Convergence business model

Posted on October 2, 2011 by Jason

California security company Qualys are funding two Convergence notary servers. Convergence is a proposed replacement for the current troubled Certificate Authorities scheme used to underpin the secure sockets layer Internet security.

The existing scheme uses individual commercial and government organisations (Certificate Authorities) to vouch for the authenticity of SSL certificates, and thus the authenticity of of secure websites such PayPal, Gmail and online banking. Any individual Certificate Authority can issue a certificate for any site.

But some of the Certificate Authorities have had their computer systems hacked and fake certificates issued, and other government sponsored Certificate Authorities are not necessarily trustworthy.

Convergence uses a set of servers (notaries) which have copies of the certificates and the user chooses which notaries to trust. This is in contrast to the current system, where a certificate is issued by a single CA, so if you want to use Paypal (for example) you have to trust the Certificate Authority which issued the PayPal certificate.

At the moment there are 650 Certificate Authorities. There is little to discriminate between them apart from price – a certificate from a cheap CA is no less valuable to the user from one from an expensive CA.

With the race to be the cheapest, many CAs skimp on checking the credentials of the people they issue certificates to. To address this there has been a feeble attempt to make some certificates more trustworthy than others, but most people have never heard of an “Extended Validation SSL certificate” and would not know how to recognize a site is using one.

There has been a disincentive for CAs to worry too much about investment in security, since historically they derived neglegible benefit from the expenditure.

However, this changes with Convergence since users have a choice about which notaries they trust, in contrast to the current scheme.

The business model for Convergence will be notaries which agree to carry an organisation’s certificates for a fee. Notaries will now have to care about their security since if a notary proves to be untrustworthy then the proportion of the public using it will fall and consequently its attractiveness to its clients, and thus its revenue, will too.

Security and economic incentives nicely aligned.

But if Convergence takes off, then will only be a small number of players in the Notaries market because paying clients will be attracted to notaries which are popular with end users – no point paying to have your certificate on one which no-one uses – and end users will be attracted to the convenience of notaries which host lots of certificates.

Qualys are smart in taking the financial risk of getting in early.

Posted in Security | Tagged , , | Leave a comment

The trouble with robots

Posted on September 19, 2011 by Jason

An iCub research robotI went to TAROS a couple of weeks ago, an important UK robotics conference. I have been struggling with why academic robotics seems to be in the doldrums. There seems to have been little worthwhile progress over the last decade.

Broadly speaking the only improvements in the last decade have been in gadgets, not in understanding how to make more intelligent robots. Whilst the computing power available has greatly improved, cameras have replaced sonars and legged robots are much more common, we are not really any closer towards making robots which are smart.

Most roboticists have the same fantasies about these devices as the rest of us – they dream of a personal robot, a “plastic pal who’s fun to be with” in Douglas Adam’s words. But this seems as far off as it ever was. There are humanoid robots, but they are expensive, mechanically unreliable and have real trouble even performing the sort of “simple” tasks that insects do.

I think there are three reasons.

  • Cognitive robotics is a commercially important subject, but with few exceptions academia is in the sidelines. Governments are now spending fortunes developing autonomous robotic aircraft, ground vehicles and other devices. Consequently many of the best students and ideas get swept up by industry, and there seems little collaboration between industry and academia.
  • The research rarely uncovers “hidden truths” that can be used in other projects. Most robotic research projects really produce gizmos as their outcome, rather than knowledge or techniques applicable outside of the project. I remember a huge amount of excitement in the community a couple of years ago when this video, of a robot folding towels was produced. Everyone was delighted to see a robot performing a human-like task. But this is a million miles from a human-like robot. It is running a state machine designed and tuned for this particular task, and even then takes 25 minutes to fold a towel.
  • Robotics is about robots. Devices which have limbs and actuators – of course, because the primary role of a robot is to “do stuff”. Of course a robot needs sensors to interact with its environment. But whilst animals and people have a very rich and varied set of sensors, it is natural in designing a robot to start by thinking of the mechanics and the motors and then add a few sensors as a bit of an afterthought. Why not start with the sensors first? It is significant that there is so much emphasis on vision – a couple of cheap cameras are usually the only sensors of any quality that the typical research robot has.

I think that the approach which will be most successful in the long term is to produce robots with human-like behaviour is to much more closely simulate the architecture of the brain. It is possible to produce limited human-like responses by writing programs which simulate the gross behaviour, but the solution which will work best is to produce artificial neural network systems which produce that behaviour by interacting with each other.

The reason for this is that whilst it is relatively easy to write programs which makes the robot’s eye movements impart expression to a human communicating with it, or search for objects of interest, or compensate for the robots own motion. But a real human is doing all of these things at the same time and the actual behaviour of the eyes is an amalgam of all of these activities. If this idea is extended over the whole of the robot’s body then the behaviour is the result of a complex interaction of a very large number of mainly fairly simple drives. Part of the problem is that with conventional programming languages is that they encourage emphasis on the articulation of the robot at the expense of sensors – the question solved is usually how to move a limb to a particular pose rather than processing the sensor data to produce signals which ultimately cause the robot to “naturally” adopt that pose.

You could argue that it doesn’t matter if a low level system, such as the vestibulo-ocular_reflex mechanism, is implemented by a microprocessor running a conventional procedural program or as an artificial neural network. But for complex neural systems to be a reality it must be as easy to implement this type of functionality as an ANN and the ANN approach provides the ability to integrate it into the larger cognitive system by cross-connections from other specialised networks.

There would be difficulties in producing a system composed of at least thousands of individual neural networks with a significant amount of cross-linking between them. The technology for producing the hardware is underdeveloped – power, heat, size and cost means that the network cannot simply be simulated using a huge processor farm. More importantly before this can happen the validity of this type of approach must be demonstrated.

Tools are needed to quickly specify, generate and teach specialized neural networks – if you are building a system of tens or hundreds of thousands of individual networks then you cannot afford to spend a week or even a day on each one; and techniques for integrating them by cross-communication between the networks and by connecting them to other higher level networks are almost completely non-existent.

The biggest problem with this approach is that it is antithetical to the highly compartmentalized systems that humans are capable of building. The history of computer programming languages is summarized by the increased compartmentalization of functionality in each generation of languages – from the spaghetti code of the earliest languages, through the development of sub-programs and finally to object oriented programming.

The problem is that the conscious brain can only deal with a very few pieces of information at the same time. Unfortunately this means that the brain is probably incapable of designing a system which operates much like a human brain. But if this is the only mechanism by which a wide range of human-like behaviour can be implemented then this problem will have to be overcome.

Unlike human constructions, evolution is not restricted to producing systems with simple interconnections. Fortunately the inability of humans to design such systems does not mean that the brain is incapable of designing systems which themselves can do much of the work in constructing human-brain like systems, or at least assist the human to the point where it is possible for them to do so.

But we see this at some level in many applications, for example no individual understands the detailed layout of even a modest sized integrated circuit of a few million transistors since the design is optimised and tuned by a computer before the masks for manufacturing are prepared. Only the rules for carrying out the tuning are understood in detail – not the final result.

Since the overall system will be far too large and complex for the human brain to understand, the only solution is to use computers to produce the networks.

Most existing artificial neural networks are small and perform a single function – there is a problem in integrating them together, possibly using a hierarchy of networks, and understanding how to implement some sort of reasoning using the competition between different networks.

Just an idea, anyway…

Posted in Robotics, Sensors | Tagged , , , , | Leave a comment

Pachube

Posted on August 6, 2011 by Jason

I have been doing a lot of work using Pachube recently. Pachube (pronounced “Patch-bay”) is an on-line database service designed to accept real time data from sensors.

I have a server which reads various wireless sensors and stores the readings in a local MySql database. A process on the server scans the database and uploads new data from a particular subset of sensors onto Pachube.

I used the JSON interface instead of the EEML one because it is just more straightforward; easier to learn. My code is written in Java so I started off by using JPachube but it didn’t seem to be flexible enough for me – one of the things I wanted to do was upload historic data from the database for example. Once I took the plunge of constructing my own messages it was easy.

Using the data

Whilst they are fine for slowly changing data, the standard set of graphs don’t really show fast changing data very well when displayed for longer periods than an hour. At one stage I had a memory leak caused by letting java.sql.Statements go out of scope before implicitly closing java.sql.ResultSets produced from them – I changed the code to explicitly close both and in the correct order.

(SQL is involved because I have added Pachube onto an existing system – data was originally just stored in a local MySql database but now is also uploaded from the database to Pachube — the Pachube API does not use SQL. Chances are that if you use Pachube then you will just upload to it and so not have anything to do with SQL).

But to check the that the problem had gone I was using it to monitor memory use to see if I still had a memory leak and I found the display a little confusing. It was only when I looked at the figures manually that I concluded that there was no problem.

Memory use shown on 24 hour plot. Looks like a serious leak

Memory use over 12 hours on 24 hour plot. Looks like a serious leak

Last hour of same data on 1 hour plot. No memory leak now

Last hour of same data on 1 hour plot. No memory leak now

Since my priority was checking for data leaks I have not really investigated this further. However I think Pachube is displaying a few datapoints for each hour in the 24 hour display, perhaps selected to be as close as possible to minute boundaries. My program has a memory use cycle time of slightly more than a second (it has a one second delay between each burst of activity), so only 59-and-a-bit of them will fit into 60 seconds, so maybe some sort of aliasing is happening.

The apps that I have tried are OK but the ones I have tried don’t seem to handle API keys very well – I didn’t want to make the data public because it includes things like data from PIR sensors in different rooms. I can log into the Pachube account and run an app, in which case the session cookie for Pachube gets used but I cannot pass the API key in the HTML as far as I can tell.

Uploading to Pachube

The actual data upload part of Pachube “just works”. Once you have a feed, you can specify datastream IDs and they will be created as needed. Many of the Pachube examples show the datastreams as numbers, but you can use text strings provided they don’t contain any whitespace.

Most of my original irritations with Pachube were solved by a helpful message from Usman at Pachube – they were to are to do with uploading multiple historic datapoints in a single datastream in one go, which I was unable to do until Usman directed me towards the correct part of the documentation.

Pachube seems to be missing tools to carry out proper statistical analysis of the data – probably not an oversight so much as a difference between the specific goals of my project compared to what Pachube is actually designed to do.

Maybe something like Pachube isn’t the right place to do this anyway — perhaps some other web-based service which could take datastreams from different sources and carry out transformations on them is needed.

Nevertheless despite my original misgivings I have been surprised at how useful the Pachube graphs have been over the last few days. Just being able to pull up the graphs from the web was really handy when it came to explaining the project to some other people, and the graphs have proved helpful in monitoring the correct functioning of the sensors – much easier to look at a line than a table of numbers.

But I am glad that I have the backing SQL database – it came for free since it was left over from a previous version of my data acquisition platform – since it is available to carry out complex database queries for the serious statistical analysis. I intend using R, which I am just learning now.

The examples in Pachube’s documentation on using Curl are good, I extensively use Curl for experimenting with Pachube. You can programmatically change most things, for example the following JSON will change the feed characteristics.

{
  "version":"1.0.0",
  "title":"Jason",
  "description":"Test feed",
  "private":"true",
  "location":{
    "name":"Chez Jason",
    "lat":"51.501",
    "lon":"-0.142",
    "ele":"30.0",
    "exposure":"indoor",
    "domain":"physical",
    "disposition":"fixed" }
}

Datastreams don’t need creating in advance – Pachube will create them when you write data to them. For example:

{
  "version":"1.0.0",
  "datastreams" : [
  { "unit": {
    "symbol": "C",
    "label": "celsius"
  },
  "id": "house_temp",
  "at": "2011-08-07T10:36:38.742+01:00",
  "current_value": "21.0" }
  ]
}

In my feed I am providing a timestamp and units but you needn’t do this. I actually provide the units only once for the datastream and they are stored until they are changed, so the next datapoint is:

A minimal set, which means set the value now is:

{
  "version":"1.0.0",
  "datastreams" : [
  { "id": "house_temp",
    "current_value": "21.0"
   }
  ]
}
Electric power use

Electric power use

You can upload more than one datastream at a time:

{
  "version":"1.0.0",
  "datastreams" : [
  { "id": "house_power",
    "at": "2011-08-07T10:36:38.742+01:00",
    "current_value": "513.0" },
  { "id": "house_temp",
    "at": "2011-08-07T10:36:38.742+01:00",
    "current_value": "21.0" }
  ]
}

Uploading multiple datapoints per datastream

You can upload many timestamped datapoints for a particular datastream at a time by a posting to a particular datastream with a POST request – for example https://v2/feeds/1235/datastreams/house_power/datapoints, rather than a PUT to the feed https://v2/feeds/1235 which you do for the single data points case shown in the previous piece of JSON, for example like this:

{
  "datapoints" : [
  { "at": "2011-08-07T10:36:38.742+01:00",
    "value": "513.0" },
  { "at": "2011-08-07T10:36:39.742+01:00",
    "value": "511.0" }
  ]
}

There is a limit of 500 points per request, but more can be uploaded just by using multiple requests, and for this to work the datastream must have already been created otherwise the response is {"errors":"ActiveRecord::RecordNotFound","title":"Not found"}.

I have changed my code to always upload data in this way, even when there is only one datapoint. I have a process which wakes up every second to see if there is anything new in the local database to be uploaded. This means that the process never knows whether it will have one point or several for a particular datastream.

If there is more than one datapoint then it seems better to bundle them altogether into a single HTTPS request rather than issue several, and since the technique works just as well for one datapoint there is no need to have two separate pieces of Java. 

{
  "version":"1.0.0",
  "datapoints" : [
  {
    "at": "2011-08-11T18:32:31.348+01:00",
    "value": "122.0"
  }
  ]
}

When my program starts it issues the command to create the datastream, which has no effect if it already exists but recreates it if it is missing.

Posted in Sensors | Tagged , , , , | Leave a comment

Link spam

Posted on August 3, 2011 by Jason

I get one or two comments per day consisting of link spam – I guess all WordPress sites do. The idea is that the link to the spammer’s site will be picked up by search engines which will improve the rating of the site as it will appear to be popular because there are links to it on lots of other sites. But most of the spam is badly crafted to appear to be input from a human who has read the post instead of a generic piece of text:

Hi there, just became aware of your blog through Google, and found that it is really informative. I am going to watch out for brussels. I will be grateful if you continue this in future. Numerous people will be benefited from your writing. Cheers!

Brussels?? Will be benefited??

Attractive section of content. I just stumbled upon your blog and in accession capital to assert that I get in fact enjoyed account your blog posts. Any way I will be subscribing to your augment and even I achievement you access consistently fast.

Accession capital to assert??

The spammers don’t have to do a better job because both pieces of text, with the links that accompanied them, each appear on around a million websites which accept unmoderated comments.

Posted in Spam | Tagged , | Leave a comment

Weaponised robots

Posted on July 24, 2011 by Jason

PosterCan you indict a robot?, an invited poster with Joanna Bryson for Emerging technologies: are the risks being neglected? SGR Conference and AGM 2011 London 21 May 2011.

Posted in Ethics, Robotics | Tagged , , | Leave a comment

Browser GET request

Posted on July 17, 2011 by Jason

I have written this page to display the information which the server receives in the HTTP request to download a web page. Just an excuse to experiment with IP address geolocation really.

Posted in Website | Tagged , | Leave a comment

Vigenère Cipher cryptanalysis

Posted on July 10, 2011 by Jason

The Vigenère Cipher is a polyalphabetic substitution cipher which was popular in the 19th century since it is very easy to use and was widely considered to be unbreakable. Techniques had been worked out to break it using a ciphertext-only attack in the 1850s, and published in the 1860s. But that didn’t stop it being used during the Crimean and American Civil Wars.

I have written a web page that analyses a block of ciphertext generated from English language plaintext using the cipher and attempts to deduce the key. The page also has scripts which perform straight encoding and decoding of blocks of plaintext.

Posted in Cryptography | Tagged | Leave a comment

WordPress update

Posted on July 6, 2011 by Jason

Site only running for a few days and already needs upgrading.  Very simple – just click on a button and it does it itself in a few seconds. Even more impressed with it now!

Posted in Website | Tagged | Leave a comment

WordPress

Posted on July 1, 2011 by Jason

Manual content management is hard work, so I have switched over to WordPress. Let’s see how it goes!

Posted in Website | Tagged | Leave a comment