Wednesday, December 24, 2014

Merry NSA Christmas

Minox Cornflower Drill Wackenhut Air borne crypto anarchy import DATTA
dictionary pipeline CBM target ISA Emergency management Lebed North Korea
Sony explosion Maple Blowfish ASIO Epidemic strategic Wave ACC Bletchley
Park Hollyhock IRIDF MS13 Telecommunications Drug war benelux

Brought to you by M-x spook

Sunday, December 21, 2014

fink with 10.10 Yosemite

I'm finally trying out Mac OSX 10.10 (Yosemite)

system_profiler SPSoftwareDataType | grep 'System Version'

      System Version: OS X 10.10.1 (14B25)

uname -s -r

Darwin 14.0.0

xcodebuild -version
Xcode 6.1.1
Build version 6A2008a

I had to accept the xcode license:

sudo xcodebuild -license

My first serious PITA was Java.  I used the fink script for kickstarting and Java kept saying it needed to be installed.  I installed Java8 u25 and every time I tried to run java or javac, I got a GUI popup dialog asking me to install Java.  I installed Java7 and thing seem to work better now.

javac  -version
javac 1.7.0_71

Since I'm a fink developer, here is me setting up cvs as the update method for fink.

fink selfupdate # Select rsync
fink install cvs
fink selfupdate -m cvs

10.10 fink only has python 3.4 (no more 3.2 or 3.3), so I've got some cleanup to do.  Thanks to Hanspeter for pointing that out.

fink install wget
wget http://xquartz.macosforge.org/downloads/SL/XQuartz-2.7.7.dmg
fink install python3

Saturday, November 22, 2014

schwehr.org is temporarily offline

The undisclosed bunker location was recently sold.  The content at schwehr.org is not lost.  My main blog will be back when I get some time to try out a new solution.  I'm planning on going with AppEngine serving.  Just too many other important things taking precedence right now.
Wired UK and Windward is an entertaining article.  I have to say that it is great they are finally joining a conversation that has been going on for more than a decade.  And let me point out that I welcome working with Windward and others.  I started working on AIS troubles back in 2006 and there already had been really interesting work by folks for years before that.  I've been working hard to share ideas to help others get started.


Brian Calder and I wrote a paper that came out back in 2009, that talks about some of the issues with AIS.  I have written in my blog about the issues with security and integrity of AIS communications.  My blog is temporarily offline, but I've stashed the text here:  http://vislab-ccom.unh.edu/~schwehr/blog/archives-20141122.tar.xz And you can look through my papers here:  http://vislab-ccom.unh.edu/~schwehr/papers/  AIS really sucks for a lot of purposes and was intended just for safety of navigation when it was intitially put together in the 1990's.  Yet, it does show a huge fraction of the behavior of the world's vessels.  There are lots of ways to filter AIS data and conflating it with other data sources (of which there is a huge list).  And there are tons of different tools to help you sort out what's going on from the spectrum level to high level views like the Global Fishing Watch.

For example, this statement from the article:
"Until 2012, AIS data was super reliable because it wasn't commoditised. Nobody had it, so no one needed to clean the data or check it," Ami Daniel, a former naval officer and cofounder of Windward, tells WIRED.co.uk.
So not true.  The trend over 2000-2010 was for things with AIS getting way better, but it was still not great.  It took > 3 years for the USCG to notice my Class B receiver with the wrong country in the MMSI in it that was sitting right next to the USCG station in New Hampshire (like < 100m).  The number of vessels with bad MMSI's or "sailing to Casablanca" was huge.  Anyone not carefully inspecting AIS data now or then is crazy for certain applications.  And quotes like this:
Final ports of call were reported only 41 percent of the time
are meaningless.  Ships don't have to report their port of call for a lot of places.  It's a courtesy.  And even when mariners try to enter it correctly, the AIS required keyboard and typical interface is most kindly described as "painful."

Yes, anyone in the business knows that $100 of gear will let you spoof an invasion of the Spanish armada (yes, the Spanish admitted to practicing that), so the Wired article baffles me with all the grandstanding.  Sadly, the Wired/Windward article sounds more like an advertisement.  I hope they will come to the table with more constructive discussions in the future as it is going to take wide ranging effort from many parties (non-profits, companies, citizens and governments) to create a global economic environment that is effective and environmentally sustainable.  I've through contributions into the ring in my work with Google, the University of New Hampshire, Cornell, NOAA, USCG, IFAW, SkyTruth, EarthNC, Conserve.IO, and many others (e.g. WhaleAlert, Global Fishing Watch, libais, noaadata, my papers, my blog, my unpaid support of the Deepwater Horizon spill, going to AIS standards meetings, etc.).

So I look forward to seeing Windward and others join in the effort to make our planet a better place for the long hall.  Yes, economic growth, improved conditions for all people, and environmental protection can all happen together.  If you are a coder, go check out github and the standards.  If you are a policy person, attack the legal and political issues.  If you are a mariner, work with your colleagues to help ships get their data correct and that the laws and best practices actually make sense.  Biologists, oceanographers and other scientists, keep studying.  If you don't fit those categories, I'm you can find a way to help.... there are so many ways to help.  We are all on this planet together.


Monday, October 20, 2014

This is tomorrow...


USCG NATIONWIDE AUTOMATIC IDENTIFICATION SYSTEM (NAIS) NETWORK TESTING
On October 21, 2014, the U.S. Coast Guard (USCG) will conduct AIS test messaging from all
USCG NAIS base stations located across the United States; for up to 15 minutes on the hour,
from 1100-2215 UTC. These messages can be identified by their Maritime Mobile Service
Identity (MMSI) number: 003669139 or 00366613 and by the words ‘USCG TEST’ within their
contents. This is the first of many tests the USCG will conduct in the future as it seeks to provide
another timely delivery source of navigational information and services to promote safety,
efficiency, and integration of the Marine Transportation System (MTS).
 
Messages to be tested: AIS Application Specific (ASM) messages 8, 25, and 26, with DAC = 001,
367, FI’s = 0, 22, 29, 33, or 35; AIS Safety Related Text (SRM) messages 14, of various lengths,
using repetitions of the text ‘USCG TEST’. For further information on AIS messages, DACs, and
FI’s visit http://www.navcen.uscg.gov/?pageName=AISMessages.
 
Mariners capable of decoding these messages can ignore them and should contact the USCG
Navigation Center at 1-703-313-5900 or TIS-PF-NISWS@uscg.mil should they encounter any
negative impacts due to the testing.

Wednesday, October 15, 2014

Encrypting non-military/law enforcement AIS is a bad idea

It was recently brought to my attention that some high level people are proposing that the IMO require a class of civilian (aka not military or law enforcement) vessels to use encrypted AIS to broadcast their position.  This is an absolutely terrible idea.

Having ships broadcast their location encrypted defeats the primary safety aspect of AIS for those vessels, the encrypted messages do not expose their slot usage and thereby drastically increase the number of packet collisions in a local area (decreasing safety for normal AIS traffic), and encryption key management is not work well of large population of mariners.  It would be a disaster in safety, technical and political terms.

The traditional "blue force" AIS units are just class A devices with slightly modified software (I own one).  There really shouldn't be any cost difference.  You could also change the programming for class B devices and have them transmit the encrypted position messages, but please don't do that.