of letters or symbols, or some common words (spoken or written) to which is ascribed a common, secret meaning known only to the communicating parties. The common thread here is that there is some shared knowledge that can be used by the communicating parties to extract the hidden meaning, either a shared secret or knowledge of the location of a message. Cryptography is an old art, dating back several thousand years (see also this article for more history). There are a myriad of non-digital ways to hide information, and a quick overview of the Wikipedia article on Steganography can be quite illuminating to the uninitiated, although computers have opened up many new avenues for the practices. Classic encryption took the form of a shared secret (a word, phrase, words on pages of a book, etc.) that could be used to encrypt and decrypt the coded message. Innovative ways of doing this, and in particular changing the shared key, made such messages very secure. In the digital world, this is called symmetric key cryptography.

Widespread use of computers has created many types of communications where information needs to be shared, but also protected, and this brought about the rise of public key cryptography (a pair of algorithmically related keys) and digital signatures as a means of solving the shared secret conundrum. A fundamental point that you should take away, however, is that in the digital world, encryption, whether with a shared secret or a public keys, it boils down to algorithms implemented in computer code. This is embedded in tools you use every day on your computer. Whenever you see a “lock” or other security symbol in the URL display of your browser, you are seeing the results of these algorithms implementing public key encryption. There are many algorithms for cryptography throughout cyberspace that are in the public domain and can be used by anyone. A quick trip to Google will show you this. Likewise, many derivative works exist that are not cataloged. Herein lies the first lesson. The US does not “own” cryptography, or algorithms, and there are many freely available algorithms and code implementations of those algorithms that are beyond the reach of US laws. Efforts to constrain or to weaken encryption will not affect those who want to hide their communications. Just as toolkits are available for the propagation of computer malware (another interesting story!), toolkits for encryption are available and will remain available regardless of legislation. To paraphrase a saying of supporters of 2nd Amendment rights, “when encryption is outlawed, only outlaws will have encryption.”

We have seen this week a revelation that Juniper Networks found at least one “backdoor” in their router/firewall operating system, that had been there since at least 2012. What was the source of this intrusion? Probably nation-state hackers. Who?  Good question. Why? Putting such code in network appliances gives, as the article says, the ability for the owner of the exploit to access resources behind the firewall, the ultimate target. So, how are these thoughts connected? If there is a backdoor in a network appliance, it can allow someone to bypass controls. The fact that this exploit went unnoticed for years speaks to the difficulty of checking for such intrusions. Likewise, if there was a backdoor engineered into an encryption system, as is promulgated on various fronts today, it would be vulnerable to misuse and unauthorized access.  This would impact the security and privacy of legitimate users who are using the encryption system. Would it improve security? I think not, as those who are really concerned about eavesdropping on their conversations will take additional measures, such as using internationally sourced tools (or tools written by a trusted colleague), or by simply obfuscating the messages that are carried by the communication system.  We have a backdoor to access the communications path, but we can’t see anything (at least prospectively) other than innocuous communication (remember steganography?). The value of a backdoor in encryption systems in preventing terrorist attacks is thus minimal, and the breakdown in the privacy of communications for others is significant.

Conversely, focusing not on the content, but rather the patterns of communication (the so-called metadata) or observing other external phenomena does have value. If someone is communicating with known terrorists or in places frequented by such individuals, that can and should raise a red flag. Then, traditional methods of surveillance can then be employed, including bypassing the encryption challenge by placing “taps” (malware) on a suspect’s devices and thus viewing the decrypted messages. That still leaves the challenge of obfuscated messages, but it is more useful. Much can be learned by observations of patterns and metadata. A classic example is determining the likelihood of imminent military action by observing the number of evening pizza deliveries to the Pentagon.

In summary, encryption has been with us since the beginning of communication. Computers are tools used in encrypting messages, but have not changed the fact that those planning activities where they want secret communications have many channels available to them. Sophisticated actors will layer protections on their communications, and simple backdoors to our personal devices or encryption tools will not pierce that veil. If backdoors are in place, we run the very significant risk that those backdoors will be used by actors other than the intended “official” users, and we have thus compromised the security of all and gained little or none in return.

 

Watch OS 2 fixes fixes my wrist detection error

I’ve been a happy Apple Watch user since I got mine on June 1st. While there were limitations in the apps, the promise of exciting functionality was there. It quickly became indispensable. I found texting to be a killer app, and I used the fitness tracker daily. I found a tide table app that’s perfect for helping with coastal fishing and boating. However, three weeks ago, the wrist detection process stopped working. I tried all the  “home remedies” I could Google up, to no avail. I wiped and reloaded, I stood on my head while putting it on my wrist–not really, but you get the idea. I had to turn off wrist detection as one thing it did was stop workout tracking when it locked after 15 seconds. Turning off wrist detection also turned off Apple Pay (not that I’ve used it more than twice, to buy coffee at McDonald’s). I thought about sending it in for replacement (the hive mind was split between software errors and sensor errors) but decided to wait for the OS 2 update, betting that it was a software error (or a deep config setting that the wipe did not update). So, after a nearly 2 week delay in the release of the OS, it was available today, and I’m pleased to say wrist detection is working perfectly again.

Now I’m looking forward to OS 2 apps!

More adventures with Nest products

I wrote here in July that I’d installed a Nest Protect and was very pleased with it, and ordered another. The second one works just fine, and replaced the other legacy detector in the house, but I did have some configuration problems getting it to work.  I could not get the second one to talk to the first. This gave me an opportunity to contact the excellent (English speaking!) tech support group at Nest. I got a quick and comprehensive answer to my problem (essentially, I had to do a “reset” on the second Protect to cleanly restart the configuration process). The two systems are communicating fine, and both are working as designed.  The downstairs unit continues to carry the load, as its location next to the kitchen means that it picks up smoke from broiling and frying.  We continue to appreciate the polite “heads up” feature. I also like the “path light” feature; we use it differently on the two systems, with it set as an “always on” nightlight upstairs, but only as a “walk by” feature on the downstairs unit.

nest thermostat

Today, I added in a Nest Thermostat to the mix.  Installation was simple (I did check the configuration before I ordered the unit). Configuration took 15-20 minutes as you connect it to the network, it downloads a couple of software updates, and then go thru system configuration and testing. The house has three HVAC systems, and the one I replaced was the only unit without a digital thermostat. I could have gotten a digital thermostat for much less, and a programmable one for perhaps half the cost of the Nest.  However, my experiences with programmable thermostats are that most of the time they don’t get programmed, and the idea of the “self programming” Nest is intriguing.  How well will it work with other units controlled by dumb thermostats?  Is it going to be worth replacing one or more of the others? I don’t know, but it was a good place to start. The room that it’s in is the main room in the house, and it’s challenging from a thermal perspective. It has large windows facing due west, and it picks up a lot of solar gain.  Good in the winter, less so in the cooling season. So, this will be a continuing saga. Stay tuned!

Continuing reflections on TV cord-cutting

Its been a week since I put up a TV antennae at the beach house and dropped the Time Warner Cable subscription back to Internet only. Faithful readers of this blog know that it’s now been 4 years (July 2011) since I put up an antennae on the Chapel Hill house and dropped Uverse. I used the same configuration at Emerald Isle as in Chapel Hill – a ChannelMaster 4228HD antennae and a ChannelMaster 7777 preamp. This has been a while in coming, but with TWC raising rates once again, it was time to jump. We’d been paying $105 for non-digital cable and standard 15×1 Internet. TWC said the new rate would be $130, and would require a digital converter on each set. Enough! Internet only is $45 plus tax, so say $50. That’s $80/mo, or nearly $1000/yr for basic cable. Do we watch that much? Nope.

In fairness, we do pay for multiple streaming services, but we can use those in Chapel Hill or EI. Since we were already paying for these, it’s moot. We subscribe to Netflix, HBO NOW (for Game of Thrones), SlingTV (for ESPN). These are about $45/mo. We have a TiVo in Chapel Hill for $15/mo, so that’s $60 total, but it’s flexible and portable.

Putting up the antennae/amp is about $200, plus cabling, which can be done for under $50. At $80 /mo savings, that’s a 3 month payback.

Technically it’s easy, and you can feed all the TVs in your house using the old splitter in the TWC box on your house. If you have only one TV, an internal antennae for $50 can work, but for several sets, you need to feed the distribution system.

For reception, at EI, I’m picking up stations 50-70 miles away with clarity. WITN, WNCT, WCTI, WUNK and others.

So, if cable is getting you down, there’s an alternative!

Technology meets the smoke detector

We needed a new smoke detector. I was tired of having to unplug the current one every time we fried fish 😉 so I thought I’d shop around some and see what features are there. I also wanted to see how these “connected” detectors worked so that you could get an alert if not home. Kidde has an interesting device that listens for the sound of standard detectors and then can communicate with you remotely. I then looked at the Nest Protect (2nd generation, and now $30 cheaper than before they had to disable the “Nest Wave”), and it had some nice features and was the same price as the Kidde device. One appealing feature was that in addition to remote notification, it had the “I’m going to alarm, is this really a problem?” mode (they call it the burned popcorn feature). Also sounded like “frying fish” mode!

So, I ordered a Nest Protect (wired) and set it up. Then cooked Cajun Mackerel, yummy! Sure enough, while cooking the 2nd filet (the stove is less than 10 feet from the detector), the Nest Protect says in a nice voice, “I’m going to alarm, and it will be loud. Do you want to silence?” I did, and it quieted down. It keeps a log of events, it tests itself, it interfaces with and alerts your phone, it can be a nightlight, and it’s very friendly. If there is more than one on your network, it tells you the location of the problem in clear language, with all broadcasting (so say the docs). OK, sure, it generates data and sends it to the mothership to make the magic happen. But if I want the conveniences of technology that’s a price I pay.

I like it so much I ordered a second one to replace the other detector in the house. I’ll follow up with more info as I get the next one online.