Halloween Haunt: a Kings Dominion favorite is back

WP_20140926_18_41_42_ProI have not written about theme park related things for quite awhile.  I do so now as I have a personal connection and am excited to share it with you.

For a decade, I have taken my oldest son to the haunt events at Kings Dominion and, for a lot of that time, to a similar event in near by Busch Gardens Williamsburg.  For at least half of that decade, he has wanted to work as a ‘scare actor’ at Kings Dominion. Well, this year, he got his chance.  He is a Zombie in the Zombie High maze, which is already one of the favorite mazes at the park.  To my delight, he is really good at immersing himself in the part.  It is a long, tiring and dirty job, but, he loves it. WP_20140927_20_38_09_Pro

Enough boasting, lets talk about what they are doing.

This year, they five ‘scare zones’  and eight mazes.  The best mazes include Cornstalkers, Zombie High and Club Blood.  Cornstalkers is a maze made out of corn husks, bales of hey and other similar items. Most of the actors blend into the environment and are difficult to see until it is too late. They really get into character and are very enthusiastic.  Zombie High takes place in a high school setting where zombiism has broken out due to a lab experiment gone wrong. Student zombies are seen in various states and you never know where they are waiting.  The theming is excellent and the atmosphere is foreboding. Club Blood takes place in a vampire themed night club. Scantily clad ladies and beefcake vampire dudes fill the building. As with the other mazes, you never know where they are.  The exit is, perhaps, the most hair raising…if you catch it right.WP_20140927_20_28_06_Pro (2) 1

The first night we went, the park was deserted. The Virginia State Fair opened the same night and it is just down the road. I suspect that, a slew of local high school football games and other events took away from the crowd.  As such, we got way more scares than we did the next night we went.

The following night, a Saturday, the park was packed.  Long lines were everywhere. We only went through Zombie High, mainly for my son. Again, he and his co-scare actors, were on their game and we got some good scares and laughs.  The park was letting too many through at one time, which did detract from the experience.

We decided to go through the ‘scare zones’ that we did not hit up the night before. We also spent a lot of time in the ‘Clever Brothers’ zone, themed to a circus.  That was fantastic. I had as much fun watching the others getting scared as I did going through the mazes.WP_20140926_21_41_47_Pro

I anticipate this weekend’s visit to be even better as the actors know what to do and will be more comfortable.

If you are in the area, go out there and give it try.  And, hit up Zombie High, but don’t eat the meatloaf!

Windows 9…make that 10…

Tech-Preview_Start-menuMicrosoft, today, introduced Windows 10, the successor to Windows 8.x, Windows Phone 8.x and Windows RT.  While today’s presentation was aimed solely at the Enterprise, there were nuggets for everyone else as well, especially those who did not like the current version (and probably did not even bother to try it) and its Start Page and tiles.

Indeed, todays presentation showed off changes for the desktop and how Windows will handle the variety of devices.  This means figuring out what it is running on and, in the case of tablet/laptop hybrids.  If it detects a touch screen, it will default to the Windows 8 style with the Start Page, touch centricity and tiles.  If it detects a mouse and keyboard, it defaults to the desktop and the keyboard/mouse centricity.  It is something called Continuum and looks rather nice.

The desktop receives a welcome upgrade in the inclusion of the Start Menu with Tiles.  The Charms bar, still in the Technical Preview showed at the presentation, is accessible in much the same way. The task manager has a new button on the task bar and the ability to create, manage and use multiple desktops is built in. The feature resembles similar features found in Linux and Mac OS X.Tech-Preview_Task-view-500x281

Even the Command window got updated: copy and paste now work IN the window, no need to use an inconvenient context menu.

Windows 8 Style apps can now run in windows right on the desktop, which, for some, increases their usefulness.  The Start Menu is both old and new and incorporates a pared down Start Page. Part of it is the old style menu, the other half is the pared down start page.  A nice compromise.

Another interesting thing Microsoft has done is enhance the Windows 7 Snap feature. Previously, you could drag a window to the right side and snap it in place and then drag another to the left and snap it. Now, from the new task list, you snap up to four windows, certainly something a power user or developer will welcome.Tech-Preview_Three-program-snap-and-suggestions-500x281

Terry Myerson and Joe Belfiore stuck around for questions after the presentation. Among the questions asked was what this does to Windows RT and Windows Phone. The answer was that Windows 10 would be available to the majority of devices running Windows. Previously, they had said it would, in fact, run on ARM based devices…which includes Windows RT tablets. Now, recently, it was revealed that the majority of Tablets are, in fact, RT. So, I cannot imagine that this segment will get ignored. Windows Phone will be replaced with Windows 10, something we already knew.

All in all, the new version looks promising and you can get your hands on a very early build, starting Wednesday, October 1, 2014.  Go to http://preview.windows.com/ to download the ISO file.

That so called ‘data breach’ of iCloud? Didn’t happen

Long time readers of this blog pretty much know that I am not a big fan of Apple. While I do think they have some good products, I don’t like the way they treat their customers (like infants who need coddling, for the most part) nor do I like the perceived ‘premium’ that is Apple when, in fact, they aren’t any better than, say, HP or Sony.  So, when I heard about the data breach, err, alleged data breach of iCould, I was, initially, in the ‘huh, how about that…how are they gonna get past this?’ mode.

Well, it’s really very simple.  They aren’t 100% at fault. They do shoulder SOME responsibility, but, for the most part, the ‘breach’ was really nothing more than some phishing, luck and a brute force exploitation of something that Apple fixed as soon as it was known to the public.

First, the problem: a number of celebs, apparently, enjoy photographing themselves and, perhaps, partners in compromising poses in the nude. Now, that’s their business, not mine, but…to do so on an iPHONE!? C’mon. So, these iPhones were backing the photos up to iCloud.  My guess is that most of these people did not know this was the case. Some, perhaps, did and then deleted the photos. Problem was that pesky iPhone backup. The photos were there. Whatever the cause, these photos were up on iCloud in a space that was accessible if you knew where and how to get there.

Next, the back door.  When you get an iPhone, you have to set it up. One of the things you set up-or not-is the Find My iPhone feature.  You use your Apple ID and Password for this.  Problem is, and unlike other services or even other parts of Apple, there was no cutoff to the number of guesses for the password. IF you know the ID, you could take forever to guess the password. And, that is, very likely, how access happened. The perpetrator thanked ‘all of those who helped’, so he/she probably had many people hacking away at a few specific targets. Once they got in, they got what appears to be iPhone backup files.

Apple swiftly fixed the problem with the password by limiting the number of guesses allowed.

Now, while this is still a crime and not a laughing matter, I do have to wonder why the mainstream press made this out to be such a huge deal. It isn’t. Yes, I am sorry Jennifer Lawrence’s photos went public, I’d be pissed too, but…the press had other pressing things to report. 

That said, there are things you can do to protect your photos and data. And, remember, things like this can happen no matter what phone or device or service you use. These people did take advantage of a weakness in the Apple ecosystem. But, it could have happened purely by social means as well. So, what can you do?

First, enable two factor authentication. Depending on what service you use, this means a password and some other means, like identifying a photo, biometrics, whatever. Check into what your service offers.

Second, disable the auto upload of photos on your device. Apple enables it by default on the iPhone. Android, does not and neither does Windows Phone.

Third, check the privacy settings on the service.

If you must take ‘fun’ photos of an adult nature, don’t use a smartphone. Use a real camera.  Protect the media you store them on.  NEVER upload them. Once uploaded, there is always that chance they get out to the public. A disgruntled employee, a weakness in the system, poor passwords, you name it, it could happen.

Lastly, NEVER use identifiable email addresses. Create a cryptic email address at Outlook.com, Yahoo! or even GMAIL. Use that for your password recovery or even your account’s email. That way, most people won’t bother to try to break it.

So, there you have it.  Apple’s reliance on Microsoft’s Azure cloud platform and Amazon’s AWS gives them rock solid foundations. They have made big strides in the front end as well. The steps they have taken to make the iPhone both safe and easy to use made this entire fiasco very unlikely to be anything other than what it was…a lucky hit by a few with nothing else better to do. Cut Apple some slack here.

The Great Half-Byte Blog Robot Challenge

Ok, people, you have that awesome Arduino or Arduino clone.  What are you doing with it? Doing something other than making an LED blink or getting temperature readings from a DHT-11? Well, here’s something:  The Great Half-Byte Blog Robot Challenge.  During the months  of September and October, we challenge you to build a robot using the common ATMega328. It doesn’t have to be a genuine Arduino, but should include the same bootloader and be software compatible—that means being able to load up the code in the Arduino IDE, along with any necessary libraries, and download to another without any changes.

The robot itself should have at least two wheels and enough intelligence to sense when it has hit an object and then go the opposite direction. You can use any commonly available components, including ultrasonic sensors, infrared, etc.

The challenge will run from September 7 through October 7. Submit your entries to this blog by leaving a comment below. Your entry should contain: text description of your robot, how you built it, parts, and any code (which you can zip up and upload to your favorite Drop Box, OneDrive, GoogleDrive,etc. Leave a link to the file in the comments. Photos should be put a photo sharing site, like Flikr, and linked back here.

We will judge the entries by originality, appearance, simplicity and code.  The top five entries will be featured on the blog. 

Please do not start until September 7, 2014. 

Have fun!

Hacking the Half-Byte Console and Tiny Basic v2 (or, making Tiny Basic tell me the temperature)

WP_20140826_22_19_55_ProI had one main goal in mind when I designed the Half-Byte Console: to bring together parent and child in a learning experience. Now that the console is a reality and a few are out in the wild, I want it to do other things.  So, I thought ‘what can this do that isn’t expensive and would be easy to add to the Tiny Basic as well?’

Looking around my office, I see a DHT-11 temperature and humidity sensor. Ah ha! These are cheap, just a few dollars each.  They are also easy to access in code and, with only three pins, easy to connect.  So, this is the Half-Byte Console’s first hack: measuring indoor environment.

The DHT-11 has three pins: +5, data and Ground (-).  I chose to use D5 on the console as it is safe to use and won’t interfere with video or the keyboard.  Plus, it is easy to get to on the board. I loaded the example sketch and changed the pin reference to make sure it worked. It did. WP_20140826_22_20_22_Pro

Next, I added support for the sensor to Tiny Basic.  I am working on Version 2 and this support will be part of that release (which should be ready very soon.)

Support comes in the form of two functions:

  • x=Temp(1)
  • x=Humidity (1)

The parameter for Temp actually has meaning: if the parameter is a zero, the temperature is returned as Celsius. If it is a 1, it is returned as Fahrenheit. Any non-zero parameter defaults to Fahrenheit.WP_20140826_22_20_46_Pro

So, now the console can do something useful.  I’m anxious to get the release of Tiny Basic out and see what you all can do with this new functionality.  I am going to post more on the new features of Tiny Basic (hint…more graphics, LIST is fixed…)

In the mean time, if you have any suggestions for Tiny Basic, please let me know in the comments.

Moore’s Law–Infographic style

Moore’s Law…it’s more or less dictated the state of the art for semiconductors for the last forty years. Check it out…
NOTE I have been asked by ComputerScienceZone.org to remove the link and graphic, temporarily, from the blog. They will notify us when they have reposted and apologize for any inconvenience.

Bad, bad Lero…err, USB…baddest USB in the whole town

USB. We all use it. It is ubiquitous these days. Our phones use it for power and to transfer data to and from the phone to a computer. Our keyboards, mice, mobile devices, external hard disks, cameras, you name it, it probably has a USB port.  Even some of our power outlets in the wall have them.  So, why am I saying something you already know? Well, two gentlemen at SRS Labs have ‘discovered’ something that many of us probably knew, but just didn’t want to admit.

usb-drive-2What’s that, you say?

Well, unless the USB device is a simple power adapter, it contains a tiny little computer.  Yep, the two dollar USB Thumb drive is, in fact, a full fledged little computer. It has a CPU, internal memory, firmware (the OS or software that makes it all work, including the complicated USB protocol itself) and, of course, the gigs of memory that you bought it for. So, what does this mean? 

Well, for the vast majority of things, it means little.  However, there is a significant portion of USB devices-mainly the aforementioned two dollar thumb drive-that contain EEPROM instead ROM.

EEPROM is erasable programmable read only memory. It is a type of ROM that can, with the right combination of hardware and software, have its memory replaced-something standard ROM cannot do.  ROM, or READ ONLY MEMORY, is a write once memory. That is, once you have ‘burned’ or uploaded whatever you want to put in it, it cannot be changed. So, you better get it right the first time.  Which is why, I’m guessing, that some of the lower cost drives use EEPROM instead of ROM.  Perhaps the same chips are used in two or three memory sizes. It is easier to re-burn an EEPROM with different parameters than to purchase unused ROMS, go through the hassle of burning them, etc.   EEPROMS are just convenient.

So, what, exactly does this mean? So what if they used EEPROM, what does that have to do with me?

Simple: YOUR USB device COULD be hacked and its firmware changed to accomplish something more nefarious than just saving your Leonard Nimoy musical collection. 

For example, say that two dollar thumb drive was intercepted at some point before it got to the store. It’s firmware changed so that when you plug it in, it makes a copy of itself on your computer. It plants something in your operating system that allows it to copy itself back to other USB drives. Oh, it also could record your keystrokes. Or, perhaps, it could encrypt your data. Bottom line is that you don’t know what it could do.

One concern is that the device, if compromised, could actually overwrite your computer’s operating system.  Now, the chances of this happening are astronomical. I chuckled when I heard it, but…it is not out of the realm of possibilities.  So, maybe unplug the thumb drive before you shut the computer down, if you do that.

Now, before you go throw them all away, consider this:  there’s been no known exploits.  Most USB devices likely use real ROM-certainly the firmware in that Seagate you bought is in ROM. The chances of your computer actually being able to re-program other USB devices is likely slim. These embedded computers are limited in what they can do.

I, personally, am not too concerned about this, but I will think twice about grabbing that freebie drive or getting them at the Dollar General or Five Below. (Note: those are two fine stores, but some of the merchandise may not be as fine. They cannot control distribution from end to end. Just saying)

The two researchers are presenting their findings at the Black Hat conference this week. I will follow up this post with any additional information they present.

Steven Nichols has a typical story that came out this past week regarding BadUSB. Have a gander here.