Developing for ESP8266 using Arduino IDE

Cut to action steps:

  1. Install Arduino IDE
  2. Install board support packages to compile for ESP8266
    1. http://arduino.esp8266.com/stable/package_esp8266com_index.json
    2. How and where to do it!
      1. first add that URL in the additional board managers URL
      2. now goto the board manager and look for ESP8266 and install the package
      3. compile your first program, don’t upload yet
      4. To upload, if you have NodeMCU, Arduino takes care of turning the boot-loader mode. if any other, then better to put it yourself into boot-loader mode.

Enjoy ESP8266 development!

 

Cross-Site Request Forgery (CSRF) what to know? may be for IoT security?

http://www.techforjustice.org/wp-content/uploads/2015/10/geometric-background.png

First, it was conceived to overcome an web exploit, called Cross site request forgery. This is well explained in the answers from the stack overflow question [1]. It is well explained well with a banking page. It will be very evident in a hacker situation.

Cross site request forgery can be simply overcome by token based authentication of the user requests by cross checking every request with a token. A token is a random number generated by the server and served with every page that is served.

On an Internet-of-Things context, it is very important when there are a lot of devices, a lot could happen even within your devices without any attacks.

OAuth is a method of authenticating using a time based token. The token verification is time based, the verification will not pass through when the token time is finished.

Looks like JWT, Json Web Tokens, is an evolved format of oauth where every communication is working on json based messages. A lot of negotiations are going on.

It is very amazing to look at the evolution of these technologies. Incase of IoT it is important to keep it simple without compromising on the level security.

References:

[1] http://stackoverflow.com/questions/5207160/what-is-a-csrf-token-what-is-its-importance-and-how-does-it-work

[2] https://en.wikipedia.org/wiki/OAuth

[3] https://en.wikipedia.org/wiki/JSON_Web_Token

[4] https://jwt.io

 

Sonoff WiFi Switch – Custom firmware – esp8266 MQTT micro python

[toc]

Introduction

Got a few ITEAD Sonoff WiFi switches to automate my home. Why use the boring software, so I tried to hack the switches. This is a reference manual for me, but quite useful for anyone else if they want to use micropython, mqtt, web server and control the switches.

Required items

Flashing micropython

Make sure the FTDI cable is set to 3V which is very important. Then connect the cable as detailed in the table.

 

Programmer Sonoff (counting from the switch to bottom)
3V3 1
TX 2 (RX)
RX 3 (TX)
GND 4
5

The easiest way to flash the firmware is to use the nodemcu-flasher available. Unfortunately available only for windows. The micropython-flash image esp8266-20170108-v1.8.7.bin can be downloaded from the website. On the config tab add the image. Sometimes it helps to first flash a blank image to the WiFi switch.

 INTERNAL://BLANK

Installing MQTT

Install mosquitto, an open source MQTT broker. It is very easy to install, follow the installation instructions in the link or copy paste the following commands.


wget http://repo.mosquitto.org/debian/mosquitto-repo.gpg.key sudo
apt-key add mosquitto-repo.gpg.key
cd /etc/apt/sources.list.d/
sudo wget http://repo.mosquitto.org/debian/mosquitto-wheezy.list
sudo wget http://repo.mosquitto.org/debian/mosquitto-jessie.list
sudo apt-get update
sudo apt-get install mosquitto

view raw

install_mqtt.sh

hosted with ❤ by GitHub

Programming MQTT

MQTT service is started and running on the machine. I will deal with the basic programming initially. May be later, MQTT will be tightened up with security like auth, base64 encoded message etc.

there are few things to know first hand. That would be, the pins for the physical objects on the switch. There is a relay, led and a button. I want to use the button in case I m not connected to internet to be able to toggle the switch. Led is concealed inside the housing, so doesn’t matter. Relay is very important which will be switching the on off the device that is connect. This pin configuration is specific to micro python firmware. In LUA it might be different.

PIN 12-----------------replay

PIN 13-----------------LED

PIN 0------------Button


from umqtt.simple import MQTTClient
from machine import Pin
import ubinascii
import machine
import micropython
global switch_state
switch_state = True
CLIENT_ID = ubinascii.hexlify(machine.unique_id())
SERVER = 'localhost'
TOPIC = b"home/tv"
#– Pin which the relay is connected to
relayPin = 12
p6 = Pin(relayPin, Pin.OUT) # create output pin on GPIO6
#– Connected to switch with internal pullup enabled
# buttonPin = 0
# buttonDebounce = 0
# p3 = Pin(buttonPin, Pin.OUT) # create output pin on GPIO3
#– MQTT led
mqttLed=13
p13 = Pin(mqttLed, Pin.OUT) # create output pin on GPIO7
p13.low()
def sub_cb(topic,msg):
global switch_state
print((topic, msg))
if msg == b"on":
p13.value(0)
p6.value(1)
switch_state = 1
elif msg == b"off":
p13.value(1)
p6.value(0)
switch_state = 0
def main(server=SERVER):
c = MQTTClient(CLIENT_ID, server)
# Subscribed messages will be delivered to this callback
c.set_callback(sub_cb)
c.connect()
c.subscribe(TOPIC)
print("Connected to %s, subscribed to %s topic" % (server, TOPIC))
try:
while 1:
# micropython.mem_info()
c.wait_msg()
finally:
c.disconnect()
if __name__ == '__main__':
main()

Diving in to the code, there are only three parts that are done. One is the variable that is used around in all functions declared as global to keep the state known at all times. Then connect to mqtt and subscribe to a certain topic. Here I m controlling the switch for the TV system. The call back function will handle if the switch should be turned off or on. This means, just a if loop with toggling the pin 12 where the relay is connected and storing the current action in the global variable.

Securing MQTT:

coming soon

References

  1. http://micropython.org/webrepl/
  2. https://micropython.org
  3. http://captain-slow.dk/2016/05/22/replacing-the-itead-sonoff-firmware/
  4. https://docs.micropython.org/en/latest/esp8266/esp8266/tutorial/pins.html
  5. https://home-assistant.io/blog/2016/08/31/esp8266-and-micropython-part2/
  6. https://github.com/micropython/micropython-lib/tree/master/umqtt.simple

Poking a dream with reality: Status of publishing industry [Part 1]

[toc]

It is inevitable to embrace technology to deliver content. It is indisputable to adapt to new models of content delivery. It is antique to stick to cults of content delivery. There must be an interesting hybrid. Evolved to survive, transformed in aspects that cannot be changed and stands strong on the ideals of the industry.

Intent

To understand the revolution already took place in this industry to generate a new business model. To embrace technology as deliverance for the dying traditional methods.

Stages of publishing

pre-production

  • editorial: of course, the most important stage where the whole success story lies.
    • [cite importance]
    • [investigation of tasks involved]
  • design: as required by content and highly demanded by marketing
    • [cite importance]
    • [investigation of tasks involved]
  • sales and marketing: sales required by modes on content delivery and
    • [cite importance]
    • [investigation of tasks involved]

modes of content delivery

  • printing, binding and distribution
  • eBooks
  • Amazon Kindle
  • playbooks
  • standard web tools with security for reducing piracy.

Reason for a new publishing model [4]

The decline of print media has been explored endlessly. Everyone is agreed that the traditional business model is broken. And most people agree that there is no silver bullet that will solve the problems facing publishers in this new environment. To summarize the new reality:

Print circulation is declining across the board, and in many cases will become unsustainable as a mass distribution channel.
Advertising revenue in the print medium is declining rapidly, and advertising overall is becoming fragmented across many types of properties, including social networks, blogs, aggregators, and other services.
Content is expensive, but almost no one will pay for it online.
Publishers are able to freely reach much wider audiences than ever possible before, including new emerging markets, but the competition for eyeballs is fierce.
The problem is huge, affecting hundreds of publishing companies, and many thousands of employees at those companies.

Different kinds of publishing house silos [3]

  • The Traditional Publishing market is dominated by 5-10 big publishers per country.
  • Most of the bestselling authors in India are associated with these publishers.
    There are many small publishers beside these juggernauts, who have no bestselling author to boast of
  • There are almost as many Vanity publishers who boast of being able to turn your dream of being an author into a reality.

ISBN

The International Standard Book Number (ISBN) is a unique[a][b] numeric commercial book identifier.

What is ISBN? [1]

An ISBN is assigned to each edition and variation (except reprintings) of a book. For example, an e-book, a paperback and a hardcover edition of the same book would each have a different ISBN. The ISBN is 13 digits long if assigned on or after 1 January 2007, and 10 digits long if assigned before 2007. The method of assigning an ISBN is nation-based and varies from country to country, often depending on how large the publishing industry is within a country.

To get ISBN number in Germany and India respectively. Other agencies that provide ISBN nationally can be found in the link [2] . The third one comes up online all the time 😉

  1. http://www.german-isbn.de/standards
  2. http://isbn.gov.in
  3. http://www.bowkerlink.com/common/StatementOfUse.asp?from=corrections&rgs=bip

Tools

Typesetting

Indesign can be used for professional typesetting or better, LaTex can be used for professional typesetting. Its an open tool with high flexibility for compiling pages together in a PDF but requires expertise.

[5] also came a popular tool for typesetting but looks like it is tailored for specific market.

Cover designs

Photoshop, Illustrator are professional tools for rendering and drawing out amazing graphic arts.

Content delivery

with the context already set for declining circulations of books, it is important to set up a parallel supply chain network to create and deliver the content directly to users on different platforms.

References

  1. International Standard Book Number
  2. Find an agency | ISBN
  3. How do I start a publishing company in India?
  4. http://idioplatform.com/blog/the-new-publishing-business-model/
  5. QuarkXpress

Notes on Confidence: A very large, powerful muddle!

[toc]

Confidence is pretence, courage is a combination of thought and action - #akrv

Introduction

Most of the reading notes are based on psychologist who try to prove confidence as a myth and making it something more comprehensible.

Definitions:

Self-confidence is a positive and balanced attitude having to do with the Self dimension. It consists of a basic belief that we can do what is needed to produce the desired outcome.

  • Emily A. Sterrett, Ph.D. [8]

the paradox of confidence as said by a British philosopher and a Nobel laureate

One of the painful things about our time is that those who feel certainty are stupid, and those with any imagination and understanding are filled with doubt and indecision

  • Bertrand Russell

Motive

Confidence is a mind-set which comes from within, and it’s attainable for all of us. With that in mind, choose to be confident

  • Susie Timlin
    Global Director of People & Culture, Hays Talent Solutions

Leitmotif to get off the muddle

Concepts that have always proved to be helpful. There is always a guide book, there is always 5 7 steps to grievance confidence. Here are some nice means that were posted in many scientific articles and other important icon that can just be considered enlightenment.

changing posture [1], there was also an article about reverse stimulation, where you could smile when you are sad making your body to feel the happiness and there by creating a small window to escape depression. smiling before you are angry could release the steam off. One could feel the tickle or feel the laugh. this is exactly the same postulation for confidence with physical posture. Interesting TED talk that get increasingly interesting to read more and try to draw lines between the innocence of confidence and all other predators.

Fake it till you make it! You can make other people believe on you with just your body language [2].

The poet also said something about communicating that you care and the warmth that you provide

People will forget what you said, people will forget what you did, but people will never forget how you made them feel.

  • Maya Angelou [3, 4]

Motivation as clearly put out on the HBR’s top ten titles [10], it fuels confidence with positivity. Also says in some ways how much contagious this could be!

If you are looking for leaders, how can you identify people who are motivated by the drive to achieve rather than by external rewards? The rst sign is a passion for the work itself—such people seek out creative challenges, love to learn, and take great pride in a job well done. They also display an un agging energy to do things better. People with such energy often seem restless with the status quo. They are persistent with their questions about why things are done one way rather than another; they are eager to explore new approaches to their work.

It’s not difficult to understand how and why a motivation to achieve translates into strong leadership confidence (in this scenario). If you set the performance bar high for yourself [9]. Likewise, a drive to surpass goals and an interest in keeping score can be contagious. This drive could result in being positive about scoring the goals and fuel confidence with in oneself.

 

What is not?

This tool usually always is handy in trying to get to the result when the possibilities are exponentially high with different parameters jumping up the factors. Rule of elimination – law of total probability – teaches us that one cool thing about drawing limits to the entity under observation.

Courage

its all about the bass failure.

Recently, I was in one of my pondering states and the word courage popped into my mind. I began to wonder about the difference between the words, confidence and courage, as I recall hearing them used synonymously by some, when the notion of failure came to light. I soon realized that the distinction between the words can be made along the dimension of our attitude towards failure. Courage is all about taking action, even if we are not confident about achieving the desired result.

  • Krishna Pendyala, mindful choices [5]

Courage is more in the walks of throwing yourself in harms way to help save others. with the knowledge of consequences and the calculation for probability of failure.

He’d used his last ounce of strength to save a complete stranger.

  • list verse [6]

Emotional intelligence

Emily A Sterrett’s article about the role of self-confidence sheds a lot of light even though the it was focussed on getting straight about emotional intelligence. This is also a way of communicating confidence.

People with a genuine belief in themselves do not have trouble admitting they are wrong and apologising for mistakes.

Sterrett, E [8]

Over-confidence

You can be assertive and business-like without being aggressive and running over others. Self-confidence is not the same as being pushy or arrogant, having all the answers, or easily telling people off [8].

Arrogance

Difficulty admitting mistakes, an unwillingness to apologize, pushiness, and bragging are all signs of a confidence problem. While bragging might look a lot like confidence on the surface, people who are truly self-confident have no need to brag; those who do are often trying to convince themselves of their own worth. And when we are so worried about looking incompetent in the eyes of others that we can’t admit our own shortcomings, we are not likely to take advantage of coaching and advice from peers and potential mentors [8].

Pride

Pride is a state of self-esteem and perceived self-worth which may or may not be exaggerated. Ideally, it is a state in which you recognise your own good qualities in their own right, rather than exaggerating your good qualities to mask or deny your vulnerabilities [9].

The development of positive self-esteem must focus on lasting and enduring qualities. It must consider uniqueness as opposed to specialness.

Carolyn Warnemuende, Self-esteem or narcissism? [9]

Competence

Inspiration for drawing the difference between competence and confidence could also be taken from Dunning–Kruger effect [11]

Awareness of limitations. The competent know their limits. As Dirty Harry put it, “A man’s got to know his limitations.”

Desire to learn. Knowing the limits of one’s professional knowledge should provide a desire to learn and improve. The desire should be evident through curiosity, development of new skills and openness to new ideas.

Willingness to fail and learn from failure. Competence grows by stepping outside one’s comfort zone, being prepared to risk failure and to learn from the experience. This is not about recklessness but about calculated risk (neither grossly over- nor under-estimating risk). [13]

Conclusion

Confidence can unlock the potential for innovation and growth exclusively limiting to personal self. Confidence is perceived by others as a trait but it is a tool when one is self-aware and can calque the self-worth.

Disclaimer

Usually here is an acknowledgement where the funding sources are praised but these can be just be beliefs posted on the internet, prepared by social psychologists or concocted by conspiracy theorists. Feel free to disagree!  Reading too much on this would get you trapped into a school of thought, this is just a biased compilation of scientific articles to have coherent understanding. Bias is anyone can have confidence. A funded compilation could be book about Confidence: An amazingly large, incredibly powerful fuckup

References

  1. Cuddy, A. J., Kohut, M., & Neffinger, J. (2013). Connect, then lead. Harvard Business Review91(7), 54-61.
  2. Cuddy, Amy. “Your body language shapes who you are.” San Francisco, CA: TEDGlobal (2012).
  3. Maya Angelou
  4. The “It” Factor: How to Have Executive Presence in a Meeting
  5. Courage vs. Confidence: It’s all about Failure
  6. The Top 10 Most Inspiring Self-Sacrifices
  7. Understanding Leader Emotional Intelligence and Performance
  8. The Role of Self-Confidence in Emotional Intelligence
  9. Self-esteem or narcissism?
  10. On Emotional Intelligence, “What Makes a Leader?” By Daniel Goleman
  11. Dunning–Kruger effect
  12. 7 ways to communicate confidence
  13. Competence vs. Confidence

Raspberry Pi NFC reader driver installation ACR122u

First add the following dependencies for the NFC driver and other modules

sudo apt-get install pcscd libusb-dev libpcsclite1 libpcsclite-dev dh-autoreconf

I also installed the drivers from the official website for my device.

it can be found here (disclaimer: I do not still not know if this step is required)

then install the python package with pip

sudo pip install nfcpy

 

now use the documentation http://nfcpy.readthedocs.io for using the nfc card with python. The python interface doesn’t use the LED notifications on the device, I have to find out how it works with the lights!

Installing openCV 3.0 on macOS

doing some machine learning and want to install openCV the right way to be used with python, follow here!

Install home-brew for mac.

ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

python2.7 usually comes installed in macOS, if not

brew install python

add openCV to the search using the tap argument in home brew

brew tap homebrew/science

install openCV with the obvious command for installing opencv-2.4.12_2

brew install opencv

but we want to install opencv 3.0 which means, we have to compile from source.

hit the terminal with the following,

cd ~/Documents/dev
git clone https://github.com/opencv/opencv.git
cd opencv
git checkout 3.0.0
cd~/opencv
mkdir build
cd build

cmake -D CMAKE_BUILD_TYPE=RELEASE -D CMAKE_INSTALL_PREFIX=/usr/local \
      -D PYTHON2_PACKAGES_PATH=~/.virtualenvs/cv/lib/python2.7/site-packages \
      -D PYTHON2_LIBRARY=/usr/local/Cellar/python/2.7.10/Frameworks/Python.framework/Versions/2.7/bin \
      -D PYTHON2_INCLUDE_DIR=/usr/local/Frameworks/Python.framework/Headers \
      -D INSTALL_C_EXAMPLES=ON -D INSTALL_PYTHON_EXAMPLES=ON \
      -D BUILD_EXAMPLES=ON \
      -D OPENCV_EXTRA_MODULES_PATH=~/opencv/modules ..

now make with the number of jobs, i like to put the number of cores in your PC. when you don’t know, hit this to find out in a macOS sysctl -n hw.ncpu

make -j4

make install

when permissions are a problem, do the obvious

sudo make install

to check if it installed on your python path, hit the python shell

python

>>> import cv2
>>> cv2.__version__
'3.0.0'

if you want this to be installed in your python path of your virtual environment, you need to create a symbolic link of the installed openCV library in your brew installed python into your site packages of the virtual environment venv

next step of the project is to write the logic for converting the image/video feed as inputs for the machine learning algorithm.

 

I have an app idea, which cloud provider to choose?

There are millions of cloud providers out there, may be not, but there are enough to confuse you with their features and creative billing terms.

Ofcouse, its traditional VPS style and not using Docker to pack your app.

Now, the two cloud provider I choose to choose between are

Why this two?

I am not paid any one of those cloud providers, that further more vaguer for the reasoning. Being said that, to see from the perspective of highly scalable apps there are two philosophies.

  • I build my app using a framework from my cloud provider and my service provider will make it easier to deploy and scale up or down on demand
  • I setup everything and orchestrate the deployment process using chef, puppet or similar application and write my own logic for processing the on demand scaling

yes, ordered in the same order as the service provider. I will put my two cents of my philosophy in software development and this totally depends on the type of developer.

one follows the guidelines laid out by a framework to strictly develop using those or to use libraries to build ones own app philosophy which dictates its own framework as you build it up.

The fight is between libraries and frameworks, when you know what you are building and the final line is the light at the end of the tunnel, its probably much easier to find the suitable framework and nail it! important thing here would be that everything would have been already thought out for you by the developers. Whereas when you are building something that improvises over time, I prefer developing using libraries which gives a greater scope for solving problems.

Libraries are my way of doing. Choose generic libraries build out the app and improvise over time. frameworks might die out but standard libraries usually stay.

After those two cents, comes the drool factor, Does someone have a command line fetish in your team, stop reading here and starting using digitalocean.

So, whats the framework am I getting myself when i use AWS would be the next question! AWS has an amazing product line and most of them are amazing. I love how they built simple-storage-service s3, relational-database-service RDS or elasticache. But my fallout was using the elastic-bean-stalk EBS which is basically a framework that warps elastic-compute-cloud EC2, RDS and s3 and can be supplemented with all the other million products they offer.


comparing them for features of the two will be for another day

The advantages are

  • easily point-and-click and tell your app to scale up and down automatically
  • all services/servers are in one virtual-private-cloud
  • scalable online for block storage
  • create database, cache replications and clusters on the go
  • of course, elastic load balancer… its so elastic it scales up and forgoes provisions after the peak

all of it points towards high availability for delivering your app the two things I would point out and not be embarrassed about them are

  • the cost at which it comes, mostly any startup wants to be lean

thats a framework, its also well supported by packages for most of the app development frameworks and libraries that you can import and give the URI, username and password and good to go.

Now, looking at the digital ocean, there is no product offering except for selling a highly available, well distributed cloud. start a VPS, migrate to any location, make it available at any data centre at the same price. The whole look is amazing at digital ocean and I love them for being progressive as a company and to offer a service that is startup – developer friendly.

Here, you get mailed with a IP and root password to ssh into and the rest is history. Everything is open and its up to the developer to set the standards and formalise rules for the app. Choose the stack for development and create a deploy strategy.

i feel pretty flexible and always suggest it with a strong positive feeling that anything is possible / everything is possible if one can envision the requirement.

So, that app we developed, I started out without a clear vision on EBS but we wanted to do something with consuming web API from social media. It was first text, then came the images and now we are working with rendering videos. The first library we wanted in python required third party system packages and that wasn’t being installed due to repository problem. that was the first fall out from EBS to EC2. EC2 proved clearly the way to go. its open, its also a stackless framework-less VPS which only supports SSH with key based authentication. that ended up in messing up with deploying from different machines and losing access to the machine. Of course there is a guide to get your stuff back, but its just a pain during development. Then we switched to digital ocean, devOps took some time but three weeks later it was time to ship the first version!

Digital ocean wins on two grounds for me is framework-less development with developer friendly billing. Write me if you want know more about all the other issues because the deployment is 98% and I will continue to setup the system 🙂

Changing Time & Date settings to Jan 1, 1970 will !permanently brick 64-bit iOS devices

Sorta, will kill your phone!

When the date of a 64-bit iOS device is set to January 1, 1970, the device will fail to boot.

Connecting the device to iTunes and restoring the device to factory defaults will not put the device back in working order. Instead, a physical repair is required.

but it is interesting to breakdown from what we already know!

It is reported only for 64-bit iOS devices – I don’t know yet if that also means 32-bit? but I looked what it encompasses..

Excluding those devices with 32-bit processor

  • iPod touch 5th Generation and before
  • iPad 3rd Generation and before
  • iPhone 5C and before

From assembling PCs I know for a fact that if you replace that small coin battery, it will reset your clock. I m not if that main battery is also that battery. In that, remove your battery and put it back would be one solution that comes right out of my mind. But it seems like there are special tools involved

tTBwdSDbboZrIPPX

its better to goto the Apple Store to get it fixed, is the only solution for now.

DON’T DO IT! would be the advice. There are few baits around and I hope if you google before you do it, this comes up and you are safe.

Baits I have seen on the internet:

  • This goes around on twitter,
    CbCchVuWAAAx5cV
https://twitter.com/gabdi_/status/698230041591836672

 

 

Security issues:

  • NTP! simple, just change the time on the server, boom, all of the iPhone 6 will go off. Best skynet hack for dropping out people from communicating.

Will update, what happens for the phone at a store!

[update 25.02.2016]

Didn’t have to go to the store, waited for three days and drain my battery for more than twice. Just like time the clock in the phone also didn’t stop running, going past the zero in theUNIX time.

Perfect, there were some complaints the phone was slow after it turned on. It wasnt so in my case!