Skip to content

Orbitals Do Not Exist

Once upon a time in the land of Bohr's atom, scientists tried to explain electrons floating around the nucleus and came up with the magical faerie tale of orbitals. Orbitals are on par with medieval Christian medicine; that is, the physicians explained ailments in terms of demons, curses and sin. Sometimes the physicians got lucky with the diagnosis and treatment, but there was no concrete method to prove when they were wrong, it was just the sinner's disbelief that killed them, not a misdiagnosis. You have just got to love absolute truths. Orbitals are one of those truths.

Orbitals are a faerie tale. A story. A guess. An educated guess perhaps, but a guess all the same. When you describe something as being "90% likely to be located someplace in this region" you are guessing, just like medieval physicians did. They based their guess work on the religion of the Christian God; modern scientists base their guess work on one incorrect theory, which in turn grew to hundreds and thousands of incorrect theories. Or at least, incorrectly based theories.

Let's put a little truth back into those theories. For simplicity's sake we are only going to talk about the "original three" subatomic particles: electrons, protons and neutrons. The remainder of the particles actually fall in line and make much more sense with what I am going to point out. Ready then?

Electron's move in logical, predictable orbits around the nucleus of an atom.

Bold and brash, right? Wrong. Here's the simple understanding of it all.

1) Electrons are influenced by the positive-to-negative electromagnetic pull of the nucleus of the atom. Given this, an electron should get sucked into and become part of the nucleus of the atom (this is why physicists first started to make stuff up).

2) The distance between the source of a given force and an object the force is acting upon changes the strength of that force. Meaning an electron located in North Carolina is not going to get sucked into the nucleus of an atom located in Virginia. Still means that electron is going to get sucked into its own nucleus though.

3) Enter my Hypothesis (I'm about ready to do a nice write up to move this officially to a theory, as well as a slight rewrite to bring it more inline with scientific wording): The faster an object is moving relative to a source of energy/force, the less influence said force exerts upon the object. You can read my initial write-up entitled Classical Mechanics Rule to see how this affects an electron. Basically, electrons move too damn fast to allow the electromagnetic pull of the protons to suck it into the nucleus; instead the force gets reduced thanks to the electron's speed and a stable orbit is created.

Based on this first part, a hydrogen atom in a complete void would have an orbital pattern that looks exactly like what everyone thinks an orbit should look like. There is even a mathematical formula for this orbital pattern, because it is the same mathematical formula for any circular orbit. Of course, not all atoms are hydrogen atoms and none reside in a complete void, nor are all hydrogen atoms simple one proton nucleus atoms. This is where things really are complicated. If only there was a mathematical formula that could accurately describe that complicated orbit just as well as one describing a circular orbit, but surely if there was such a mathematical formula someone would have come up with it by now (and won a Nobel Prize as a result).

The good news is there is one. The even better news is that, to my knowledge, no one has won a Nobel Prize for it yet. There might have been, and I just missed it, but given that the world is still using (and teaching) quantum physics, I am fairly certain that no one has released said formula. What is the mathematical formula then? I don't know. Crap, so much for that Nobel Prize.

Alright, that is partially a lie or I wouldn't be bothering to write up an entry about all this. I know almost all the pieces of the formula, or rather I know what all the pieces are and the mathematical formulas for most of those pieces. Being a nice person, and thinking science should be expanded for sciences sake, here are the components that make up the mathematical formula of a stable orbit (planets, electrons, black hole event horizons, etc):

1. The mathematical formula for a standard orbit (Trigonometry, baby).
2. The mathematical formula for force applied based upon distance (available in Physics or Chemistry books incase you don't know it by heart).
3. The mathematical formula for force applied based upon speed (yea, this is the missing one, but can actually be easily figured out. Heck, someone might actually know it already, but if not, there are simple experiments).
4. The mathematical formula for force applied to an object through specific barriers (neutrons are a barrier, as are certain solar phenomena).
5. The constant values of each force for each object.
6. The speed of each object.

Pretty simple right? Number five is a "gotcha" in that not only does a proton pull on an electron and a star pull on a planet, but electrons repel one another and planets have gravitational forces of their own. Number six is an easy one, except when additional energy is applied, but that can be factored in; we do after all know the speed of an electron in a vacuum, and, well, between the electron and the nucleus is a vacuum (pretty clever).

When you throw all this together you can model a complete, stable orbital system. Sooner or later I will get around to producing this formula in its entirety. Of course this will require all the textbooks to be rewritten as well as many of the existing theories (like, because I mentioned them previously, a ton of the stuff on black holes), but that is what science is all about. Change based on new information, and currently the new information is that Orbitals do not exist. Do the math and you will agree.

Congratulations Phaide

This has been a bit of a hectic week for me. My first set of assignments and tests for Calculus are all due this week, along with the work from Intro. Chemistry. Two classes I can normally balance with my professional and personal life, but I have the addition of my mom visiting with me for the week. All and all it makes for a little more of a hectic week and unfortunately my blog suffers a bit as a result.

Should you be one of my handful of regular readers, I would like to suggest only checking once a week for the next month. I am certain I will find my professional, personal, and academic groove (again) before too long, but do not want to frustrate any of my readers with hopes of consistent updates. I have stopped reading several web comics in the past for that very same reason and do not want anyone to have to feel that level of loss. The image of the same exact comic showing up on my computer screen every day still haunts me at night. It was, and still is, a horrifying experience. Really.

In other news fronts, the reason for my mother's visit (and part of my week's schedule) is that my daughter is graduating from High School, with today being the actual ceremony. It is finally happening, and if her turning 18 did not make me feel old, her graduating from high school pushes me over that limit. I am an old man. I need a Porsche. Actually, a Tesla Roadster. Porsche are so last year's mid-life crisis. Anyway, everyone repeat after me...

Congratulations Phaide on your graduation from High School!

Cloning the Pink Panther

I have decided that scientists need to devote a large portion of their time and energy into cloning Peter Sellers and rapidly growing him back to adulthood. Yes, I am saying we should resurrect Peter Sellers. I am certain everyone out there can think of a million reasons that this would be desirable, with not having Steve Martin portray Inspector Clouseau on the top of everyone's list, but I have alternate motivations.

My reasons for wanting to bring Peter Sellers back to life might be dated by a few weeks, but still valid:

1. Every time the media uses the phrase "Swine Flu" there should be a law stating that the words would be dubbed in by Peter Sellers as Inspector Clouseau.

2. The Pink Panther movies should be remade, with every instance of the word "swine" replaced by "H1N1", just to bring the movies up to date.

3. Because the only decent thing Steve Martin did in the media was The Jerk and he should not be allowed to ruin another Pink Panther movie.

If someone could startup an Internet petition to make this happen, I would be forever grateful. Thanks.

Robot Sensors

Spend enough time around robot hobbyists or their message forums and you will come across the two "How Do I" topics that popup over and over again. It depends on the time of year and climate as to which topic is more popular, but the first is "How do I build a flying robot?" To be honest, this question made the mode of transportation for the You Design It project a foregone conclusion before voting even started. Flying is really cool and the number two dream of every man, woman and child, hence the reason so many roboticists want to create a flying robot (the number one involves Rebecca Romijn and the Mystique costume).

That is all well and good (Mmmmm, Mystique), but this entry is more concerned with the second of those questions, "How do I implement robotic vision?" It seems like everyone in the robotic world is obsessed with hooking up a 500 gigapixel camera to their robot and letting their robot see exactly like we humans do. Even more so, they all want object recognition thrown in their as well. This is such a popular request that there are a dozen opensource and inexpensive retail projects out there dedicated to allowing hobbyists to do exactly this. Of course none of these projects ever have the disclaimer that the hobbyist is going to be incredibly disappointed with the outcome, but they will. Oh yes, they will.

In order to see (ha! a pun) why robot hobbyists are going to be disappointed, let us backup a moment and look at the human brain. The human brain is arguably the most complex and powerful logical processor in the known universe (some more than others). Even if you made a silicon processor the same size as the human brain, it would still not compare in power because organic brains are analog processors, not digital (they all lied to you in school when they told you the brain uses binary). In addition, a brain is made up of multiple sections dedicated to performing specific tasks, with one of the larger sections being dedicated to visual processing (striate cortex, prestriate cortex, etc). Basically, a brain is a lot of very powerful analog computers working in parallel and roboticists want to make a single 8-bit 16MHz processor accomplish the same functionality, plus handle all the other sensors, motor control and logic programming. Disappointmentville here we come.

I can fully understand why someone would want to build a flying robot that can see and fully appreciate Rebecca Romijn, but it is not going to happen at the hobby level easily. Throw in a few more processors, reduce the pixel count and make it a 16 color count, and suddenly you are in the realm of possibility. Rebecca is not going to look good at that resolution though, so let's look at other options instead.

I said in the Herbert 1701 Species C Gen 1 & 2 entry that sensors get skimped on for robots, and to explain what I mean by this I am going to once again jump to biology. We all know the five senses, but most biologists can tell you there are more (and none would fall into the X-Files anywhere). Magnetic field detection is well documented in migratory animals, many snakes (and other animals) have specialized sensors for detecting heat (thermoception), everyone knows bats deal with ultrasonic sound waves, and the list goes on. Robots have all these senses available to them and more, yet rarely will you see more than a couple sensors on a given robot.

I do understand that the organisms people associate with just the five basic senses fall into the "very complex evolved species" classifications. So now it is time to shame that belief with a little more biology. Most single cell bacteria (yes, we are talking micro-organisms here) have both a wider variety of senses and a higher count of sensors than ASIMO, one of the most advanced robots in the world. There are bacteria that are not only covered with touch sensors, but some can even tell you which direction is north from south, know which way is up from down in pitch black liquid while at a zero buoyancy, can sense temperature, know whether there is light or not and how bright it is, and even sense minute chemical changes in the surrounding environment. Single cell organisms. And you want to put two IR sensors on your robot and say that is "enough"?

If the robotic community (hobby and professional) is going to have a hope for making complex robots, we are going to have to loosen up on the sensors a bit. There is a limit to the number of I/O (input/output) ports available on a microprocessor, thus a limit to the number of sensors, but that just screams that maybe you should have more microprocessors to support more sensors. Ugobe understood this a bit when they designed Pleo: more sensors meant more "life-like", which also meant more processors. Granted Ugobe just went belly-up, but that has nothing to do with the sensor count and how much more realistic Pleo was compared to other "toy" robots.

The evolution project artificial robotic life forms are very limited in the number and type of sensors currently, but it is an evolution project. These robots are starting off very simple and evolving into more complex organisms, where, I imagine, the number and variety of sensors will increase with the growth. I am intentionally evolving the Herberts in this manner to increase my own understanding of robotics, and also to generate the best options for each generation. That's my excuse for not having more sensors and processors in each robot (yet), what is yours? Really, when you design a multi-thousand dollar robot (yes, I am talking to you Mr. Universities like MIT, Carnegie Mellon, & Stanford, as well as companies like Honda and everyone who enters the DARPA Grand Challenge), you have given up the right to any excuse.

Back to School

About a month ago I received my notice from the H. John Heinz III College at Carnegie Mellon University that I was not to be accepted into the Master of Science in Information Technology program. With all the reasons I had given for wanting to attend CMU in my article, aptly entitled Carnegie Mellon, you might have guessed I was a little disappointed in being turned down. It had been a long shot though, so I wasn't completely heartbroken when I read the letter, and I would be lying if I said I did not breathe a sigh of relief over not having to figure out where I was going to come up with over $5K per class. I still think the price is worth it and the school is the best choice for this particular program, I just now know it is not the right school for me (or rather I am not the right student for the school).

The second choice on my list for Master Degree programs was, and still is, the Harvard Extension School. It is Harvard; need I really say more on that subject? UC Berkeley would actually be my true number two choice, but they do not have a distance learning program at this time and, despite some people's belief that I have liberal views, I am not enough of a hippy to step foot on the campus of Berkeley. I would probably pass out from the smell of patchouli and sweat. Anyway, as fortune would have it, I missed the last course startup at the Harvard Extension School while waiting for news from CMU and the next registration for courses does not open until August. Enter idle mind syndrome.

I have been aware of my need for an electronics refresher for a while now and I actually have a few books in my library for this purpose, but these books never get as in-depth into electronics as I would like. I thought about completing the MIT OpenCourseWare courses on Electronics, as I am certain these courses would cover all that I was looking to remember. The idle mind in me then figured that if I was to take actual electronics courses, I should get full credit for these courses this time around (little real credit for Nuke School courses). Thus I should enroll in electronics courses at one of the local colleges. Simple enough, except that idle mind of mine figured that if I am getting college credit for something like this, then I should put it to use and go after a second degree in Electrical Engineering.

One thing lead to another and it turns out that just about every EE program out there requires at least three semesters of Calculus, as well as Differential Equations. And you can't take Physics without taking Calculus I, either. So now I am spending the summer in classes at my local college in support of the possibility of enrolling in an Electrical Engineering program at some unknown time in the future; rather than taking a couple simple refresher electronics courses. And people wonder why I immerse myself in all sorts of projects to keep my brain busy. Idle mind... More like insane mind, but that is where I am at.

Information Systems Diagnostician

Dave Thomas, founder of Wendy's, once said that it was easier to make a million dollars than to coin a catch phrase. I believe he was referring to the Where's the beef? campaign in the 1980s, but I can't remember all the details of the speech to be certain. I do not have a million dollars, but it would be nice to have. I also do not have a catch phrase that I could coin. What I do have is a job title, Information Systems Diagnostician, and I intend to popularize it.

Backing up a bit, during my discussion of the Fox TV show House I made the comment that I should change my title to diagnostician. In my typical smart ass manner, I did just that very thing in my About Me page. All fun and games so far. On a whim I performed a Google search for the phrase (including quotes) "Information Systems Diagnostician" and something amazing happened: I Am. When? was the only website to contain the phrase.

I was only partially shocked at these search result. On the one hand, I had never heard the title prior to bestowing it upon myself, but on the other hand, this is the Internet for FSM sake. It should have been there someplace; at least that was my thought. That is when the little voice spoke to me, "Andrew, you are a slacker. Your life is meaningless and you will never accomplish anything of importance."

"You are wrong," I replied in an even tone. "I will popularize the job title Information Systems Diagnostician and that shall be my legacy." Feeling overly dramatic at that point, I hung up the phone on my brother.

True story. Alright, maybe I didn't hang up on my brother Greg. And maybe I just thought about my reply, but didn't actual say anything. Fine, I made it all up. Except the Google search part. That's real. Deciding to popularize the title is real as well, I am just not entirely certain why.

It is a cool title. The title also fits with what I do. Not just now, but wherever I work. I might get hired as a Computer Technician, a Systems Engineer, a Network Architect or an Information Systems Manager, but before long I wind up handling all the I.T. stuff that no one else can handle. It has always been that way. Might as well have a title that fits that, right? Except that is still just a title. It still doesn't explain my desire to popularize it.

I am also not certain exactly how I plan on going about popularizing the title. Or, for that matter, how I will ensure the title fits the actual job performance that I have in my mind. That hasn't stopped me from starting my crusade though. Small things for now. Message forums. Yep, that's correct; I've changed my job title on the message forums I belong to. Granted it doesn't show up anywhere except my user profile, but it's there. Oh yes, it's there.

This blog entry is my obvious next step. Another small step, but it is still a step. I imagine a Wikipedia article at some point; they do have many job descriptions listed already. I guess that means I have to come up with a concrete job description first, which would help to fix the title fitting the job performance aspect I just mentioned.

See? Ideas are flowing and moving already. This is good. Vive La Revolution! And my brother said I wouldn't accomplish anything. Oh, right. He never actually said that. I made that whole part up. Sorry. Something I still haven't made up is the reason why I want to popularize this job title. And the only thing that comes to mind is "Why Not?" And there you have it.

My name is Andrew Maxim and I am an Information Systems Diagnostician.

Computer Security 101 - Part 5 - Wireless

Odds are in favor of there being a wireless network in your home or at your work. Actually, odds are in favor of there being a wireless network located at both your home and work. Even if you are one of the oddball people who do not have a wireless network setup, there is probably one broadcasting into your home or office from nearby. Wireless networks are almost everywhere and the numbers are continuing to multiply fast. Exponentially even.

In the dark ages of wireless (about a year and a half ago) there was about an 80% chance that any given wireless network was completely unsecured. Now I would gauge it at around 70% of wireless networks having inadequate security and 40% remain completely unsecured. Yes, I pulled those numbers out of my proverbial ass; but if I count the number of wireless networks that I come into contact with daily (that are outside of my control), those numbers are just about dead on.

While 40% down from 80% shows that there has been a drastic improvement in wireless security awareness over the past couple years, it is still enough to keep a person up at night. As with all things security related, I blame a lack of knowledge and lack of caring as the reasons those numbers are not down to under 10%. So let's start with the reasons for not only securing your wireless network, but ensuring it is secured properly.
1) Illegal Activities - In today's world where everything can be tracked and traced in some manner or another, it just makes sense to not use your own Internet connection if you are going to perform some sort of illegal activity. Hackers know this. Pedophiles know this. My former IT Director who tried to bring down the company network after he was fired knew this. Instead of using their own Internet connections to perform these illegal activities, they connect to one of the many unsecured wireless networks and let their activities get traced back to some unsuspecting dupe (that would be you). Of course they would have to be smart enough to change their computer name and MAC address to not get caught, but that is another story.

2) All Your Base Are - Continuing the thoughts from reason #1 above into why adequate security is necessary; if someone is going to attempt to break into a network illegally using the Internet and they are smart enough to use someone else's Internet connection to do so, I am willing to bet the farm that they are smart enough to hack a WEP secured wireless network. Although saying "WEP" and "secured" really is an oxymoron.

3) Easy Network Access - The easiest method to gain unauthorized access to a company network is through social engineering. The second easiest method, and easiest method for a home network, is through unsecured wireless. Why not just start asking people driving past if they would like to come inside and use your computer?

4) Internet Bandwidth - The speed you access the Internet is not unlimited, despite how much faster your cable modem is versus your previous AOL dialup. The more traffic running across that connection, the slower your web surfing is going to be. There are also plenty of Internet service providers who are looking at changing their billing model to include over-bandwidth pricing; meaning if you use more than what they consider your fair share of the Internet, you pay more. Now why would I want to jack up my Internet bill downloading all those adult movies when I can just attach to your wireless and make you pay the bill?
The list goes on, but these are some of the bigger reasons for properly securing your wireless network. The really nice thing is that securing a wireless network is about the easiest thing you can do. The bad thing is all the oddball circumstances that crop up in the course of normal business that have kept many companies from securing their wireless access. Being a heck of a nice guy I will cover both sides: the straight forward secured wireless network and securing a wireless network under oddball requirements. But first up, let's take a look at the various methods available to secure a wireless network.
Turn Wireless Off - I would like to say I am surprised at the number of people and companies who have a wireless network and do not even know it. Rogue Wireless Networks. I am not really surprised because I know the sheer number of devices that arrive from the manufacturer with wireless turned on. Purchase a new router for your home network? Probably has wireless built in and turned on. Have a DSL Internet connection? The new DSL modems have built in firewalls, switches AND wireless; and wireless is turned on by default. Basically, turn off wireless on each device you have if it is not needed. If you are not positive beyond any reasonable doubt that it is needed, turn it off. Something will either stop working or someone will complain if it really was needed.

Segment Wireless Networks - Hopefully you have read my previous entry entitled Computer Security 101 - Part 4 - LAN. If you haven't, go read it now. Very few businesses use wireless networks for daily operations. Very few homes do for that matter. Wireless is either accidentally left on or is put into place to meet some need or another. Usually that need is Internet access for someone with a laptop who has enough pull to make your life miserable. The beauty here is that they do not need access to your entire network, just a small section of it. Through network segmentation (you did read the article I just listed, right?) you can limit the access that particular wireless network has to your overall network and effectively mitigate many security threats in doing so.

Disable SSID Broadcast - According to some silly 802.11 standard or another, wireless devices send out a broadcast beacon. Part of this broadcast beacon is the SSID (also the channel number, but if you see the broadcast you already know the channel number because, well, you see the broadcast. See how silly 802.11 standards can be?). In order to connect to that wireless device, you need to know the SSID. If you turn off the broadcasting of that SSID you require anyone who wants to connect to your wireless network to already know the SSID. Ingenious, right? Of course you also need to set the SSID to something not easily guessed, but we'll get to that in a minute.

MAC Address Filtering - A MAC (Media Access Control) address is a hardcoded 12 character hexadecimal code set into all Ethernet devices by the manufacturer that are required to be unique for each device (another one of those IEEE standards). Most wireless devices have the ability to limit which MAC addresses are allowed to talk to it. If a device connects with a MAC address not on the list, it ignores the device. Pretty simple. Except MAC addresses are easy to spoof (pretend to be). MAC Address Filtering is a pain to setup because it needs to be maintained and is lacking on its own. In combination with other methods of wireless security it will help to protect your network, but it is still an administrative nightmare to maintain for a business and rarely worth the extra protection provided.

WEP Security - Wired Equivalent Privacy. Useless security option. Really. Most of the new DSL modems I have seen recently have WEP turned on by default (along with wireless) so the company can pretend to have cared about your network security and not get sued. Of course any computer security person would shred that argument in court, so they are depending on people's ignorance to save them from a lawsuit when someone hacks the wireless network they left on by default. WEP is useless.

WPA and WPA2 - Wi-Fi Protected Access. Another set of those 802.11 standards. WPA is the old standard that made use of TKIP (Temporal Key Integrity Protocol); and was designed to replace WEP without much fuss. Unfortunately, people were able to crack the WPA-TKIP standard in 2008. Luckily, the Wi-Fi Alliance people adopted a new 802.11 standard in 2006 that became known as WPA2-AES (Advanced Encryption Standard). The difference between the two standards really is in the encryption algorithms used. Basically, use WPA2.

Pre-Shared Key (PSK) or Personal Mode - Pre-Shared Keys were introduced with WEP and carried forward into WPA and WPA2. It is a passphrase set on any wireless access point that is used to partially encrypt the data sent wirelessly. I say partially, because the encryption actually changes once the connection is established. You can read up on the entire 802.11 IEEE standards if you really care about useless information, or just want to hit that homerun during your next technical interview. Anyway, all wireless devices are supposed to support PSK and it is more than adequate for personal home networks (hence the Personal Mode pseudonym) and even most businesses; assuming the passphrase is sufficiently complex (getting to that in just another moment).

RADIUS Server or Enterprise Mode - Sometimes mistakenly called EAP or Extensible Authentication Protocol (PSK above is a flavor of EAP, hence the mistakenly part). Enterprise mode uses a RADIUS server like Microsoft IAS or Cisco ACS to provide the authentication methods for wireless connections. A pre-shared key still exists between the RADIUS server and the wireless device, but it expires after a preset period of time and is changed out automatically. This is the mode to use for any business with a RADIUS server.

Strong Passphrases - Every wireless device has at least three passphrases that can be set. The first is the one used to access the wireless device in order to make configuration changes. The second is the SSID. The third is the Pre-Shared Key (may not be used though). Treat each of these as a secure passphrase. Each of these passphrases should be unique from one another. Each of these passphrases should be exactly that, a passphrase instead of a password. Each of these passphrases should be complex in nature, meaning include at least one upper case letter, one lower case letter and one number or symbol. Each of these passphrases should be at least 16 characters long. Do not use your name or your company's name for any of these passphrases. Read my entry entitled Computer Security 101 - Part 2 - Passwords if you have not done so already.
Wireless security is constantly changing and improving, as well as having previous methods become weakened or obsolete. A few years ago you would probably have been told an eight (8) character password was sufficient to protect against a brute force attack, two years ago it would have been 13 characters, now I personally recommend 16 character complex passphrases (thanks in part to GPU offloading). There are also newer features put forward by the Wi-Fi Alliance that will automatically configure wireless security between devices using various methods. All that being said, let's actually cover the concrete security methods that should be put in place.

First thing is first. Shutdown all wireless access points and routers that are absolutely not needed. Move onto the next step if you are doing all this for your home or a small office (two paragraphs down); otherwise grab yourself a laptop with a wireless card and start walking your perimeter. You will want a wireless card that supports at least 802.11 b and 802.11 g network standards; 802.11 n is currently an added bonus, but is increasingly becoming a requirement. As you walk around refresh the available wireless network screen and see what you see. Write down each and every wireless network you find and the locations you find it in. Write down the SSID if it is available. Write down the security level (WPA2-AES, WPA-TKIP, etc) that each wireless network lists as being used. Connect to unsecured wireless networks and see if it is part of your network or perhaps something from the Starbucks next door. There are free tools available on the Internet to help in all this (mostly for Linux, but still plenty for Windows), just don't spend any money.

Now that you have identified all the Rogue airwaves (not necessarily Rogue Networks) in your company space, see what you can identify. Use a little common sense in this practice. If a wireless network is strongest in the eastern region of your building, talk to the departments in that area. If there are other companies in the Eastern region, see if they are running wireless. Pretty simple stuff. Once you identify all that you can identify, the rest is considered a Rogue Network and needs to be found. Again, there are freely available software applications and instructions elsewhere on the Internet (like making a focused antenna with a Pringles can). Find these Rogue Networks (assuming they are actually on your company's network) and eliminate them.

Assuming you need a wireless network to not be shutoff, the next thing to do is setup an actual secured wireless network. The best possible combination of security layers available is to segment the wireless network (at work, probably not home), use WPA2-AES protocols, disable SSID broadcast, and use strong passphrases (complex and 16 characters or longer). A company that has a RADIUS server should make use of Enterprise mode WPA2. Discuss with whoever handles your RADIUS server as to which EAP types are available. Everyone else has to use EAP-PSK, or Personal mode; again with a strong passphrase. MAC Address filtering provides very little added benefit at this point, so ignore it. It would be like putting an umbrella over a submarine to protect against the rain.

There. Done. That is currently the best configuration available for an active wireless network setup. The problem is each device (laptop, PDA, tablet, etc) that is going to connect to the wireless network must be setup now. This is generally not a big deal as it requires each device to only be setup once (set-and-forget). The real problem comes from C-level executives who believe they are tech-savvy and, worse still, salespeople (regardless of their tech level).

Both of these groups of people generally have no idea why they need an IT department to begin with. All those damn geeks do is make things more complicated than it needs to be. They do not want to call IT when their 4 year old is using mommy's laptop in the office and needs wireless access, or when a salesperson has a client in who needs to check their email. This is where wireless becomes unsecure once again. Ideally there is a strong CIO (CSO would be even better) who will insist that policy is policy and the wireless has to remain secure. Even without that CIO you still have a few things you can do to keep your network secure.

The first thing to do in the above scenario is to pick a good location for the "open" wireless. Conference rooms near the center of a building between floors two and five are excellent choices (first floor gets the most non-work traffic. Too high up in a building and, because of signal bounce, you can become a radio station broadcasting to the world). Picking locations like this for open wireless access points will reduce the likelihood of outside persons gaining access to your wireless network. Some wireless routers and access points offer further assistance here by allowing the signal broadcast strength to be reduced, thus decreasing the distance available to connect to the wireless network. Almost every sales person or C-level exec will be satisfied with someone telling them "There is wireless available in the third floor conference room," as opposed to not at all.

The next step is to segment the open wireless network from the rest of the network. As much as is possible that is. A little guided research is required to discover what the use of the wireless network will be. Leading questions are great here such as, "I can setup the third floor conference room for wireless Internet access. Will that work for your sales team?" The answer will be "yes" and you can segment that wireless network from everything but Internet access.

The last step is to turn off the wireless. A good majority of commercially available wireless routers have some sort of scheduling built-in. This can range from allowing wireless access during certain times on certain days, to perhaps blocking certain Internet protocols (block any any) during certain times of the day. These functions can be used to restrict the wireless access to business hours only, which increase the wireless security level slightly (only the truly bold are going to connect illegally to a wireless network when the IT staff is there and alert).

Under normal circumstances the obvious choice is to put into place the most secure wireless settings possible. Failing that, virtually ever business scenario for not having restricted wireless access can be mitigated by combining the various methods of securing a wireless network listed above. A little thought process combined with a few leading questions and you can once again sleep soundly at night.

Herbert 1701 Species C Generations 5 & 6

The strong survive. That is one of those statements thrown around when talking about evolution or natural selection. It is also one of those statements that people opposed to the idea of evolution warp to mean something other than what was intended. Sort of like a woman slapping a man for shouting out "bare run" as he passes her during a jog through the woods. An ultra-feminist takes the verbal words to mean "nude run", where-as a non-biased person would have understood that the man was shouting a warning about a "bear" and that the woman should "run" as a result. It is why scientists rarely use the phrase "the strong survive" any longer.

Natural selection is a much better term that means the same exact thing. An animal of the same species with one genetic trait is more likely to survive than one with a different genetic trait. Which one survives depends entirely on the environment and the other animals around (including ones from the same species). Take for example two moths; one moth is dark brown, the other light brown. Which moth survives? If the two moths are in a forested area where the tree bark is a dark brown, the first moth is more likely to survive. It does not mean the second moth will die out, just that it is less inclined to survive in its given habitat. If the environment has no predators for the moths, then both moths are equally likely to survive.

Evolution Project - Herbert 1701 Species C Generation 5 SchematicHerbert 1701 Species C Generation 5 is an example on this concept. By changing the trigger voltage to a higher value (around 5.6V) we produce a simple adaptation over Generation 4. Up until this point there have been pretty clear reasons behind changes in each generation or species of Herbert. More efficient use of energy, the inclusion of sensors, and the ability to move all have simple logical advantages when implemented correctly (and we covered "correctly" for each as needed). The change in Species C Gen 5 does not provide a definitive advantage over the previous generation, nor is it a definitive disadvantage.

I previously discussed how additional voltage can produce an advantage by offering more power to the motors for stall situations. The disadvantage is that it will generally take longer to reach the trigger point for that higher voltage, and under low light levels that trigger point may never get reached. So which is the winner, a higher or lower voltage trigger point? That is what is unclear.

Evolution Project - Herbert 1701 Species C Generation 6 SchematicWere I a gambling man, my money would be on some sort of balance between voltage levels. Even better would be a variable trigger voltage based on the amount of light that Herbert was currently basking in. Herbert 1701 Species C Generation 6 is the embodiment of this concept. Using an IR LED in a reverse bias configuration produces a max8212 solar engine that varies the trigger voltage based on the amount of IR light available. The configuration shown in this schematic produces a trigger level that varies between approximately 2.68V in low light conditions and around 5.7V in direct Florida sun. It is this variable solar engine that is at the heart of Species C Gen 6.

It might seem as if the variable trigger level would provide an advantage over generations 4 and 5, but like the moths, the advantage depends entirely on the environment. The most efficient method of determining advantages or disadvantages for each adaptation would be through nature's very own Natural Selection process. And that is exactly what I intend to do with each of these three generations. The winner of this selection process will be the generation that I will continue to evolve forward, the others will be shelved (temporarily at least).

Not wanting to bias the selection process in anyway, I will not be determining the environment. Instead, the robotics community has already decided upon the environment that they feel provides the best test of a solar robot's (phototropic artificial robotic lifeform's) ability to survive: The Photovore Competition. The competition rules I have opted to use are the BEAM Photovore rules straight from Robogames. Two Herberts enter, one Herbert leaves.

If only I had an audio track of Tina Turner saying that last bit.

Busy Weekend

Yes, I took a week off. I know. I've only been back at the blog station for a few months and already taking vacations. It's not my fault, my brain made me do it. Actually, my brain wanted me to go away for this entire weekend with only a good book designed to be read strictly for enjoyment. While I do have a new Raymond Feist book sitting on my bookshelf, I am not so sure my brain deserves that much of a vacation. Reading just for pleasure? Preposterous! Gaining knowledge is pleasure enough.

Incase you were wondering, I think I may have snapped a little bit. Mostly the whole Physics thing. I try to do any one thing and instead I am suddenly looking up how my hypothesis is supported by this proof of that theory. Two weeks ago I had never even heard of Frame-Dragging and now I know that it is a whole Relativity space-time distortion thing that was proven partially by Gravity Probe B. I also know how that same proof actually supports my hypothesis 100%. Fourteen million theories to fill in the gaps for one theory, or one hypothesis that doesn't need smoke and mirrors. Baffles my mind which way the science community has gone. Baffles it more that not one of my three readers knows someone who dated someone who knows someone who copied exam answers off a theoretical physicist. Six degrees of separation my ass.

Anyway, despite my brain's protests, I didn't give myself the weekend off. I have electricity producing algae to rotate, a Home Automation audio system to get working, and Herbert generations 4, 5 & 6 to build out. Hmmm. Ooops. Forgot to mention anything about Generations 5 and 6. I'll get a post up for that Monday at the normal time. Sorry. There is also the tutorial on the tactile sensors to post (need to crop the pictures down) and the two part mold making tutorial as well (one part poured mold has been posted incase you missed it). Then there is something about an HD100 in placeshifter mode that no longer wants to work right with my SageTV server. Also the solar air pump that needed a new connector rod to be lathed out and attached. And those are just the additional weekend projects beyond my normal weekend activities.

Busy weekend indeed, but that is precisely the way I like it.

Classical Mechanics Rule

In the entry I Bit My Tongue Off, I spoke about getting thoughts on my brain and needing to let them out. Well, this hypothesis is one of those things. It has had me bouncing ideas off people all day. It has had me reading up on physics, which I have not studied since Nuke school in 1992. It has wormed its way so far around my brain that I just climbed out of bed to write about it.

I do not know if my hypothesis holds water or not. I do not know if it is even an original idea or not, but it is stuck in my head and so I have to try and find out. Let me start by stating the hypothesis again.

Hypothesis: The faster an object is moving relative to a source of energy/force, the less influence said force exerts upon the object.

At this moment, to me, it really is not a hypothesis. More of a postulate (meaning it is a given, a natural fact). But it disrupts so much of the world of physics that I can not assume it to be a fact. Even I am not so arrogant. Ok, maybe I am. So allow me to explain what this hypothesis implies.

Quantum mechanics is a sub-field of mechanics in the realm of the physical laws (physics), the other being Classical mechanics. Quantum mechanics deals with really really tiny things (atomic level and below), while Classical mechanics deals with normal sized things. Basically, everything you can see falls under classical mechanics, everything too tiny to see falls under quantum mechanics, and they both have entirely different rules.

The reason for these two sub-fields is that when physicists (like Einstein) try to explain the behavior of atomic sized particles they run into road blocks with the classical mechanics (the laws and theories people like Newton came up with). The rules seemed to not apply, such as how an electron can just fly around the nucleus of an atom without a degrading orbit (i.e. why doesn't the electron get sucked in by the electromagnetic force of the nucleus). Like good scientists, they made up new rules: Quantum Mechanics. And rather than dealing with absolutes (or things that make sense), quantum mechanics deals mostly with probabilities (or guess work).

Yes, I know; that is a little over simplified and not completely accurate. Bite me.

The implication of this hypothesis is that the classic rules (Classical Mechanics) apply to really tiny things once again. It means that time is linear (no more spacetime). It means that faster than light travel is possible. It means there is only one universe. And it means if you can get going fast enough, you can travel straight through a planet without messing up a hair on your head. Pretty cool, right?

The thing that has really kept this thought going in my head is that all of the evidence I can find to support quantum theories also support (prove) this hypothesis. Even better, the stuff I can find that throws a wrench in quantum mechanics support this hypothesis. I have to go with Occum's Razor on this one.

Let's just cover one of the founding principles of quantum mechanics: stable electron orbits. According to classical mechanics the electron should get sucked in by the nucleus of an atom because of electromagnetism. They don't, so obviously classical mechanics don't apply. Unless you throw in the above hypothesis and then things start to make sense with classic physics.

1. Fact: Electrons travel extremely fast. They travel even faster in an atomic orbit than free flowing. Let's call the speed of an electron M.
2. Fact: Electrons are negatively charged. Protons in the nucleus of an atom are positively charged. This generates an electromagnetic field producing a certain amount of force. Let's term this force X.
3. The amount of force applied to an object varies with things like distance to the source of the force, etc. Let's call the actual applied force on an object A
4. As M approaches zero (0), A approaches 100% of X
5. As M approaches infinity, A approaches 0% of X

The faster the electron travels, the less the electromagnetic force can influence the electron. Electrons do not travel at 0; they travel very fast relative to the nucleus of an atom. Considering the base strength of X is not super strong and with the electron traveling at electron speeds, A has barely enough influence on the electron to keep it in any kind of orbit at all. Just enough force under normal conditions.

Electrons also do not travel in consistent orbits, but the nice thing about an orbit is that the speed relative to any given point on the edge of a nucleus varies. As an electron gets closer to the nucleus, its speed relative to the closest point of the nucleus increases; farther away and it decreases. This provides for a natural adjustment to the change caused in A due to varying the distance between electron and nucleus.

In layman's terms: if you are standing still, I can reach out and grab you with my hand and pull you towards me. If you are walking past me at 3 mph, it is more difficult to do. If you are running at 50 mph, I will probably just break my hand trying. Not an exact comparison, but enough of an analogy that the point should come across.

Anyway, that is the basis of the hypothesis. It explains a lot more than what I have here, but this will work for the time being.

Please tell me where this hypothesis is wrong or what I am missing. Thank You.

Spacetime and Quantum Mechanics

Hypothesis: The faster an object is moving relative to a source of energy/force, the less influence said force exerts upon the object.

Can some physicist explain to me what is wrong with the above hypothesis (postulate) and why it doesn't get rid of quantum mechanics and spacetime entirely? Thank You.

Herbert 1701 Species C Generations 3 & 4

Thus far, Herbert has come along a fair ways during the Evolution Project. From a simple solar engine circuit, to a species with sensors and the capability of movement. In the world of robotics this really seems like a simple thing. In the world of evolutionary robotics this is a huge change. An artificial robotic life form that "just is," to one that is capable of self-sustaining behaviors. That really is huge.

The self-sustaining behaviors are still limited in Species C Gen 2. While Herbert moves towards brighter light sources, it will run into problems in the event of shadows or darkness. Once again we wind up with little comatose Herberts.

The reason for this behavior is the nature of the photodiodes in Herbert's circuitry. When there is minimal or no light hitting each photodiode the current flow to the NPN transistor base (ZTX1047A) is negligible, resulting in the transistor not turning on. Effectively Herbert goes to sleep when there is too much of a shadow over its sensors, regardless of how much energy it has in reserve (the capacitor). Not exactly a high survival genetic trait.

Evolution Project - Herbert 1701 Species C Generation 3 SchematicHerbert 1701 Species C Generation 3 is the solution to this problem. The addition of resistors in parallel with the photodiodes ensures that current will always flow to the transistor bases. This means that while Herbert has energy, the motors will turn and Herbert will continue on in its never ending quest for brighter light. How much the motors will turn depends on the size of the resistors used: too large of values and there is not enough current, too small of values and the photodiodes are effectively removed from the circuit. It is a balancing act that is determined by the characteristics of the photodiodes. While I am certain there is an electrical formula to determine the proper value, I used the trial and error method to come up with a value of approximately 50k ohms.

The next area of improvement for Herbert is in the form of additional senses. Species C Gen 3 possesses the ability to move toward brighter light sources, but will happily charge headlong into a wall and make a futile attempt to move the wall while expending all its energy.

Evolution Project - Herbert 1701 Species C Generation 4 SchematicCombating this overly ambitious and self destructive behavior, Herbert 1701 Species C Generation 4 develops a rudimentary sense of touch. As can be seen in the schematic, this rudimentary sense of touch occurs through the addition of two momentary (normally open) switches. In the robotics world these are generally termed tactile sensors. When one of these tactile sensors is triggered it causes near full current flow to the base of the corresponding NPN transistor, bypassing the photodiodes and, hopefully, causing Herbert to turn away from the object it touched.

A little side note here. When it comes to parts for solar robots, I almost always purchase from Solarbotics. Their prices are fair, their customer service is exceptional, and their quality is generally excellent. They are the premier for solar robotic supplies. As much as I love the company, I hate their omnidirectional tactile sensors. Perhaps it is just me, but I can never assemble these things to work well. And at $4.50 a pair, they are too expensive for me to be screwing up as often as I manage. Instead of trying "to get it right" any longer, I have created my own style of tactile sensor, which is basically the exact reverse of the Solarbotics tactile sensors. I will be posting a tutorial on the creation of these tactile sensors shortly, which I feel are less expensive overall and easier to assemble correctly, each and every time.

Returning back to Herbert, you may have noticed a lack of bread boarding for these two generations. That is because I have begun creating a fully functional artificial robotic life form with this species. This means using etched PCBs and actually soldering in parts. But rather than limit the PCB to a single generation, I have opted to include space for the components of generations four, five and six. So please ignore the through holes and solder pads that contain nothing in the following pictures (ignore the solder job as well, it was the only class I missed in Nuke school).

Evolution Project - Herbert 1701 Species C Generation 4 Circuit Evolution Project - Herbert 1701 Species C Generation 4 Circuit

Should anyone so desire it, the ExpressPCB board layout can be accessed here: Herbert 1701 Species C Generation 4 PCB

If you decide to etch your own board, three circuit boards will fit on the standard RadioShack 2-sided copper PCB board and I have included the ExpressPCB board layout for printing both sides onto transfer film here: Herbert 1701 Species C Generation 4 Double Sided PCB Print Out

Lastly, the electrical component part list can be downloaded here: Herbert 1701 Species C Generation 4 Parts List. All of the connector components are not required if you wished to solder each to the PCB directly (labeled "OPTIONAL" on the sheet). I'm on a budget, so I reuse what I can by using connectors.

A Few Site Changes

I love Serendipity. The word and the blog. Going through and making changes to this blog has been so simple thanks to all the work the developers have put into the core product and the plugins. There are a few things I have had to tweak in the PHP code, but that is only because I like to make it "all my own."

For those of you who could not tell already, I did in fact decide to go with the sticky entry to provide a quick blurb for new visitors. I have also opted to whore myself out and throw up the Google AdSense plugin. If all of my readers decide to click an advertisement I could probably afford to pay for 20 seconds of my monthly web hosting bill. Sweet. That aside, I am quite happy that it has been showing advertisements related to networks and security, as opposed to porn. Of course I think I disallowed porn advertisements when I setup my AdSense account, so that might explain it.

Speaking of whoring myself, you might also notice I changed the picture of me in the right hand corner. That is the most recent photo of myself from all of two days ago (there is one from yesterday someplace, but I don't have it yet). A new photo just in time for me to have cut my hair off and make the new photo no longer accurate. Good stuffs.

Computer Security 101 - Part 4 - LAN

Continuing the outside-in approach to security, once you make it past all the routers, firewalls and Demilitarized Zones (DMZ) you eventually come upon the local area network, or LAN for short. Stop! Hold it! Router? DMZ? Why didn't this stuff get covered? How can we possibly move on when I just mentioned two things that were not covered on the way in from the Internet?

The short answer is that they were covered, just not spoken about directly. As I mentioned during Part 3, a firewall is a specialized router. If you are using a router as part of your security approach, you are using it as a firewall. As to the whole DMZ thing, well that is just the area of a network that lies between the Internet and your local network. This is usually the "optional" network port off of a firewall or, ideally, the space between an external firewall and an internal firewall. There. Happy now?

For the majority of computer networks out there, your entire network is your LAN. A good chunk of companies have wide area networks (WAN) of one flavor or another, but with technology the way it is these days, the wide part has gotten really thin. Without a geographic map for a guide, it has become increasingly more difficult to tell the difference between a local resource and a remote resource. In effect, a WAN should be treated as just another segment of your LAN.

You might have noticed that the word segment was a link up there. That's because segment is an important word when it comes to LAN security and I wanted to make sure everyone knew what it meant. The first definition listed will do. A segment is just a section or part of the whole. Nothing overly technical about that. It is important because segments are what help secure a LAN.

In order to understand this, we need to delve into a little technical mumbo-jumbo. All networks have some sort of addressing scheme, Internet Protocol (IP) addressing is the most common (FYI, there is NO SUCH THING as TCP/IP addressing, there is only IP addressing), so we will use IP addressing for this example. Every device on a network has some sort of address attached to it, again, usually an IP address. In order to talk to a device from your computer you need to have that device's IP address. With me so far?

There are three main ways to get a device's IP address. The most common method is through domain name service resolution (DNS). DNS is the IP address resolution method of the Internet and most networks. It basically works like calling telephone directory information to get a phone number. Your computer knows to dial 411 when it needs an address; the DNS server is the operator that answers 411 and tells your computer what the IP address is for a given device.

A second, older method of getting an IP address for a device is through WINS resolution. WINS has been made obsolete by DNS, but there are some networks out there that continue to use it for one reason or another. WINS works in the same way as the DNS-operator analogy above.

The last method of your computer finding an IP address (that it does not know already) is to send out a broadcast. Most network communications are unicast, meaning one device to one device. Basically like a normal phone call. Broadcast is a scream out to an entire network segment, meaning one device to every device. It is comparable to a mom in the grocery store whose 4 year old has wandered off to the cereal isle. Everyone knows little Timmy is missing.

Broadcasts might be good to find little Timmy in a grocery store, but on a network they tend to be bad. When mom screams out "Timmy" in that oh-so-shrill voice of hers, EVERYONE stops what they are doing and looks up. Broadcasts on a network are the same way, every device has to take the moment to recognize the broadcast and either ignore it, or respond. The primary security problem is in that response, notice I did say primary though.

We'll use another example to see exactly what the problem with that response is. In this example Timmy is a little mentally slow (all the screams from his mom melted his brain), but he is carrying a knapsack with $1,000,000.00 in it (Timmy is very strong). Timmy is someplace in a clothing store; in order to get that cool million bucks you just need to find Timmy. Clothing stores are generally wide open areas, with little to block sound, so when you yell out, "Timmy," he is going to respond back with a nice loud, "Here!" As I said, he is a little mentally slow, so he'll respond to anyone saying his name. One million dollars in the bank later and you are a happy camper.

Now what if Timmy was someplace in a multi-floor, multi-company office building? Walk through the front door, yell out for the kid, and you are not getting anywhere. Oh, you might get really lucky and find him standing there in the lobby, one finger in his nose, the other scratching who-knows-what; but given the number of floors, companies and rooms, the odds are against you. Makes it a lot more difficult to find that million dollar prize. Also, the more you wander the building yelling out for Timmy, the more likely someone is going to take notice and have you escorted away by security.

Relating Timmy's story back to your network, if your LAN is one big happy segment (the clothing store) with all the devices on that same segment and a hacker gets onto your LAN, it makes his life really easy to find the million dollars by using broadcast shout outs. If you divide your network up into multiple segments (the office building), you just made the hacker's job a lot more difficult. Just like with the office building, the more the hacker has to wander your network to find something, the better a chance of getting caught or, at the very least, leaving a nice trail of breadcrumbs back to them.

The second security problem with broadcasts is that everyone looks up to see mom screaming before ignoring her again. It is only an instant of time, but imagine if the grocery store was full of 1000 screeching mothers looking for Timmy. Not much shopping is going to get done in that grocery store. That is the equivalent of a broadcast attack on a LAN. Not very common, but it has happened and will bring a network to a screeching (pun intended) halt. Segmentation helps with this as well.

The better you can isolate sections of your network from one another, the more secure your LAN becomes. This is done by using subnets, which is the IP address way of breaking up a network into segments. You can think of a subnet as a telephone area code, limiting which numbers are available before you have to change to another area code. In order to do this, and make it count, you will have to use switches instead of hubs (if you are not already). You will also need to ensure your switches are not set to forward broadcast packets (usually the default setting), but are set to relay DHCP requests to a DHCP server (as needed).

Subnets can be either physically broken up networks or more practical Virtual LANs (VLAN). In the physical world, you would decide that everything attached to Switch-A belongs to Subnet-A, Switch-B to Subnet-B, etc; and then place some type of routing device between each. That can mean a lot of pieces of physical hardware. Explaining VLANs fully is a bit beyond the scope here, but using VLANs (which most modern switches support) you divide up each switch into multiple subnets based on different criteria; usually the jack number on the switch (for untagged) or with tagging. As a result of not needing tons of extra hardware, VLANs are a much more practical approach to segmentation.

Through proper network segmenting you can not only provide for a more secure LAN, but also speed up network traffic across your network. If you know accounting uses only one server and little else, you can move that server directly to the accounting subnet. You can also control what information is passed by a DHCP server to each subnet; allowing you to set everything from which DNS server a given subnet uses, to stopping Internet traffic for one particular subnet. Combine that with the above broadcast scenarios and segmentation becomes a very good thing for increasing your LAN security.