Category Archives: Security

Energy, Sailing, Security

AC72 wing design

Leave a comment

We are only a couple months away from the giant America’s Cup catamaran wings being launched. A team led by American Paul Cayard already has theirs on sea trials. Blue Planet Times explains there was a lot of effort put into design regulation.

The box rule governing the AC72 is one big sandbox, so the engineers get to play. Oracle Racing Team Coordinator Ian Burns explains: “I was involved in writing the rule for the AC72s, and when we addressed the wing, we started with a complicated rule, to limit what a designer could do. We added more and more pieces as we thought of more and more outcomes, and we came to a point where it was so complicated—and it was still going to be hard to control, because the more rules you write the more loopholes you create – that we reverted to a simple principle. Limit the area very accurately, and make it a game of efficiency.”

Here’s the basic box rule for the AC72:

Hull Length: 22m (72.18 feet)
Maximum Beam: 14m (45.93 feet)
Wing Height: 40m (131.23 feet)
Maximum Draft: 4.4m (14.44 feet)
Displacement: 5900kg (13007 pounds)
Wing Area: 260 sqm (2798 square feet
Jib Area: 100 sqm (1076 square feet)
Gennaker Area: 400 sqm (4305 square feet)
Crew: 11@92kg/per (203 pounds)

Cayard’s description of the latest engineering challenges to make those numbers work is not your usual scuttlebutt.

“We have 38 hydraulic cylinders. We want to avoid running hydraulic piping to each of them, because that would be heavy, so we have electrovalves embedded in the wing to actuate the hydraulics. But if you had two wires, positive and negative, running to each electrovalve, your wing would look like a PG&E substation, and that’s heavy too, so we use a CAN-bus [controlled area network] with far fewer wires. Still, it’s incredibly complex.

“We wind up with lot of hydraulics,” Cayard says, “and the America’s Cup rules don’t allow stored power, so two of our eleven guys—we think, two—will be grinding a primary winch all the race long. Not to trim, but to maintain pressure in the hydraulic tank so that any time someone wants to open a hydraulic valve to trim the wing, there will be pressure to make that happen.”

Ok, so there’s thousands of hours in design of these wings but there’s something deeply ironic about a 72 foot catamaran with a 130 foot wing that can sail faster than the wind but can’t generate enough power to manage hydraulics without two crew constantly grinding a winch. It seems like a legacy mindset. A big part of the old America’s Cup boats was to be staffed with powerful yet heavy crew who can muscle the boat around. These boats surely call for lighter more nimble crew. What if someone even figured out a way to efficiently use the wind to generate power…?

Perhaps Luca Devoti said it best. These boats are pure racing machines that have power to burn. They should have no shortage of energy at their disposal, or they may even have a reason for absorbing excess.

You have to change completely your way of thinking: the boat is sailing from the moment the wing comes out of the shed because the wing can fly away at any moment.

The trick, as explained in the following video, is to make the wing secure yet light; to keep it as uncomplicated as possible to reduce risk and reduce response time. Most of all, it sounds like the designers want to hurry-up and make up for 20 years of lost time by borrowing technology and efficiency study lessons from the A-Class and C-Class catamaran fleets:

History, Sailing, Security

$200M Sea Shadow Sent to the Chopping Block

Leave a comment

The LA Times has posted an amusing story on the current GSA auction for a giant invisible catamaran.

Sea Shadow

…the U.S. Navy, which — after five years of trying and failing to donate the stealthy Sea Shadow to a museum — is now selling the ship for scrap metal in an online auction. All bids must be in at 3 p.m. Pacific time Friday. But there’s a catch. To win the auction, the successful bidder must agree to dismantle and scrap the Sea Shadow within six months…

What if you are a museum? Suddenly it is not good enough to be a museum?

Obviously the ship’s stealth is limited, otherwise the government would not be able to know what you did with it after winning the auction, right?

This is my favorite part of the story.

“On a typical night of testing, the Navy sub-hunter planes made 57 passes at us and detected the ship only twice,” he wrote. “A typical warship was a very high reflector of radar — a radar profile equal to about fifty barns. Our frigate would show up a hell of a lot smaller than a dinghy.”

That’s good news. The test success suggests that stealth technology in use today has come a long way from $200 million invested in 1985. Perhaps stealthy floating sea barns would now appear to be oar-sized? What’s a unit smaller than a dinghy? Life preserver?

More to the point, who in the world uses barns as a measure of size, especially when looking for something floating on the water? Perhaps it comes from people who think differently than the average person; people who use very precise and technical language to present their view of the world. People like this:

“I am amazed that it’s up for auction and a museum didn’t take it,” said Sherm Mullin, retired head of Lockheed’s Skunk Works. “But when I stop to think about it for about 10 microseconds, it becomes apparent to me that ships are difficult to take care of — a lot more difficult than airplanes.”

10 what? I would not even qualify 10 microseconds as a stop. That’s more like a yield in my mind. A speed bump at best.

Personally I would consider making bids for it but sadly it only comes with one microwave oven. I’d want at least a camp stove if I’m going to spend over $100K on a yacht. Although, I bet that microwave can cook food faster than anything on the market. Tuna in 10 microseconds anyone?

Security

VMware Workstation 8.0.3 and the troubles with Ubuntu 12.04

8 Comments

DO NOT UPGRADE to Ubuntu 12.04 (yet).

I’ve had nothing but trouble with this distribution for a week now. I was going to write a giant long post about all the time I’ve spent getting it to be stable but here’s the bottom line: it’s not (yet) ready for public consumption. I have been regularly building linux systems since 1994 and this release has been the most frustrating ever. I would not have an issue if this were 12.04 alpha or even beta and I went into it knowing that my systems would hard lock, but this is supposed to be the release candidate. Yuck.

It started with attaching an external monitor. Something that might seem so simple and common made the system freeze completely (I now hate compiz, unity, etc.). Turns out this has been a known problem for a few years, lurking in the compiz bugs. Then, after a few unexpected hard stops from my external display crashing the system, my encrypted home directory suddenly went lockdown and my key no longer worked. So I was locked out of my files with an unstable display.

Scream Auction
Sotheby’s sells a 1895 prediction of the Ubuntu 12.04 user experience

I enjoy hacking into an encrypted directory as much as anyone (the silver lining to this story is that encryptfs-recover-private makes it a no-brainer) but this was not a week where I had the time to spare working just to get access to my files. I thought I was going to have a stable (e.g. secure) upgrade when I clicked “yes” to the update manager prompt…alas, upgrading/patching to the latest vendor “stable” release is not always a good idea.

Perhaps when I cool down I’ll give more details on how I’ve removed all the unity gunk and returned myself to classic Gnome on Ubuntu 12.04 (and probably am now en route to switching to Mint), but in the meantime here is the trivial step I did, thanks to Weltall, to get the VMware Workstation 8.0.3 network interfaces to work with Ubuntu 12.04:

Since the Ubuntu wiki is so far out-of-date, note the warning from ArchLinux

VMware Workstation 8 and Player 4 only support kernels up to 3.0. Any later requires patching of the VMware modules.

Download vmware802fixlinux340.tar.gz from Weltall’s blog

Then untar the file
$ tar -xvf vmware802fixlinux340.tar.gz

Edit the version check in the file patch-modules_3.4.0.sh so you can change the line “vmreqver=8.0.2” to “vmreqver=8.0.3”

Then run the patch
$ sudo ./patch-modules_3.4.0.sh

Updated to add: This has been tested also with Workstation 8.0.4; follow the same steps but use vmreqver=8.0.4. As noted in the comments below you may get the error “/usr/lib/vmware/modules/source/.patched found. You have already patched your sources.” Delete the .patched file and then run the script again.

$ sudo rm /usr/lib/vmware/modules/source/.patched

Also updated to add:

A reliable fix for the dual screen crash is related to changing the driver for input devices using evdev (xserver-xorg-input-evdev) — the kernel event delivery mechanism that handles multiple keyboards and mice as separate input devices.

The new flawed version that ships with Ubuntu 12.04 is 1:2.7.0-0ubuntu1. Downgrading to version 1:2.6.99.901-1ubuntu3 from January 2012 is stable. The changelog shows only minor differences in the new version:

* Fix horizontal scroll direction (LP: #932439)
– Add 0005-fix-horiz-scrolling.patch from upstream
* Bump lintian standards version to 3.9.3

But clearly a fix in 1:2.6.99.901-1ubuntu3 went missing.

Energy, Security

The Power of Cracking Passwords

Leave a comment

Ivan Golubev’s blog points out that power supply and heat dissipation can impact the speed of brute forcing passwords with graphics cards.

Apparently lowering GPU core frequency resulting in “closer to estimations” performance. My first guess was that there is internal throttling in 6990 and so overheating causing performance drop. I’ve even posted in official forum about this but some more experiments reveals that I wasn’t totally true. Answer was pretty simple:

[…]

Yep, by default it isn’t enough power provided for 6990 to make it work with 100% performance

[…]

…make sure you have proper cooling and PSU as looks like official 375W TDP can easily became 450W and this means A LOT of heat you’re need to deal with somehow.

The Radeon HD 6990 graphics cards have dropped to under $400, which is very tempting, but only for air-cooled. So the cost of reaching peak brute-force performance levels of 10 billion passwords per second with ighashgpu really must be measured in terms of cost of liquid cooling and clean supply of power (around $4,000 for a complete system). It’s a nice example of how security is tied to energy and efficiency. Golubev actually provides a spreadsheet of performance per dollar but it doesn’t mention environmental factors that support peak performance.

To put this all in perspective, a strong mixed upper-lower case alphanumeric with symbols password that is 8 digits long on a Microsoft OS could take around 20 days to crack for less than $5,000. Since password change cycles are usually 90 days…