From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp118.iad3a.emailsrvr.com (smtp118.iad3a.emailsrvr.com [173.203.187.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 213263CB42 for ; Wed, 21 Nov 2018 18:13:34 -0500 (EST) Received: from smtp23.relay.iad3a.emailsrvr.com (localhost [127.0.0.1]) by smtp23.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id D9EA725006; Wed, 21 Nov 2018 18:13:33 -0500 (EST) X-SMTPDoctor-Processed: csmtpprox beta Received: from smtp23.relay.iad3a.emailsrvr.com (localhost [127.0.0.1]) by smtp23.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id D4E0625139; Wed, 21 Nov 2018 18:13:33 -0500 (EST) Received: from app21.wa-webapps.iad3a (relay-webapps.rsapps.net [172.27.255.140]) by smtp23.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 9B13525006; Wed, 21 Nov 2018 18:13:33 -0500 (EST) X-Sender-Id: dpreed@deepplum.com Received: from app21.wa-webapps.iad3a (relay-webapps.rsapps.net [172.27.255.140]) by 0.0.0.0:25 (trex/5.7.12); Wed, 21 Nov 2018 18:13:33 -0500 Received: from deepplum.com (localhost.localdomain [127.0.0.1]) by app21.wa-webapps.iad3a (Postfix) with ESMTP id 8892BC18A0; Wed, 21 Nov 2018 18:13:33 -0500 (EST) Received: by apps.rackspace.com (Authenticated sender: dpreed@deepplum.com, from: dpreed@deepplum.com) with HTTP; Wed, 21 Nov 2018 18:13:33 -0500 (EST) X-Auth-ID: dpreed@deepplum.com Date: Wed, 21 Nov 2018 18:13:33 -0500 (EST) From: "David P. Reed" To: "Dave Taht" Cc: "Make-Wifi-fast" , "David Lang" MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_20181121181333000000_88005" Importance: Normal X-Priority: 3 (Normal) X-Type: html In-Reply-To: References: <1542820669.4117191@apps.rackspace.com> Message-ID: <1542842013.557326146@apps.rackspace.com> X-Mailer: webmail/15.4.6-RC Subject: Re: [Make-wifi-fast] Car tire tracking X-BeenThere: make-wifi-fast@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2018 23:13:34 -0000 ------=_20181121181333000000_88005 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable =0AThe XTRX probably can do LTE transmission and reception. Of course LTE's= protocols are the real barrier - compared to 3G, it's like SS7 vs. manual = switchboards. There's a lot of code to write to do all the LTE functionalit= y - certainly bigger than your Linux Internet stack. It doesn't come with P= A's capable of transmitting at LTE power levels, but its LNA's probably are= fine. The current XTRX CS doesn't have reference clock stability needed fo= r LTE (its reference clock is 500 ppb). The next version called the XTRX Pr= o, scheduled for delivery in January, does (100 ppb). This is important for= reliable OFDM on a shared channel. Software types generally don't pay atte= ntion to this issue as much as they should.=0A =0AThe reason I got the XTRX= is that it is very small, mini PCIe sized, and also USB 3.0 compatible wit= h a small carrier and metal housing.=0A =0AI have also got an order in at C= rowdSupply for a LimeNET Micro, same kind of modest price, but it has its o= wn computer, a Raspberry Pi compute module. It will be delivered in a few m= onths, when they start manufacturing. The performance characteristics are n= ot in the XTRX's professional category, but it's super portable and general= purpose, andwith the Pi's multicore ARM processor is very fast for DSP, wh= ile being self-contained.=0A =0AI can legally self-certify and operate both= of them as MIMO transceivers in SDR modes as a licensed Amateur, in a larg= e set of wideband modes and bands at whatever power I like (up to 1.5 kW, i= f I add a PA that can do that), as long as I live within the "no commercial= use", "no music" rules, identify my transmissions every few minutes, and = share nicely.=0A =0AThat's what the worldwide Amateur Radio licensing regim= e affords to us in Hacker Culture (not the modern definition of scary crimi= nals, but the meaning of Hacker that we used at MIT in the 1970's). Transmi= tting outside the Amateur bands is, of course, not legal for me to do, as i= s listening to cellular communications bands. (I'm not sure what other SDR = researchers are doing - my informal survey suggests that many students doin= g SDR are transmitting illegally, as they don't have licenses and their equ= ipment isn't certified. The stuff I want to do is very QRP and very wideban= d so disturbing any FCC licensee sharing the band is very unlikely anyway.= =0A =0A =0A-----Original Message-----=0AFrom: "Dave Taht" =0ASent: Wednesday, November 21, 2018 4:06pm=0ATo: dpreed@deepplum.com,= "Make-Wifi-fast" =0ACc: "David Lang"= =0ASubject: Re: Car tire tracking=0A=0A=0A=0AOn Wed, Nov 21= , 2018 at 9:17 AM David P. Reed wrote:=0A>=0A> Schnei= er wrote in 2008 that some TPMS's have unique identifiers in the tire press= ure sensors, and that the government requires that they be registered! http= s://www.schneier.com/blog/archives/2008/04/tracking_vehicl.html=0A>=0A>=0A>= =0A> He seems to be a reliable source, but I'm skeptical that the tires rad= iate bluetooth signals for a lot of reasons. However, that doesn't make it = less troubling.=0A>=0A>=0A>=0A> Now I am motivated to develop a software re= ceiver that can tell me my tire pressure sensor info. Good use for my new X= TRX that just arrived, serendipitously, today.=0A=0APretty cool. Does it al= so already do LTE?=0A=0A>=0A>=0A>=0A> Gotta find the specs of the radio sys= tem (hopefully NOT bluetooth) somewhere. If the gov't requires it to be a s= tandard, it's probably open to the public.=0A>=0A>=0A>=0A> And then I can h= ave fun hacking other people by sending fake tire pressures for their tires= !=0A=0AHeh.=0A=0A>=0A>=0A>=0A> RTL-SDR probably can handle receiving what I= suspect is the actual coding, though it's can't handl bluetooth frequency = hopping.=0A>=0A>=0A>=0A>=0A>=0A> -----Original Message-----=0A> From: "Davi= d P. Reed" =0A> Sent: Wednesday, November 21, 2018 11:= 48am=0A> To: "David P. Reed" =0A> Cc: "David Lang" =0A> Subject: Car tire tracking=0A>=0A> I think everyone who wo= rks in "wireless", especially mobile wireless, should become well aware of = privacy concerns.=0A>=0A>=0A>=0A> Privacy isn't just about secrecy, but abo= ut how information gathered by sensors is used by others. Now that it's tri= vial to gather terabytes of personally sensitive information and analyze it= , we have to live in a Surveillance Society whether we like it or not. My o= wn thinking (admittedly anarchist-libertarian) is that Norms need to grow, = because Laws can't. Engineers (the ones who design and maintain systems) ha= ve professional responsibilities for the societal impacts of their systems.= THey are not allowed to subcontract that to the people who specify or regu= late their output.=0A>=0A>=0A>=0A> So if we know how to, or can invent a wa= y to, maintain privacy better for all (users and bystanders), we really mus= t.=0A>=0A> The shareholders/owners of profit-maximizing companies won't, an= d the government (even the elected one) won't.=0A>=0A>=0A>=0A> Which is why= I am following up on tire pressure gauge unique addressability. Anonymous = car presence detection is a whole 'nother thing.=0A>=0A>=0A>=0A> By the way= , Dave, I'm sure you know that the WiFi MAC is the technology standard of c= hoice for inter-vehicle communications in the Transportation departments an= d ministries of the world. One thing to argue for is to require MAC address= randomization and periodic (every 10 minutes?) changes.=0A>=0A>=0A>=0A> Co= nvoying in the Smart Car and Autonomous Car industries is an important desi= gn goal. That requires some kind of "addressing" but it really should be no= n-unique, anonymizing. That follows the standard Principle of Least Privile= ge in systems architecture, which every engineer of information and control= systems should have at front of mind for new designs.=0A>=0A>=0A>=0A> Fort= unately, nearly all users of the 802.11 protocol assume that the MAC addres= s can dynamically change, and the hardware in the 802 standard devices all = seem to support it.=0A>=0A> IPv6 actually supports (and IETF best practices= encourage) randomization of the lower 64 bit half of the 128-bit address, = with the upper 64 bits being the coarse grained routing mechanism, includin= g subnetting. So one can indeed randomize at the IPv6 level for privacy, gi= ven the design that allows multiple v6 addresses per interface. You can hav= e different "personae" in IPv6.=0A>=0A>=0A>=0A> This good-privacy-in-the-de= sign can get broken by thoughtless engineering.=0A>=0A>=0A>=0A> That's why = I spread the word.=0A>=0A>=0A>=0A>=0A=0A=0A=0A-- =0A=0ADave T=C3=A4ht=0ACTO= , TekLibre, LLC=0Ahttp://www.teklibre.com=0ATel: 1-831-205-9740 ------=_20181121181333000000_88005 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

The XTRX probably can = do LTE transmission and reception. Of course LTE's protocols are the real b= arrier - compared to 3G, it's like SS7 vs. manual switchboards. There's a l= ot of code to write to do all the LTE functionality - certainly bigger than= your Linux Internet stack. It doesn't come with PA's capable of transmitti= ng at LTE power levels, but its LNA's probably are fine. The current XTRX C= S doesn't have reference clock stability needed for LTE (its reference cloc= k is 500 ppb). The next version called the XTRX Pro, scheduled for delivery= in January, does (100 ppb). This is important for reliable OFDM on a share= d channel. Software types generally don't pay attention to this issue as mu= ch as they should.

=0A

 

=0A

The reason I got the XTRX is that it is very small, mini PCIe sized, a= nd also USB 3.0 compatible with a small carrier and metal housing.

=0A 

=0A

I have also got an ord= er in at CrowdSupply for a LimeNET Micro, same kind of modest price, but it= has its own computer, a Raspberry Pi compute module. It will be deliv= ered in a few months, when they start manufacturing. The performance charac= teristics are not in the XTRX's professional category, but it's super porta= ble and general purpose, andwith the Pi's multicore ARM processor is very f= ast for DSP, while being self-contained.

=0A

 <= /p>=0A

I can legally self-certify and operate both of t= hem as MIMO transceivers in SDR modes as a licensed Amateur, in a large set= of wideband modes and bands at whatever power I like (up to 1.5 kW, if I a= dd a PA that can do that), as long as I live within the "no commercial use"= ,  "no music" rules, identify my transmissions every few minutes, and&= nbsp;share nicely.

=0A

 

=0A

That's what the worldwide Amateur Radio licensing regime affords to us= in Hacker Culture (not the modern definition of scary criminals, but the m= eaning of Hacker that we used at MIT in the 1970's). Transmitting outside t= he Amateur bands is, of course, not legal for me to do, as is listening to = cellular communications bands. (I'm not sure what other SDR researchers are= doing - my informal survey suggests that many students doing SDR are trans= mitting illegally, as they don't have licenses and their equipment isn't ce= rtified. The stuff I want to do is very QRP and very wideband so disturbing= any FCC licensee sharing the band is very unlikely anyway.

=0A

 

=0A

 

=0A

-----Original Message-----
From: "Dave Taht" <dave.taht@gmail= .com>
Sent: Wednesday, November 21, 2018 4:06pm
To: dpreed@dee= pplum.com, "Make-Wifi-fast" <make-wifi-fast@lists.bufferbloat.net>Cc: "David Lang" <david@lang.hm>
Subject: Re: Car tire tracki= ng

=0A
=0A

On Wed, Nov 21, 2018 at 9:17 AM David P. Reed <dpreed@deepplum.com>= ; wrote:
>
> Schneier wrote in 2008 that some TPMS's have u= nique identifiers in the tire pressure sensors, and that the government req= uires that they be registered! https://www.schneier.com/blog/archives/2008/= 04/tracking_vehicl.html
>
>
>
> He seems to= be a reliable source, but I'm skeptical that the tires radiate bluetooth s= ignals for a lot of reasons. However, that doesn't make it less troubling.<= br />>
>
>
> Now I am motivated to develop a sof= tware receiver that can tell me my tire pressure sensor info. Good use for = my new XTRX that just arrived, serendipitously, today.

Pretty co= ol. Does it also already do LTE?

>
>
>
&= gt; Gotta find the specs of the radio system (hopefully NOT bluetooth) some= where. If the gov't requires it to be a standard, it's probably open to the= public.
>
>
>
> And then I can have fun ha= cking other people by sending fake tire pressures for their tires!
Heh.

>
>
>
> RTL-SDR probably can = handle receiving what I suspect is the actual coding, though it's can't han= dl bluetooth frequency hopping.
>
>
>
>
>
> -----Original Message-----
> From: "David P. Reed"= <dpreed@deepplum.com>
> Sent: Wednesday, November 21, 2018 1= 1:48am
> To: "David P. Reed" <dpreed@deepplum.com>
> = Cc: "David Lang" <david@lang.hm>
> Subject: Car tire tracking=
>
> I think everyone who works in "wireless", especially m= obile wireless, should become well aware of privacy concerns.
>
>
>
> Privacy isn't just about secrecy, but about how = information gathered by sensors is used by others. Now that it's trivial to= gather terabytes of personally sensitive information and analyze it, we ha= ve to live in a Surveillance Society whether we like it or not. My own thin= king (admittedly anarchist-libertarian) is that Norms need to grow, because= Laws can't. Engineers (the ones who design and maintain systems) have prof= essional responsibilities for the societal impacts of their systems. THey a= re not allowed to subcontract that to the people who specify or regulate th= eir output.
>
>
>
> So if we know how to, o= r can invent a way to, maintain privacy better for all (users and bystander= s), we really must.
>
> The shareholders/owners of profit-m= aximizing companies won't, and the government (even the elected one) won't.=
>
>
>
> Which is why I am following up on = tire pressure gauge unique addressability. Anonymous car presence detection= is a whole 'nother thing.
>
>
>
> By the w= ay, Dave, I'm sure you know that the WiFi MAC is the technology standard of= choice for inter-vehicle communications in the Transportation departments = and ministries of the world. One thing to argue for is to require MAC addre= ss randomization and periodic (every 10 minutes?) changes.
>
&= gt;
>
> Convoying in the Smart Car and Autonomous Car indus= tries is an important design goal. That requires some kind of "addressing" = but it really should be non-unique, anonymizing. That follows the standard = Principle of Least Privilege in systems architecture, which every engineer = of information and control systems should have at front of mind for new des= igns.
>
>
>
> Fortunately, nearly all users= of the 802.11 protocol assume that the MAC address can dynamically change,= and the hardware in the 802 standard devices all seem to support it.
= >
> IPv6 actually supports (and IETF best practices encourage) r= andomization of the lower 64 bit half of the 128-bit address, with the uppe= r 64 bits being the coarse grained routing mechanism, including subnetting.= So one can indeed randomize at the IPv6 level for privacy, given the desig= n that allows multiple v6 addresses per interface. You can have different "= personae" in IPv6.
>
>
>
> This good-privac= y-in-the-design can get broken by thoughtless engineering.
>
&= gt;
>
> That's why I spread the word.
>
>>
>



--

Dave T=C3=A4ht
CTO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-831-205-9740<= /p>=0A

 ------=_20181121181333000000_88005--