Blog Post
Networking Heartbleed Wasn’t a Single Bug
The heartbleed bug in OpenSSL has been all over the news. XKCD perhaps had the most succinct explanation. I’d like to take a deeper look at this bug and the process that allowed it to be created. Catastrophic failures are often caused by a chain of bad decisions or errors that finally result in a... View Article
Blog Post
Connected Devices and IoT Using UDP in Internet of Things Devices
I recently read this article by John Carbone about using UDP in embedded systems. The advice in the article is accurate, but there are some other issues to consider when designing UDP based protocols in embedded systems that Carbone did not address. I wanted to tackle them here. First and foremost: UDP datagrams are trivial... View Article
Blog Post
Security MAC vs HMAC: Differences Explained
Hash-based message authentication code, or HMAC, is an important building block for proving that data transmitted between the components of a system has not been tampered with. It is a widely used cryptographic technology. I recently came across its use in an RFID system.
The heartbleed bug in OpenSSL has been all over the news. XKCD perhaps had the most succinct explanation. I’d like to take a deeper look at this bug and the process that allowed it to be created. Catastrophic failures are often caused by a chain of bad decisions or errors that finally result in a... View Article
I recently read this article by John Carbone about using UDP in embedded systems. The advice in the article is accurate, but there are some other issues to consider when designing UDP based protocols in embedded systems that Carbone did not address. I wanted to tackle them here. First and foremost: UDP datagrams are trivial... View Article
Hash-based message authentication code, or HMAC, is an important building block for proving that data transmitted between the components of a system has not been tampered with. It is a widely used cryptographic technology. I recently came across its use in an RFID system.
Blog Post
Connected Devices and IoT More Thoughts on Security and the Internet of Things
Attacks that are initially restricted to the realm of esoteric, government-backed spooks become accessible over time to run-of-the-mill cybercriminals. Take, for example, the Linux.Darlloz worm, which attacks embedded devices and is interesting for a couple of reasons. First, it propagates by exploiting a vulnerability that was patched in May 2012. But the firmware images on many embedded devices are much older than that. The second reason I find it particularly interesting is it targets PHP, a scripting language largely used for web development.
Blog Post
Health Care Some Programming Gems From the Health Care Website
One of my partners pointed this Slate article out to me about healthcare.gov. It is clear at this point that there have been a ton of embarrassing problems with the rollout of this site. I don’t want to get into the politics of health care, but I do find it interesting to look at what... View Article
Blog Post
Software Development Inter-Thread Communication Without a Mutex
A simple way to avoid mutex-locking issues is to not use mutexes. This post describes a simple technique for passing objects between threads in a thread-safe manner without mutexes, which makes the entire class of possible mutex-related errors impossible to implement!
Attacks that are initially restricted to the realm of esoteric, government-backed spooks become accessible over time to run-of-the-mill cybercriminals. Take, for example, the Linux.Darlloz worm, which attacks embedded devices and is interesting for a couple of reasons. First, it propagates by exploiting a vulnerability that was patched in May 2012. But the firmware images on many embedded devices are much older than that. The second reason I find it particularly interesting is it targets PHP, a scripting language largely used for web development.
One of my partners pointed this Slate article out to me about healthcare.gov. It is clear at this point that there have been a ton of embarrassing problems with the rollout of this site. I don’t want to get into the politics of health care, but I do find it interesting to look at what... View Article
A simple way to avoid mutex-locking issues is to not use mutexes. This post describes a simple technique for passing objects between threads in a thread-safe manner without mutexes, which makes the entire class of possible mutex-related errors impossible to implement!
Blog Post
Outsourced Engineering Google Is Feeling Creepy
When you enable location access, Android says Allow Google's location service to collect anonymous location data. Some data may be stored on your device. Collection may occur even when no apps are running. This seems both fair and harmless, so I didn't think too much about it. But it turns out to be a little creepier than you might think.
Blog Post
Software Development What is CRC Networking? Understanding the Cyclic Redundancy Check
CRC stands for Cyclic Redundancy Check — an error-detecting code used to determine if a block of data has been corrupted. The mathematics behind CRCs may initially appear daunting, but don’t have to be. Our engineer presents an alternative explanation useful to the software implementor of CRCs.
Blog Post
Video Using Windows Movie Maker With the Kodak Zi8
Learn how to edit HD videos from your Kodak Zi8 using Windows Movie Maker with our step-by-step guide and codec tips. Enhance your editing skills today!
When you enable location access, Android says Allow Google's location service to collect anonymous location data. Some data may be stored on your device. Collection may occur even when no apps are running. This seems both fair and harmless, so I didn't think too much about it. But it turns out to be a little creepier than you might think.
CRC stands for Cyclic Redundancy Check — an error-detecting code used to determine if a block of data has been corrupted. The mathematics behind CRCs may initially appear daunting, but don’t have to be. Our engineer presents an alternative explanation useful to the software implementor of CRCs.
Learn how to edit HD videos from your Kodak Zi8 using Windows Movie Maker with our step-by-step guide and codec tips. Enhance your editing skills today!
Blog Post
Video The H.264 Sequence Parameter Set
The H.264 bitstream includes the Sequence Parameter Set (SPS) and the Picture Parameter Set (PPS). Both entities contain information that an H.264 decoder needs to decode the video data, for example, the resolution and frame rate.
Blog Post
Image Processing Cross-Processing Images in the Gimp
Transform your digital photos with vintage charm using Gimp's cross-processing script for unique color film effects. Download now from the Gimp registry!
Blog Post
Image Processing Rolling CMOS Shutters and Curved Wiper Blades
One time last winter I shot a photo with my camera phone out the windshield of my car and got a strange image with curved wiper blades: No, my wipers don’t look like this! I’ve been meaning to track down the reason why this happened. It is clear that cellphone cameras don’t usually use mechanical... View Article
The H.264 bitstream includes the Sequence Parameter Set (SPS) and the Picture Parameter Set (PPS). Both entities contain information that an H.264 decoder needs to decode the video data, for example, the resolution and frame rate.
Transform your digital photos with vintage charm using Gimp's cross-processing script for unique color film effects. Download now from the Gimp registry!
One time last winter I shot a photo with my camera phone out the windshield of my car and got a strange image with curved wiper blades: No, my wipers don’t look like this! I’ve been meaning to track down the reason why this happened. It is clear that cellphone cameras don’t usually use mechanical... View Article