esp8266 relay

Just some quick notes on using 5V esp8266 relay module. Manufacturers page seems to be this even though terminal and pin positioning on the pictures is a bit different.

For just ~2.4€ it will give you the ability to switch electrical loads over Wi-Fi 🙂

There are actually 2 basic designs floating around on Aliexpress. The one that I’m talking about here is where esp8266 module plugs into the mainboard through 8 pin connector like this:

The other one integrates esp8266 on the relay board directly.

From the shipping perspective this modular design is a bit unfortunate since cheap/free shipping from Aliexpress will usually arrive in normal soft envelopes that just have 1 layer of bubble wrap as a padding.

As a result all 3 boards that I ordered arrived looking like this:

Nevertheless they actually worked fine. I was probably just lucky though and I kind of like modular things more in principle.

Interesting thing about this modular design though is that the relay is actually controlled by the STC 15f104W MCU on the main board which is programmed to turn the relay on when it sees “\xa0\x01\x01\xa2” on its UART port and off when it sees “\xa0\x01\x00\xa1“.
That UART is accessible either through the 4 PINs between the screw terminals or input from the esp8266. So you can actually run it without the esp8266 and control the relay directly over UART PINs or even reprogram the 15f104w.

ESP8266 board comes flashed with esp8266 AT firmware which allows esp8266 to be controlled using AT commands on the serial port.

By default the module comes in AP mode which means that it will show up as an Wifi access point that you can connect to. I wasn’t really interested in that so I reconfigured it to connect as a client to my main wifi network.
To reconfigure ESP8266 you have to connect UART over the 4 pins between the screw terminals using an USB to UART TTL cable like this:

I just happened to have the 5V power supply also connected but it’s not really required at this step, just for reconfiguring power from USB should be enough.

This can be done like this:

$picocom -b 115200 --omap crcrlf /dev/ttyUSB5

After this, communications will switch from 115200 to 9600 baud so you will lose the link and would need to switch picocom to 9600 baud to do anything further. But anything else isn’t really required anyway for our simple use case, so just disconnect picocom with CTRL+A CTRL+X.

AT+CIFSR command should have printed out what is the IP of the module. In my case it looked like this:


Now you can just create a TCP connection to that IP at port 8080 and send the relay commands that I mentioned before. ESP8266 will pass these to the STC 15f104W MCU which in turn will control the relay.

As an example here’s a trivial python script that will connect to the relay and turn the relay on and off in an endless loop in 4s intervals:

import sys
import time
import socket
IP = ""
PORT = 8080
RELAY_OPEN_CMD = "\xa0\x01\x01\xa2"
RELAY_CLOSE_CMD = "\xa0\x01\x00\xa1"
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((IP, PORT))
while 1:

And here’s how the result looks like: 2016

pgconf  2016.11.04 16:15:14

Since this year’s European PostgreSQL conference happened to take place in my home country I just couldn’t pass the opportunity to go.
I’m not really a huge PostgreSQL user though — I mostly use it for personal projects, but have also done at least one rather unconventional proof-of-concept project on it at work (a largeish graph DB).

At work the main production databases that I’m currently responsible for (or have been in the past) are all based on MySQL/MariaDB, but this is mainly because these decisions were made 10+ years ago when the pros and cons of each choices were quite different than they are today. It’s rather likely that for all the new projects I would rather use PostgreSQL.

I won’t go over the talks one by one but rather share some general themes that I noticed.


There’s a German word Zeitgeist which loosely means the spirit of the time. I have begun to notice that at conferences there’s often some unifying subtopic of the project that is somewhat unproportionally important to the particular community at that time for some reason. For example at Europython 2010 the zeitgeist was all about concurrency and ways to get around the GIL. At Europython 2015 I barely heard anything about concurrency anymore, even though things at that front haven’t changed much in between — instead everyone was focused on data mining and scientific computing. So anyway I feel that at pgconf 2016 the central topic was replication. There were many talks exploring different approaches to replication and various master-slave switchover orchestration tools. It will be interesting to see what solution the community will settle on in the next couple of years.


PostgreSQL has been gaining a lot of popularity over the recent years, probably mainly because of the uncertainty related to MySQL after Oracle bought it. This also means that many commercial companies see opportunities in selling support/consultancy around postgres related things. In general for-profit companies tend to be interested in having something to differentiate themselves from the competition so they are somewhat inherently motivated to create custom extensions and solutions instead of working together. It certainly felt at the times that each company at the conference had a different solution for handling replication and cluster orchestration each with its own up- and downsides. Let’s just hope it doesn’t end with a full scale Unix wars scenario. PostgreSQL has always had a rather rich landscape of forks so maybe they have already learned to handle this somehow.

Where to do the complex stuff?

There were several talks about some of the more powerful constructs and capabilities of PostgreSQL from window functions, recursive CTEs, lateral joins, upserts, aggregate filters to various nosql capabilities, custom datatypes, foreign tables, operator overloading and support for countless programming languages.

Which brings us to a rather classical dilemma: should we use various powerful tools that the DB provides and be tied down to it as a result, or use the DB as a simple datastore and do the complex stuff in the app? I see it as a continuum where on one end you only use simple queries (probably through ORM) and on the other end you have monstrosities like Oracle APEX where even the application itself is in the DB.

The keynote speaker from Adyen said that he believes that the decision to avoid procedures, triggers etc. was the best tech decision they did even though it was for completely different reasons. My experience is more or less the same – I think a good rule of thumb is to avoid non-declarative features but be rather liberal with everything else.

Case studies

For me the most interesting talks at the conference were various talks about real system setups and problems encountered along the way. There were several of these types of talks, starting with the keynote delivered by Michiel Toneman from Adyen which is a quickly growing payment processing company currently serving ~60 billion payments per year. They have been undergoing exponential growth for years which has led to some rather interesting scaling problems. Their master database is currently over 40TB and has 11 tables with a size over 1TB. Their largest table is currently around 11TB. Michiel talked about the reasoning and complexities around choosing PostgreSQL for a payment processing company, which is in a field usually dominated by high cost proprietary databases like Oracle and Sybase. It was interesting that postgres usage at Skype had been kind of a validation that probably made it a acceptable choice elsewhere.

Another interesting talk was about problems that Skype has encountered with PostgreSQL. The interesting part for me was that even though we use MySQL we still have encountered most of the same problems. That’s because many of these problems were just something that you encounter when running DB under serious load (lock queues, small degradations in IO performance having snowball effects, lagging read replicas, cleaning up bloat etc.)

if it hurts, do it more often

For the last month or so me and my partner have taken cold showers in the morning. There are seemingly endless lists of benefits of this available on the Internet so I won’t bore you with another one. For me the main goals were to boost the immune system and to really wake up, both of which it really seems to provide.

It’s also a good exercise of willpower.

We have also extended our open water swimming period. Here’s a nice picture from today of the local bog lake (KĂ”nnu jĂ€rv).
The air was at 15 degrees C and the water probably somewhere around 7 degrees C. After going in, there was this burning cold feeling but it’s kind of enjoyable in its own strange way. After coming out the air actually feels rather warm and there’s this strange heating feeling under the skin all over the body long afterwards.

good news everyone!

The Tom of Finland exhibition in Helsinki has been extended until 13.09.2016.

In addition to many Tom’s works there’s also this Tom-inspired 3D printed drinking fountain in the lobby:
Tom of Finland inspired drinking fountain

It wasn’t usable for its intended purpose for some reason but is still one of the best real uses of 3D printing I have seen so far.

There was also this drawing of a duck by Tom from his youth. As a duck keeper I have to say Tom’s tendency to exaggerate the sizes of certain body parts is indeed clearly visible.
Tom's duck

fixing the temperature sensor

As mentioned in my last post about cheap Chinese wireless temperature/humidity sensors, one of the three devices that I ordered was broken. It did show correct values on the local screen but no messages were seen over the radio link.

I decided to open it up to see if there’s anything obviously wrong inside. Here’s how the internals looked like:
insides of the temperature sensors

The 2 working sensors both had the blue radio module shown on the left and the non-working sensor had the white module shown on the right. Since I had RTL-SDR I decided to see if the broken module sends out any signal at all. I found a very detailed blog post describing the steps for doing it.

Here’s what my signals looked like:
sensor signals

The topmost signal is from the broken radio module as measured ~30cm from the antenna. The next one is the signal from the replacement radio module from the same distance and the last 2 signals are from the two other sensors which were located much further from the antenna.

As we can see the broken signal is rather unstable and can’t hold stable high.
It looks even more interesting when zoomed in:
sensor signals zoomed

Here’s how the sensor looks with the replacement radio module:

The fixed sensor works rather well, the signal is clear from ~20m away through 2 concrete floors.

cheap temperature sensors

I was kind of missing the fun temperature charts that I had at my previous home so I decided to get some sensors for the new house too. Using 1-wire network like I did previously didn’t seem reasonable this time around since my current house has 3 floors and cabling it in a way that wouldn’t be ugly would have taken too much effort.

So instead I decided to find some cheap wireless temperature sensors. It turns out you can get a reasonably looking temperature+humidity sensor with a local display and 433 Mhz radio for just 7€ a piece (with free shipping). You can also buy these sensors in a cheap kit with a central screen that shows values from all the senors plus some additional stuff like clock and sunrise times.

I wasn’t really interested in the central screen, so I just bought 3 sensors.
433Mhz temperature sensors

These sensors display humidity and temperature values on the screen and send out these measurements once a minute. When the sensor sends the message it blinks the red led in the front panel which might be a bit annoying if you place it somewhere where you can see it at night. I would probably tape it over or solder it off under these circumstances.
A switch inside the battery compartment allows you to select the channel which makes it possible to differentiate one sensor from another. The switch has 3 positions so it seems that with the normal central screen you are probably limited to 3 sensors. Technically this channel just changes a value in the message so it’s not a radio channel or something like that.

From the protocol perspective there’s also a 8 bit field called random id(rid) which is initialized when the sensor starts. Using the rid field alone or in conjunction with the channel value allows you to use far more sensors than 3. Since rid isn’t under your direct control it might take a bit of fiddling to find a free ID with a larger number of sensors and at some point you will probably have too many collisions in the air but I imagine using 10-20 of these sensors wouldn’t be a problem.

Since I didn’t buy the central screen I still needed a way to actually listen for the measurements that these sensors broadcast. It turns out cheap RTLSDR compatible DVB-T receivers can be used for that purpose with the RTL 433 application.
So I bought the receiver USB dongle with an external antenna and remote from ebay for ~10€.
rtlsdr dongle with antenna

Once RTL 433 is installed all you need to do to listen for the measurements is to run the rtl_433 command:

# rtl_433 -R 3 -F json
{"time" : "2016-02-13 23:10:19", "model" : "Prologue sensor", "id" : 5, "rid" : 55, "channel" : 2, "battery" : "OK", "button" : 0, "temperature_C" : 10.000000, "humidity" : 52}
{"time" : "2016-02-13 23:10:24", "model" : "Prologue sensor", "id" : 5, "rid" : 170, "channel" : 3, "battery" : "OK", "button" : 0, "temperature_C" : 23.400000, "humidity" : 29}
{"time" : "2016-02-13 23:10:33", "model" : "Prologue sensor", "id" : 5, "rid" : 51, "channel" : 1, "battery" : "OK", "button" : 0, "temperature_C" : 19.800000, "humidity" : 39}

This output can be easily interfaced to whatever system you use for home automation. My graphs look like this:
temperature on floor 2

My receiver is located on the second floor and the furthest sensor is about 20 meters away through 2 concrete floors and there don’t seem to be any communication problems so far.

One of the sensors came with a faulty radio that I had to replace, but more on that in a separate posting later.

iceskating on the bog pools

This winter started with a sudden cold wave without snow which created perfect conditions for cross-country skating.
Such as this clear and thick (~10cm) ice on our pond:

ice on pond

The pond is a bit small though for serious skating so we headed for the bogs.

Since about 20% of Estonia is covered with wetlands we have lots of bogs to choose from. My partner happens to be a bog enthusiast so we tend to go to different ones too.

Bog pools are nice for skating for a couple of reasons. They are usually shallower than lakes so they tend to freeze faster. Secondly bog pools form interesting systems with lots of nooks, crannys and islands which might be a bit more interesting than skating on a big lake.

We started with a skating trip to Suru Suursoo with on the afternoon of New Year’s Eve. There we skated on two different bog pool systems, TallekesejĂ€rv and Suursoo umbjĂ€rv:

Suursoo umbjÀrv

And here’s just a random picture of how nice the frozen bog looks like
Suru suursoo in the winter

Next day we went to KÔnnu jÀrv which is located near our home. That one is more of a lake than bog pool:

skating on frozen KÔnnujÀrv

And finally we went to Mukri soo where we skated on Lake Eidapere.

skating on Eidapere jÀrv

As you can see each successive picture has a bit more snow on it so it’s rather likely that by now there’s too much snow for skating. That’s really the only downside of cross country skating – the natural conditions suitable for it are present for a week or so per year and sometimes even less.


KĂ€isin lĂ€inud aasta lĂ”pus 31C3’l, millest allpool toodud mĂ”ned mĂ€lestused ja mĂ”tted.

Chaos Communication Congress (CCC) on igaastane, 4 (öö)pĂ€evane Saksamaal toimuv rahvusvaheline hĂ€kkerite kokkusaamine. Seekord toimus konverents 31 aastat ja on kasvanud vĂ€ga suureks (~13k osalejat). Toimumiskohaks on Hamburgi konverentsikeskus, mis on oma olemuselt selline hiiglaslik labĂŒrint hoone. Ka kolmandal pĂ€eval avastasime veel mingi korruse, kus polnud varem kĂ€inud.
hamburg conference center 31c3

Üldiselt on konverents jagatud loogiliselt erinevateks teemadeks (Isetegemine, Tehnoloogia, HĂ€kkimine, Teadus, Kunst, Poliitika ja ĂŒhiskond jne.)
PĂ”hikava toimus paralleelselt neljas suuremas saalis, lisaks oli ka mitusada vĂ€iksema töötuba jms. ĂŒritust.


Kogu ĂŒrtuse aja kestsid ka mitusada rahvakogu, mis on pĂ”himĂ”tteliselt sellised projekti/organisatsiooni spetsiifilised lauad, kus saab vastava teemaga tegeleda.
NĂ€iteks sai seal tutvuda 3d printimisega, sĂ”rmuste valmistamise, droonida, robootika, kudumismasinate, lukkude muukimise ja kĂ”ikvĂ”imalike muude asjadega. Muuhulgas oli vĂ”imalik ka nĂ€iteks ööpĂ€evaringselt jootmist Ă”ppida 😛

Lisaks tegutses veel ka ööpĂ€evaringne peoala DJdega (kuhu me kĂŒll vĂ€ga ei lĂ€inud sest suitsuhais mattis hinge).

31c3 sitting shadow

Konverentsi korraldavad vabatahtlikud ja kuskil 10% kĂŒlastajatest aitavad ĂŒhel vĂ”i teisel viisil kaasa. Ilmselt on aastatega korraldust viimse detailini lihvitud ja ĂŒldjoontes oli kĂ”ik perfektne ja saksa tĂ€psusega tehtud. NĂ€iteks kuni viimase hetkeni pĂŒsis kĂ”ik graafikus, wifi toimis laitmatult (tipus korraga 7800 kasutajat), kĂ”ik ettekanded olid ĂŒle maailma live streamidena kĂ€ttesaadavad jne. Paar vĂ€iksemat probleemi oli — nĂ€iteks suudeti ĂŒrituse wiki teise pĂ€eva Ă”htuks maha tĂ”mmata (nagu kuuldavasti ka eelnevatel aastatel) ja lĂ”ppsĂ”na oli vastupidiselt pĂ€evakavas lubatule inglise asemel saksa keeles.

Puht tehniliselt on ka tegu ĂŒsna mastaapse ettevĂ”tmisega, nĂ€iteks on ĂŒrituse vĂ€lislink suurem kui mĂ”nel riigil, toimisid lokaalsed DECT ja GSM vĂ”rgud, videot kanti lokaalselt ĂŒle ka DVB-Tga, oli oma kiirabi laadne vĂ€rk koos laatsaretiga, mingi lastehoiu laadne vĂ€rk jne. Üles oli muuhulgas pandud ka pneumaatiliste torude sĂŒsteem asjade saatmiseks mööda maja (rohkem ilmselt kĂŒll huumori huvides) ja IRC kaudu sai tellida pizzat (ilmselt seda vĂ”imalust elus rohkem ei avane ;-)).

pneumatic intercept

Konverentsil on keelatud teha pilte ilma kĂ”igilt pildil olevatelt inimestelt nĂ”usolekut kĂŒsimata. Kuna see on 13k inimese seas pehmeltöeldes raske siis konverentsist vĂ€ga palju pildimatejali pole. Kuid midagi leiab nĂ€iteks Flickr’ist.

Kuna tegu on eeskÀtt hÀkkeritele suunatud konverentsiga, siis algasid loengud iga pÀev mitte varem kui 11:30 kuid
kestsid vĂ€hemalt sĂŒdaööni vĂ€lja. Kella 1 ajal öösel oli ĂŒldiselt maja peal palju rohkem elu ja liikumist kui 11 ajal hommikul 🙂

31c3 star trek corridor

Ürituse spetsiifikat arvestades algas Ă”petlik moment tegelikult juba enne konverentsile jĂ”udmist.
Kodus sai ĂŒle pika aja tehtud korralikud varukoopiad lĂ€pparist ja telefonist.
Enne esimesel pĂ€eval hotellist lahkumist veetsin tunnikese lĂ€pparis ebaolulisi teenuseid sulgedes ja tulemĂŒĂŒri confides.
Telefoni hoidsin enamiku ajast lennureshiimis jne.
Üritusel lĂ€pakalt vĂ”i telefonilt ekraanilukku maha vĂ”ttes oli ĂŒsna kĂ”he tunne, kuna pidevalt oli kahtlus, et keegi raudselt seljatagant jĂ€lgib vĂ”i filmib.
Tundub, et lĂ€ks ĂŒldiselt Ă”nneks ja seekord keegi minu seadmetesse sisse ei hĂ€kkinud aga oli kuulda, et kĂ”igil nii hĂ€sti ei lĂ€inud.
Lisaks oli kuskil wikis nÀha ka tabelit vÀliste saitidega, mis on konverentsil osalejate poolt maha hÀkitud.


AlljÀrgnev on kokkuvÔte minu jaoks huvitavamatest teemadest. Nagu mainitud toimus pidevalt paralleelselt 4 ettekannet, seega ma viibisin neist maksimaalselt veerandil. Neist omakorda on allpool kirjeldatud mingi mulle olulisemana tundunud alamhulk.


Selle aasta fookuseks oli SS7 vĂ”rk, mida kasutavad mobiiloperaatorid omavaheliseks suhtluseks (roamingu teemad, SMS jms.). Antud vĂ”rgu ligipÀÀsu omades on teades ainult telefoni numbrit vĂ”imalik muuhulgas jĂ€litadata suvaliste telefonide asukohta ĂŒle maailma, vĂ”tta vahelt nende kĂ”nesid jms.

Selgub, et sellist ĂŒlemaailmset jĂ€litusteenust mĂŒĂŒakse suisa kommerts tootena. Omal ajal (80ndad) kui see protokoll disainiti oli vĂ€he osapooli ja suhtlus kĂ€is ĂŒle spetsiaalsete fĂŒĂŒsiliste kanalite, seega mingit autentimist sisse ehitatud pole ja osapooled usaldavad teisi pimesi. TĂ€napĂ€eval on SS7 vĂ”rgule ligipÀÀsu saamine aina lihtsam. Esinejatel oli see igatahes kuskiltkaudu olemas ja liveis demonstreeriti nĂ€iteks kĂ”ne vaheltvĂ”tmist.

  • SS7: Locate. Track. Manipulate See ettekanne keskendus SS7 rĂŒnnakutele
  • Mobile self-defense Siin rÀÀgiti alustuseks osaliselt sarnast SS7 teemat, mida eelmiseski ettekandes. LĂ”pupoole avalalikustati nende ja ka muude rĂŒnnakute (vĂ”lts tugijaam, nĂ”rk vĂ”rgu krĂŒpto) avastamiseks loodud Androidi rakendus SnoopSnitch. Soovitan kĂ”igil kellel sobiva kiibistikuga root‘itud Androidi telefon seda proovida. Selle rakenduse pĂ”hjal saab paremat infot ka GSMMap, mis on selline crowd-sourced ĂŒlevaade selle kohta, kui turvalised on eri riikides mobiilvĂ”rgud. Selle ettekande pĂ”hisĂ”num oligi, et operaatorid ĂŒldiselt pigem ei tee turvalisust omal algatusel paremaks ja neid peab selleks avaliku hĂ€bistamise hirmuga sundima. Et seda oleks vĂ”imalik teha ongi vaja andmeid koguda.


Too Many Cooks – Exploiting the Internet-of-TR-069-Things TR-069 on kliendiseadmete (CPE) haldamise protokoll, lĂ€bi mille nĂ€iteks ISPid oma klientide ruutereid haldavad. Protokoll nĂ”uab, et seade kuulaks HTTPd TCP pordil 7547 ja seal vastab sellistel vĂ€heste resurssidega seadmetel tihtipeale RomPager nimeline veebiserver. Üldjuhul on ka uusimatel hetkel mĂŒĂŒdavatel seadmetel sellest ĂŒrgne versioon (versioon aastast 2002). KĂ€idi vĂ€lja mitmesugust pĂ€ris huvitavat statistikat:

  • ~45m avalikust vĂ”rgust ligipÀÀsetavat TR-069 klientseadet ĂŒle maailma
  • avatud portide arvult on TR-069 HTTP jĂ€rel internetis teisel kohal
  • ka HTTP serveritest on kuskil 50% igasugu sardsĂŒsteemid/IoT asjad (~35m seadet)
  • TR-069 avalikest klientidest on kuskil 50% RomPager veebisereveriga ja neist omakorda 98.04% kasutab versiooni 4.07 aastast 2002
  • osades riikides ~50% IPdest haavatavad

Demoti mitmeid lihtsaid rĂŒnnakuid selle softi versiooni vastu ja nĂ€itavad, kuidas nende Chrome pluginiga saab admin Ă”igustes vabalt CPEsse sisse. Õpetlik on selle loo juures mitte niivĂ€ga konkreetne exploit vaid see, et sellistel embedded seadmetel ĂŒldiselt puudub igasugune variant nii firmwarei up-to-date hoidmiseks, kui tegelikult isegi HTTP serveri tarkvara tootjalt paranduste jĂ”udmiseks kasvĂ”i seadme tootjani (kes ei ole ahelas veel viimane lĂŒli). ÜhesĂ”naga on nii CPEde puhul konkreetselt, kui ka embedded/IoT teema puhul laiemalt tegu vĂ€ga viljaka pinnasega rĂŒndamiseks, millest hakkame ilmselt aina enam kuulma seoses sedasorti seadmete massilise lisandumisega.


SCADA on protsessijuhtimise sĂŒsteem, mis praktikas tĂ€hendab igasuguste tehaste ja suuremate seadmete (majade ventilatsioon, tammid jms.) juhtimist. Viimastel aastatel on toimunud mitmeid tĂ”siste fĂŒĂŒsiliste ja rahaliste jĂ€relmitega kĂŒberrĂŒnnakuid selliste sĂŒsteemide vastu, nĂ€iteks Iraani uraani rikastamise tehases seadmeid rikkunud Stuxnet vĂ”i TĂŒrgis gaasitoru Ă”hkimine. Turva uurijad on hakanud antud valdkonda aina enam uurima ja kajastama ja tulemused on ĂŒsna masendavad, kuna tundub et SCADA maailmas pole kĂŒberrĂŒnnakuid kuigi tĂ”siselt vĂ”etud ja usutakse security by obscurity printsiipi.

  • SCADA StrangeLove: Too Smart Grid in da Cloud Ülevaatlik ettekanne erinevatest viimase aasta uutest rĂŒnnakutest uurijate grupilt, kes on SCADA rĂŒndamisele keskendunud. NĂ€itasid muuhulgas rĂŒnnakuid erinevate pĂ€ikese-, hydro-, tuuleelektrijaamade vastu, ĂŒhel vĂ”i teisel viisil avaliku interneti kaudu rĂŒnnatav vĂ€hemalt 8GW vĂ”imsust. Muuhulgas nĂ€idati rĂŒnnakut ka kontrolleri softi vastu, mida kasutatakse LHCs ja gaasitorude juhtimises. Üldisest turvatasemest antud valdkonnas annab aimu, et kui nad kuulutasid vĂ€lja avaliku 2 pĂ€evase ligipÀÀsu oma laboris olevatele seadmete rĂŒndamiseks siis leiti ĂŒle 10 uue turvaaugu. Lisaks on tarkvara uuendamisega lugu sarnane nagu eelpool TR-069 puhul – jooksutatakse 10+ aastat vana teada aukudega tarkvara ja mingit selget uuendamise kanalit tegelikult polegi. Tegeletakse siis kui pĂ”leb, ilmselt sĂ”na otseses mĂ”ttes 😛
  • Damn Vulnerable Chemical Process RÀÀkis virtuaalse Ă”ppekeskkonna loomisest protsesside/tehaste rĂŒndamise harjutamiseks (analoogne siis veebirakenduste maailmast Damn Vulnerable Web App‘ile). PĂ€ris huvitav tĂ€helepanek oli, et sĂŒsteemi sisse saamise jĂ€rel tegelik töö alles algab ja tuleb aru saada kuidas konkreetses tehases protsess töötab (igaĂŒks unikaalne) ja kuidas seda kĂ”ige mĂ”istlikum enda kontrolli all olevate kraanide ja sensoritega teha annaks. Eeldab pĂ”hjalikke valdkonna teadmisi (vĂ€hemalt kui eesmĂ€rk on mingi peenem rĂŒnnak, kui lihtsalt kĂ”ige vastu taevast laskmine).
  • Switches Get Stiches Seda ma ise vaatama ei jĂ”udnud aga kuna kirjeldab tööstuslikke etherneti switchide vastaseid rĂŒnnakuid, mida Damn Vulnerable.. jutust viidati siis tĂ€ielikuse huvides mainin Ă€ra.


  • State of the Onion Igaastane ĂŒlevaade Tor vĂ”rgu arengust. Kirjeldati viimase aasta jooksul toimunud Tori vastaste rĂŒnnakute olemust. Tundus, et parim hetkel teadaolev rĂŒnnak on liikluse korreleerimise rĂŒnnak, mis on ĂŒsna efektiivne, kuid eeldab NSA sugust rĂŒndajat kes suudab ĂŒle maailma liiklust paljudest punktidest salvestada ja suhteliselt pikaajaliselt talletada. Nenditi, et hetkel head rohtu sellise rĂŒndaja vastu pole. Paraku ei paista olevat hetkel ka paremat alternatiivi seega, kui tahad privaatsust siis palju variante rohkem polegi. MeeldejÀÀvaim mĂ”te oli, et kĂ”ik peaksime kĂ”igile oma lĂ€hedastele rÀÀkima, mis on Tor ja miks me seda kasutame ja vajame. Seda selleks, et ei saaks tekitada ĂŒlduses muljet, et see Tor on ilmselt mingite abstraktsete kurjamite tööriist vaid, et see ongi asi mida kasutab su enda poeg, vend, sĂ”ber, kolleeg jne. oma igapĂ€evaelus.
    Lisaks rÀÀgiti Open Observatory on Network Interference projektist, mis pakub avatud lĂ€htekoodiga tarkvara, mille abil analĂŒĂŒsitakse kas ja kuipalju eri riikides internetti tsenseeritakse.
  • Tor: Hidden Services and Deanonymisation Esitleti uuringut, mis ĂŒritas leida vastust kĂŒsimusele, mida sisaldavad Tori peidetud teenused. Paistis, et peamiselt lastepornot. Tekkis arutelu ĂŒhest kĂŒljest mÔÔtmis metoodika ĂŒle. VĂ€idetavalt on tor vĂ”rgus tavaline et paljud lastekaitseorganisatsioonide spiderid tsĂŒklis kammivad selliseid lehti, mis annab kallutatud pildi. Teisest kĂŒljest arutleti kĂŒsimuse ĂŒle kas annaks midagi selle vastu ette vĂ”tta vĂ”i mitte (suvalise asja blokeerimise vĂ”imekuse olemasolu sĂŒsteemis vĂ”imaldab blokeerida ka misiganes muu asja mis poliitiliselt vms. pĂ”hjusel kellegile ei meeldi). Siin ka Tori poolne kommentaar sellele ettekandele.

Turvaline progemine

  • Why are computers so @#!*, and what can we do about it? Üks humoorikaimaid ja nauditaivamaid ettekandeid ĂŒritusel. RÀÀkis, nagu pealkirigi ĂŒtleb sellest, miks meil tarkvaraga pidevalt igasugu jamad on ja kuidas saaks teha töökindlamat tarkvara. Esineja uurimisala oli tegelikult formaalse ja testitava prose spetsifikatsiooni loomine. VĂ€itis, et tegelikult tĂ€naste protsessori dokude pealt polegi vĂ”imalik ĂŒheselt öelda kuidas mingi asi kĂ€ituma peaks (sest kirjutatud inimkeeles, mis lihtsalt ei ole piisavalt ĂŒhetĂ€henduslik).
  • Trustworthy secure modular operating system engineering RÀÀgiti Mirage OSist, mis on teadusprojekt kirjutada nullist turvalisem “OS” tĂ€ielikult OCamlis. OS sellepĂ€rast jutumĂ€rkides, et pigem on see teekide hulk, mida iga rakendus vastavalt vajadusele endasse impordib. Jutu ĂŒldmĂ”te oli, et viskame kĂ”ik aastakĂŒmnetega kogunenud abstraktsioonikihid (nagu nĂ€iteks failisĂŒsteem) minema ja alustame nullist. See jutt kĂ”lab ĂŒldiselt sellise klassikalise uue Ă”hukese frameworki alustamise jutuna, mis lĂ”petab peale kogu vajaliku funktsionaalsuse lisamist samasugusena nagu ta eelkĂ€ia. Ühtlasi peaksid kĂ”ik selle fantaasia teostumise puhul kĂ”ike OCamlis kirjutama. Mitte, et mul otseselt midagi OCamli vastu oleks, aga igasugune monokultuur ajab mind kergelt leili. Pikemalt rÀÀgiti SSL teegist mille nad selle sĂŒsteemi jaoks kirjutasid ja proof-of-concept kĂ€surea Jabberi chati kliendist. Kui nĂŒĂŒd tahta sellest chati kliendist sulle saadetud faile salvestada vĂ”i sellele mingit graafilist UId lisada oledki tagasi vajaduse juures terve suur ebavajalik abstraktsioonide hunnik siiski taasluua. Mingiteks vĂ€ga spetsiifilisteks asjadeks vĂ”ib selline lahendus samas isegi sobida.
  • Code Pointer Integrity Ettekanne rÀÀkis kuidas C (ja pĂ”himĂ”tteliselt ka C++) koodi teha automaatselt rĂŒndevektoriks olevate mĂ€lukasutuse vigade kindlaks (buffer overflowd jms. klassika). PĂ”himĂ”tteliselt on tehtud LLVM peale vahend, mis analĂŒĂŒsib koodi ja igasugu ohtlikule pointeri aritmeerikale (sellisele mis vĂ”ib viia control-flow muutmiseni) lisatakse runtime kontrollid. Innovatsioon oligi siin just selles, et ainult tĂ”esti ohtlikele kohtadele lisatakse ainult sellised kontrollid, mille tulemusena on jĂ”udluse kahanemine ĂŒldjuhul piisavalt vĂ€ike (paar protsenti), et seda vĂ”iks reaalse sĂŒsteemi peal ka tootmises kasutada. Kogu vĂ€rk on avatud lĂ€htekoodiga saadaval ja pikem jutt toimemehhanismist siin. Nad on kokku lasknud enda vahendiga turvatud FreeBSD kasutajaruumi koos 100 portsuga nii, et peaks olema tĂ€iesti reaalselt kasutatav asi, mitte selline akadeemiline veidrus. Üldiselt tundus selline C koodi automaatne töökindlamaks muutmine palju praktilisemat maailma ĂŒldist turvataset tĂ”stev asi, kui eelpoolmainitud kĂ”ige nullist uuesti kirjutamine.


  • Security Analysis of Estonia’s Internet Voting System Vaadeldi igasuguseid elektroonilise hÀÀletuse sĂŒsteeme lĂ€bi aegade ja nende auke. Alles kuskil keset ettekannet jĂ”uti tegelikult Eesti i-hÀÀletuse sĂŒsteemi kirjeldamiseni. PĂ”hikriitika Eesti i-hÀÀletusele oli, et sellise sĂŒsteemi ohumudel peaks tĂ€napĂ€eval arvestama riikliku klassi rĂŒndajaga, kes on vĂ”imeline konstrueerima vĂ€ga keerukaid ja kalleid rĂŒnnakuid. VĂ€ide oli, et Eesti ohumudel pigem ei arvesta sellist klassi rĂŒndajaga ja et kĂ€itusturvalisuses (operational security) oli mitmeid olulisi puudusi.

    TĂ€psemalt rÀÀgiti rĂŒnnakust kliendi rakenduse ja serverite vastu. Kirjeldatud rĂŒnnakutes ei olnud otseselt midagi uut ja oluline on aru saada, et tĂ€ielikult turvaline sĂŒsteem ei ole vĂ”imalik. Seega alati kui arutletakse kĂŒsimuse ĂŒle, kas i-hÀÀletus on turvaline, on kĂŒsimus tegelikult selles, kas nad on piisavalt turvalised. KĂŒsimus taandub sellele, kas rĂŒndajale on kasu edukast rĂŒnnakust piisavalt suur, et katta kulud (ja ka riskid vahelejÀÀmisel). Haldermanni vĂ€ide oli, et ĂŒhe EU ja NATO liikmeks oleva riigi kontrolli alla saamine vĂ”ib olla riikliku klassi rĂŒndajale piisavalt suur motivaator, et finantseerida vĂ€ga kalleid ja keerukaid rĂŒnnakuid.

    Esimesena kirjeldati valimisrakenduse pahavaraga rĂŒndamise vĂ”imalust, mis on algusest peale olnud teada ja sĂŒsteemi nĂ”rgim koht. KĂŒsimus on pigem, kas seda annab realistlikult teha mastaabis, mis tulemust oluliselt mĂ”jutaks ilma, et pettus seejuures ilmsiks tuleks. RiskianalĂŒĂŒsid paistavad jĂ€reldavat, et pigem mitte (kuid jĂ€llegi analĂŒĂŒs eeldab pĂ”himĂ”tteliselt siseriikliku rĂŒnnet).

    RĂŒnnak serveripoole vastu tundub oluliselt huvitavam, sest kuigi vajalik rĂŒnnak on siin palju kordi keerukam ja kallim, on ka potentsiaalne kasu vastavalt suurem – eduka rĂŒnnaku puhul valimisserveri vastu vĂ”ib vĂ€ljundiks anda ĂŒkskĂ”ik millise tulemuse. Ühtlasi tundub ĂŒhe viimistletud konkreetse serveri vastase rĂŒnnaku avastamine ka palju vĂ€hem tĂ”enĂ€oline, kui mitmekĂŒmne vĂ”i mitmesajatuhande kliendi arvuti puhul.

    Potentsiaalsete rĂŒnnakute kirjeldusele jĂ€rgnes kĂ€itusturvalisuse probleemide loetlemine. KĂ”ige masendavamad tundusid mulle neist:

    • mingi isikliku suvalist tarkvara tĂ€is lĂ€paka kasutamine valimisrakenduse allkirjastamiseks
    • tulemuste liigutamine hÀÀltelugemisserverist vĂ€lja isiklikul (igasugu juhuslikku kola tĂ€is) mĂ€lupulgal (peale seda kui DVD kirjutamine mingil pĂ”hjusel ebaĂ”nnestus)

    JĂ€rgnevalt kirjeldati eesti poliitikute, ajakirjanduse ja asjaga seotud tehnoloogia ekspertide reageeringut, mis oli ĂŒsna masendavalt mustvalge. Tunda on, et osale seltskonnale mĂ”jub igasugune i-hÀÀletuse kriitika nagu isiklik solvang. Teine pool jĂ€llegi teeb vastavalt kĂ”ik endast oleneva veenmaks rahvast, et e-hÀÀletus on absoluutselt ebaturvaline ja tuleks kogu tĂ€iega kaotada.

    NĂ€iteks toodi RĂ”ivase kommentaar, et keegi Haldermani tiimi liige on facebookis mingi linnavalitsuse töötaja sĂ”ber ja seega töötab vastasele (klassikaline ad hominem rĂŒnnak). VĂ”i siis valimiskomisjoni kommentaar, et kui oleks sellise vĂ”imekusega rĂŒndaja, siis ta ju varastaks pigem raha kui hÀÀli (vĂ€ga veider eeldus riikliku rĂŒndaja puhul). LĂ”petuseks nĂ€idati veel ka Veldre vastust CERTi nimel pealkirjaga E-valimised on (liiga) turvalised, mis lisaks provotseerivale pealkirjale sisaldab ka samavĂ”rd ĂŒle vĂ”lli sisu (sarkastilises toonis ja ad hominem rĂŒnnakutega).

    Sellised Ă€rapaneva tooniga arrogantsena mĂ”juvad avaldused tekitavad kĂ”ike muud, kui usaldust sĂŒsteemi vastu.
    Tehniline vastulause peaks olema vĂ”imakult emotsioonitu ja faktiliselt tĂ€pne. Ei ole vĂ€himatki mĂ”tet laskuda vaidlustesse kelle mĂ€lupulka tĂ€pselt kasutati vĂ”i selle ĂŒle kas Halderman ikka suudab 100% kindlalt tĂ”estada, et pokkeri- vĂ”i torrenti rakenduse ikooni taga tegelikult ka just see rakendus oli.

    Sellise ettevÔtmise kÀitusturvalisus peab olema laitmatu. Igasse kÔvalekaldesse peaks suhtuma tÔsiselt ja neile jÀrgnema avalik arutelu ja selgelt kommunikeeritud parandus jÀrgnevaks korraks.
    NĂ€iteks mingite isiklike lĂ€pakate kasutamise asemel eeldaks ma vĂ€hemalt Bruce Schneieri kirjeldatud skeemi, et ostetakse mitu erinevat lĂ€ptopi erinevatest fĂŒĂŒsilistest poodidest ja paigaldatakse neile puhas tarkvara ja rohkem need masinad vĂ”rku ei satu.

    Hea algus reaalse usalduse tekitamiseks oleks vÔtta ette Haldermani artikkel, punkthaaval lÀbi töötada 3.2 ja 3.3 all toodud mÀrkused, teha vajalikud parandused ja kus vaja endale ka avalikult tuhka pÀhe raputada.

    KokkuvĂ”ttes tundub kogu vastasseisu pĂ”hjus olevat kĂŒsimuses, kuhu tĂ€pselt tĂ”mmata piisava turvalisuse joon. Halderman ĂŒtleb, et realistlik on riiklikul tasemel rĂŒndaja, meie enda riskianalĂŒĂŒsid paistavad piirduvat siseriikliku rĂŒndaja eeldusega. RĂŒnnakud, mis mĂ”nda aega tagasi tundusid kuuluvat ulmevaldkonda, on tĂ€naseks Stuxneti ja Snowdeni paljastustega saanud reaalsuseks. Seega tundub ĂŒsna arusaamatu, miks nĂ€iteks Veldre vastulauses selliste rĂŒnnakute vĂ”imaluse ĂŒle ironiseerib (peab sama tĂ”enĂ€oliseks, kui pĂ€ikese ootamatut kustumist vĂ”i neutronpommi balti jaamas).

    Mida meie i-hÀÀletuse riskianalĂŒĂŒsid siis tĂ€psemalt ikkagi ĂŒtlevad? Ametlik valimiskomisjoni tellitud analĂŒĂŒs aastast 2011 loetleb pĂ€ris pika rivi mitmesuguseid vĂ”imalikke rĂŒnnakuid, omistab neile hinnangulised tĂ”enĂ€osused (3 palli sĂŒsteemis hinnang) ja pakub mĂ”ningaid variante asjade paremaks lahendamiseks. Siit me otseselt teada ei saa, millise rĂŒndajaga arvestatakse ja tĂ”enĂ€osused paistavad olevat saadud lihtsalt intuitsiooni pealt.

    Viimastel aastatel on kirjutatud mitu magistritööd, mis ĂŒritavad formaalsematel alustel (rĂŒndepuudega) i-hÀÀletuse vastastele rĂŒnnakutele tĂ”enĂ€osuseid leida. Üks ilus lĂŒhike ĂŒlevaade kahest sellisest magistritööst Eesti i-valimiste riskianalĂŒĂŒsi teemadel on siin. Seal leitakse muide, et i-hÀÀletuse tĂŒhistusrĂŒnnak vĂ”iks tĂ€itsa tasuv ja suhteliselt odav olla ka siserĂŒndajale (aga sellistest rĂŒnnakutest Halderman ei rÀÀkinud, seega las ta hetkel jÀÀb).
    Ma tahaks tĂ€helepanu pigem juhtida sellele, et selline tasuvusanalĂŒĂŒs ei ĂŒtle meile tegelikult midagi riikliku rĂŒndaja rĂŒnnakute tĂ”enĂ€osuste kohta. Seda kahel pĂ”hjusel. Esiteks eeldab mudel, et rĂŒndaja on ratsionaalselt ja majanduslikult mĂ”tlev (poliitiliste kaalutlustega ei arvestata ja olekski ĂŒsna vĂ”imatu arvestada). Teiseks tuleb mudeli kasutamiseks sinna panna mitmesuguseid numbreid, mille mÀÀramine riikliku rĂŒndaja puhul on pea vĂ”imatu. NĂ€iteks, kui palju oleks Venemaa valmis ohverdama, et ĂŒhte NATO ja EU liikmesriiki endale sobivat valitsust saada?
    On see miljon, 100 miljonit, miljard vĂ”i 10 miljardit eurot? Ma ei ĂŒtleks, et ĂŒkski neist numbritest lĂ€hiajalugu vaadates tĂ€iesti vĂ”imatu oleks.

  • The rise and fall of Internet voting in Norway Norra krĂŒptograaf andis ĂŒlevaate Norra i-hÀÀletuse piloodist, mis tĂ€naseks on maha kantud (i-hÀÀletuse pooldajad kaotasid vĂ”imu). Norras puudub meie ID kaardiga analoogne sĂŒsteem, seega saadeti postiga mingeid paroolikaarte, mis ei kĂ”la just vĂ€ga turvalise ega elegantse lahendusena. Kogu sĂŒsteem olla liiga keerukalt tehtud (mingi 200k+ rida enterprise stiilis koodi) mille turvalisuses on end ĂŒsna raske veenda.
    Sellegipoolest oleks ka meil siit ĂŒht teist Ă”ppida. Esiteks lasid nad hÀÀltelugemise rakenduse kirjutada kahel erineval arendajal ja ka kasutasid mĂ”lemat – vaadati, vĂ€ljund oleks identne. VĂ”imaldab pĂŒĂŒda nii vigu kui ka lihtsalt rĂŒndaja elu oluliselt raskemaks teha. Teatud kriitilistes rakendustes on selline liiaste sĂŒsteemide kasutamine tĂ€itsa tavapĂ€rane, tĂ€itsa nĂ”ustun norrakatega, et ka riigi tuleviku otsustamine vĂ”iks sama oluline olla.

    Teine teema oli protsessi lÀbipaistvus, vÀidetavalt oli kood githubis kÔigile nÀhtav ja auditeeritav. Eestis nÀiteks on kliendirakenduse kood kinnine (nagu ka mingid jupid serveripoolsest otsast).
    Ka kole avalik kood vĂ”imaldab mingi seisukoha kujundada, kinnise koodi usaldamine on paraku puhas usukĂŒsimus. Mina isiklikult security by obscurity usku ei ole.

KrĂŒpto / privaatsus

  • ECCHacks – A gentle introduction to elliptic-curve cryptography Lihtsate ja arusaadavate nĂ€idetega sissejuhatus elliptilistesse turvakĂ”veratesse koos Pythoni koodinĂ€idetega. Ilmselt kui veel mingi 3-4 korda vaatan saan pĂ€riselt ka aru 😛 Seletatakse muuhulgas, miks konkreetsete sobivate kĂ”verate valik on nĂŒansrikas ja miks NSA vĂ”i kellegi teise poolt arusaamatutel alustel valitu vĂ”ib olla vĂ€ga hea rĂŒndevektor.
  • Finding the Weak Crypto Needle in a Byte Haystack RÀÀgiti kuidas vĂ”tme taaskasutust automaatselt tuvastada. Minu jaoks pĂ”hivÀÀrtus tegelikult esimeses pooles, mis rÀÀgib mis on vĂ”tme taaskasutus ja miks see halb on koos praktiliste nĂ€idetega.
  • Forging the USB armory RÀÀgib USB pulka mahutatud pisikesest personaalse turva otstarbelisest arvutist. Saab kasutada asjadeks nagu bitcoini rahakott, krĂŒpteeritud andmesalvestus, paroolihaldus, VPN, ssh gw. jne.
  • Now I sprinkle thee with crypto dust VĂ€ga intensiivne ĂŒlevaate ettekanne, kus tunni aja jooksul mitmed projektid rÀÀgivad 10-15 minutit oma projektist. Ühendavaks jooneks nende projektide vahel on soov teha internet turvalisemaks, raskemini tsensuuri poolt kontrollitavaks ja pealtkuulamiskindlamaks. Minu jaoks neist kĂ”ige meeldejÀÀvam oli viimasena kirjeldatud Darkmail projekt, mis on katse teha otspunktkrĂŒpteerimisega (end-to-end encryption) e-maili lahendus. Erinevalt varasematest sama eesmĂ€rgiga lahendustest (GPG) on seekord plaan teha asi, mida oleks lihtne kasutada ja oleks lĂ”ppkasutaja jaoks ĂŒsna nĂ€htamatu.
  • UNHash – Methods for better password cracking Kirjeldas avatud lĂ€htekoodiga rakendust inteligentseks paroolide Ă€raarvamiseks (vastandina tavapĂ€rasele jĂ”umeetodile). PĂ”himĂ”tteliselt on erinevate lekkinud suurt paroolibaaside pealt kirjeldatud mustrite klassid, mille alusel inimesed tihtipeale paroole koostavad (stiilis <number><sĂ”na><number>). Paljud nĂ€iliselt keerukad ja pikad konstruktsioonid (nĂ€iteks paroolifraasid) on sellise meetodiga vĂ€idetavalt palju lihtsamini murtavad, kui klassikaliste vahenditega.
  • DP5: PIR for Privacy-preserving Presence RÀÀgiti, kuidas teha homomorfse krĂŒpteerimisega privaatsust sĂ€ilitavaid andmebaase olemasolu (presence) teenuse nĂ€itel. Selline lahendus vĂ”imaldaks luua pĂ”himĂ”tteliselt igasugu suhtlusvĂ”rgustikke ja sotsiaalseid vĂ”rkke, kus teenusepakkuja ei oma mingit ĂŒlevaadet kes on kelle sĂ”ber ja kellega suhtleb. Seletatakse ĂŒsna hĂ€sti Ă€ra, kuidas homomofrne krĂŒpto töötab ja tavainimesele kordaminevat rakendust selle peal. Fundamentaalseks probleemiks tundub olevat sĂŒsteemi skaleeruvus kasutajate arvu lisandudes sĂŒsteemi (tegelikult baasi suuruses lihtsalt kĂŒsimus). Toodi nĂ€ide, et miljoni kasutajaga privaatse vĂ”rgu puhul on kĂ€igushoidmise kulu kuskil 1$ kasutaja kohta kuus.


  • Internet of Toilets Andis ĂŒlevaate erinevatest WC automatiseerimise projektidest (peamiselt DIY) asjad. Huvitav oli ĂŒsna lĂ”pus mainitud tĂ”siasi, et on olemas esimesed exploidid tarkadele WC pottidele, mis vĂ”imaldavad rĂŒndajal prill lauda tĂ”sta-langetada, veejuga lasta jne.
  • Funky File Formats VĂ€ga humoorikas ja samas tehniliselt hariv ettekanne, mis rÀÀkis milliseid trikke on vĂ”imalik failiformaatide veidraid vĂ”imalusi kasutades teha. NĂ€iteks alustati jpg failiga, mis ĂŒhtlasi on tĂ€iesti legaalne ja toimiv Java jar fail. Kui algne JPG fail AESiga krĂŒpteerida saadi tulemuseks hoopis teist pilti sisaldav PNG fail, 3DESiga lahti krĂŒpteerides on tulemuseks PDF jne. VĂ”i siis PDF fail mida eri rakendustega vaadates nĂ€eb kardinaalselt erinevat sisu ja printer prindib vĂ€lja hoopis kolmanda sisu.
  • Computer Science in the DPRK PĂ”hja korea IT ĂŒlikoolis Ă”ppejĂ”una töödanud ameeriklane rÀÀkis kuidas seal riigis on lood ITga. Humoorikas moment oli siin peamiselt nende riiklik operatsioonisĂŒsteem Red Star. Tegu on Linuxiga, mis nii vĂ€limusest kuni failisĂŒsteemi paigutuseni on aetud nii Applei OS X sarnaseks kui vĂ”imalik.