## Sunday, February 24, 2013

### The podcast has it's own domain & Wiki

Find it at http://engbench.tk/

Find it on iTunes, vanilla RSS, YouTube or the show notes website.

## Saturday, February 16, 2013

### Amulet's temporal dithering KEXT & fear of OS-X's console!

I've written previously about Amulet's fix for both nVidia and Radeon graphics cards doing temporal dithering under OS-X and how that spoils any KVM-over-IP system's ability to do compression. I had a good meeting with Amulet on Friday relating to a proposed customer's requirements but also got to chat to James Seward (@jamesoff on Twitter). He showed me a couple of interesting things:
• My assumption that the current version of his Kext wasn't working under Snow Leopard was actually due to the method he was using to signal the Kext had installed correctly - the error basically says that NScolor doesn't understand the call - never fear the Console! It showed that all was well;

• His worry that any other KVM-over-IP manufacturer could just take his Kext and use it to make OS-X displays work using their system has been circumvented by checking for the presence of Amulet hardware (that's an expensive dongle!);

Now the week after next is BVE, this time it's at the Excel Center in Docklands (goodbye Earl's Court!) and I'm doing some training tasters but all of the workstations on our stand will be extended over Amulet. I think this is one of the most significant technologies we've taken on in recent years and so come and grab me for a demo.

## Tuesday, February 12, 2013

### Cheap HD/SDi parts, Return Loss and the danger of short cables

Return loss is the loss of signal power resulting from the reflection caused at a mismatch with the terminating load or with a device inserted in the line. It is usually expressed as a ratio in decibels (dB);
$RL(\mathrm{dB}) = 10 \log_{10} {P_\mathrm i \over P_\mathrm r}$

where RL(dB) is the return loss in dB, Pi is the incident power and Pr is the reflected power.

Return loss is related to both standing wave ratio (SWR) and reflection coefficient (Γ). Return loss is a measure of how well devices or lines are matched. A match is good if the return loss is high. A high return loss is desirable and results in a lower insertion loss. In the case of newer budget HD/SDi equipment return losses can be as bad as 12dBs (I've measure Blackmagic boxes thus) whereas the spec for 3G is 16dBs and in the case of proper broadcast manufacturers 18dBs or better is often measured (Sony, Tektronix).

I recently tested some real budget SDi parts from a reseller who is thinking of importing them from the Far East. Here are a couple of eye patterns of a 1.5G signal at the input and via the high-impedance looping output of a distribution amplifier.
If you take the first measurement as the base (it's not brilliant but that probably due to the poor signal generator) and then see what you get when the feed is connected to the DA's input and measured at the Hi-Z loop-through you see the effect of return loss - the ability of the sending equipment to drive the line impeded by reflections at the receiving piece of of equipment because of sub-optimal termination.

One thing to look out for is using short cables with budget SDi parts because the reflected portion of the signal doesn't have the chance to dissipate and interferes with the incoming signal. Replacing the short coax cable with a longer one solves the problem. This seems counter-intuitive as all engineers are painfully aware that signals get more compromised by long cables. We all carry a set of figures around in our heads; Gigabit Ethernet over cat6; 100m, 3G HD/SDi over Belden 1694; 60m, 10gig Fibre Channel over OM3; 600m etc etc.

Matt, Wes and I were left scratching out heads with the following setup;

HD/SDi MTX, optical o/p -> 100m OS1 line -> optical->SDi converter -> SDi-HDMI converter -> TV

We were getting nothing at the TV. Checking for SDi just pre the HDMI adapter using a Tektronix WFM5200 (no eye patterns, unfortunately!) was fine, but the giveaway with sticking a signal generator just pre the HDMI converter and using the same short-length cable showed no signal at the TV. Replacing the short cable with a longer one (15cm with 1m) made it all come good.
Clearly the Tektronix had a much better return loss on it's input and so wasn't phased by being fed with the short cable. The cheap HDMI converter was a lot more sensitive. Interestingly switching between 270MBit/s SD and 1.5GBit/s HD made no difference.

the short cable was the bogeyman!

## Sunday, February 10, 2013

Sarah and I have recently been enjoying The Killing; Danish crime-noir with some very compelling knitwear! We started when we saw BBC4 was showing season three a few months ago so we set the PVR to record them. We thought we should probably start at season one and so we watched them on LoveFilm. They didn't have season two, but iTunes did (for around a tenner). My point is that here is a show that contains brilliant story-telling and we watch it when and where we want - on the TV, the iPad (in bed) etc, without commercials. It is what television was made for. I don't need to be loyal to whoever delivered it to me; LoveFilm is part of my ISP's package, iTunes charged me a bit and the BBC is paid for by my TV license.

House of cards on Netflix is unique in that it hasn't (and won't) be available on any over-the-air television platforms. It is big-budget TV drama with the following differences;
• They aren't tied to 26 or 48 minute episode lengths to cope with the requirements of the network and the advertisers; the writer and director get to decide if this is a 35 minute or 1 hour and 15 min story,
• All episodes are available at launch time and forever; how's that for giving users the choice of how they want to watch?!
• The story needn't be cut with cliffhangers or with ad-breaks in mind.
I think in years to come this will be considered the seminal moment when all the old-media platforms who merely exist to provide a conduit to consumers were disinter-mediated.  If you think about a commercial broadcaster, what is their business model? Advert sales - and in that you have to realise that the programmes really are the loss-leader on the adverts. They don't really care if you watch Downton Abbey, well, only in that it drives you to watch the advert breaks. The BBC is of course different in that they have no commercial interest in anything other than retaining their charter which means they have to make good programmes.
Until the last few years you had to be a big media organisation to deliver adverts into people's homes before you could afford to deliver programmes, but now that's not the case. Have you ever wondered why ITV, Channel Four and Channel Five's on demand services are so hopeless next to the BBC iPlayer? It's because the new model scares them silly.
I think that increasingly LoveFilm, Netflix, iPlayer etc etc will be the method people choose to consume tele with only a bit of live watching for sports and news. The few pounds a month all of those on-demand services cost is tiny next to what Sky charge you directly and what ITV charge you indirectly (remember, the average family pays around £600 per anum on top of the goods they buy to pay for commercially funded television - and you have no choice over it; it's more of a tax than the TV license).

FrameRate on the TWiT network had a good discussion on the matter;

## Saturday, February 09, 2013

### UPnP - It was always a bad idea!

UPnP is a protocol that allows a router to listen out for requests to open ports and to make other configurations changes from a client machine WITHIN the LAN. It was popularized a decade ago by Microsoft with the original XBox. If you want to have a game that you're playing with others (who are all sat behind their own NAT routers) then the game has to have a way of opening a port on the router and mapping to the games console. That's what Universal Plug & Play achieves and once it was known that you needed it for XBox gaming no router manufacturer is going to not include it and have it set on by default. For years I've told people to disable it and go to the trouble of opening the required ports manually; Here's how you do it for XBox Live! It seems like a bit of malware on your LAN could have a field day opening up dangerous ports (think Windows filesharing etc) and all the benefit of having a NAT firewall has vanished; you're exposed to the Internet and nobody wants that!

Anyhow - it turn out that some routers have UPnP enabled on their Internet-facing port! That's right; you send the correctly formed UDP-discovery packet at the Internet side of the router and along with being able to open ports you can query the router for lots of details about itself, allowing you to better tailor your attack for other known vulnerabilities of that specific model. HD Moore (of Metasploit fame) has had a cluster of machines probing the public Internet to see how many public-facing IP addresses had UPnP enabled and it turns out around 2% of hosts respond to WAN-borne UDP discovery packets. He repeated his scan weekly for six months and those eighty-one million routers remained reasonably constant. His blog post makes great reading and is here
In case your wondering if your router is vulnerable you can find a list of effected models here, and you'd be surprised how many big-name manufacturers are there. I suppose not many people ever bother to patch their router and so a lot of this code is probably a decade old. I encourage you to get a Linux-based router and load it up with DD-WRT or one of the other many good open-source router firmwares (I use DD-WRT but have used Tomato in the past). It goes without saying they are not vulnerable and they add so much functionality that you'll kick yourself for not using them sooner.

Steve Gibson did an excellent Security Now! podcast on the matter last week;

Steve has also extended his Shields Up!! router test to check for the vulnerability.