Category Archives: Daily Blog

Generally a bunch of various small items that come up on a given day. Less focused than other topics, a catch-all…

Wednesday, September 9, 2020

Interesting times. Hitting a bunch of topics that are more than a little divergent but interesting.

Networking Security

Work keeps me deeply involved on this front. Down in the TLS RFCs, certificate stuff, algorithm and cipher suite options and some lower level work. This may sync well with some home project work as well at some point..later once I’ve gotten some other things back rolling.

WPF

I’m digging deeper into WPF coding for some of the simpler home-front tools. I’ve done a decent amount of JavaFX coding and MFC work but java doesn’t give me access to the low level APIs these tools need and MFC is old, crusty and much harder to work with.

WPF is a bit of an odd critter but seems to fit my needs decently. I’m still working through many of its oddities and figuring out what works well with its design but I’m optimistic that it will remain a good tool for prototyping on windows and for small home tools development.

Unity

Last year I did a good bit of Unity VR programming with a couple of friends.

The year since has been busy as I changed jobs and took on a very challenging set of problems at my new work (cybersecurity, networking security design and fitting it all into an existing architecture that goes back quite a way). I’m hoping that with the fall I will be able to put some more effort into home projects in off hours. Till now I’ve been working during work hours and digging into technology and background issues in off hours.

I’ve got the VR system downstairs back together and calibrated to the room. I’m still eyeing headset upgrades but don’t feel that I’m at the point where I want to throw the money at the systems that are out there.

I need to get back into the basic details needed to build out a VR Unity app. I know I have notes on this blog that will get me there. Once I have that together I’ll move forward with some ‘stretching exercises’ in VR.

I’m also realizing that both the VR environment and the flat screen environment Unity could be a nice environment for some amount of tooling so I’ll probably try to see if PInvoke and similar are supported. Being able to pull information out of a system and then render it and manipulate it in a Unity managed space seems potentially very interesting. With a bit of TLS and networking support and this might get even more interesting. Things to think about.

Rest of it…

I will almost certainly bite off more than I can chew on the home front. Hoping that some interesting bits will make it to a level where they’re useful. I’ll keep blogging here (and on my personal blog and pandamallet for more detailed game stuff). Hoping to reconnect with the friends I was working with a year ago and that a covid vaccine lets us all get back closer to normal life in 2021.

Cybersecurity and Cryptography

It has been a wild ride this last year.

I’ve gone from someone who pays attention to cryptography and cyber-security to developing network cybersecurity architecture.

I’m always up for a challenge and this one has been a big one. So far things have gone well though.

It certainly has kept me busy as the lack of blog posts or significant GitHub commits will show.

I’m not far more deeply aware of the inner details of:

  • TLS 1.2 and TLS 1.3
  • TLS pre-shared key algorithms
  • TLS 1.3 session resumption
  • AES implementation choices.
  • Cryptographic random number generation and primary entripy source selection (this last a work in progress)
  • Elliptic curve cipher suites for TLS
  • SSH/SFTP protocol details and security implications in there.
  • Modern password hashing algorithms (BCrypt, SCrypt and PBKDF2)
  • Lots and lots of trade-offs between security, performance, implementation time and cost.
  • X.509 certificate details and ways of creating, managing and distributing certificates. PKI both big and small.
  • Some fun with trusted platform modules.

A wild ride indeed and not over yet. If this all keeps coming together though it should lead to a very satisfying conclusion.

This has certainly added a lot of tools to my toolbox. I’m now much better equipped to deal with secure networking issues and implementation. Once thing with network cyber-security work is that there’s always one more detail that needs to be addressed.

I am hoping to free up some time on the home front to get back to some of my home VR software projects this fall. Still dithering on whether to buy a resharper license. I’ll probably pick up ‘cluster’ again and try to move that to a more complete state. Might also play with some smaller VR toy programs…tempted to put together a very small gravitational system simulator in room scale. We’ll see how all that goes. I really need to get back in touch with Malcolm and Sam and see how they’re doing.

A bad Week for Computer Hardware

One of the drives in my disk array just failed this morning. Seems like it has been a bad week for computer hardware here. More irritating at the moment as this is an array and the remaining three disks are keeping things running.

Next step will be locating the failed drive when the replacement arrives sometime in the coming week. The new boot drive helps as well since it has space for working files in the interim.

Last weekend I spent a couple days working through issues around my boot SSD as I worked to upgrade to a 2TB drive to make space for working files on the fast volume. I remain nervous that this machine may start seeing more failures as it gets older. For now it is still doing reasonably well.

Working from home makes my local systems that much more important. I’m doing quite a bit of prototyping that involves network activity. My work laptop can’t see anything local once the VPN is engaged so all of the things I could have done with a USB network adapter creating a small local network for experimental use are off the table when I’m home. I have more compute resources on my home network than I have at work so this isn’t a big issue…but when my local systems have problems that spills over.

Hoping this will get me past most of the problems and next week will be smoother.

Weekend Update with Blender and Unity

Pushing forward with Blender 2.8 and unity with more detailed comments here.

Creative Things

Looking to be a varied and busy winter and spring. I’m hoping to move my unity and blender knowledge forward significantly. I want to get Cluster to a point where it is more a game and less a sand-box for VR experimentation.

Work

Work looks like it is going to be a wild ride as well as I step into a cyber-security role in a big way. I’ve got to finish defining the network and local security design for the product and generate sufficient documentation to convince the FDA that we’ve done our due diligence. Should be do-able but I’m expecting it to keep be very busy.

OpenSSL

I’m looking at getting a Visual Studio 2019 debug build of OpenSSL together locally as well so that I can look into some functionality that I want/need to understand better.

In particular, the ‘envelope’ functionality that provides encryption at rest with multiple access based on private key encryption of a one-time symmetric key could solve a variety of interesting problems.

I need windows (and ideally bcryptlib) based versions of this functionality that inter-operate with the OpenSSL version if possible. Being able to build some sample code and then step through with the visual studio debugger would help quite a bit.

The End of One Year and the BeginniNG of Another

The last year has been rather busy. Changing jobs, coming up to speed at Dräger, unity programming, motion capture and a variety of other pursuits.

Work

The last few months have been largely consumed by the tail end of my time at KMC Systems and coming up to speed at Dräger. I’m now stepping into a cyber-security role on our existing monitoring product. This is an area that I’ve had an interest in for some time but until recently the medical device world has largely tried to meet their security needs with an external firewall with little internal security on the protected network.

The customer base and FDA appear to be rapidly becoming far more aware of computer security issues. I tend to put the down to the rash of recent activity where medical data is encrypted by criminals and a payment demanded for release of the keys. This hits organizations in the pocket book and impacts patient care at the same time (much more visible to these organizations than leaks of personally identifying information). We have rapidly moved from a universe where computer security was viewed as a nuisance to one where it is seen as a requirement.

Much reading and research over the last few weeks to back-fill any gaps in my knowledge I’m aware of and locate tangible back-up for things I know but wasn’t able to back up with authoritative sources. I feel like I’m just about over the steep part of the learning curve now…so next bit of busy will be writing up what I’ve pulled together.

I miss the people I worked with at KMC but I’m much happier with the challenges I’m being presented with here than I was helping out with the tail end of Newton development. Now that I’m finding a bit of breathing room, I need to drop email to some of my friends back at KMC. I know I’m not good at staying in touch, but I intend to work on being better…

VR

Work on VR coding has been pretty well shelved since the beginning of last summer. This is mostly down to the job change and various bits of being busy leading up to that.

I think I’m finally at a point where I can get back to work on that front. I expect to spend some time learning blender 2.8 first. This should help me make more interesting items to incorporate in my unity games.

Once I’ve gotten to where I’m happy with an initial level of blender competency, I’ll switch back to working on the cluster game (see more details on pandamallet and cluster-1 in my github account. I finally uploaded the latest version of the game game code over the holiday…I hadn’t realized that I had done that much work without pushing code but I expect to keep things more in sync now.

I expect to get back to working with 3D tracking of optical beacons with multiple cameras sometime in the future, but probably not until I’ve got much more done with Cluster.

I am clearing the decks in the basement to free up a larger working area for the room-scale VR. Hoping to have most of the back half of the finished part of the basement cleared and the working boundaries expanded appropriately.

Lots more to play with on the VR front, but I’m going to try to limit my distractions in order to get Cluster to a playable point before shooting off in another direction.

Just Ordered the newish Josuttis book on C++ 17

Ordered a copy of the new Josuttis book this morning. I’ve found his standard library and templates books to be very much worth reading and I’m hoping that C++17 – The Complete Guide will provide a useful update to Stroustrup (which is getting a bit old).

I’m back in the world of C++ and the language is undergoing a lot more change these days than it had been in the early 2000’s. Keeping up with the future trajectory of C++ is very much on my radar.

Doing Some Unity Refresher Reading

On the flight to San Diego I did some Unity refresher reading and some thinking about game ideas that might be worth playing with.

I was looking for references to ScriptableObjects in the books I’ve got and didn’t find them. Guessing the focus there is too new to show up. I’ll post a bit on the ideas front over on PandaMallet in a bit.

It has been a slow summer on the home technical front and I really want to get that stuff rolling again as we move into fall. Plenty of interesting stuff to do, just need to find the time and decide to focus.

Re-seated Memory and SSD in my Router

…and so far, with the fan blowing on it and keeping the temperature down it seems to be doing better than it was yesterday.

It will be good to have a fallback machine available but I’m really hoping that this resolves the issue.

I do intend to keep a fan blowing across this ‘fanless’ machine as well once I get things back together. Crossing my fingers that this stays up now…

DTLS – Security for UDP

I had a short conversation yesterday about securing UDP data. When I dug around little it became clear that there is an existing, RFC documented protocol for handling that. I haven’t yet read the specification (though I likely will as it is an interesting technology).

There is a wikipedia description here and the primary RFC is here.

Being able to secure unsequenced and unreliable datagram traffic using a design that is reasonably well vetted seems extremely useful. There are places where UDP is uniquely useful and security is becoming a much larger issue in the market today.

Interesting looking sample code here.