Sunday, August 30, 2009

New Semester, New Challenges

The first week of the fall semester is over and I am definitely in for an exciting semester. I have more classes, extracurriculars, and work than I can even list, but not more than I can handle. This will probably be my only weekend where I actually have some time to relax.

There are only two classes (I suspect) I have that will have a large amount of homework in. This isn't to say that my other classes won't keep me busy, it is just a matter of magnitude. Those are ECE 412 Computer Interfaces (which is being renamed Microcontrollers) and CECS 550 Software Engineering. 412 will require about 20 hours a week in open lab when it gets going full speed. However, the difficulty of this class isn't the reason for the amount of time dedicated to this class, it is simply that the labs are very long. In the end this class will be very rewarding since it is the first time I will have programmed in assembly language. 550 will be interesting because it is a capstone class where we are required to develop a complicated piece of software in a team. Tentatively, my group is planning on developing a piece of software that will allow for the creation of student seating charts. While this isn't very glamorous it will definitely be challenging.

As for other things that will keep me busy, Speed School Student Council is high on that list. I am still the Director of Administration and as such have lots of paperwork (actually everything is digital) and other logistical concerns that keep me busy. Luckily I was able to accomplish a lot this past summer by improving the website so I should not be overloaded with council tasks.

I will continue to work part time for GE. I'll be doing the same thing I was doing at the end of my last co-op so it won't be that stressful. Actually, a lot of what I'll be doing is documentation, so that will interesting.

Lastly, I will be helping out in the calculus classes. This also ties into the work I'll be doing with STUG this semester. There is a brand new group of wide eyed freshmen with new Tablet PCs and lots of questions and confusion. I'm doing my part to help make things move smoothly. I will also be publishing new episodes of Tablet Tips when I find the time. I will also be continuing work on the DyKnow Panel extractor software that I wrote last fall. I will also be presenting the paper I co-authored on that topic at WIPTE 2009. I am also working on a web based version of this tool. The web based version will be more of a guilty distraction from everything else I need to do.

That about covers it for the beginning of my semester. Hopefully I'll be able to keep up my weekly habit of blogging. I didn't have anything interesting to blog about this week. Hopefully that will change very soon as I start to do some interesting things.

Saturday, August 22, 2009

YubiKey, Authenticate Me Please

I enjoy really geeky gadgets and potentially one of the geekiest things I have purchased lately was a YubiKey from Yubico.

For someone not very technical it might be a little hard to understand what a YubiKey actually does. From a security standpoint it is quite simple, it authenticates you. It looks like a very thin flash drive with a button on top. When plugged into any computer it acts like a USB keyboard. This means it works on anything with a USB port that supports a keyboard.

The point of having a YubiKey is to have a one time password. Just like the name implies, a one time password is a password that only works once. Evey time you click the button on the YubiKey generates a unique password that will only be valid once.

How a YubiKey Works

Stored inside of the YubiKey and on the server that authenticates the YubiKey is a secret key that uses strong AES 128 encryption to encrypt the message, OTP, that is sent to the server. The encrypted message is encoded in mod-hex (32 characters long) using an alphabet that is common to all keyboards. It actually doesn't use the letters, rather it works at the lowest level using scan codes that are common across all keyboard.

The actual message that is encrypted is broken down as follows:

  • Private identity (6 bytes) - Uniquely identifies the YubiKey
  • Usage counter - Increments every time the YubiKey is used. Insures every OTP is unique
  • Timer field - (24 bits) - Initialized with random number which then counts up using an 8 Hz timer
  • Random number (16 bits) - Initizlized with a random number
  • Checksum - CRC16 Checksum of all of the fields

All of this information is encrypted to authenticate that you have the encryption key that was used to encrypt the message. The security of the entire system is based on the ability to keep the encryption key private and the inherent security of AES encryption.

What I've Done with my YubiKey

I have left my YubiKey authentication in the hands of Yubico so I am able to log into the Yubico wiki and forums in one click. I have also played with authenticating my own PHP web applications. It is a fairly simple process to run a client authentication on a web server.

Yubico is very open source with their product and provides authentication server and authentication client for many different languages and platforms. This includes my favorite language on the web, PHP. The authentication process is rather simple using the Standalone Yubico PHP class linked to from the Yubico web services clients page on their site.

The amazing part of the system is that you do not need a user name or password to log in if you want to use single factor authentication. It is for sake or argument, impossible for anyone to generate a valid OTP without having my Yubikey or the private encryption key which is kept secret. This means all I have to do to log into my own site is plug my YubiKey into my computer and press the button.

I have only played around with this authentication so far, but will hopefully be adding MediWiki YubiKey authentication to soon.

Another Cool Feature

While the entire point of a YubiKey is to have a one time password, it has another functionality where you can store a static password in the device that it will simply type in on demand. With the added feature of having each YubiKey have two modes that it can operate in depending on how long you press the button (OTP + OTP, OTP + Static, Static + Static) I will be playing with this feature very soon.

This means you do not have to remember a very long password and can simply have a YubiKey type it in for you. This is very useful when you look at having long wireless encryption passwords or passwords used on encrypted drives or file containers.

I will continue to play and post on this topic when I have made more progress.

Sunday, August 16, 2009

UofL Cardinal PixelBlock

PixelBlocks are small interlocking blocks, similar to Legos in shape, but very different in function. These small colored blocks interlock on their edges and using different colors you can make pictures. While it is really common to make video game characters out of them, think 8 bit Mario, I decided to make a University of Louisville Cardinal head. I used something of a template, a blown up image where the pixels were easily visible, but much of the design was freehanded so some artistic liberty was taken in the final product.

Louisville Cardinal Bird PixelBlock

I managed to frame my PixelBlock creation in an adjustable depth shadow box so it is now hanging proudly on the wall in my living room.

Thursday, August 13, 2009

Why an Apple Tablet is Bad News

With all of the tech pundits and blogs covering the rumored Apple Tablet, I can help myself but join in on the conversation.

I) My Background

Full disclosure, I spent my entire high school career wishing I had a Tablet PC. Now that I am in college, I am on my 2nd Tablet PC and am loving it. My program, The Speed School of Engineering at the University of Louisville requires all incoming students to purchase a Tablet PC for use in the class room. As for my credentials: I publish a podcast about Tablet PC's (STUG); I presented a poster on students educating students about Tablet PC's at WIPTE (A Student Driven Initiative to Increasing the Effectiveness of Tablet Based Learning Programs); I am currently working on getting a paper published about use of an automated software tool, that I wrote, in the grading student work submitted from Tablet PCs; I will be working for the Engineering Fundamentals department for a 2nd semester this fall helping calculus students during class time with their Tablet PCs. That all being said should establish my credibility on this subject.

When it comes to Apple, they do not subscribe to the oft quoted motto of Google, "do no evil." Quite to the contrary, Apple tends to be closed, restrictive, secretive, and overbearing. I'll leave that argument and discussion for another time. That said, I grew up using a Mac, but switched to PCs in middle school. I purchased an iPhone last summer and have been overall pleased with the experience, but I still see myself enjoying an Android phone more once the platform has matured a little more. I even have developed simple iPhone apps for my employer, so my experience using a Mac has been renewed recently.

II) The Apple Tablet

Now that all of the prefacing is out of the way, lets focus on the possibility of an Apple Tablet taking an optimistic approach:

The Form Factor

What will an Apple Tablet look like? Most people are guessing it will look like an over sized iPod Touch. This makes sense. It would not be hard to imagine the cross breeding between an iPod Touch and a MacBook Air producing a Tablet like product. My guess would be a 10 inch screen. This product will obviously be very thin, support multi-touch gestures, and focus heavily on internet and multi media. It may have some type of 3G support, but that isn't something I'll focus on. It will almost definitely have some sort of solid state drive for storage. It will likely boast amazing battery life, but actual performance, similar to the iPhone, will depend on how you use it.

The Operating System

While the actual implementation of the operating system is guaranteed to be a surprise, there are a few things that can be conjectured about. It will definitely be a variant on OS X similar to the approach that the iPhone has taken. It will likely have an interface that takes the best parts of the dock and springboard and blends them together. It may support existing iPhone applications, but with a change in form factor / screen resolution this is difficult to say. There will likely be no physical keyboard and will rely entirely on a on screen keyboard similar, but larger than the iPhone's. There probably will be some type of market place for distributing Apps, but this is also hard to guess about. The Mac is a relatively open platform while the iPhone is locked down very heavily. The Tablet may fall at one extreme or the other, but my guess is that it will be somewhere in the middle having a locked down distribution and media system but will still allow you to run existing Mac applications that support the platform.

What will it be used for?

There will be a major focus placed on multi media and video. Some people are predicting it will be a high definition media player for video. Other people have outlined a possible system where music booklets are included as part of albums for easy browsing. Even more optimistic people have guessed that it will be a color e-book reader. No matter what the Apple Tablet turns out to be, it will likely make major strides to revolutionize the industries it touches. The typical person using an Apple Tablet will still be an Apple early adopter. The users will be in air planes, on couches in living rooms, and college students distracting themselves from their studies. Business uses don't seem promising until the reality distortion field reaches the intensity similar to that of the iPhone, which is about 1 to 2 years.

III) Why this is all terrible news!

It is hard to decide where to even start. I'll focus first on the coverage and comparison to the existing Tablet PC market. Most people covering this story, specifically Leo Laporte, have written off the Microsoft Tablet PC platform entirely. Most reporters still hold to the idea of the Tablet PC that ran Windows XP, was slow, and had sub-par hardware. This is not the modern day Tablet PC. The slate Tablet form factor has all but vanished and has been replaced with convertible Tablets.

When it comes to the Microsoft Tablet operating system, it is Windows! Now the people on MacBreak Weekly laughed at the idea of using Windows on a Tablet saying they had to touch small buttons with a plastic pen. They were comparing the experience to that of an iPhone. A Tablet is a full computer, the iPhone is a phone, granted a feature ritch phone, but it would be hard to have that as your only device.

When it comes to Tablet PCs the rule of thumb is if you don't have a Wacom digitizer you wasted your money. The same people that complain about using a digital pen on a Tablet PC will profess the quality of a Wacom Tablet for use with PhotoShop. With a Wacom pen, a Tablet PC becomes a piece of paper that comes to life. Its accuracy and reliability can vary from manufacturer to manufacturer, but it isn't hard to find a good experience. For students, they need only look to OneNote to find the killer app for Tablet PCs. This note taking software enables searching of had written, typed, and scanned notes, revolutionary for students who are accustomed to carrying multiple notebooks.

How does this all relate to the Apple Tablet? How does a modern Tablet PC relate to the Apple Tablet? It is simple, they don't relate at all! The problem is everyone makes the comparison, which is only logical. That said, I dare someone to use an Apple Tablet as their only device and take pages and pages of classroom notes on it. I dare someone to have their primary computer not have a physical keyboard. I'm typing this blog post on my Tablet PC, using its build in, physical, keyboard! I understand these products are targeting different markets. Windows 7 has revolutionary Tablet PC by making the integration transparent with the operating system.

Students who have seen the light are hard to convince to go back to pen and paper. However, I have seen the other side of this problem as well. I know how hard it is to convince someone that a Tablet PC isn't a novelty. I know how hard it is to convince a student to go paperless. However, I will resign the fact that the Tablet PC is a niche product. Most people won't need the added features. I'll admit that being on co-op I have rarely used my Tablet PC in Tablet mode. However, when I go back to class it will be in Tablet mode most of the day as I take notes and do homework. The niche for the Tablet PC is education, and moving forward the paperless classroom will adopt Tablet PCs more and more.

Lastly, and selfishly, it will be hard to convince students entering Speed School that the Apple Tablet isn't really a Tablet PC and is just a toy. In the end the Apple Tablet will be a toy. It will be hard to do work on a slate Tablet. It was hard to do work on slate Tablets when they were common and running Windows, and they will be hard to do work on, but maybe fun to play multi touch games on, when they are running OS X.

Will I buy an Apple Tablet? Probably not. Will it change the industry? You bet! Will it change the industry for the better? My bet is no.

When Apple actually announces a product, we will have a better idea of its impact on the market.

Thursday, August 6, 2009

Old Louisville Flood Flood Damage

Louisville Kentucky received 6 inches of rain in under 75 minutes on August 4, 2009. I managed to stay safe and dry at work during the storms and my apartment and car made it through with no damage. To make up for that fact I ended up walking all the way from my apartment to UofL and back taking pictures of some of the damage along the way. This was with Cassie, Steven, & Alex.

Here are the top 5 highlights of the adventure:

5) Car tied to tree with garden hose

Not sure what this person was trying to accomplish, but it must have worked because their car didn't float away.

4) Rows of water damaged cars

On 3rd street the most impressive part was the the cars that had their trunks float and forced their back wheels up onto the curb.

The waterline was also visible half way up the doors of many cars.

3) Water being pumped out of UofL basements

There were 9 buildings that were reportedly having water pumped out of them. We didn't see that many but there were pumps running in quite a few buildings when we were there.

2) The mud outside of the Houchens building and in the underpass

It was the smell that really was the worst part. This area was under several feet of water with most of it making it into the basement. This was a really impressive sight on the news.

1) The massive flood at the underpass next to Speed School

We spent most of our time looking at the lake that had formed next to Speed School.

I feel sorry for the person who managed to get their car stuck in the massive amount of water. If I knew how it ended up getting stuck there I might not feel sorry for the person.

This view really give prospective on how much water there actually was left remaining even hours after the water has receded everywhere else.

The traffic lights in the intersection were acting rather crazy. This picture really does't convey what was really happening. All of the lights were on flickering really quickly. They would occasionally change behavior, but it was hard to track what it was actually doing.

Luckily there is a pumping station at this corner!

While the MSD and city said all of their pumps were operational, I'm not sure what their explanation is for this corner.

Luckily they have the sense to warn people that this intersection might flood. At least the car that was stuck was not driving in the direction where they could see this sign. That would make an even more awesome picture.

For all of the pictures I took during our trek to look at the flood damage can be found in my Flickr set on Louisville Flood 8-4-09.

Saturday, August 1, 2009

Upgrades to - The Database

Speed School Student Council has consumed more of my time than I should probably admit. Most of my time has been dedicated to a major overhaul of council's website: Therefore, I feel it is appropriate to discuss all of what I've been working on.

My efforts have been focused on bringing a rich array of content to the website that focuses on the members. The original problem that I was attempting to solve was implementing an accurate way to track member attendance. The old way of tracking attendance was using an Excel document, but I moved to Google Docs to allow for collaboration. However, this solution still was limited by the constraints. A normalized database structure was needed to accurately track member attendance. At the same time it would be possible to make membership and attendance records easily available online.

The entire system is based around members. Each member has a position and a default status. Their position along with their status determine their voting rights along with some other important information.

Attendance records are organized by semesters then by actual meetings. Each meeting has an associated type which in turn has specified positions that are required to attend each type of meeting. In order to track attendance records which tie a meeting, a member, a members current position, and their attendance status together. In this way, as a member changes positions during their course of involvement on the council, the position they held during a specific meeting is still tracked. In turn, the quorum for each meeting is tracked independently and can vary based on when members are elected mid-semester or even if a student on co-op shows up to a meeting.

Committees are another aspect of the council that can now be managed. Committees are easier to manage than attendance because they do not require historical data, rather they are a snapshot of the current status. Committees have a chairperson and then members. Members are tracked by tying together a distinct committee with a distinct member resulting in a record which represents committee involvement.

To help promote involvement, achievements were also added to the website. Taking a page out of the gaming world, achievements promote council involvement by tracking and displaying the accomplishments of members. Achievements are broken down into categories and have associated titles, descriptions, and images. In addition, achievements can be progressive requiring a number of tasks to be completed to earn the achievement. The earned achievements tie together distinct achievements with members, but also track the progress of the achievement.

At this point in time I have not open sourced all of my code. It would be something I would like to do, but at this point in time too much of the application is hard coded for the requirements of SSSC. Making it generic would dramatically increase the complexity, so this will likely not be done in the short term.

That covers the basic of the database without going into the specific structure. There is quite a bit more information that I can share about all of the work I have done, but for now the easiest way to get an idea of what I've done is to simply visit SSSC's website and look at the members, committees, and achievements.

Powered By Blogger