I had an interesting thought this morning while shaving: could spam be used as a communication method for a large, distributed secret organization?

There are two variants possible: hide your message inside plain text using typical cryptographic means or inside images using techniques such as stenography, or send your message as an encrypted blob of data that is otherwise unintelligible.

I received a curious message that got this thought process rolling. The SMTP mail header contains a bunch of HTML strings that got stuffed into Message-id lines. Normally I’d think this was just incompetent message formatting – spam generators often screw up like this. However the body text contains 17,776 characters like this:

WRzFXjk2HB+rXQtUYc0nZoVXaHhfB2HoehrfNI1Rp2qsQoLMcADJJrtLfaGbwtGuMH

This is a very curious message indeed. It originated from IP address 24.60.64.32 which is part of the Comcast network. The owner (I don’t know who it is specifically) is running a web server that claims to be Apache and serves up blank pages. There is no SSH server and no telnet server. The mail server claims to be a Microsoft server but I doubt it.

So continues my conspiracy thinking: its apparently easy enough to send spam; a seemingly endless stream of offers of Viagra and Rolex watches and such in my mailbox demonstrates that. Its even easier to receive spam; do you know anyone who doesn’t get it?

Let’s pretend you are a secret agent in the field, working under cover. I’m headquarters, wanting to relay important information to you. I create the secret message, embed it in an offer for a hot new stock pick, and send it off to millions of people. Only you would know how to decode the secret message, everyone else would simply delete it. Anyone observing the message traffic might not see a one-to-one communication method, they’d see a broadcast of junk to nobody in particular.

If you wanted to communicate covertly at a distance, wouldn’t this be a good way to do it? It’s sort of like hiding in plain sight.

More likely, its just spam. But maybe not. :^)

I bought a Motorola RAZR phone the other day to replace my aged Ericsson T28. I’m not a “phone person” nor a “gadget person” but I do like to have a mobile phone. I long ago figured out that its worth paying more for the convenience of small, thin, light electronics.

What has really surprised me is the subculture of people who “hack” these sophisticated phones. Sometimes its about removing the software locks set by the carrier, other times its just about changing the skins or uploading new games. Some sites offer alternate firmware to download to your phone. Try googling for “hack mobile phone {brand name}” and you’ll see what I mean.

I think this is sort of like hot rodding cars. When I was a teenager it was very cool to enhance a car in interesting ways. Replacing engines, transmissions, suspension, etc. was not at all unusual. Custom paint with multiple layers of clear coat was standard. I’ve heard that car mods are still popular but nothing like it was. Now its all about firmware tweaks or bolt-on wings or such. I miss days of the big fat tires with expensive chrome wheels and super-thin pin stripping painted by hand.

I guess I’m getting old. Sigh.

I’ve just finished my second and third printed circuit board designs and sent them off for production. The Spark Fun guys have a really cheap deal for hobbyists as long as you (1) aren’t in a huge hurry and (2) are willing to accept back what you send them. User beware, you have to proof you designs carefully as they aren’t going to do it for you. Which is why its cheap.

My first board was made for my small six-legged walking robot built by following the mechanical construction described in Karl Williams’ Insectronic book. In addition to the mechanics the book shows you how to make a circuit board using a PIC controller but I wanted to use an Atmel AVR. Plus I added an ultrasonic sensor with a pivoting head which required more pins than what the original design could support. Hence I made my own. It’s a very simple circuit (before laying out the board I built the whole thing on a breadboard in about 30 minutes). It uses an Atmel processor, a crystal oscillator, a bunch of headers and an LED or two. As I said, it’s simple. I really should find some time to take pictures + movies and post them, its a cool little robot.

This time I’m using surface mount packages for most everything on both boards. And these boards are more complicated. In addition to the Atmel processor, both are using a Microchip 2515 CAN controller + a transceiver. The first one is using a chip from FTDI that allows the processor to be accessible from USB. It’s basically going to be a bridge between my desktop or laptop and a CAN network. The second board doesn’t use the USB interface but instead plugs into a nifty little GPS module; this module requires a voltage level shifter to translate to the 2.85v used for serial communications rather than the 5v used by everything else. The idea is to create a board that reads GPS data and writes it back to the CAN network.

The last time I used the the Spark Fun service it worked out very well but I noticed the layout was shifted on the actual board a small amount from what I expected it to be. Fortunately I was very conservative with my traces so the board still works even if its not “perfect”. I used Eagle CAD again for these latest designs and carefully marked out the board size, thinking I must have made an error last time. But the Gerber files that got saved were offset again (and both boards were offset by a different amount). Seems like its a bug in Eagle.

I manually applied offsets and like magic the Gerbers lined up perfectly. The Spark Fun support forums talk about this issue but more about trying to fix it mechanically (and nobody else concludes its an Eagle bug so my conclusion might be hasty). My approach was to place “corner marks” at the four corners of the board directly onto the silk screen layer so it was included in the resulting Gerber files. Then I previewed the files in Pentalogix ViewMate and tweaked by hand until I could see the marks lining up correctly.

As soon as I get them back I’ll take some before and after assembly photos and post them.

Paul Graham’s article Are Software Patents Evil is worth a read. He argues that “junk” software patents are less of a problem than “junk” patents on non-software inventions (opposite of popular belief in my circles). He points out the fundemental (and maybe unfixable) problem is the inability of the USPTO to identify obvious vs. non-obvious inventions in a fast-moving technology sector; this much is obvious to anyone. He further explains why innovation at most software companies is unhindered by the whole mess. This part is less obvious but well argued. Another great article from Paul reveals where successful startups find the right Ideas.

Last week was the first week of working at Sophos in downtown Vancouver. I joined this company because they we are a fantastic organization making fantastic products in a growing industry.

The first week was like going back to school – I’m writing C and Perl on Linux and I forgot everything I knew about the Linux / UNIX system and library APIs a long time ago. Fortunately these are great people to work with, and they knew I’d have this learning curve for a couple of weeks.

We are doing pair-programming for most of the work. It’s a full Extreme Programming shop, and that has been really fun so far. I’d tried pair-programming in the past but the problem was never having quite the right set-up: we have special workstations with one computer, two monitors, two keyboards and two mice. Instead of crouching around a single monitor and trading the keyboard back and forth, both people sit comfortably and can immediately switch back and forth with no effort. Its really been a positive experience.

Another great feature of Extreme Programming: having the customer proxy (the guy whose opinion about features counts the most) sitting in the same work area all day long. Got a question about how the feature should work? Grab the customer guy (his name is Marc on my team) and get the answer immediately.

It was a little bit of a risk to join a company so different than my last job but I really think this is exactly the kind of place I like to work. Many times this last week I observed and participated in activites that reminded me of my best memories from development projects are Creo. I’m sure there will be days that I get frustrated too, but I doubt that will happen very often.

Today actually started my second week, and it was a great day. Learned a lot more about how our project is assembled and how the various components interact. I can hardly wait to go back tomorrow!