Thursday, July 23, 2015

Self Replacing Secure Code, our Strange World, Mac OS X Images Online, Password Recovery Software, and Python Code Obfuscation

A while back (several years ago) I wrote about self replacing code in my 'Cloud and Security' report (p.399-402)(I worked on it on and off over an extended period of time) within the context of building more secure codebases. DARPA are currently funding projects within this space. Based on I've seen it's early days. To be honest it's not that difficult to build if you think about it carefully and break it down. Much of the code that is required is already in wide spread use and I already have much of the code ready to go. The problem is dealing with the sub-components. There are some aspects that are incredibly tedious to deal with especially within the context of multiple languages.

If you're curious, I also looked at fully automated network defense (as in the CGC (Cyber Grand Challenge)) in all of my three reports, 'Building a Coud Computing Service', 'Convergence Effect', and 'Cloud and Internet Security' (I also looked at a lot of other concepts such as 'Active Defense' systems which involves automated network response/attack but there are a lot of legal, ethical, technical, and other conundrums that we need to think about if we proceed further down this path...). I'll be curious to see what the final implementations will be like...
https://en.wikipedia.org/wiki/DARPA
http://www.darpa.mil/
https://play.google.com/store/books/author?id=Binh+Nguyen
http://www.amazon.com/mn/search/?_encoding=UTF8&camp=1789&creative=390957&field-author=Binh%20Nguyen&linkCode=ur2&search-alias=digital-text&sort=relevancerank&tag=bnsb-20&linkId=3BWQJUK2RCDNUGFY
http://www.brisbanetimes.com.au/it-pro/security-it/csail-fixes-software-bugs-automatically-in-any-language-by-copying-from-safer-applications-20150720-gifyo3
http://www.smh.com.au/it-pro/security-it/csail-fixes-software-bugs-automatically-in-any-language-by-copying-from-safer-applications-20150720-gifyo3
http://www.theverge.com/2015/7/8/8911493/darpa-cyber-grand-challenge-finalists-defcon
http://www.networkworld.com/article/2945443/security0/darpas-4m-cyber-threat-clash-down-to-seven-challengers.html

If you've ever worked in the computer security industry you'll realise that it can be incredibly frustrating at times. As I've stated previously it can sometimes be easier to get information from countries under sanction than legitimately (even in a professional setting in a 'safe environment') for study. I find it very difficult to understand this perspective especially when search engines allow independent researchers easy access to adequate samples and how you're supposed to defend against something if you (and many others around you) have little idea of how some attack system/code works.
http://www.itnews.com.au/News/406655,infosec-firms-oppose-misguided-exploit-export-controls.aspx
http://www.theaustralian.com.au/business/technology/australian-firms-under-attack-every-week-centrify/story-e6frgakx-1227444081288?nk=2712dc6b13f189c643cb547351652f41-1437018757

It's interesting how the West views China and Russia via diplomatic cables (WikiLeaks). They say that China is being overly aggressive particularly with regards to economics and defense. Russia is viewed as a hybrid criminal state. When you think about it carefully the world is just shades of grey. A lot of what we do in the West is very difficult to defend when you look behind the scenes and realise that we straddle such a fine line and much of what they do we also engage in. We're just more subtle about it. If the general public were to realise that Obama once held off on seizing money from the financial system (proceeds of crime and terrorism) because there was so much locked up in US banks that it would cause the whole system to crash would they see things differently? If the world in general knew that much of southern Italy's economy was from crime would they view it in the same way as they saw Russia? If the world knew exactly how much 'economic intelligence' seems to play a role in 'national security' would we think about the role of state security differently?
http://www.theguardian.com/world/2010/nov/29/wikileaks-cables-china-reunified-korea
https://en.wikipedia.org/wiki/Contents_of_the_United_States_diplomatic_cables_leak_%28People%27s_Republic_of_China%29
https://en.wikipedia.org/wiki/Reactions_to_the_United_States_diplomatic_cables_leak
https://en.wikipedia.org/wiki/Reception_of_WikiLeaks
http://www.theguardian.com/world/2010/dec/01/wikileaks-cables-russia-mafia-kleptocracy
http://www.telegraph.co.uk/news/worldnews/wikileaks/8304654/WikiLeaks-cables-US-agrees-to-tell-Russia-Britains-nuclear-secrets.html
https://www.techdirt.com/articles/20130910/13145824474/former-nsa-officer-wikileaks-is-front-russian-intelligence-snowdens-probably-spy.shtml
http://www.news.com.au/finance/work/the-human-tragedy-of-mh17-could-boost-vladimir-putins-popularity-despite-damning-video-evidence/story-fn5tas5k-1227448079141

If you develop across multiple platforms you'll have discovered that it is just easier to have a copy of Mac OS X running in a Virtual Machine rather than having to shuffle back and forth between different machines. Copies of the ISO/DMG image (technically, Mac OS X is free for those who don't know) are widely available and as many have discovered most of the time setup is reasonably easy.
http://www.reddit.com/r/osx/comments/1oey0b/download_os_x_109_mavericks_gm_final_dmg/
http://www.techglobex.net/2013/10/download-os-x-109-mavericks-gm-final.html

If you've ever lost your password to an archive, password recovery programs can save a lot of time. Most of the free password recovery tools deal only with a limited number of filetypes and passwords.
http://www.lostpassword.com/kit-forensic.htm
http://www.top-password.com/download.html
http://www.passwordsrecoverytool.com/download/
http://www.passwordsrecoverytool.com/downloads/
https://www.elcomsoft.com/eprb.html
http://www.password-changer.com/
http://www.password-changer.com/download.htm
http://www.livecd.com/
http://livecd.com/DataStudio/download.htm
http://pcsupport.about.com/od/toolsofthetrade/tp/passrecovery.htm
http://www.techrepublic.com/blog/five-apps/five-trustworthy-password-recovery-tools/

There are some Python bytecode obfuscation utilities out there but like standard obfuscators they are of limited utility against skilled programmers.
http://reverseengineering.stackexchange.com/questions/1943/what-are-the-techniques-and-tools-to-obfuscate-python-programs
http://stackoverflow.com/questions/14997414/obfuscating-python-bytecode-through-interpreter-mutation
http://stackoverflow.com/questions/261638/how-do-i-protect-python-code

Tuesday, July 21, 2015

Joint Strike Fighter F-35 Notes

Below are a bunch of thoughts, collation of articles about the F-35 JSF, F-22 Raptor, and associated technologies...

- every single defense analyst knows that comprimises had to be made in order to achieve a blend of cost effectiveness, stealth, agility, etc... in the F-22 and F-35. What's also clear is that once things get up close and personal things mightn't be as clear cut as we're being told. I was of the impression that the F-22 would basically outdo anything and everything in the sky all of the time. It's clear that based on training excercises that unless the F-22's have been backing off it may not be as phenomenal as we're being led to believe (one possible reason to deliberately back off is to not provide intelligence on max performance envelope to provide less of a target for near peer threats with regards to research and engineering). There are actually a lot of low speed manouvres that I've seen a late model 3D-vectored Sukhoi perform that a 2D-vectored F-22 has not demonstrated. The F-35 is dead on arrival in many areas (at the moment. Definitely from a WVR perspective) as many people have stated. My hope and expectation is that it will have significant upgrades throughout it's lifetime
https://medium.com/war-is-boring/don-t-think-the-f-35-can-fight-it-does-in-this-realistic-war-game-fc10706ba9f4
https://medium.com/war-is-boring/one-analyst-predicted-the-f-35s-s-dogfight-failure-50a942d0cf8a
http://asia.rbth.com/why_the_indonesian_air_force_wants_the_su-35_45943.html 
https://defenseissues.wordpress.com/2013/12/21/on-rafale-vs-f-22-bfm/
http://www.flightglobal.com/blogs/the-dewline/2009/11/rafale-beats-f-35-f-22-in-flig/
http://bestfighter4canada.blogspot.com.au/2014/09/fighter-jet-fight-club-f-35-vs-gripen.html
http://asia.rbth.com/science_and_tech/2013/10/09/su-35s_overtakes_american_f-22_in_terms_intellect_30639.html 
http://www.migflug.com/jetflights/p-i-r-a-t-e-versus-raptor.html
https://defenseissues.wordpress.com/2012/10/20/cleaning-up-red-flag-alaska-f-22-vs-typhoon-debate/
http://www.businessinsider.com/f-22-wont-win-a-dogfight-thrust-vectoring-raptor-typhoon-eurofighter-2013-2
F22 vs Rafale dogfight video
https://www.youtube.com/watch?v=ioTTnjxNc7o
Dogfight: Rafale vs F22 (Close combat)
https://www.youtube.com/watch?v=KOswfrc7Xtg
F-22 RAPTOR vs F-15 EAGLE
https://www.youtube.com/watch?v=wr-8dSkfs8Y
- in the past public information/intelligence regarding some defense programs/equipment have been limited to reduce the chances of a setting off arms race. That way the side who has disemminated the mis-information can be guaranteed an advantage should there be a conflict. Here's the problem though, while some of this may be such, I doubt that all of it is. My expectation that due to some of the intelligence leaks (many terabytes. Some details of the breach are available publicly) regarding designs of the ATF (F-22) and JSF (F-35) programs is also causing some problems as well. They need to overcome technical problems as well as problems posed by previous intelligence leaks. Some of what is being said makes no sense as well. Most of what we're being sold on doesn't actually work (yet) (fusion, radar, passive sensors, identification friend-or-foe, etc...)...
http://www.wired.com/2013/03/f-35-blind-spot/
http://blogs.crikey.com.au/planetalking/2009/07/12/the-f-35-jsf-predator-or-prey/
https://medium.com/war-is-boring/no-the-f-35-can-t-fight-at-long-range-either-5508913252dd
https://medium.com/war-is-boring/one-analyst-predicted-the-f-35s-s-dogfight-failure-50a942d0cf8a
https://medium.com/war-is-boring/fd-how-the-u-s-and-its-allies-got-stuck-with-the-worlds-worst-new-warplane-5c95d45f86a5 
http://english.pravda.ru/opinion/columnists/30-04-2009/107481-jsf_swindle-0/
http://www.wired.com/2012/04/f35-videos/
http://aviationweek.com/defense/opinion-joint-strike-fighter-debate-enters-new-phase
http://www.vanityfair.com/news/2013/09/joint-strike-fighter-lockheed-martin
http://www.theaustralian.com.au/national-affairs/policy/jsf-the-only-way-to-fly-into-future/story-fn59nlz9-1226936460799
http://www.dailytech.com/Report+Air+Forces+Spoiled+F35+Superjet+Has+No+Code+to+Shoot+Its+Gun/article37043.htm
http://www.smh.com.au/national/china-stole-plans-for-a-new-fighter-plane-spy-documents-have-revealed-20150118-12sp1o.html
- if production is really as problematic as they say that it could be without possible recourse then the only thing left is to bluff. Deterrence is based on the notion that your opponent will not attack because you have a qualitative or quantitative advantage... Obviously, the problem if there is actual conflict we have a huge problem. We purportedly want to be able to defend ourselves should anything potentially bad occur. The irony is that our notion of self defense often incorporates force projection in far off, distant lands...
F22 Raptor Exposed - Why the F22 Was Cancelled
https://www.youtube.com/watch?v=KaoYz90giTk
F-35 - a trillion dollar disaster
https://www.youtube.com/watch?v=39AO-axUd-k
4/6 F-35 JOINT STRIKE FIGHTER IS A LEMON
https://www.youtube.com/watch?v=ojPnp2hwqaE
JSF 35 vs F18 superhornet
https://www.youtube.com/watch?v=IUf_hhxngK4
- we keep on giving Lockheed Martin a tough time regarding development and implementation but we keep on forgetting that they have delivered many successful platforms including the U-2, the Lockheed SR-71 Blackbird, the Lockheed F-117 Nighthawk, and the Lockheed Martin F-22 Raptor
https://en.wikipedia.org/wiki/Lockheed_Martin
https://en.wikipedia.org/wiki/Skunk_Works
https://en.wikipedia.org/wiki/The_Boeing_Company
https://en.wikipedia.org/wiki/Boeing_Phantom_Works
f-22 raptor crash landing
https://www.youtube.com/watch?v=faB5bIdksi8
- SIGINT/COMINT often produces a lot of a false positives. Imagine listening to every single conversation that you overheard every single conversation about you. Would you possibly be concerned about your security? Probably more than usual despite whatever you might say? As I said previously in posts on this blog it doesn't makes sense that we would have such money invested in SIGINT/COMINT without a return on investment. I believe that we may be involved in far more 'economic intelligence' then we may be led to believe
http://dtbnguyen.blogspot.com/2015/06/the-value-of-money-part-4.html
- despite what is said about the US (and what they say about themselves), they do tell half-truths/falsehoods. They said that the Patriot missile defense systems were a complete success upon release with ~80% success rates when first released. Subsequent revisions of past performance have indicated actual success rate of about half that. It has been said that the US has enjoyed substantive qualitative and quantitative advantages over Soviet/Russian aircraft for a long time. Recently released data seems to indicate that it is closer to parity (not 100% sure about the validity of this data) when pilots are properly trained. There seems to be indications that Russian pilots may have been involved in conflicts where they shouldn't have been or were unknown to be involved...
https://en.wikipedia.org/wiki/MIM-104_Patriot
https://en.wikipedia.org/wiki/Aegis_Ballistic_Missile_Defense_System
https://en.wikipedia.org/wiki/Anti-ballistic_missile
https://en.wikipedia.org/wiki/Missile_defense_systems_by_country
https://en.wikipedia.org/wiki/Missile_defense
- the irony between the Russians and US is that they both deny that their technology is worth pursuing and yet time seems to indicate otherwise. A long time ago Russian scientists didn't bother with stealth because they though it was overly expensive without enough of a gain (especially in light of updated sensor technology) and yet the PAK-FA/T50 is clearly a test bed for such technology. Previously, the US denied that that thrust vectoring was worth pursuing and yet the the F-22 clearly makes use of it
- based on some estimates that I've seen the F-22 may be capable of close to Mach 3 (~2.5 based on some of the estimates that I've seen) under limited circumstances
- people keep on saying maintaining a larger, indigenous defense program is simply too expensive. I say otherwise. Based on what has been leaked regarding the bidding process many people basically signed on without necessarily knowing everything about the JSF program. If we had more knowledge we may have proceeded a little bit differently
- a lot of people who would/should have classified knowledge of the program are basically implying that it will work and will give us a massive advantage give more development time. The problem is that there is so much core functionality that is so problematic that this is difficult to believe...
http://www.thedailybeast.com/articles/2014/04/28/new-u-s-stealth-jet-can-t-hide-from-russian-radar.html
http://www.thedailybeast.com/articles/2014/12/31/new-u-s-stealth-jet-can-t-fire-its-gun-until-2019.html
http://www.vanityfair.com/news/2013/09/joint-strike-fighter-lockheed-martin
https://en.wikipedia.org/wiki/Joint_Strike_Fighter_program
http://www.dailytech.com/Report+Air+Forces+Spoiled+F35+Superjet+Has+No+Code+to+Shoot+Its+Gun/article37043.htm
- the fact that pilots are being briefed not to allow for particular circumstances tells us that there are genuine problems with the JSF
- judging by the opinions in the US military many people are guarded regarding the future performance of the aircraft. We just don't know until it's deployed and see how others react from a technological perspective
- proponents of the ATF/JSF programs keep on saying that since you can't see it you can't shoot. If that's the case, I just don't understand why we don't push up development of 5.5/6th gen fighters (stealth drones basically) and run a hybrid force composed of ATF, JSF, and armed drones (some countries including France are already doing this)? Drones are somewhat of a better known quantity and without life support issues to worry about should be able to go head to head with any manned fighter even with limited AI and computing power. Look at the following videos and you'll notice that the pilot is right on the physical limit in a 4.5 gen fighter during an excercise with an F-22. A lot of stories are floating around indicating that the F-22 enjoys a big advantage but that under certain circumstance it can be mitigated. Imagine going up against a drone where you don't have to worry about the pilot blacking out, pilot training (incredibly expensive to train. Experience has also told us that pilots need genuine flight time not just simulation time to maintain their skills), a possible hybrid propulsion system (for momentary speed changes/bursts (more than that provided by afterburner systems) to avoid being hit by a weapon or being acquired by a targeting system), and has more space for weapons and sensors? I just don't understand how you would be better off with a mostly manned fleet as opposed to a hybrid fleet unless there are technological/technical issues to worry about (I find this highly unlikely given some of the prototypes and deployments that are already out there)
https://defenseissues.wordpress.com/2013/12/21/on-rafale-vs-f-22-bfm/
F22 vs Rafale dogfight video
https://www.youtube.com/watch?v=ioTTnjxNc7o
Dogfight: Rafale vs F22 (Close combat)
https://www.youtube.com/watch?v=KOswfrc7Xtg
F-22 RAPTOR vs F-15 EAGLE
https://www.youtube.com/watch?v=wr-8dSkfs8Y
https://en.wikipedia.org/wiki/Dogfight
http://www.defenseindustrydaily.com/f-22-raptor-capabilities-and-controversies-019069/
http://www.wired.com/2012/07/f-22-germans/
http://www.defensenews.com/story/defense/air-space/strike/2015/07/15/typhoon-eurofighter-aerodynamic-modifications-agility/30181011/
- if I were a near peer aggressor or looking to defend against 5th gen threats I'd just to straight to 5.5/6th gen armed drone fighter development. You wouldn't need to fulfil all the requirements and with the additional lead time you may be able to achieve not just parity but actual advantages while possibly being cheaper with regards to TCO (Total Cost of Ownership). There are added benefits going straight to 5.5/6th gen armed drone development. You don't have to compromise so much on design. The bubble shaped (or not) canopy to aide dogfighting affects aerodynamic efficiency and actually is one of the main causes of increased RCS (Radar Cross Section) on a modern fighter jet. The pilot and additional equipment (ejector sear, user interface equipment, life support systems, etc...) would surely add a large amount of weight which can now be removed. With the loss in weight and increase in aerodynamic design flexibility you could save a huge amount of money. You also have a lot more flexibility in reducing RCS. For instance, some of the biggest reflectors of RADAR signals is the canopy (a film is used to deal with this) and the pilot's helmet and one of the biggest supposed selling points of stealth aircraft are RAM coatings. They're incredibly expensive though and wear out (look up the history of the B-2 Spirit and the F-22 Raptor). If you have a smaller aicraft to begin with though you have less area to paint leading to lower costs of ownership while retaining the advantages of low observable technology
https://en.wikipedia.org/wiki/Radar-absorbent_material
https://en.wikipedia.org/wiki/Stealth_technology
https://en.wikipedia.org/wiki/Northrop_Grumman_B-2_Spirit
https://en.wikipedia.org/wiki/Lockheed_Martin_F-22_Raptor
http://www.defensenews.com/story/defense/air-space/strike/2015/01/21/northrop-6th-gen-fighter/22089857/
https://en.wikipedia.org/wiki/Sixth-generation_jet_fighter
https://en.wikipedia.org/wiki/Next_Generation_Air_Dominance
http://asia.rbth.com/science_and_tech/2013/08/30/russian_air_force_views_unmanned_fighters_as_the_future_29375.html
- the fact that it has already been speculated that 6th gen fighters may focus less on stealth and speed and more on weapons capability means that the US is aware of increasingly effective defense systems against 5th gen fighters such as the F-22 Raptor and F-35 JSF which rely heavily on low observability
https://en.wikipedia.org/wiki/Next_Generation_Air_Dominance 
- based on Wikileaks and other OSINT (Open Source Intelligence) everyone involved with the United States seems to acknowledge that they get a raw end of the deal to a certain extent but they also seem to acknowledge/imply that life is easier with them than without them. Read enough and you'll realise that even when classified as a closer partner rather than just a purchaser of their equipment you sometimes don't/won't receive much extra help
http://blogs.crikey.com.au/planetalking/2009/07/12/the-f-35-jsf-predator-or-prey/
http://larvatusprodeo.net/archives/2007/10/us-sold-us-crippled-hornets-in-80s-according-to-beazley/
http://www.darkgovernment.com/news/australia-cracked-u-s-radar-codes/
- if we had the ability I'd be looking to develop our own indigineous program defense programs. At least when we make procurements we'd be in a better position to be able to make a decision as to whether what was being presented to us was good or bad. We've been burnt on so many different programs with so many different countries... The only issue that I may see is that the US may attempt to block us from this. It has happened in the past with other supposed allies before...
https://en.wikipedia.org/wiki/Stealth_aircraft
http://www.telegraph.co.uk/news/newstopics/howaboutthat/5773358/Nazis-were-close-to-building-stealth-bomber-that-could-have-changed-course-of-history.html
- I just don't get it sometimes. Most of the operations and deployments that US and allied countries engage in are counter-insurgency and CAS significant parts of our operations involving mostly un-manned drones (armed or not). 5th gen fighters help but they're overkill. Based on some of what I've seen the only two genuine near peer threats are China and Russia both of whom have known limitations in their hardware (RAM coatings/films, engine performance/endurance, materials design and manufacturing, etc...). Sometimes it feels as though the US looks for enemies that mightn't even exist. Even a former Australian Prime-Ministerial advister said that China doesn't want to lead the world, "China will get in the way or get out of the way." The only thing I can possibly think of is that the US has intelligence that may suggest that China intends to project force further outwards (which it has done) or else they're overly paranoid. Russia is a slightly different story though... I'm guessing it would be interesting reading up more about how the US (overall) interprets Russian and Chinese actions behinds the scenes (lookup training manuals for allied intelligence officers for an idea of what our interpretation of what their intelligence services are like)
https://en.wikipedia.org/wiki/Russian_Air_Force
https://en.wikipedia.org/wiki/People%27s_Liberation_Army_Air_Force
http://www.smh.com.au/federal-politics/political-news/china-not-fit-for-global-leadership-says-top-canberra-official-michael-thawley-20150630-gi1o1f.html
http://thediplomat.com/2015/07/china-wants-to-develop-a-new-long-range-strategic-bomber/
http://www.defenceaviation.com/2008/07/pakda-a-russian-stealth-bomber.html
http://theaviationist.com/2013/10/30/usaf-lrs/
http://hamptonroads.com/2015/07/stealthy-f22-jet-serves-escort-ensures-other-warfighting-aircraft-survive
http://www.washingtonpost.com/blogs/post-politics/wp/2015/07/21/obama-defends-iran-deal-decries-over-reliance-on-military-force/
http://warontherocks.com/2015/07/chinas-new-intelligence-war-against-the-united-states/?singlepage=1
http://nationalinterest.org/feature/gun-hire-5-russian-weapons-war-sale-13411
http://www.forbes.com/sites/lorenthompson/2015/07/23/f-35-fighter-engines-how-the-pentagon-will-make-sure-pratt-whitney-performs/
- sometimes people say that the F-111 was a great plane but in reality there was no great use of it in combat. It could be the exact same circumstance with the F-35
http://australianaviation.com.au/2014/07/f-35-rollout-highlights-raafs-greatest-opportunity-for-evolutionary-change/
https://en.wikipedia.org/wiki/General_Dynamics_F-111_Aardvark
- there could be a chance the aircraft could become like the B-2 and the F-22. Seldom used because the actual true, cost of running it is horribly high. Also imagine the ramifications/blowback of losing such an expensive piece of machinery should there be a chance that it can be avoided
- defending against 5th gen fighters isn't easy but it isn't impossible. Sensor upgrades, sensor blinding/jamming technology, integrated networks, artificial manipulation of weather (increased condensation levels increases RCS), faster and more effective weapons, layered defense (with strategic use of disposable (and non-disposable) decoys so that you can hunt down departing basically, unarmed fighters), experimentation with cloud seeing with substances that may help to speed up RAM coating removal or else reduce the effectiveness of stealth technology (the less you have to deal with the easier your battles will be), forcing the battle into unfavourable conditions, etc... Interestingly, there have been some accounts/leaks of being able to detect US stealth bombers (B-1) lifting off from some US air bases from Australia using long range RADAR. Obviously, it's one thing to be able to detect and track versus achieving a weapons quality lock on a possible target
http://news.usni.org/2014/05/14/can-chinas-new-destroyer-find-u-s-stealth-fighters
RUSSIAN RADAR CAN NOW SEE F-22 AND F-35 Says top US Aircraft designer
https://www.youtube.com/watch?v=Z_vXqtCkVy8
https://en.wikipedia.org/wiki/Jindalee_Operational_Radar_Network
https://en.wikipedia.org/wiki/Over-the-horizon_radar
- following are rough estimate on RCS of various modern defense aircraft. It's clear that while Chinese and Russian technology aren't entirely on par they make the contest unconfortably close. Estimates on the PAK-FA/T-50 indicate RCS of about somewhere between the F-35 and F-22. Ultiamtely this comes back down to a sensor game. Rough estimates seem to indicate a slight edge to the F-22 in most areas. Part me thinks that the RCS of the PAK-FA/T-50 must be propoganda, the other part leads me to believe that there is no way countries would consider purchase of the aircraft if it didn't offer a competitive RCS
http://www.globalsecurity.org/military/world/stealth-aircraft-rcs.htm
http://www.ausairpower.net/APA-NOTAM-300309-1.html
http://www.f-16.net/forum/viewtopic.php?t=4408
https://www.youtube.com/watch?v=Z_vXqtCkVy8
http://www.ausairpower.net/APA-2011-03.html
http://www.flightglobal.com/blogs/the-dewline/2009/02/growler-power-ea-18g-boasts-f-/
http://www.theage.com.au/technology/technology-news/revolutionary-f35-joint-strike-fighter-pilots-smart-helmet-will-cost-a-bomb-20150224-13ko9d.html
http://www.news.com.au/technology/the-1-trillion-f35-tries-to-be-all-things-but-succeeds-at-few-say-critics-but-is-australias-new-weapon-now-too-big-to-fail/story-e6frfrnr-1226950254330
http://in.rbth.com/blogs/2013/04/08/why_australia_should_scratch_the_f-35_and_fly_sukhois_23629.html
http://ozzyblizzard.blogspot.com.au/2008/12/air-power-australia-flanker-analysis.html
https://www.facebook.com/notes/f-22-raptor/t-50-advantages-over-f22-and-why-f22-is-the-only-fighter-which-can-match-its-cou/10151667295298040?_fb_noscript=1
- it's somehwat bemusing that that you can't take pictures/videos from certain angles of the JSF in some of the videos mentioned here and yet there are heaps of pictures online of LOAN systems online including high resolution images of the back end of the F-35 and F-22
http://www.f-16.net/f-16_versions_article20.html
http://air-attack.com/images/single/740/The-F-35B-Lightning-II-rotates-its-engine-nozzle.html
http://defence.pk/threads/low-observable-nozzles-exhausts-on-stealth-aircraft.328253/
F 22 Raptor F 35 real shoot super clear
https://www.youtube.com/watch?v=FmLa-5R6TrI
- people keep on saying that if you can't see and you can't lock on to stealth aircraft they'll basically be gone by the time. The converse is true. Without some form of targeting system the fighter in question can't lock on to his target. Once you understand how AESA RADAR works you also understand that given sufficient computing power, good implementation skills, etc... it's also subject to the same issue that faces the other side. You shoot what you can't see and by targeting you give away your position. My guess is that detection of tracking by RADAR is somewhat similar to a lot of de-cluttering/de-noising algorithms (while making use of wireless communication/encryption & information theories as well) but much more complex... which is why there has been such heavy investment and interest in more passive systems (infra-red, light, sound, etc...)
https://en.wikipedia.org/wiki/Active_electronically_scanned_array
https://en.wikipedia.org/wiki/Dassault_Rafale
https://en.wikipedia.org/wiki/Euroradar_CAPTOR
https://en.wikipedia.org/wiki/Infra-red_search_and_track
https://en.wikipedia.org/wiki/Optronique_secteur_frontal
https://en.wikipedia.org/wiki/Targeting_pod
https://en.wikipedia.org/wiki/Forward_looking_infrared
http://aviationweek.com/defense/opinion-joint-strike-fighter-debate-enters-new-phase
F-35 JSF Distributed Aperture System (EO DAS)
https://www.youtube.com/watch?v=9fm5vfGW5RY

Lockheed Martin F-35 Lightning II- The Joint Strike Fighter- Full Documentary.
https://www.youtube.com/watch?v=AA2nvhHG6y4
4195: The Final F-22 Raptor
https://www.youtube.com/watch?v=fYEx9BiJNfE
https://en.wikipedia.org/wiki/Joint_Strike_Fighter_program
http://theaviationist.com/2015/07/13/f-35-pilot-about-flight-helmet/
http://www.wesh.com/politics/the-f35-is-it-worth-the-cost/34194708
http://forums.bharat-rakshak.com/viewtopic.php?f=3&t=5400&start=320
http://www.vanityfair.com/news/2013/09/joint-strike-fighter-lockheed-martin
http://www.f-16.net/forum/viewtopic.php?p=94991
http://forum.keypublishing.com/archive/index.php/t-81329-p-2.html
http://aviationweek.com/blog/read-f-35-accident-report
Rafale beats F 35 & F 22 in Flight International
https://www.youtube.com/watch?v=Bq4-TxgE8iU
Eurofighter Typhoon fighter jet Full Documentary
https://www.youtube.com/watch?v=WkBHpSBNnM4
Eurofighter Typhoon vs Dassault Rafale
https://www.youtube.com/watch?v=2wWkHKYcvos
DOCUMENTARY - SUKHOI Fighter Jet Aircrafts Family History - From Su-27 to PAK FA 50
https://www.youtube.com/watch?v=CYAw-FhTxHw
Green Lantern : F35 v/s UCAVs
https://www.youtube.com/watch?v=XtXPQNW2HqE

Friday, July 17, 2015

Selling Software Online, Installer, Packaging, and Packing Software, Desktop Automation, and More

Selling software online is deceptively simple. Actually making money out of it can be much more difficult.
http://www.cio.com/article/2388308/enterprise-software/14-tips-for-selling-software-and-services-online.html
http://www.quora.com/What-is-best-way-to-sell-software-online
http://www.softwarecasa.com/sell-software-i-4.html?ModPagespeed=noscript
http://www.forbes.com/sites/kathycaprino/2013/05/21/why-your-online-program-just-wont-sell/
http://www.fastspring.com/selling-software-online

Heaps of packaging/installer programs out there. Some cross platform solutions out there as well. Interestingly, just like a lot of businesses out there (even a restaurant that I frequent will offer you a free drink if you 'Like' them via Facebook) now they make use of guerilla style marketing techniques. Write a blog article for them and they may provide you with a free license.
https://en.wikipedia.org/wiki/List_of_installation_software
http://www.techrepublic.com/blog/five-apps/five-apps-for-creating-installation-packages/
http://www.advancedinstaller.com/free-license.html
http://www.jrsoftware.org/isinfo.php
https://en.wikipedia.org/wiki/List_of_software_package_management_systems
http://www.flexerasoftware.com/producer/products/software-installation/installshield-software-installer/
http://www.flexerasoftware.com/producer/resources/free-trials/#installshield

I've always wondered how much money software manufacturers make from bloatware and other advertising... It can vary drastically. Something that to watch for are silent/delayed installs though. Namely, installation of software even though it doesn't show up the Window's 'Control Panel'.
http://www.lifehacker.com.au/2015/05/crapware-is-a-horrible-problem-and-its-all-our-fault/
http://www.howtogeek.com/168691/how-to-avoid-installing-junk-programs-when-downloading-free-software/?PageSpeed=noscript
http://www.lifehacker.com.au/2013/11/unchecky-ensures-you-never-accidentally-install-bundleware-again/
http://unchecky.com/
http://www.makeuseof.com/tag/fight-toolbar-installer-bloatware-opinion/
https://www.google.com/admob/monetize.html
http://www.mobyaffiliates.com/blog/how-to-make-more-money-from-your-app-monetization-tips-from-appflood/
http://www.codefuel.com/developers
http://www.incomediary.com/7-best-plugins-for-monetization
http://www.amonetize.com/
http://installmonetizer.com/
http://www.sterkly.com/installer-monetization/
https://unityads.unity3d.com/help/Frequently%20Asked%20Questions/faq
http://www.revenyou.com/
http://www.buzinga.com.au/buzz/how-to-make-money-from-apps/

Even though product activation/DRM can be simple to implement (depending on the solution), cost can vary drastically depending on the company and solution that is involved.
https://en.wikipedia.org/wiki/Product_activation
http://stackoverflow.com/questions/3481594/how-to-program-a-super-simple-software-activation-system
https://activatar.codeplex.com/
https://www.fingoo.net/lib/asp/packages.asp
http://stackoverflow.com/questions/822468/is-there-an-open-source-drm-solution
http://www.fatbit.com/fab/launch-best-gaana-clone-script-features-website-details-confirm/
http://www.fileopen.com/
https://en.wikipedia.org/wiki/Digital_rights_management
https://en.wikipedia.org/wiki/Copy_protection

Sometimes you just want to know what packers and obfuscation a company may have used to protect/compress their program. It's been a while since I looked at this and it looks like things were just like last time. A highly specialised tool with few genuinely good, quality candidates...
https://en.wikibooks.org/wiki/Reverse_Engineering/File_Formats
http://stackoverflow.com/questions/1271550/how-to-detect-what-was-the-pe-packer-used-on-the-given-exe
http://www.woodmann.com/collaborative/tools/index.php/Category:Packer_Identifiers
http://reverseengineering.stackexchange.com/questions/3184/packers-protectors-for-linux
http://ntinfo.biz/
https://www.digitalocean.com/community/tutorials/how-to-install-and-get-started-with-packer-on-an-ubuntu-12-04-vps
https://en.wikipedia.org/wiki/Executable_compression
http://upx.sourceforge.net/
https://malwr.com

A nice way of earning some extra/bonus (and legal) income if you have a history being able to spot software bugs.
https://bugcrowd.com/list-of-bug-bounty-programs
http://www.businessinsider.com.au/twitter-hackerone-bounty-program-2014-9
http://www.siteslike.com/similar/vupen.com
https://en.wikipedia.org/wiki/Pwn2Own

If you've never used screen/desktop automation software before there are actually quiet a few options out there. Think of it as 'Macros' for the Windows desktop. The good thing is that a lot of them may use a scripting language for the backend and have other unexpected functionality as well opening up further opportunities for productivity and automation gains.
http://alternativeto.net/software/sikuli/
http://stackoverflow.com/questions/11497613/what-better-tool-than-sikuli-to-use-for-screen-automation-on-windows-7-or-prefe
https://answers.launchpad.net/sikuli/+question/141373
http://stackoverflow.com/questions/6337629/how-to-send-ctrl-c-in-sikuli
https://answers.launchpad.net/sikuli/+question/185777
https://answers.launchpad.net/sikuli/+question/232900

A lot of partition management software claim to be able to basically handle all circumstances. The strange thing is that disk cloning to an external drive doesn't seem to be handled as well. The easiest/simplest way seems to be just using a caddy/internal in combination with whatever software you may be using.
http://forum.easeus.com/viewtopic.php?t=20183
http://kb.easeus.com/art.php?id=10039
http://www.partition-tool.com/easeus-partition-manager/disk-copy.htm

There are some free Australian accounting solutions out there. A bit lacking feature wise though.
http://www.flyingsolo.com.au/forums/index.php?threads/free-accounting-software-australia-recommendations.29338/
http://www.bit.com.au/Review/344651,7-accounting-packages-for-australian-small-businesses-compared-including-myob-quickbooks-online-reckon-xero.aspx
http://bas-i.com.au/
http://l-lists.com/en/lists/rn52ao.html

Every once in a while someone sends you an email in a 'eml' format which can't be decoded by your local mail client. Try using 'ripmime'...
http://superuser.com/questions/187106/extract-save-a-mail-attachment-using-bash

Friday, July 10, 2015

Electronics (TV) Repair, Working at Amazon, and Dealing With a Malfunctioning Apple iDevice

I obviously do component level electronics repair from time to time (I've been doing electronics repair/modification since I was fairly young on devices ranging from food processers all the way up to advanced electronic component level repair such as laptops). One of recent experiments was with large screen flat panel (Plasma, LCD, LED, etc...) television sets. Some general notes:

- take precautions. If you've ever watched some of those guys on YouTube, you'll realise that they are probably amateur electrcians and have probably never been shocked/electrocuted before. It's one thing to work with small electronic devices. It's an entirely different matter to be working with mains voltage. Be careful...
- a lot of the time electronic failure will take occur gradually over time (although the amount of time can vary drastically obviously)
- don't just focus on repairing it so that power can flow through the circuit once more. It's possible that it will just fail once more. Home in on the problem area, and make sure everything's working. That way you don't have to keep on dealing with other difficulties down the track
http://electronics.stackexchange.com/questions/25055/slow-blow-vs-fast-acting-fuse
http://en.wikipedia.org/wiki/Fuse_%28electrical%29
- it may only be possible to test components outside of circuit. While testing components with a multimeter will help you may need to purchase more advanced and expensive diagnostic equipment to really figure out what the true cause of the problem is
http://www.eevblog.com/forum/beginners/is-there-any-way-to-test-capacitors-while-on-the-circuit-board/
http://electronics.stackexchange.com/questions/95663/how-to-test-capacitors-of-non-working-circuit-board-using-capacitor-meter
http://en-us.fluke.com/training/training-library/test-tools/digital-multimeters/how-to-measure-capacitance-with-a-digital-multimeter.html
http://www.learningaboutelectronics.com/Articles/How-to-test-a-capacitor
http://www.tpub.com/neets/book7/24l.htm
http://www.ladyada.net/library/metertut/resistance.html?PageSpeed=noscript
https://en.wikipedia.org/wiki/Oscilloscope
- setup a proper test environment. Ideally, one where you have a seperate circuit and where there are safety mechanisms in place to reduce the chances of a total blackout in your house and to increase your personal safety
- any information that you take from this is at your own risk. Please don't think that any of the information here will turn you into a qualified electronics technician or will allow you to solve most problems that you will face
- a lot of the time information on the Internet can be helpful but only applies to particular conditions. Try to understand and work the problem rather than just blindly following what other people do. It may save you a bit of money over the long term
http://en.wikipedia.org/wiki/Failure_modes_of_electronics
http://en.wikipedia.org/wiki/Cascading_failure
https://ca.answers.yahoo.com/question/index?qid=20100213153443AAc1xPb
http://electronics.stackexchange.com/questions/8129/how-do-components-fail
http://www.angelfire.com/planet/funwithtransistors/Book_TS_CHAP-3.html
http://www.angelfire.com/electronic/funwithtubes/Restore_cap.html
http://www.avsforum.com/forum/167-plasma-flat-panel-displays/1490867-samsung-pn60e550d1f-no-picture-has-sound-capacitors-look-ok.html
http://www.avsforum.com/forum/167-plasma-flat-panel-displays/1490976-samsung-51d490-sound-but-no-picture-issue.html
http://forum.allaboutcircuits.com/threads/lg-42-lcd-tv-42lg60fr-picture-goes-black-sound-still-on.86475/
http://www.gamersyde.com/forum_lg_lcd_tv_47lg50_blacked_out_-33_34874_1_en.html
http://www.avsforum.com/forum/166-lcd-flat-panel-displays/1337855-tv-turns-there-sound-but-no-picture.html
https://www.youtube.com/channel/UCUfgq9Gn8S041qQFl0C-CEQ
https://www.youtube.com/user/GrantsPassTVRepairs?feature=hovercard
http://www.explainthatstuff.com/plasmatv.html
http://www.badcaps.net/forum/showthread.php?t=18542
http://www.badcaps.net/forum/showthread.php?t=33333
https://www.ifixit.com/Answers/View/136156/color+on+LCD+fades+to+white+after+10+seconds
http://support-us.samsung.com/cyber/popup/iframe/pop_troubleshooting_fr.jsp?idx=28929&modelname=LT-P227W
https://us.en.kb.sony.com/app/answers/detail/a_id/42696/~/the-tv-turns-off-and-on-by-itself,-reboots,-or-the-standby-light-is-blinking
https://answers.yahoo.com/question/index?qid=20080129052848AAdAtpt
http://forums.cnet.com/7723-13973_102-530929/horizontal-black-lines-on-samsung-50-plasma-tv/
http://forums.cnet.com/7723-13973_102-511585/plasma-tv-has-3-thin-black-lines/
http://everydaylife.globalpost.com/causes-horizontal-lines-lcd-panel-37988.html
Philips 32PFL5522D/05 - Completely dead (no power LED or signs of life) - Diagnosis and repair
https://www.youtube.com/watch?v=TrphsEw8slw
how fix tv site:blogspot.com
- electronics repair is becoming increasingly un-economical. Parts may be impossible to find and replacing the TV rather than fixing it may actually be cheaper (especially when the screen is cracked. It's almost certain that a new replacement is going to cost more than the set itself). The only circumstances where it's likely to be worth it is if you have cheap spare parts on hand or the type of failure involves a relatively small, minor, component. The other thing you should know is that while the device may be physically structured in such a way to appear modularised it may not fail in such a fashion. I've been reading about boards which fail but actually have no mechanism to stop it from bleeding into other modules which means you end up in an infinite, failure loop. Replace one bad component with a good one and the leftover apparently good component fails and takes out the new, good board eventually. The cycle then continues on forever before the technician realises this or news of such design spreads. You may have to replace both boards at the same time which then makes the repair un-economical
http://resistor.cherryjourney.pt/
http://www.eeweb.com/toolbox/4-band-resistor-calculator
http://www.1728.org/resisclr.htm
http://www.camradio.net/resistors.html
- spare parts can be extremely difficult to source or are incredibly expensive. Moreover, the quality of the replacement parts can vary drastically in quality. If at all possible work with a source of known quality. Else, ask for demo parts particularly with Asian suppliers who may provide them for free and as a means of establishing a longer term business relationship
http://www.aliexpress.com/store/product/37PFL7422-93-37TA2800-Power-Supply-715T2484-5-Original-parts/715046_32223080629.html
http://www.aliexpress.com/store/product/Non-Replacement-37PFL7422-Power-Board-715T2484-5/1395137_32228251009.html
http://en.wikipedia.org/wiki/Mains_electricity_by_country
http://www.worldstandards.eu/electricity/plug-voltage-by-country/
https://answers.yahoo.com/question/index?qid=20060619172834AADo9qt
http://electronics.stackexchange.com/questions/120983/what-happens-if-a-240v-appliance-is-connected-in-a-120v-ac-power-supply
http://electronics.stackexchange.com/questions/29259/charging-devices-voltage-and-amperage
https://answers.yahoo.com/question/index?qid=20060619172834AADo9qt
- be careful when replacing parts. Try to do your bet to replace like for like. Certain systems will operate in a degraded state if/when using sub-par replacements but will ultimately fail down the line
http://electronics.stackexchange.com/questions/86530/substituting-capacitors
http://www.antiqueradio.org/recap.htm
- use all your senses (and head) to track down a failure more quickly (sight and smell in particular for burnt out components). Sometimes, it may not be obvious where the actual failure is as opposed to where it may appear to be coming from. For instance, one set I looked at had a chirping power supply. It had actually suffered from failures of multiple components which made it appear/sound as though the transformer had failed. Replacement of all relevant components (not the transformer) resulted in a functional power supply unit and stopping of the chirping sound
http://www.cnet.com/au/news/samsung-power-defect-causes-some-tvs-to-fail-and-a-class-action-suit-follows/
http://techreport.com/forums/viewtopic.php?f=37&t=62360&start=960
http://www.tomshardware.com/forum/363126-28-making-clicking-chirping-noises
https://answers.yahoo.com/question/index?qid=20111006212112AAbUauu
http://www.badcaps.net/forum/showthread.php?t=24657
http://www.badcaps.net/forum/showthread.php?t=18603
http://www.badcaps.net/forum/showthread.php?t=17379
http://superuser.com/questions/487729/motherboard-makes-high-pitched-chirping-noise-will-it-stop-by-itself-or-what-d
http://sound.westhost.com/troubleshooting.htm
http://www.instructables.com/id/Repair-your-electronics-by-replacing-blown-capacit/
http://www.justanswer.com/tv-repair/62e22-philips-42-inch-lcd-no-picture-just-chirping-sound-when-turned.html
http://www.fixya.com/tags/chirping/flat_panel_televisions/philips
http://www.ehow.com/how_7387574_philips-turn-making-chirping-noise.html
http://www.capacitorlab.com/visible-failures/
http://www.badcaps.net/pages.php?vid=5
http://www.angelfire.com/electronic/funwithtubes/Testing_caps.html
http://conradhoffman.com/capchecktut.htm
http://www.justanswer.com/tv-repair/71602-fix-vertical-lines-samsung-plasma-tv.html
http://www.digikey.com.au/product-detail/en/ECE-A1AKA470/P806-ND/6913
- as with musical instruments, teardowns may be the best that you can get with regards to details of how a device should work. This is nothing like school/University where you are given a rough idea of how it should work. You may be completely blind here...
http://dtbnguyen.blogspot.com.au/2015/06/repairing-musical-instrumentselectrical.html
- components may be shared across different manufacturers. It doesn't mean that they will work if swapped though. They could be using different version of the same base reference board (similar to the way in which graphics, sound, telecommunications, and network cards rely on reference designs in the ICT sector)
https://www.ifixit.com/
715t2484-3-schematic.pdf
Magnavox has a very similar layout to a similar size Phillips LCD TV
https://www.youtube.com/watch?v=qSS6ycUxS98

Apparently, Amazon are interested in some local talent.
http://aws.amazon.com/careers/aus-nz-event/
There are some bemusing tales of recruitment and the experience of working there though.
http://gawker.com/working-at-amazon-is-a-soul-crushing-experience-1573522379
http://www.theguardian.com/money/2014/nov/28/being-homeless-is-better-than-working-for-amazon
http://www.glassdoor.com.au/Overview/Working-at-Amazon-com-EI_IE6036.11,21.htm
http://www.salon.com/2014/02/23/worse_than_wal_mart_amazons_sick_brutality_and_secret_history_of_ruthlessly_intimidating_workers/

If your iPhone, iPad, or iPod touch doesn't respond or doesn't turn on. If your device is in a lot of trouble I often just run the following command on the storage, 'dd if=/dev/zero of=/dev/[iPod storage node]'. This will create a corrupted filesystem and force restoration of the iOS to factory settings/setup.
https://support.apple.com/en-au/HT201412
https://www.ifixit.com/Wiki/iPod_Classic_Troubleshooting
https://www.ifixit.com/Answers/View/15461/Won%27t+turn+on+or+charge
https://discussions.apple.com/thread/2468023?tstart=0
https://support.apple.com/en-au/HT201263
http://www.howtogeek.com/216839/what-to-do-when-your-iphone-or-ipad-won%E2%80%99t-turn-on/?PageSpeed=noscript

Sometimes digitizers play up. Apparently, a lot of strange behaviour can occur if certain cables are bent improperly or if there isn't enough space/insulation between certain components.
https://www.ifixit.com/Answers/View/137418/Digitizer+freaks+out+when+laid+flat+on+the+frame

Identify your iPad model.
https://support.apple.com/en-au/HT201471

If your device is suffering from device corruption issues you may need to backup your music first...
http://www.wikihow.com/Copy-Music-from-Your-iPod-to-Your-Computer 
http://www.syncios.com/how-to-backup-ipod-music-to-computer.html
http://lifehacker.com/5869827/how-to-copy-music-from-your-iphone-ipad-or-ipod-touch-to-your-computer-for-free
https://discussions.apple.com/thread/5025610
http://geeknizer.com/how-to-fix-corrupted-ipod/

A lot of substances can be used to remove scratches from your electronic device. Some of them not so obvious in the way that they actually work (solvents and abrasives are the most common techniques that are used).
http://www.macworld.com/article/1046291/scratchremove.html
http://www.instructables.com/id/Buffing-Your-Ipod/

Thursday, July 9, 2015

Ableton and Ableton Push Hacking

For those who have been tracking this blog, it's been obvious that I've recently been spending more and more time with the Ableton Push.

If you don't know what this is please see the following...
https://www.ableton.com/en/help/learn-push/
http://blog.dubspot.com/learned-30-days-ableton-push/
http://sonicbloom.net/en/two-weekends-with-ableton-push-part-1-review/
http://emilehoogenhout.com/reviews/ableton-push-an-exploration-emile-hoogenhout/
https://www.youtube.com/results?search_query=Ableton+Live+9+%26+Push+Masterclass+Webinar  
Easy to miss Push features
https://forum.ableton.com/viewtopic.php?f=55&t=196560
Helpful Push information.
https://forum.ableton.com/viewtopic.php?f=55&t=215744

Jeremy Ellis meets Ableton Push
https://www.youtube.com/watch?v=EdCgA54g-aM
Mad Zach Push Performance Walkthrough
https://www.youtube.com/watch?v=iSZm4ECbE5k
Decap Push Performance
https://www.youtube.com/watch?v=ZOtj5WtkR1Q

It's basically an advanced, modern musical instrument/MIDI controller.

There have been others who have attempted to de-compile and extend/modify the behaviour of the device but while information and the extensions that have been provided have been interesting and useful they have been somewhat limited.
https://github.com/gluon/AbletonLive9_RemoteScripts
http://julienbayle.net/ableton-live-9-midi-remote-scripts/
http://julienbayle.net/ableton-push/
ableton: just release the py midi remote scripts
https://forum.ableton.com/viewtopic.php?f=1&t=134338
Live 9 MIDI Remote Scripts revealed...
https://forum.ableton.com/viewtopic.php?f=1&t=190069
http://livecontrol.q3f.org/ableton-liveapi/articles/introduction-to-the-framework-classes/

I'm beginning to understand why. The following link provides an update to automatically generated documentation (via epydoc) of decompiled Ableton Remote Script code (my scripts for decompilation and automated documentation have been included in the package).

https://wiki.python.org/moin/DocumentationTools
http://stackoverflow.com/questions/1125970/python-documentation-generator
http://sphinx-doc.org/
https://packages.debian.org/search?keywords=python-sphinx
https://en.wikipedia.org/wiki/Comparison_of_documentation_generators
https://packages.debian.org/stable/python/python-epydoc
https://packages.debian.org/wheezy/python-epydoc

If you want to make any additional modifications of behaviour you'll need to be aware of the following:
- you'll need to catch up on your Python coding
http://stackoverflow.com/questions/36901/what-does-double-star-and-star-do-for-python-parameters
http://stackoverflow.com/questions/400739/what-does-asterisk-mean-in-python
https://en.wikipedia.org/wiki/Pickle_%28Python%29
http://stackoverflow.com/questions/514371/whats-the-bad-magic-number-error
http://stackoverflow.com/questions/12233837/bad-magic-number-while-trying-to-import-pyc-module
http://stackoverflow.com/questions/6034621/bad-magic-number-error-persists-even-after-rebuilding-the-pyc-file
https://shankaraman.wordpress.com/tag/how-to-fix-runtimeerror-bad-magic-number-in-pyc-file/
http://www.tutorialspoint.com/python/python_exceptions.htm
http://www.linuxtopia.org/online_books/programming_books/python_programming/python_ch17s03.html
- you'll need knowledge of how the device works, music and mathematical theory, Ableton, and core computing knowledge. It is not sufficient to know how they work seperately. You need to know how everything fits together.
- sounds obvious but start small and move up. This is critical particularly with reference to the awkward style of programming that they can sometimes resort to. More on this to below
- the code can vary in quality and style quite significantly at times. At times it seems incredibly clean, elegant, and well documented. At other times, it there is no documentation at all and doesn't seem to be well designed or engineered or have keep maintenance in mind. For instance, a commonly used design pattern is MVC. This doesn't seem to follow that. They use a heap of sentinels throughout there code. Moreover, the characters that are used can be a bit confusing. They don't use preprocesser directives/constants where they may be better suited. If you break certain aspects of the code you can end up breaking a whole lot of other parts. This may be deliberate (to reduce the chances of third party modification which is likely particularly as there seems to be some authentication/handshake mechasnisms in the code to stop it from working with 'uncertified devices') or not (they lack resources or just have difficult timelines to deal with)
https://mail.python.org/pipermail/tutor/2003-July/024206.html
http://stackoverflow.com/questions/2682745/creating-constant-in-python
- be prepared to read through a lot of code just to understand/make a change to something very small. As stated previously strictly speaking at times they don't adhere to good practice. That said, other aspects can be changed extremely easily without breaking other components
- due to the previous two poits it should seem obvious that it can be very difficult to debug things sometimes. Here's the other thing you should note,
- the reason why Ableton suffers from strange crashes and hangs from time to time becomes much more obvious when you look at the way they code. In the past, I've built programs (ones which rely on automated code generation in particular) that relied on a lot of consecutive steps that required proper completion/sequencing for things to work properly. When things work well, things are great. When things break, you feel and look incredibly silly
- you may need to figure out a structure for ensuring and maintaining a clean coding environment. I try to have two screens with one for clean code and another for modified code. Be prepared to restart from scratch by reverting to a clean pyc code and only one or a small number of modified py files.
- caching occurs in situations where you may not entirely expect. If you can not explain what is happening and suspect caching just restart the system. Better yet, maintain your development environment in a virtual machine to reduce hardware stress caused by continual restarts.
- you will need patience. As stated previously, due to the way code has been structured (sometimes) you'll need to understand it properly to allow you to make changes without breaking other parts. Be prepared to modify, delete, or add code just to help you understand it
- if you've ever dealt with firmware or embedded devices on a regular basis you would be entirely familiar with some of what I'm talking about. Like a lot of embedded devices you'll have limited feedback if something goes wrong and you'll be scratching your head with regards to how to work the problem
http://dtbnguyen.blogspot.com.au/2012/07/if-only-reading-were-easier.html
http://dtbnguyen.blogspot.com.au/2012/08/funky-firmware.html
You may require a lot of Linux/UNIX based tools and other debugging utilities such as IDA Pro, Process Explorer and Process Monitor from the Sysinternals Suite. Once you examine Ableton using such utilities, it becomes much clearer how the program has been structured, engineered, and designed. One thing that can cause mayhem in particular is the Ableton Indexer which when it kicks in at the wrong time can make it feel as though the entire system has frozen.
https://technet.microsoft.com/en-us/sysinternals/bb545021.aspx
https://en.wikipedia.org/wiki/Sysinternals
Ablton indexing Crashes
https://forum.ableton.com/viewtopic.php?f=1&t=206205
(42474187) Disable "Ableton Index" possible?
https://forum.ableton.com/viewtopic.php?f=52&t=191573
http://audiosex.pro/index.php?/topic/11798-ableton-9-killing-index-process-to-speed-up-workflow/
http://audiosex.pro/index.php?/topic/11815-a-little-app-to-speed-up-live-9-mac-only/
https://www.ableton.com/en/help/article/indexer-crash/
The actual index file/s are located at
C:\Users\[username]\AppData\Roaming\Ableton\Live 9.1.7\Database
- the most relevant log file is located at,
C:\Users\[username]\AppData\Roaming\Ableton\Live 9.1.7\Preferences\Log.txt
The timestamps works on the basis on amount of time since program startup. Time of startup is clearly outlined.
Ableton takes 130 - 2 mins to start up ?
https://forum.ableton.com/viewtopic.php?f=1&t=6308
Delete it if you need to if you get confused about how it works.
https://www.ableton.com/en/help/article/live-crash-packs/
https://www.ableton.com/en/help/article/live-crashing-what-should-i-do-now/
https://www.ableton.com/en/help/article/how-to-out-of-memory/
- be aware that there are some things that you can't do anything about. The original Novation Launchpad was considered somewhat sluggish in terms of refresh rate and latency. The electronics were subsequently updated in the Novation Launchpad S to deal with it. You may encounter similar circumstances here.
Push browser - slow, freezing, sluggish :(
https://forum.ableton.com/viewtopic.php?f=55&t=215539
- they have a strong utility/systems engineering mentality. A lot of files are archives which include relatively unobfuscated content. For instance, look in a
C:\Users\[username]\AppData\Roaming\Ableton\Live 9.1.7\Live Reports
and you'll find a lot of 'alp' files. These are 'Crash Reports' which are sent to Ableton to help debug problems. Rename them to a gz file extension and run it through hexedit. Same with 'adg' audio device group files. Rename to gz and gunzip to see a flat XML file containing some encoded information but mostly free/human readable content. It will be interesting to see how much of this can be manually altered achieving flexibility in programming without having to understand the underlying file format.
https://www.ableton.com/en/help/article/filetypes-used-by-ableton/
- each version of Ableton seems to have a small version of Python included. To make certain, advanced extensions others have suggested installing a libraries seperately or a different version of Python...
- be prepared to learn multiple protocols and languages in order to make the changes that you want
How to control the Push LCD text with sysex messages
https://forum.ableton.com/viewtopic.php?f=55&t=193744
http://archive.monome.org/community/discussion/1648/share-your-arduinomonome-code/p1
http://hackaday.com/2008/08/13/rgb-monome-clone/
https://en.wikipedia.org/wiki/Protofuse
http://julienbayle.net/works/creation/protodeck-midi-controller-for-ableton-live/

For a lot of people, the device seems incredibly expensive for what amounts to a MIDI controller. It was much the same with me. The difference is that it's becoming increasingly clear how flexible the device can be with adequate knowledge of the platform.
http://www.nativekontrol.com/
http://blog.dubspot.com/5-ableton-push-software-devices/
Push feature requests
https://forum.ableton.com/viewtopic.php?f=55&t=192110
The Ableton Push is a good platform but it will never realise it's full potential if the software isn't upgraded.

If you are interested in signing up to test the latest Beta version of Ableton please see the following...
https://ableton.centercode.com/signup/

Friday, July 3, 2015

Python Decompilation, Max4Live Programming, Ableton Push Colour Calibration, Automated DJ'ing and More

I was recently discussing with someone how Ableton programming/scripting works. This was particularly within the context of the Ableton Push device and possible hacking of other devices to allow for more sophisticated functionality. Apparently, many of the core scripts use Python. They need to be decompiled to allow you to have a proper look at them though. Obviously, some of the scripts are non-tricial and will require a sufficient understanding of both music as well as programming to be useful.

A decompilation of all files in the following directory,
C:\ProgramData\Ableton\Live9Suite\Resources\MIDI Remote Scripts\
is available here. The reason why I've done it is because others who have previously done it have removed it from their websites.

http://julienbayle.net/ableton-live-9-midi-remote-scripts/
http://blogs.bl0rg.net/netzstaub/2008/08/15/writing-ableton-control-surface-scripts/
http://remotescripts.blogspot.com.au/
http://julienbayle.net/PythonLiveAPI_documentation/Live9.0.6.xml

The decompilation was achieved using two small scripts which I created available here and use uncompyle2, https://github.com/Mysterie/uncompyle2 at their core. Since the current code contains an error which doesn't allow for a successful RPM build I've had to make a small modification.

For those who want to know the uncompyle2 currently only works with Python 2.7. To get it running in a Debian based environment I had to change a symlink so that /usr/bin/python -> python2.7 as opposed to /usr/bin/python -> python2.6

To get the RPM build working I had to copy README.rst to README.
Running 'python setup.py bdist_rpm' would give me an RPM package. Running 'alien' allows conversion of the RPM to a DEB package for easy installation on a Debian based platform.
http://sourceforge.net/projects/easypythondecompiler/
http://stackoverflow.com/questions/8189352/decompile-python-2-7-pyc
http://depython.com/
http://reverseengineering.stackexchange.com/questions/1701/decompiling-pyc-files

Successful RPM and DEB packages are available from my website, https://sites.google.com/site/dtbnguyen/
The following ZIP archive contains updated code, RPM, and DEB packages.
The following ZIP archive contains the decompiled code and scripts to automate decompilation of the Ableton code.

For those who are interested, Max4Live programming looks rather interesting for building devices and effects. It also looks like a perfect choice for those who may be on a limited budget and looking to extend Ableton's capabilities.
https://www.ableton.com/en/blog/programming-in-max-for-live/
http://www.youtube.com/playlist?list=PLasl9I6VeCCrNLAoOiKibDqJc1rsjLSDi
http://www.patrickmuller.de/n-e-w-s/max-msp-programming/
https://docs.cycling74.com/max5/vignettes/intro/doclive.html
https://www.ableton.com/en/help/article/how-get-started-max-live-9/
http://www.abletonop.com/2012/07/sell-your-live-devices-on-abletonop/
http://www.synthtopia.com/content/2009/11/24/5-reasons-to-avoid-max-for-live/
http://roberthenke.com/technology/m4l.html
https://cycling74.com/support/faq-maxforlive/
http://community.akaipro.com/akai_professional/topics/apc-mini-sequencers
https://www.youtube.com/watch?v=bmn8eJYEe9s
http://www.maxforlive.com/library/device.php?id=877

There have has been some grumbles regarding Ableton Push quality control (Novaton has sort of had similar problems with their Launchpad series but it hasn't been as obvious because most current models have only relied on a limited set of colours. Note to others this issue isn't actually covered by warranty either and it's a difficult problem to fix from a manufacturing perpsective. Hence, the need for this particular solution.) with regards to inconsitent colouring of LEDs. There was a small application that was created but wasn't publicly released. It's called, 'PUSH_RGB_Calibration_Tool.zip' and basically allows for calibration of white on the device by altering internal colour balance of primary colours. It's available on some file sharing websites. You'll require firmware version 1.7 tor it to run.
https://forum.ableton.com/viewtopic.php?f=55&t=191939&start=45
https://www.ableton.com/en/help/article/push-firmware-release-notes/
https://archive.is/zLbnS
http://filepi.com/i/J9mGlId
https://www.virustotal.com/en/file/687a48127a65226eaae13ded393aafaccee46e445cec33a63964ece921fddb51/analysis/

Someone recently asked me about automated DJ options. I've seen a few but they seem to be becoming increasingly sophisticated.
https://www.youtube.com/results?search_query=how+to+dj
How To DJ - Phil K (Intermediate Level)
https://www.youtube.com/watch?v=4r3Pw8VJtq0
http://www.mixmeister.com/products-comparison.php
http://forum.djtechtools.com/showthread.php?t=21834
http://www.virtualdj.com/wiki/Automix.html
https://www.native-instruments.com/forum/threads/is-there-an-auto-dj-function.28501/
http://djtechtools.com/2012/08/06/what-controller-is-right-for-you-all-in-one-vs-modular-dj-set-ups/

Apparently, some of my ideas and perspectives regarding the modern world and capitalism are similar to that of Thomas Piketty. However, the way in which we would set about rebalancing global economics to ensure a more fair and just global economic system for all is somewhat different. More on this in time...
http://www.smh.com.au/world/pushing-back-on-socialism-ecuador-vents-its-presidential-ire-on-the-streets-20150702-gi3ew2.html
https://en.wikipedia.org/wiki/Thomas_Piketty
https://en.wikipedia.org/wiki/Capital_in_the_Twenty-First_Century
http://blog.melbournemusiccentre.com.au/2011/07/why-are-the-same-or-similar-items-cheaper-overseas/

Some options for puchasing used music equipment locally.
http://www.musicswopshop.com.au/
http://www.yourinstrument.com.au/
http://www.musosales.com.au/
http://melbourneexchange.com.au/
http://www.quicksales.com.au/

In case you've ever wanted to download videos from various websites, there are quite a few options out there.
http://www.clipconverter.cc/
http://keepvid.com/
http://www.flvdown.com/
http://www.flvdown.com/docs.php?doc=api
https://addons.mozilla.org/en-us/firefox/addon/flashgot/
http://sourceforge.net/projects/ytd2/
http://stackoverflow.com/questions/4032766/how-to-download-videos-from-youtube-on-java
http://superuser.com/questions/114196/how-to-find-the-stream-behind-a-flash-player

If you've had minor scratches on your optical discs you know that they can be extraordinarily frustrating. There are quite a few solutions out there for it though.
http://www.wisebread.com/quickly-removing-scratches-from-cds-and-dvds
http://www.wikihow.com/Fix-a-Scratched-CD
http://www.apartmenttherapy.com/7-bizarre-home-remedies-that-r-152502
http://howto.wired.com/wiki/Fix_a_Scratched_CD
http://www.instructables.com/id/Re-surfacing-CDs-so-they-work-again./

If you ever have to use automated imaging/partitioning software sometimes things don't turn out perfectly. Hidden partitions appear when they shouldn't wreaking havoc with links throughout your system. Changing the partition type is the solution though the actual 'type/code/number' may vary depending on the circumstances.
https://forums.lenovo.com/t5/Lenovo-P-Y-and-Z-series/Disk-Partitioning-and-OneKey-Recovery-Feature/td-p/8036
https://forums.lenovo.com/t5/Windows-7-Discussion/How-to-re-hide-OEM-partition/td-p/278948
https://forums.lenovo.com/t5/Lenovo-U-and-S-Series-Notebooks/help-me-with-OKR/m-p/133135#M11494
http://www.smh.com.au/digital-life/digital-life-news/meet-australian-company-ipechelon-one-of-the-biggest-antipiracy-operations-in-the-world-20150430-1mw93k.html

Options for locking down a device in case it is lost or stolen are increasingly popular nowadays even in consumer class devices. It's interesting how far, some companies are willing to take this and what their implementation is like.
http://www.computerworld.com/article/2481347/endpoint-security/the-down-side-of-hard-drive-passwords.html
http://www.tomshardware.com/forum/258614-32-access-password-protected-caddy
http://www.sevenforums.com/hardware-devices/246015-toshiba-hdd-locked.html
http://www.computing.net/answers/hardware/how-to-clear-hard-drive-password/48527.html
http://forum.thinkpads.com/viewtopic.php?t=104873
http://www.freakyacres.com/remove_computrace_lojack
http://en.wikipedia.org/wiki/LoJack_for_Laptops
http://www.pcworld.com/product/1344774/acer-aspire-s3-951-2634g25nss-ultrabook.html
http://www.manualslib.com/manual/546525/Acer-Aspire-S5-391.html?page=56
https://www.technibble.com/forums/threads/unlockhd-exe-help.42725/
http://www.experts-exchange.com/Hardware/Laptops_Notebooks/Q_26614042.html
http://www.allservice.ro/forum/viewtopic.php?p=7958&sid=6d91be00086c530afa8311af27da81c5
http://www.allservice.ro/acer/
http://www.tomsguide.com/forum/61372-35-locked-laptop-harddrive
http://www.techrepublic.com/pictures/cracking-open-acer-aspire-s3-ultrabook/
http://www.techrepublic.com/blog/cracking-open/acer-aspire-s3-teardown-good-hardware-lackluster-construction/

Help evaluate, test, and design Windows 10.
https://insider.windows.com/