Older blog entries for MichaelCrawford (starting at number 51)

Happy News!

It seems that the firewire encryptor I wrote for WiebeTech is being enthusiastically received at the MacWorld Expo. There is every sign that my hard work and my client's investment will result in a commercial success.

Bonita and I are very excited about the news, as I imagine my client must be.

I issued my first press release ever, and have been faxing it to newspapers around Maine:

There is news coverage about FireWire Encrypt at MacObserver and MacCentral.

I think MacObserver was confused when James called the passphrase interface an "applet". In their article they call it a "Java applet". It's actually written in C++ and is a vanilla carbon application; we call it an applet because it so simple. I used ZooLib so I can make the UI for Windows and Linux from the same sourcebase.

7 Jan 2003 (updated 7 Jan 2003 at 01:44 UTC) »
Embedded Systems Development

So Nate Myers emailed me today to ask why I didn't just post a web page with the text of WiebeTech's press release about the product I developed for them instead of all these cryptic hints in my diary.

And I responded to Nate that his email was the first that I'd heard of WiebeTech announcing the product, and I didn't want to announce it before WiebeTech did.

(WiebeTech's press release is a Word document. Sorry. I'll ask them if it's OK that I post an HTML version.)

WiebeTech's FireWire Encrypt(TM) is an implementation of the Advanced Encryption Standard embedded in an Oxford 911 FireWire/IDE bridge. It encrypts each sector of the user's hard drive using the Rijndael block cipher.

It is designed to be portable and easy to use. Easy to use because the only software the user needs to install is a small applet to enter the passphrase. There is no complicated operating-system level software to install or configure. Portable because FireWire is a hot-pluggable technology for external devices.

A good use for the product would be to safely take confidential source code or business plans home from work on a hard drive, without fear that your secrets would be revealed if the hard drive were stolen.

WiebeTech will be demonstrating it on Mac OS X, but I plan to support it from Linux and Windows by the time the product is released to the public.

And yes, we're applying for a patent. But we're not applying for an algorithm patent. I disagree as much as anyone here with the abusive patents that the USPTO has been issuing the last few years, but I think this sort of thing is appropriate to patent.

Getting it to actually work was definitely novel and unobvious, and I believe that users will find it useful.

Updated

Someone emailed to ask me about what encryption mode FireWire Encrypt uses, and I thought I should post that here too.

It uses Cipher Block Chaining and Initialization Vectors.

Cipher block chaining is applied to each 16-byte block of a 512-byte disk sector. What you do is XOR the previous block's ciphertext over the next block's cleartext before encrypting subsequent blocks. This has the effect of making identical blocks of cleartext encrypt differently.

CBC can't be carried between disk sectors because the host can read or write each sector independently. To make identical sectors encrypt differently, I use an initialization vector.

What you do is XOR some value over the first block of cleartext in each sector before you encrypt it. The IV doesn't have the be kept secret. It doesn't even really matter what value you use, as long as each sector gets a unique IV. The simplest thing to do is to use the sector number as the IV.

I felt that was the best thing to do after reading about block cipher modes in Bruce Schneier's Applied Cryptography.

Initialization vectors work better than you might think because one of the characteristics of a strong encryption algorithm is that flipping a single bit in the plaintext will flip, on the average, half the bits in the ciphertext, with the bits that get flipped being apparently randomly distributed. So having only one bit of the IV being different from sector to sector will dramatically change the ciphertext.

I was also asked if the product checks that the user has entered the correct password. The version that will be demoed at MacWorld doesn't do that yet, but I think that verifying the password is very important for making the product accessible to regular users. I know a simple way I can do that, and plan to check passwords in the final released product.

Embedded Systems Development

Well I got my product ready for MacWorld. I delivered the show build at 9:30 am this morning. Fortunately my client didn't have to fly out to SFO until this afternoon, so he was able to install and test it. He said it worked well.

If you want to see what I've been working on, stop by WiebeTech booth #1651 and ask James to show you the "technology demonstration".

I pulled all nighters two nights in a row to make the show deadline, with only four hours sleep in the middle. That's starting to get hard on an old guy like me. (I'm 38. I wouldn't have thought that was too old to stay up all night but it's starting to feel that way).

I'm glad I delivered a test build last night for my client to try out before the final delivery, because he had some trouble and I had to figure out what was wrong. We were planning to stay up all night while I sent him diagnostic builds but fortunately it was just a couple simple problems that didn't take us long to figure out.

I was really worried though because what he tested wasn't really of good enough quality to demo at a trade show, and I was worried sick some awful bug would happen. But in the end everything went well. It took all night because there was a lot of work to do but there were no real problems encountered.

In the end I was able to just deliver the demo and go to bed, and my client was able to run it just fine.

Some work remains before the product can be made an end-user product, but I know how to do what needs to be done. One of the chief advantages of my product over competing products will be that it should be so easy for regular users to use. It's not quite there yet.

Now I wait anxiously to hear what the reaction from the press and the public will be.

Embedded Systems Programming

Well, the snowstorm wasn't so bad, only a few inches fell, and the power outage I feared didn't happen.

That's good, because I'm trying to get a demo of my application for my client to show at his booth at the MacWorld Expo. That happens this week, and my client is flying out to San Francisco tomorrow morning.

I had all kinds of trouble. I got stuck this morning and posted a desperate question on the Usenet this morning and then caught about five hours sleep while I hoped a clueful response would be posted.

The clue I needed was indeed posted when I sleepily went back to work. A little googling got me the info I needed to get back on track again.

I'm now doing a little testing before sending my client his first try at my application working in its entirety. There is still a little more work before it will be showable, but I hope to have that done by midnight.

Not a moment too soon, eh?

I think my client will be posting a press release about my product on his website when the MacWorld Expo opens Tuesday. When that happens I can finally tell you all what I've been working on these last three months.

It's nice to see it all finally coming together after having solved so many difficult problems. It's been quite a learning experience.

Predictions of Snow

By noon or so tomorrow I need to deliver a build of my embedded application that my client intends to demo in his booth at the MacWorld Expo next week.

But a foot of snow is expect to start falling at midnight tonight. I'm concerned about losing power.

We were more concerned about being stuck in the house without any food so we went to the grocery store to stock up. Apparently the entire town had the same idea, the place was packed.

Whenever there's a particularly bad snowstorm we can't get out for the next day because it takes that long for the plow man to make it to our lane. It's just because it takes him so much longer to plow each of his customers.

Some happy news, in a couple days I will be able to tell you what the embedded product is I've been working on. If you will be attending MacWorld, you could go see it demonstrated at my client's booth.

ZooLib

My application requires a small user interface on the host computer it's attached to. I am using ZooLib to do the UI. Since CodeWarrior 6 doesn't work so well on OS X and I don't have time to purchase the update, I tried using Project Builder. But ZooLib wasn't happy with Project Builder.

I am managing to use CodeWarrior for this task but I'd really like for ZooLib to support Project Builder. So next week I'm going to fix the problems.

I had a problem that I'm pretty sure is a bug in Project Builder. After I posted to a Mac programmer's newsgroup someone from Apple wrote to ask if he could help. Tomorrow I'm going to send him my project and my sources.

I had a long talk with Andy Green last night, and we've decided to make the push for a new ZooLib release soon. Basically as soon as all the existing demo code will build and run cleanly in all the target compilers.

I'm also going to try again to get ZooLib to build on Windows under MingW. That would allow one to build ZooLib on all the supported platforms for which gcc is available using gcc. Classic Mac OS doesn't have gcc but you could build a carbon app under OS X using gcc and run it on Systems 8 or 9.

My New Year's Resolution

Is to finish writing The ZooLib Cookbook by the end of the year. (It is under the GNU Free Documentation License.)

More generally, I want to stop letting my economic troubles prevent me from finding the time to do all the things I want to do. If I write just a little bit each week. I should be able to finish the book in a year no matter how busy things get.

There is other writing I want to do too, and I want to finish grinding my telescope mirror. I should be able to find the time to do all that.

I corresponded with a technical publisher about the possibility of them publishing a dead-tree edition of The ZooLib Cookbook. They were interested, but they didn't feel ZooLib was popular enough yet that they would sell enough copies to justify the cost of publication.

I have the idea that if I finish writing the book, ZooLib will appeal to many more people than it does today, and that will convince the publisher to print the book in, say, 2004.

Accounting

So I decided tonight that I wanted to fix some errors that I have known have been in my QuickBooks records for my business. I knew that a recurring charge had just been charged to my debit card, and I would have been overdrawn if I didn't lend some money to the business. But things are tight so I only lent enough to have a balance of about a dollar, and I wasn't comfortable that my "estimate" of my balance was correct.

I am a rather disorganized kind of guy so I don't have all my bank statements. What I did was print out each month's online banking statement. Then I compared the statements to quickbooks, checking the cleared status in QuickBooks and writing a checkmark on the printout.

In this way I found a couple of transactions that were entered twice in QuickBooks. Voiding the extras increased my balance. I also found a couple of transactions that the bank had recorded but that I had not. Recording them decreased my balance.

I had thought I had only one error, when I actually had four, but they nearly canceled each other.

Finally, comparing the balance reported by my bank in its online banking (Key Bank works great with Mozilla!) and subtracting off the charge that I know will hit my account in a couple days, Key Bank thinks my balance will be $1.13 once that charge comes in.

But QuickBooks thinks my balance is $1.23.

Crap.

I was about ten dollars off, now I'm ten cents off! I'm no good at bookkeeping.

I spent a little time trying out GnuCash a few months ago, and basically liked it. I will probably switch to GnuCash sometime soon. I hate QuickBooks with a passion. I hated it so much from the start I never paid for an upgrade from the version I bought in early 2000 because I felt so burned. I'm really looking forward to GnuCash.

The stable version of GnuCash is not yet ready for business accounting, but I think I can make it work. I just checked www.gnucash.org and it appears that some business features are now available in the development version, so I may try testing it again soon.

I just need to figure out how I can issue a paycheck while accounting for tax withholding. If I can get GnuCash to do that properly, it will have everything I really need.

GnuCash holds particular appeal for me because it can handle accounts in any national currency. That's important for an American married to a Canadian. I really found it a drag to deal with reimbursing out-of-pocket business expenses that were paid in Canadian dollars when I lived in St. John's, as well as handling some paychecks that were issued by wire transfer to my Canadian bank account.

I don't need most of what QuickBooks offers. I actually figure my tax withholding manually in a spreadsheet, because I'm too irate to pay for Intuit's tax table subscription service, seeing how I don't think I should have to pay to get information that the Feds and each state publishes for free. QuickBooks doesn't even provide a method for me to type in the tax tables manually or import a file I get from elsewhere.

I get a much better understanding of where my money is going by using a spreadsheet to figure my withholding anyway. At least QuickBooks is kind enough to let me enter the withholding manually when I issue each check. That's manageable for a corporation with one employee.

Intuit stopped supporting online banking for QuickBooks '99 earlier this year. The only option they provided was to pay for an upgrade. I canceled my QuickBooks online banking and now I just use Key Bank's free web banking.

I think Intuit along with its products QuickBooks and Quicken is the best argument there is for Free Software. While they may not be a criminal monopoly like Microsoft, Intuit does more to personally irritate me, and on an almost daily basis, than Microsoft ever has.

QuickBooks will automatically print certain tax forms like the employer's quarterly payroll tax withholding statement, but I find that it's better to keep a summary of my payroll in one page of a spreadsheet and then just copy the figures into the form each quarter. This also gives me a good overview of my company's payroll (and my income) over the whole year.

By March 15th I have to file my corporation's annual tax form, and pay taxes on any profit it may have made (which it won't have, because I pay myself in salary everything I don't spend on business expenses). That ten cent error will be a problem - I don't want to deal with the IRS inquiring about a ten cent error in my tax statement.

So what I'm going to do is find all the bank statements that I can, then get Key Bank to reprint all the ones that are missing. That will cost considerably more than ten cents. But at least my books will balance.

GnuCash, here I come!

Kindness

Times have been pretty tough for Bonita and I since the dot-com crash happened. There have been a number of times when bill collectors have been ringing me up every day to hassle me, and we didn't have enough food to eat. Sometimes during the cold Maine winters we have had to keep the house much colder than is comfortable to avoid using too much heating oil.

One important reason that we have made it through these difficult times is the kindness and generousity that has been shown to us by our friends and family. It's happened a number of times that some friends have gone out of their way to help us without being asked.

Sometimes these are little things, but quite often people give us help that must represent a significant sacrifice for them. Many of the friends who have helped us are going through hard times too.

I'm very grateful for the kindness that has been shown to us. We could never have made it without the help we have received.

To the extent I am ever able to, I will pass on this kindness to others who are in need.

Back online after two days of vacation. I stayed home, but my wife doesn't like me to get online on Christmas Eve or Christmas. I turned off all my computers, even my network gateway (a Mac 8500 running Debian Woody PowerPC) that was starting to get a respectable uptime. The silence in the office was eerie. One of my long-term goals is to replace all my fans and disk drives with quieter ones.

Happy news: there was an email waiting in my inbox from a potential client I've been talking to for a couple months. He still wants me to work for him starting in January. Things have been pretty tight for a while and this new work should put me back on track. My wife was very relieved when I told her. It will be more embedded work!

My mom gave me a T-shirt that read Real Men Shop on December 24th. How true, or at least it used to be before I moved far away from everyone and have to ship the gifts I give.

There was a fierce storm last night (Christmas night), the wind was howling and the snow fell horizontally. I got up today to find bright sunshine and eight inches of fresh snow on the ground. The depth of the snow gave the snow plow man such trouble that he didn't get to our house until 5 pm, so I didn't get to go out to run the errands I planned to do today.

I find it really odd to live in a place where the removal of frozen water that falls from the sky is a significant economic activity.

Threads vs. State Machines

I can see the advantages of using state machines over threads, but I don't see how one can get operating system support for distributing a program across all the processors in an SMP machine if you're using a state machine that has only one thread of execution. Perhaps someone can clarify this.

I realize threads are implemented in an OS kernel as state machines. What I'm asking about is how a user program can do SMP via state machines without the use of threads.

Saying to run two state machines in different processes isn't the right answer. That's the same as using two threads and presents all the same difficulties.

I agree that threads are resorted to too quickly by the lazy who don't treat them with the respect they deserve. Threads present a lot of problems and it takes care and skill to deal with them properly.

I wrote a test tool at Apple when I was one of the QA engineers for MacTCP, Apple's original TCP/IP network stack. Macintoshes didn't have threads or even proper preemptive multitasking. One could run interrupt tasks and do asynchronous I/O.

I implemented it as a state machine and it worked very nicely. Each Mac could have 64 TCP streams or UDP "pseudo-streams" and all the Macs on a network could communicate in any combination to create a pretty fierce amount of I/O. Without state machines that would not have been possible.

State machines tend to be much more conservative of resources than threads usually are. On the BeOS, each thread has a fixed stack allocation of (I think) 256 kb, and that is often very wasteful.

Hacker Angst

Sometimes when I have some particularly difficult work to do, particular when I have something totally new to work on, I just can't face it. The thought of even so much as opening any of my source files fills me with dread. It stops me cold.

Usually what I do is go to lie down for a while. Sometimes I take a nap. It's the worst feeling.

When my wife sees me like this she tries to encourage me to get back on the horse. It's pretty easy for her to tell that I'm in this state because I get up abruptly from my desk only to lay on the couch or bed.

Usually the best thing to do is try to find something easier to do to get myself back in the rhythm. Any work at all as long as it's somehow productive.

I hit this wall tonight with something difficult I planned to do. I have a programming task that won't be a lot of code but it's not obvious to me at all how to do it. After taking my usual time out I decided I would spend some time writing test code first and doing some testing. I probably won't even get to the difficult work tonight. It only matters that I get it done in the next week or so, so I should be able to work up the momentum.

42 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!