Yutaka Niibe gniibe@identi.ca

Maebashi, Japan

GNU wannabee ['gnu:be], FSIJ chairman, Debian Developer

  • FST-01SZ, an expeliment with GD32F103

    2018-09-21T02:11:32Z via Pumpa To: Public CC: Followers

    I'm testing Gnuk running at 96MHZ with my proto-type board.
    I named it FST-01SZ, where SZ stands for ShenZhen.
  • EuroBSDcon and Gnuk Token

    2018-08-29T05:06:43Z via Pumpa To: Public CC: Followers

    It seems that Gnuk Token will be distributed (possibly free of charge) at EuroBSDcon.

    I was asked those who plans to do it.
  • USB ID and the repository

    2018-07-01T23:51:11Z via Pumpa To: Public CC: Followers

    For some unknown reason, the maintainer has not yet registered our official USB ID to the database (for years).

    https://usb-ids.gowdy.us/read/UD/234b

    Today, I digged up the files (of physical papers), and found this one which was sent by FAX.

    I wonder if it's enough evidence to be registered to the repo.
  • De-facto standard of Wrist USB

    2018-06-28T02:10:59Z via Pumpa To: Public CC: Followers

    In China, it seems that there is de-facto standard of PCB for the wrist USB.
    Manufacturer offers the band independently.
  • Wrist USB

    2018-06-28T02:09:29Z via Pumpa To: Public CC: Followers

    I'm considering this type of USB device.

    Ben Sturmfels likes this.

  • Export Control

    2018-06-15T01:18:09Z via Pumpa To: Public CC: Followers

    I still remember that we had "non-us" section in Debian.
    It was due to the export control.

    Last month, I bought parts for USB flash memory in China (via TaoBao), to evaluate USB PCB design. But, due to an export control which prohibits exporting illegal content (copyright-wise and anti-china?), it was unable to deliver to Japan.

    I had known that CD cannot be exported from China, but I didn't know USB flash too.
    I read a suggestion (in Japanese) to ask removal of CD when you ask exporting PC mother board from China.  That's exactly to avoid export troubles.

    It's pretty strange for me that most of PC are from China, and it comes with CD (of drivers, etc.).

    Yutaka Niibe at 2018-06-17T23:27:46Z

  • CVE-2018-0495

    2018-06-14T00:55:34Z via Pumpa To: Public CC: Followers

    I learned that OpenSSL has a practice not to assign CVE for side channel attack to localhost.

    When I asked an allocation from Debian pool, my intention was one for libgcrypt. Then, reporter used it for multiple vulnerabilities among different libraries.
  • Communication to Foreign Country

    2018-06-01T04:07:18Z via Pumpa To: Public CC: Followers

    Installing "Taobao-lite" to my Xiaomi phone, I managed to order some electric parts. I used Chinese input method of hand writing.

    It reminds me late 80's and early 90's when I was struggled to order T-shirt from FSF, using FAX.
  • Metal enclosure and internal USB PCB

    2018-05-30T00:49:07Z via Pumpa To: Public CC: Followers

    This is the one which I have an interest.

    Finally, I found the connecter for this design:
    http://www.usbljq.com/m/?/goods/id-403/index.html

    It seems that the design is originated by Sony Vaio USB flash.

    And compatible part is available for this design:
    https://item.taobao.com/item.htm?spm=2013.1.20141003.6.410260eaoqUtIj&id=547344246086
  • Another PCB de facto standard for USB flash

    2018-05-30T00:33:30Z via Pumpa To: Public CC: Followers

    This is another one for "DT101G2", but different.



    Please note that both designs requires a bit different USB type-A plug, which are a bit thin.

    McClane likes this.

  • USB PCB design for USB flash or USB key

    2018-05-30T00:30:36Z via Pumpa To: Public CC: Followers

    In China, "semiproduct" is available even to individuals.

    While I'm considering updating my USB PCB design, I realized that there are something like "de fact" standard; Here is the one which originates Kingston DT101G2 (I suppose).

    Compatible enclosures for DT101G2 is available at taobao.com. But actually, there are two different PCB standards for that. This is the one, and I'm going to put another in the next post.

    Ben Sturmfels, McClane likes this.

    McClane, McClane shared this.

  • Subway Line #4

    2018-05-28T04:39:17Z via Pumpa To: Public CC: Followers

    Since train was on strike, my selection to CDG was "le bus direct". I bought the ticket on-line beforehand. I thought that I had well prepared.

    The funny thing was, in the morning, when I went to the subway station to Montparnasse, it found that the line stopped from that day (May 19th). I turned to another station of line #13.
  • Hackarnaval!

    2018-05-18T04:50:43Z via Pumpa To: Public CC: Followers

    I had a talk (GnuPG + Gnuk Token) and a workshop with FST-01. https://hackarnaval.online

    It was my surprise, in Paris, people accept things don't work. Vending machine not accepting credit card, subwey gate denying to accept tickets, and drivers/officers (for public transportation) being on strike, etc.

    (This is my first visit to Paris.)

    People in Paris just accepted the fact those services are made by private companies on behalf of government, and they have no power on private companies. You don't vote the CEO.

    milo at 2018-05-20T09:49:42Z

    Yutaka Niibe likes this.

  • GPG4Win statement on Efail research

    2018-05-18T04:44:48Z via Pumpa To: Public CC: Followers

    Here is an official statement: https://gpg4win.org/statement-efail.html

    (I am not involved, since it's for GPG4Win.)

    GnuPG does regular release, but no "security" release for this.

    For GnuPG proper (for OpenPGP), here is the ticket: https://dev.gnupg.org/T3981

  • Effective Hype or Ehype

    2018-05-15T05:10:32Z via Pumpa To: Public CC: Followers

    Recently, "security researchers" seem to adopt/develop strategy to cheat media people to get maximum attention (only providing technically "correct" things which impress people, while they don't give enough information for the impact, which is actually not that big).

    Given the situation that it's not well coordinated to upstream(s) involved, I'd say it's a kind of "MitM" attack. I'm sad that national CERT didn't worked well this time.

    I observed that some industries love even fake news, because people's attention is so important for them to maximize flow. So, it's difficult to stop this fashion, I suppose.

    I wish "social engineering" researchers doing some research for this strategy. I would call it Ehype.

    milo, Jason Self, George Standish likes this.

    Err... I didn't have time to review the title. It should be: "EFFective Hype (or Ehype)"

    Yutaka Niibe at 2018-05-16T04:49:52Z

  • UDP stands for "USB Disk in Package"

    2018-05-10T00:27:16Z via Pumpa To: Public CC: Followers

    For me, it's "User Datagram Protocol".

    I learned that small factor USB flash drive now uses new production technology: PIP (Product in package).
    https://www.supertechina.com/index.php/products/109-micro-udp-usb-flash-drive-chip-s1a-8005c
  • Circle (C) on a chip

    2018-05-09T23:10:07Z via Pumpa To: Public CC: Followers

    IIRC, it was V20/V30 (NEC's pin-compatible CPU to the Intel) which resulted "copyrighting" semiconductor products.

    Supporting GD32F103 for Chopstx, it reminds me such a history.

    clacke@libranet.de ❌ likes this.

  • Gnuk runs on GD32F103 @ 96MHz

    2018-04-27T06:52:20Z via Pumpa To: Public CC: Followers

    I managed to run Gnuk on GD32F103, with some fixes. It takes 6 seconds for RSA4096. For 100 invocations of gpg --decrypt with cv25519, it takes 7.5 second (for STM32F103 @ 72MHz, it takes 21 second). For 100 invocations of gpg --detach-sign with ed25519, it takes 4.4 second (for STM32F103 @72MHz, it takes 10 second).

  • GD32F103

    2018-04-21T04:16:20Z via Pumpa To: Public CC: Followers

    Got GD32F103 in ShenZhen. With 96MHz setting, it works fine on Chopstx (USB-CDC example). Then, I tried NeuG, but it doesn't work. ADC driver requires some change, I suppose.