Posts

Showing posts from November, 2019

Assessing Security

Image
Security has become the major focus of the Internet of Things (IoT) and the IoT networking protocols in particular. In this space we have a narrow league of standard protocols (Bluetooth mesh, Zigbee, Thread, LoRa) and still a long tail of proprietary options. E.G., many of the proprietary protocols use standard radios, such as 802.15.4 or Bluetooth LE. In particular there are a number of "mesh" systems running on top of Bluetooth LE. They had been developed before the official Bluetooth Mesh Specifications were adopted and there are still multiple brands / products using them. The key challenge with proprietary protocols is assessing how secure they are. Well, I should say, they are NOT secure, unless proven otherwise. There is no other way to assess security of any system / design other than an independent review. Regardless of what the vendors claim, unless the protocol is truly open and the specification is publicly available, you should stay away from it, security ...

Specification vs Implementation v2

Image
This is an update to the blog I posted back in 2016 . I do lots of conference calls everyday. And my trusted audio gear has been the Jabra Speak 510 . It works over Bluetooth. It  also provides great audio quality. But it could not do both at the same time. For the audio to be good, ti needs to connect to a computer over USB. To my surprise I saw it working without the tethered USB connection. Digging deeper unveiled it working over Bluetooth, but using the special Jabra Link USB Bluetooth dongle. Digging even deeper the dongle appears to implement a full Bluetooth Audio stack and presents itself to the host computer as an audio device (a sound card), not a Bluetooth adapter. So clearly it seems the Jabra implementation of Bluetooth audio is superior compared to the Windows implementation: you cannot achieve good audio quality pairing the speaker with a computer, but you can (using Bluetooth) if you use the Jabra dongle. In other words, the reason the Jabra dongle exists is ...

Decentralized No-Go

Image
Decentralized architectures (in networking) have many flavors. It is a very broad term to describe anything from block-chain to information-centric networking and building automation too. Some aspect of the decentralized approach are working very well. From my own experience I can say the decentralized lighting control scheme proposed by Bluetooth mesh has been playing very well for us. As with every new architecture there were some new challenges, but they are all nicely solved now and the whole concept allows for building very efficient, no-point-of-failure lighting/sensing networks . Within certain research circles there is a vibrant discussion on decentralized social networks. It revolves around the SSB - Secure Scuttlebutt protocol. The promise is huge: we don't need no Facebook. So you see how attractive this can be. Almost like Bitcoin was attractive to make banks obsolete (which never happened), SSB-based applications like Patchwork have been promising the Facebook-les...

Not in the System

Image
Some of you may remember The Net (1995 film) with Sandra Bullock. Her records in computer databases were altered rendering her losing her identity and inheriting bad criminal record. Societies today rely extremely heavily on computerized personal records and it may be difficult - if not impossible - to prove the reality is different from what computers say. On my busy travel schedule, last June I arrived in Denver, Colorado, for some business meetings and my onward flight was to Seoul, Korea. To my surprise, I could not complete the on-line check-in procedure at united.com. It was weird, as I fly with them a lot and they have all my data stored. But the on-line system refused to issue a boarding card for me, suggesting contacting the ground staff. The staff asked me for a Korean visa, which I did not have. Of course being a Schengen citizen I don't need one, for a stay of up to 90 days (I intended to stay for a week). But the United computers were not aware of this exempt ...