So there we are, minding our own business, when an angry demon springs to life in the basement. He is on a rampage, pounding against the walls with all his might, THUMP THUMP THUMP THUMP BANG BANG BANG. We race downstairs. Turns out it is only the Sears Kenmore front-loading washing machine’s internals beating themselves to death during the final spin.

After ruling out an unbalanced load (even fully empty, BOOM BOOM BOOM), I lookup the symptoms online. After a few thousand pages of angry ex-customers’ rants, without even lifting a wrench, there is no doubt what the failure is.

All available evidence confirms that this machine is DESIGNED TO FAIL EVERY FIVE YEARS*. The fuse is an innocent-looking metal bracket on the back of the spinning clothes basket known as a spider; its purpose is to support the basket on the drive shaft leading back to the motor. This spider, an uncoated pot-metal part made of a brittle Al+Fe alloy, is fully exposed to and tumbles its way through all the detergent, bleach, dirty laundry water, etc. After a few short years of this, it corrodes through and shatters during the spin cycle! Of course, you can’t buy just this part; you have to plunk down for the entire basket/etc. assembly at $200 a pop**. Guess who now has a nice spare stainless steel basket laying around to turn compost in, heh.

My brief description does not do this problem justice, but there is an excellent video from a former Kenmore owner detailing this spider issue and several other, likely intentional, design flaws.

So, you probably guessed what I did next – took it apart. The insides of the plastic wash tub are a bitch to get at (nondestructively); the whole thing has to be carefully unhooked from a pair of shocks and large springs, liberated from half a dozen hard-to-reach hoses and tubes with fiddly retaining clips, and the glued-on rubber seal cut away from the front of the machine. There are also cinderblock weights (yes, really!) on the tub which ought to be removed unless Hulk Hogan is helping you lift it out. On mine, the bearing surfaces were also so rusted, it took beating the living hell out of the shaft with a big hammer to separate the assembly from the tub.

Here is what I found inside:

One rotted, broken-ass spider. Surprised? Also note all the "used to be spider" white crud packed in beneath the bearing.

One rusted-out shaft for a rotted, broken ass-spider.

One reaction vessel washtub for a rotted, broken-ass spider. Yuck, my clothes were in there? The white crap looking like crushed concrete at the bottom is corroded bits of spider that haven’t yet ground away at the pump impeller while making their way to the city’s sewer. You can also see where the grease has begun leaking out from the cheap rubber lip seal that’s supposed to be keeping water out of the bearings.

One rusted-out hole for a rusted-out driveshaft to grind slide into. "That’s not my mating surface, baby!"

All this because Sears/Kenmore*** could have easily solved this with $1 worth of engine paint (etc.) to coat this fiddly metal bracket, but chose not to. Also, like in the video above, my outer tub has a nice deep gouge line where the screws in the wildly-flailing basket tore it up. Luckily we were home when it went, and our catlike reflexes caught it before they could carve all the way through.

*says everyone on the Internets. Don’t McLibel me.

** and if you want to save the hassle of retaining clips patwanging across your basement and the Hulk sneaking looks up your skirt, and have the new part installed by an authorized repairman… there’s a reason they have those commercials with the repairman playing Solitaire all day because no support calls come in… it really is cheaper to buy a new machine. ($75 diagnostic visit + $450-$700 repair quotes vs. $500-600 for current units.)

***technically, Sears/Kenmore just buy the appliances from other OEMs and put their names on them. This particular model (417.42142100) is made by Electrolux; others are rebadged Frigidaire or Whirlpool units. Unfortunately, all seem to share a similar design, right down to the fail timer.

We got a kitty last weekend. Like many new additions of the human kind, we hadn’t really planned on it*, but now we are in love with her. Her name is Spirit (she comes pre-named).

She had no trouble settling into the new house, except for spooking out at the noise from the radiators at first. She’s such a little attention whore – follows the hyoominz all around, and if we are on the couch, sits down next to someone and headbutts them ’til she gets belleh rubs.

So far she has also discovered that Christmas tree ornaments swing and make a tinkling noise when swatted at, knitting needles move and click while in use, and must therefore be attacked, and – OMG WIIMOTE CURSOR!

*Somewhere between “rescue mission” and “interstate feline trafficking” does the truth lie.

So, as of sometime within the last few weeks or so, I am a convicted Google Spammer! As you may guess from this tone, I have not actually done or considered any such thing. But as tends to happen when you take all humans out of the loop and put all faith in the smartness of an infallible Algorithm, you throw your fair share of babies out with the bathwater, and today, one of those babies is me. I discovered this (not like I would have gotten an email or anything) when I happened to Google the name of my product to get to its mainpage (much faster than typing the full URL, which is longish), and it wasn’t there. With some further digging, I found my entire domain and all subdomains have been blacklisted from Google’s index.

That particular level of digging leads to a tool called Google Webmaster Tools, which, after proving myself the owner of the site, returns this:

This site may be in violation of Google’s quality guidelines. More Details
Pages on your site may not appear in Google search results pages due to violations of the Google webmaster guidelines. Please review our webmaster guidelines and modify your site so that it meets those guidelines. Once your site meets our guidelines, you can request reconsideration and we’ll evaluate your site.
Submit a reconsideration request

Full stop.

These webmaster guidelines cover “quality” (i.e. don’t spam the index)–including such helpful first-grade spam no-nos as not stuffing pages with invisible keywords, bogus META tags, providing special fake pages to known search bots, and other stuff that might have worked on Lycos in 1996–as well as various style-guide suggestions, admonishing webmasters to be on their best grammar, and even going as far as discussing size and placement of images on the page. Is a webmaster really expected to perform feng shui to stay in Google’s good graces?

Anyway, I’m at quite a loss to explain why I would be banned from Google, as getting an entire high-ranking site removed from a search index seems like something that would require some pretty big-ticket shenanigans. Of course, this is The Algorithm we’re talking about; there seems to be no indication that a live human was involved in this decision*.

Of course, any of the usual SEO tricks would fit the bill. But I don’t engage in any of that (for here, the boards or the main site), and the only “optimization” I do to this blog’s traffic is to post something interesting once in a while. (Really, since everything on this server is ad-less and free anyway, the only thing More Traffic can get me is a bigger bandwidth bill.) I do know that Google will display warnings / block content if it detects a site has been compromised, but a thorough dig through the server-side files indicates this is not the case, either.

So what’s left are some straws to grasp at:

• Legitimate incoming links from adult-ish sites and adult-ish search queries for my side project
• “Bad Words” or links appearing in message board posts (forget this piddly blog, what the rest of the free world knows cexx.org for is one of the oldest continuously running spyware help forums in existence. Posts here–especially diagnostic logfiles posted by affected users– contain references to bad programs/sites, links to same, and repetitive content (e.g. Windows registry trees) that occasionally generate false positives. A human would easily see that we are helping people rather than spamming the world; The Algorithm may not do as well.)
• Occasional comment spams slipping through in UGC (”User-generated content”, the current buzzword for “stuff the site owners didn’t write themselves”, such as blog comments, message board posts, every video on Youtube, etc.) As you can see from the numbers showing at the bottom of this page, comment spam is as fundamental to the Internet as the threat of rickroll, and the filter’s doing pretty well at blocking them. If transient v1@gra comment spams were grounds for being delisted, half the internet wouldn’t show up. Then again, for those of us who have not used Lycos et al lately, how would we google-addicts know if half the internet wasn’t showing up in our searches…?)
• My content being scraped and appearing on third-party spamblogs (yes, it happens. I–of all people!– have fired off a couple DMCA takedown demands in the last couple years, but really, for splogs on splog-friendly Korean ISPs this has about as much effect as firing off complaints for every email spam your receive. These automated scrapers usually end up scraping from someone with deeper pockets and much better arm-twisting power at some point, and the problem (for lil old me) solves itself.)
• Old pages/posts, dead links, occasional bad grammer or speling mistakes?
• Maybe Google are still mad at me for exposing a huge bug in their search some years ago? (In theory, this would make it trivial for someone to determine whether they ranked higher than a competitor, or see how a specific tweak to their keywords/etc. affected their ranking. But since I’m pretty sure no humans were actually involved in this, I kinda have to rule this hypothesis out…)
• Statistically anomalous distribution in keyword content of sites that link to mine?
• Statistically anomalous distribution of topics I discuss, tag clouds, etc. (or as mentioned earlier, help forum posts)
• Someone I’ve pissed off in the past robo-submitting my URL to the automated “report a spammer” page?**
• Googlebombs or other shenanigans performed (maliciously or not) by third-party sites?
• Wild Conspiracy Theories (paid off by a malware company? Malware authors have been trying to block their victims from being able to reach help forums such as cexx.org’s for years; maybe the’ve found a way to up the ante. Or maybe Sergey bought my Trance Vibrator and didn’t like it.)

The possibility that any site could be delisted by the actions of third-party sites (e.g. competitors) is simply disturbing. As unlikely as I’d hope it to be, Google’s complete secrecy regarding its delisting criteria (even I, after proving myself the legal owner, can’t get boo about what’s going on with my own site) makes such a scenario impossible to rule out. For what it’s worth, Google does explicitly mention links to “bad neighborhoods” in this Guidelines page, and some sites by and for the SEO people (who presumably know their stuff, this being their entire business model) seem to think this does apply to incoming links as well.
That is unacceptable.

If I haven’t gotten to the bottom of it soon, my only choice might just be to block Google from the site outright (why pay for the bandwidth their crawler uses if we are being excluded from the results?) and personally wean myself from Google search, for whatever that is worth as a personal stance. Is my best alternative really “Bing, and it’s done“?? Google, you really put me between a rock and a hard place.

* nor, based on analysis of the server logs, the “Reconsideration request” you can submit via the Webmaster tools thingy. Unless there are human reviewers lurking in an underground bunker somewhere disguised as residential cable customers from Peoria, or a vast distributed network of speed-readers who are each assigned one line to read, the speed of the hit-streams identifiable as coming from Google during the time of said review easily beat my personal best, and, much like the MTV Music Awards, show no evidence of human intelligence.

** From said page: “If you believe that another site is abusing Google’s quality guidelines, please report that site at https://www.google.com/webmasters/tools/spamreport. Google prefers developing scalable and automated solutions to problems, so we attempt to minimize hand-to-hand spam fighting. The spam reports we receive are used to create scalable algorithms that recognize and block future spam attempts.” Great, The Algorithm is now in charge of deciding who the humans on the Web are.

Mostly for my own reference for the next time I have to set it up on a new machine, but may help others on their first time install. Valid as of Feb. or so this year.

Software ’shopping’ list (all free/OSS tools)
Set up the toolchain (mspgcc). There seem to be several important tools
missing from the mspgcc distro as of this writing, including ‘make’ and
msp430-insight (graphical debugger) that the docs claim are included
with the package. So the complete shopping list is:

mspgcc-win32:
http://downloads.sourceforge.net/mspgcc/mspgcc-20081230.exe?use_mirror=voxel
NOTE: This binary IIRC was not linked on Sourceforge’s downloads page at the time; there was only an older build and this link had to be fished from semi-private newsgroup postings. If there is a newer binary available, download that one.

MinGW/msys (provides ‘make’ and some utilities) :
http://downloads.sourceforge.net/mingw/MinGW-5.1.4.exe?use_mirror=voxel
If it gives you the options of installing minGW and msys, say YES to both.

CoreUtils (provides unix-like ‘rm’ tool required by make) :
http://gnuwin32.sourceforge.net/packages/coreutils.htm

Skipping the debugger for now until I figure out how to use it myself ;-) Seems to work occasionally under win32, but it’s flaky.

Required Knowledge Assuming you already know C and have the appropriate chip documentation/datasheets.
Have a quick read-through of the mspgcc FAQ and manual. Both are
reasonably short for what they are.
FAQ: http://mspgcc.sourceforge.net/faq/t2.html
Manual: http://mspgcc.sourceforge.net/manual/

The manual contains a lot of advanced stuff you can skip at first, or
skip entirely. This includes (at minimum) the stuff about customizing
the startup/end procedures, stack, the entire ABI section, inline
assembly, and stuff about building mspgcc (the package you get is
already built).

Get familiar with ‘make’. Outside of kinky application-specific tools
like the Microchip assembler/compiler and ‘IAR Kickstart’, the rest of
the free world uses make to automate compiling, linking,
installing/running and packaging their code. Go into the mspgcc
‘examples’ folder and find the blinking LEDs example (e.g.
E:\mspgcc\examples\leds). Open up the file called Makefile in Wordpad
and have a look inside. This is the master script that will smartly
handle all your compiling, programming the chip, and avoid you rewriting
lots of code whenever you change chips. The contents will probably look
like gibberish, there are only a few parts that are important for our
purposes. The make tool installed by mingw32 is named ‘mingw32-make’.

How make works is you specify one or more ‘targets’, i.e. things make
can do. Running make with no target specified compiles your program.
Some other targets are ‘mingw32-make clean’ (delete your old build and
any scratch files), or ‘mingw32-make download’ (compiles your program,
downloads it to the chip and runs it). All the necessary commands to
handle each target are in the Makefile.

Since the top half of the ez430 kit is essentially the USB Sy-Bi-Wire programmer, you have to change the download command to:

msp430-jtag –spy-bi-wire -lpt=USBFET -e leds.elf

I.e. in the Makefile you’d find and change the download section to:

download-jtag: all
msp430-jtag –spy-bi-wire -lpt=USBFET -e ${NAME}.elf

As long as you have the Makefile open, now is a good time to find the
CPU= line and change it to match the msp430 variant you are actually
using. In the case of the eZ430 board:
CPU = msp430×2274

Now when you #include the base generic as you will for most any
mspgcc project, it will automatically switch in the correct headers and
peripheral support for that specific CPU.

I was reading the Thinkgeek catalog a while back and an interesting gadget caught my eye: “Wi-Spy”, a 2.4GHz spectrum analyzer on a USB stick. Coming from the world where “spectrum analyzer” refers to a big benchtop box with a name like Le Croy_{right, we can’t afford those} Agilent on it, my first thought was, “A good spectrum analyzer in the GHz range is like a gazillion bucks; what’s really inside this thing?”

Not much, it turns out. After seeing the guts I would not use this device for anything remotely demanding accuracy, but on the bright side, it would be pretty straightforward to make your own that works just as well! Possibly with parts that are already on your board (*cough*XBee).

According to this review and a couple other tech sites, the innards of the original are nothing more than a Cypress WirelessUSB SoC (CYWUSB6934) and USB interface. According to this updated review, the latest version switches to TI/Chipcon’s CC2500 radio ($2.15 USD in quantity) and retails for $399.

The “WirelessUSB” and CC2500 radios are inexpensive 2.4GHz radio chips used in devices such as cordless mice, game controllers and remote controls. What it has in common with many other digital radios is an RSSI (Received Signal Strength Indication) register, which can be read out to provide a measure of how much signal (i.e. interference) is present on any given channel. Wireless gadgets normally use such a mechanism to find the cleanest channel to broadcast on. Most any radio chip with an RSSI readout should work here: XBee, TI/Chipcon’s CC25xx parts, Nordic, etc. I have a big nut going right now for Nordic’s nRF24L01, but unfortunately this does not have an RSSI measurement to speak of (there is a 1-bit “collision detect” flag that warns if the RF energy on the current channel is above a set threshold).

So essentially, the firmware running on the dongle consists of:

for (channel=0; channel<255; channel++)
{
WriteReg(RF_CHANNEL, channel);
signal=ReadReg(RSSI);
send_usb(signal);
}

Hell, why didn’t I think of selling $2 of chip and 4 lines of code for $400? ;-) (I’ve even used those old Cypress radios before on a work project – Unigen’s ready-made JUNO module shown here is about 7 bucks.)

The DIY-Spy

As proof of concept (and a cool toy for anyone who has one of these lying around), I have implemented a working Wi-Fi spectrum analyzer on TI’s ez430-RF2500 development kit ($50), a 2-part USB dongle which consists essentially of a CC2500 radio strapped to an MSP430 low-power microcontroller (detachable bottom half) and a USB interface which enumerates as a virtual serial port (top half). The top half doubles as a standalone MSP430 programmer, so this kit is a great cheap way to get started playing with them.

Being the lazy efficient person that I am, I grabbed mspgcc and an existing ez430 RF demo program (JM Kikori’s RF2500 test application – raw transceiver) and just tossed the infinite RSSI loop into the middle of it.

Here is the main addition (simple & sweet). Forgive Wordpress’ complete mangling of the formatting.


static void dump_rssi()
{
int i;
char rssi;
for(i=0; i<256; i++)
{
hal_spi_radio_writeReg( MRFI_CC2500_SPI_REG_CHANNR, i); // Channel number. Default spacing is ~200KHz/channel
hal_spi_radio_cmdStrobe( 0x34 ); // enter Rx mode (not needed except to start autocal)
rssi = (hal_spi_radio_readReg(MRFI_CC2500_SPI_REG_RSSI));
uart0_polled_putc((rssi&0xFE) | (i==0)); // Cheap speed hack: write upper 7 bits of RSSI value (throw away LSB). Use LSB to signal start of 256-channel RSSI byte list
hal_spi_radio_cmdStrobe( 0x36 ); // enter IDLE mode (not needed except for autocal)
}
}


The only real divergence of this from the pseudocode loop above is that the CC2500 requires periodic (or frequent, depending who you ask) recalibration, which can be set to be performed automatically on certain conditions (such as entering Rx mode). This setting is enabled, and the code above toggles between Rx and Idle modes between each channel change to trigger auto-calibration. To make things faster (for me as well as the gadget ;-), rather than perform any kind of real serial handshaking to keep the dongle and the graphing script in sync, I just truncate the least significant bit of the RSSI reading (1/2dBm) and use it to flag the start of the 256-channel sweep.

A more efficient approach would be to perform such calibration once per channel and cache the results (writing them back along with each channel change), which would in theory allow for much faster channel changes. But it’s really a moot point since here the 9600-baud connection to the virtual COM port (MSP430 <–> USB controller) is the limiter of maximum speed.

Most of the time in this project went into tweaking around with the CC2500’s fifty billion or so configuration register bits, not all of which are really documented. In the end I just installed their win32 configuration wizard for the undocumented voodoo (e.g. correct IF setting) and annoying math, and hand-tweaked the remaining settings. For this I set the base frequency to 2400MHz, and the channel spacing to ~ 405KHz, providing the frequency range 2400MHz to 2505MHz across the 256 channel settings. This corresponds to the 2.4GHz ISM band and a little extra. All automatic gain control features are disabled.

Testing
I’ve actually been sitting on this project now for a couple months, since I wasn’t getting the results I expected initially (sitting close to my WiFi access point) and had no good way to test it. Luckily, as it turns out I was tasked with developing some RF gadgets (nRF24L01-based) at work, which could easily be set up to output a raw carrier wave at a programmable frequency. Sure enough, testing revealed some bugs in my initial CC2500 register settings, now corrected.

The video above shows the resulting spectrum output as the nRF’s naked carrier is swept through a handful of frequencies. As it progresses, it should also become evident where my WiFi access point is broadcasting. The green lines show instantaneous signal, the red shows the peak value at each frequency, and the blue shows a running average. The display script is written in Processing.

Downloads

Fairly undocumented; use at your own risk.
diyspy.zip – Source code and .elf binary for ez430 kit (use mspgcc to build from source), .inf file for virtual COM port (win32 only), and Processing script for display.

Blinking RGB LED throwies adorn the “Steaming Globe” sculpture near the Kendall/MIT station just after the 4th of July fireworks show. No idea how this could have happened.

Kids had a blast pulling them off and throwing them back onto the globe (and each other!). The whole rest of the night as we walked around, we saw blinking kids.

Heh… I’ve just completed NIH certification to administer human test protocols. I feel like that’s got to be worth a few mad scientist points.

So, I’m working on this project at work involving research into new forms of computer interface peripherals. (No, not that one.) As part of the project, we are required to test these interface concepts with live humans, survey them and see how well it works for them. The survey is positively harmless: basically like handing someone a shiny new cellphone set to vibrate, and programmed to vibrate in a different pattern depending who’s calling. Then run each pattern and see if the user can use it to successfully identify the caller. To make things simple, we had proposed to do these tests with our own employees (everyone pretty much said, “hell yeah, I’d like to play with that” when I described the project, and it sure as hell beats pulling in random strangers from the Craigslists to nose around in our secret lab).

Oh, for the catch: it’s a DARPA-funded project, and this required usability survey stuff constitutes Human Testing. To do any Human Testing, you need to draft a Human Test Protocol detailing exactly what you hope to get out of the research, intricate details of the exact test(s) that will be performed (down to the specific questions you will ask, and in what order) and the exact hardware involved in each test (note, this hardware hasn’t yet been designed by the time these forms/tests must be finalized…also remember that the entire point of these tests is to guide the design of said hardware, which now must be set in stone long before the test). So much for iterative development, that’s for sure. Add to that lengthy Informed Consent forms, confidentiality procedures, SOPs, HIPAA forms, risk assessments relative to daily activities (like, say, using your cell phone…), Conflict of Interest forms, Anti-Coercion Forms, and the whole shebang must be submitted to, and approved by, an IRB (Institutional Review Board), then the IRB’s approval approved by the governmental Office of Something Something Something. The package we submitted went up to Appendix V. (Not V as in roman numeral 5, V as in A thru… . I kid you not.). We each also had to take this lengthy “Protecting Human Research Participants” online course. Not that I’m not completely for protecting my human research participants, but come on – we’re asking them simple gadget usability questions, not giving them experimental drugs.

We got feedback from the IRB today, our protocol is NOT yet approved. They need more forms submitted and a bunch more specific details carved in stone.

I shouldn’t be complaining. Poor Jeff, my officemate, is handling the vast majority of this process in concert with a PhD consultant who is actually used to dealing with this crap. It just burns having to scramble around slapping together super-crude prototypes to test on-the-sneak to get even some rough semblance of how to structure the tests, not to mention the hardware, to get any kind of meaningful results (screwing the schedules on my other projects), how much of the project’s fixed budget will be swallowed up by this approval process instead of, say, actual R&D, and just how pointless the tests will be when it’s all said and done. Our money shot is 3 days’ worth of usability testing at the end of the program, predetermined at the start of the program.

Oh yeah, and letting your own staff participate instead of random losers from off the street? BIG MISTAKE. Far from simplifying the random Craigslist idiot, asking strangers medical screening questions, losers breaking our equipment, NDA, and losers selling our tech secrets to the Commies cans of worms, it actually hugely complicates things. Now you need to prove to the IRB, and the governmental IRB approval approvers, that employees’ participation in the research is indeed voluntary (not, “hey, participate in my research study or ur fired”), and all the steps you have taken to ensure that all participation is voluntary, that no one has the capability to bribe or coerce anyone into participating, that supervisors/bosses cannot determine who participated, etc.

Some notes, in case I EVER have to do this again:

Do Not promise, or get involved in a project where they will make you promise, human testing (no matter how harmless it seems) for any government project.

Do Not promise human testing -of anything- on a Phase I SBIR budget.

Do not write, review, modify or proofread human test protocols after playing Portal. Now the whole thing is in GLaDOS Voice. Likewise for the Big Red (supercolliding super-) Button that stops the test. (”The effects prolonged exposure to the e-stop are not a part of this test.”) I’m incredibly tempted to slip something into the protocol promising cake after the study, but then I’d probably have to get FDA approval too :-(

HIPAA stands for Highly Increased Paperwork and Annoyance Act.

(And yes, technically I *could* construct a test sequence in such a way as to make the prototype play music. But I haven’t gotten around to it yet choose not to. Yeah, that’s it.)

Just got the latest Comcast TOS patch with my bill (an adhesion contract officially titled, “Notice From Comcast Regarding Changes To Your Comcast Agreement For Residential Service” (try saying that three times fast)), stuffed inside of a cheerful note about their commitment to happy cheerful customers. What it actually entails is left intentionally vague, but it appears Comcast is trying to set itself up the legal ability to torpedo competitors’ VoIP equipment, and add/REMOVE functionality, via unauthorized firmware “upgrades” to customer-owned equipment. Sure, I would like to believe that they have my and other customers’ best intentions at heart, and just want to log in in the middle of the night and update our Linksys router firmware for us so that russian h4×0rz can’t store up to 256KB of kiddie porn in the flash ROM, but my experience is that contract-change stuffers are seldom in the customer’s interest.

Dan Kusnetzky at ZDNet got the new stuffer and also had concerns about the “downloads” and other rights asserted to open up and tinker with customer-owned equipment, including computers, voiding warranties as they go. While I agree with his guess that they probably just want to maintain their own equipment (e.g. Cable Cards) inside customer-owned cable boxes and TVs, there’s no reason to write such terms so overbroadly as to cover a wide spectrum of unauthorized, and potentially hazardous, modifications to customer-owned computers, access points, VoIP boxes and other equipment.

The actual stuffer is reproduced below. It’s lengthy! The important bits are in red, and my comments are in italics.

Customer Equipment.
Customer Equipment consists of software
or services that you elect to use in connection with the Services
or Comcast Equipment (the “Customer Equipment”). You agree
to allow us and our agents the rights to insert cable cards and
other hardware in the Customer Equipment, send software and/or
“downloads” to the Customer Equipment and install, configure,
maintain, inspect and upgrade the Customer Equipment and
Comcast Equipment. You warrant that you are either the owner
of the Customer Equipment or that you have the authority to give
us access to the Customer Equipment. If you are not the owner
of the Customer Equipment, you are responsible for obtaining any
necessary approval from the owner to allow us and our agents
access to the Customer Equipment to perform the activities
specified above.

Comcast has no responsibility for the operation or support,
maintenance, or repair of any Customer Equipment including, but
not limited to, Customer Equipment to which Comcast or a third
party has sent software or “downloads.” So, if Comcast bricks your expensive HDTV trying to perform a remote ‘upgrade’, boo hoo, better luck next TV. You acknowledge and
understand Comcast Digital Voice Service (”CDV”) may not
support or be compatible with non-recommended configurations
including but not limited to multimedia terminal adapters (”MTA”)
not currently certified by Comcast as compatible with CDV;

Ah yes, now I remember Comcast’s stance on ‘Net Neutrality and the use of competing VoIP services on its network. A “Multimedia Terminal Adapter (MTA)” is the technical name for a VoIP box. I wonder why and how they are sending “downloads” to arbitrary third-party equipment? This might work as Apple’s ‘update’ for jailbroken iPhones.

Customer Equipment, including, but not limited to, non-voice
communications equipment, including certain makes or models
of alarm and security systems or devices, certain medical
monitoring devices, certain fax machines, and certain “dial-up”
modems; rotary-dial phone handsets, pulse-dial phone handsets,
and models of other voice-related communications equipment
such as private branch exchange (PBX) equipment, answering
machines, and traditional Caller ID units.

For Video and Comcast High-Speed Internet (”HSI”)
Customers. You agree that by using the Services, you are
enabling and authorizing Comcast, its authorized agents and
equipment manufacturers to send code updates to the
Comcast Equipment and Customer Equipment, including, but
not limited to customer-owned cable modems and customer-owned digital interactive televisions
with CableCARDs, at any time it is determined necessary to
do so as part of the Services. Such code updates may
change, add or remove features or functionality of any such
customer-owned equipment or the Services.

For HSI and CDV Customers. You can find Comcast’s current
minimum technical and other requirements for HSI
customers at http://www.comcast.com/Support/Corp1
/FAQ/Fag Detail2205.html and for CDV customers at
www.comcast.com/cdv/faqs. These requirements may be
located at an alternative site if we so notify you. To use CDV,
you will need a MTA that meets our specifications. In some
areas, we may permit you to use CDV with an MTA that you
have purchased. Depending on availability in your area, you
may have the option to install the MTA yourself or have
Comcast install it for you. You agree to keep the MTA plugged
into a working electrical power outlet at all times.

…and what if I don’t? Not that I expect them to do so (anymore than I expect to use “Comcast Digital Voice”), but this clause technically gives Comcast the power to terminate a customer’s account and levy damages against them for breach of contract if they inadvertently kick the plug out of the wall. (Or, for suitably perverse readings, have their power go out…)

Whether a
cable modem, gateway/router, MTA or other device is owned
by you or us, we have the right, but not the obligation, to
upgrade or change the firmware in these devices remotely or
on the Premises at any time that we determine it necessary
or desirable in order to provide Services to you in accordance
with our specifications and requirements.

For CDV Customers. In order to use CDV, you are required
to provide certain equipment such as a phone handset or
equivalent, inside phone wiring and outlets, and an electrical
power outlet. If you live in an apartment or a similar multi-
tenant dwelling, you may have to provide a cordless phone
as well. If we do not have access to the inside phone wiring
in your home or if you are installing CDV yourself without the
assistance of a Comcast technician (”self-installation”) where
we make that option available, you will need to plug a
cordless phone into the MTA in order to use CDV throughout
your home. CERTAIN MAKES AND MODELS OF CORDLESS
PHONES USE THE ELECTRICAL POWER IN YOUR HOME. IF
THERE IS AN ELECTRICAL POWER OUTAGE, THE
CORDLESS PHONE WILL CEASE TO OPERATE DURING THE
OUTAGE, PREVENTING USE OF CDV VIA THE CORDLESS
PHONE. DO NOT ATTEMPT TO CONNECT CDV TO INSIDE
PHONE WIRING YOURSELF. In order to use online features
of CDV, where we”make those features available, you are
required to provide certain hardware, such as a personal
computer, software, an Internet browser, and access to
the Internet.

CUSTOMER EQUIPMENT – LIMITATION OF COMCAST’S
LIABILITY

CUSTOMER EQUIPMENT MAY BE DAMAGED
OR SUFFER SERVICE OUTAGES AS A RESULT OF THE
INSTALLATION, SELF-INSTALLATION, USE, INSPECTION,
MAINTENANCE, UPDATING, REPAIR, AND REMOVAL OF
COMCAST EQUIPMENT, CUSTOMER EQUIPMENT AND/OR
THE SERVICES. Most probably, the “downloads”. Equipment failure due to botched or interrupted firmware updates is among the most common consumer electronics failure modes, and is in fact the very origin of the verb ‘to brick’. EXCEPT FOR GROSS NEGLIGENCE OR WILLFUL
MISCONDUCT, NEITHER COMCAST NOR ANY OF ITS
AFFILIATES, SUPPLIERS, EMPLOYEES, AGENTS, OR
CONTRACTORS SHALL HAVE ANY LIABILITY WHATSOEVER FOR
ANY DAMAGE, LOSS, OR DESTRUCTION TO THE CUSTOMER
EQUIPMENT. IN THE EVENT OF GROSS NEGLIGENCE OR
WILLFUL MISCONDUCT BY COMCAST, ITS SUPPLIERS,
EMPLOYEES, AGENTS, OR CONTRACTORS, WE SHALL PAY FOR
THE REPAIR OR REPLACEMENT OF THE DAMAGED CUSTOMER
EQUIPMENT (AT OUR SOLE DISCRETION) UP TO A MAXIMUM
OF $500. THIS SHALL BE YOUR SOLE AND EXCLUSIVE REMEDY
RELATING TO SUCH ACTIVITY.
• For HSI and Video Customers. YOU UNDERSTAND THAT
YOUR COMPUTER OR OTHER DEVICES MAY NEED TO BE
OPENED, UPDATED, ACCESSED OR USED EITHER BY YOU
OR BY US OR OUR AGENTS, IN CONNECTION WITH THE
INSTALLATION, UPDATING OR REPAIR OF HSI OR VIDEO
SERVICES. THE OPENING, ACCESSING OR USE OF YOUR
COMPUTER, OTHER DEVICES USED IN CONNECTION WITH
YOUR COMPUTER, OR YOUR VIDEO DEVICES MAY VOID
WARRANTIES PROVIDED BY THE COMPUTER OR OTHER
DEVICE MANUFACTURER OR OTHER PARTIES RELATING
TO THE COMPUTER’S OR DEVICE’S HARDWARE OR
SOFTWARE. NEITHER COMCAST NOR ANY OF ITS
AFFILIATES, SUPPLIERS, OR AGENTS, SHALL HAVE ANY
LIABILITY WHATSOEVER AS A RESULT OF THE VOIDING OF
ANY SUCH WARRANTIES.

Comcast Equipment. You agree that except for the wiring
installed inside the Premises (”Inside Wiring”), all Comcast
Equipment belongs to us or other third parties and will not be
deemed fixtures or in any way part of the Premises. Comcast
Equipment includes all software or “downloads” to Customer
Equipment This makes determining legal ownership of the hardware, where Comcast-owned firmware is burned onto the customer-owned device, a legally sticky issue or Comcast Equipment and all new or reconditioned
equipment installed, provided or leased to you by us or our
agents, Including but not limited to, cabling or wiring and related
electronic devices, cable modems, MTA, wireless
gateway/routers, CableCARDs, and any other hardware. You agree
to use Comcast Equipment only for the Services pursuant to this
Agreement. We may remove or change the Comcast Equipment
at our discretion at any time the Services are active or following
the termination of your Servlce(s). You acknowledge that our
addition or removal of or change to the Comcast Equipment may
interrupt your Service. You agree to allow us access to the
Premises for these purposes. You may not sell, lease, abandon,
or give away the Comcast Equipment, or permit any other
provider of video, high speed data or telephone services to use
the Comcast Equipment. The Comcast Equipment may only be
used in the Premises. At your request, we may relocate the
Comcast Equipment In the Premises for an additional charge, at
a time agreeable to you and us. YOU UNDERSTAND AND
ACKNOWLEDGE THAT IF YOU ATTEMPT TO INSTALL OR USE
THE COMCAST EQUIPMENT OR SERVICES AT A LOCATION
OTHER THAN THE PREMISES, THE SERVICES MAY FAIL TO
FUNCTION OR MAY FUNCTION IMPROPERLY. You agree that you
will not allow anyone other than Comcast employees or agents
to service the Comcast Equipment. We suggest that the Comcast
Equipment In your possession be covered by your homeowners,
renters, or other insurance. You will be directly responsible for
loss, repair, replacement and other costs, damages, fees and
charges if you do not return the Comcast Equipment to us in an
undamaged condition.

More playing:
Castlevania end credits
Tetris
Mario Bros. theme

Update: I fixed up the script to pull (usually) proper timing from the MIDI, threw together some minimal documentation and released it to the public (see link below).

Downloads
mid2cnc.py, sparse documentation and samples

Basically, it’s possible to compute a combination of (distance, feedrate) along an axis that will cause the stepper motor for that axis to spin at an exact frequency corresponding to a musical note. With a little vector magic, the same can be done for (x, y, z, feedrate) to produce chords as the machine follows a 3D line through space.

(For anyone wondering, the song is Jonathan Coulton’s Still Alive, better known as the end credits theme from Portal. The MIDI is from topazstorm.)

*whew* That was the easy part. The real magic will happen in a future post, if I ever get around to it :-) Hint: The fact that notes can and do swap arbitrarily among different axes (while still sounding passable) is important.

How This Works (for CNC-heads):

We have code G1 [pos]x F[feedrate] for linear interpolation at a specific feedrate. Thus need to convert between feedrate in IPM and frequency in Hz (steps per inch or inches per step). My machine as currently configured is 36000 steps/in, so if we wanted it to play middle A (440Hz) (440*60 = 26400 steps/min) we would want to move along a single axis at feedrate (26400/36000 = 0.7333..) IPM.
or more generally, (freq/600) IPM.

Here are the frequencies for one octave. The formula to convert semitones (notes) to their actual frequencies is

f = fRef*2^(x/12)

where fRef is an arbitrarily chosen reference frequency corresponding to a specific note, and x is the number of semitones difference between the note you want and the reference. Middle A (440Hz) is as good a reference note as any, and its MIDI note number is 69, so the formula to calculate frequency for any MIDI note number becomes:

f = 440*2^((x-69)/12)

; C4 = 261.63Hz
; D4 = 293.66
; E4 = 329.63
; F4 = 349.23
; G4 = 392.00
; A4 = 440.00
; B4 = 493.88
; C5 = 523.25

And the G-code with the resulting feedrates to play this scale on my machine:

G1 X1 F0.43605
G1 X2 F0.48943333333333333333333333333333
G1 X3 F0.54938333333333333333333333333333
G1 X4 F0.58205
G1 X5 F0.65333333333333333333333333333333
G1 X6 F0.73333333333333333333333333333333
G1 X7 F0.82313333333333333333333333333333
G1 X8 F0.87208333333333333333333333333333

; Unfortunately, our note duration is now frequency-dependent. If we wanted it to play for 1 minute, we should make the distance
; equal to the feedrate in IPM (or 1/60 of that to play for 1 second, etc.). Easy-peasy so far.

Now let’s complicate things a bit. Suppose we want to play 2 or 3 notes at once. G-code linear interpolation scheme is that in, say, an XYZ move, all the axes arrive at the same time. Feedrate is the speed the tool moves along this *vector*, not the speed of the fastest/arbitrary axis. In other words, you cannot specify individual feedrates for the (x,y,z) axis moves, only one for the resulting vector as a whole. So, since the vector that results from adding 2 ore more axis moves will always be longer than either of the individual axis moves (for the 2-axis case, think the hypotenuse of a right triangle) the feedrate we set will be faster than the highest note, and will depend on the individual notes and their contributions to that vector.

Assume the bog-standard C-E-G chord. To play each on its own for 1 second…

G1 X0.0072675 F0.43605 ; move this distance
G1 X0.0164238 F0.54938 ; move 0.009156333…
G1 X0.0273126 F0.65333 ; move 0.010888833…

…but we want to combine these into a single (x,y,z) vector at a single feedrate.
The vector is obviously (0,0,0 to .00726, .00915, .01088), and its length is given by sqrt(x^2 + y^2 + z^2). Remember we are playing all three notes for the same length of time. The vector has lengthened, but the desired playing time has not, so we need to choose the feedrate for this new distance that yields the same travel time.

Regardless of how the length or rate changes, the (x,y,z) components remain proportional to one another. Just pick one of the individual axes/notes as a reference, compare the final vector length to the length of the reference note and bump the feedrate proportionally to the change in length. In this case we arbitrarily select the highest note as the reference, and the ratio of the final feedrate (unknown) to the reference feedrate (known) should equal the ratio of the 3D vector length (known) to the reference length (known). It’s almost too easy!

3D Vector length: 0.015975658808286373765422932349422

Feedrate: (newlength/oldlength) * oldfeed

= 1.4671598699591015644580950363551 * 0.65333 = 0.9585395578403798251074072301019

G1 X0.0072675 Y0.009156333 Z0.010888833 F0.95853955

Just remember that *any* change of any note requires computing a fresh new vector, so long notes will have to be split up wherever another concurrent note changes.

In the last post, I made the unspeakable blargger mistake of linking to an article on a news site, which means in 7 days or so, instead of said article this link will return absolute crap and/or a “Buy membership now!” nag screen. Trying to keep up with such link rot (if anyone bothered) is a problem that grows linearly with the number of posts/articles written, until it reaches 100% of the blogger’s time and he/she/subject/verb has to stop writing any more posts and become a forest ranger. I’ve ranted this before with some possible solutions, but as you may have guessed based on my project completion record to date, didn’t get around to it (got maybe as far as writing a toy script that wget’s pages and stuffs the contents into a database record).

So a little experiment: Instead of linking to the article directly, I linked to a carefully-constructed “I’m Feeling Lucky” Google query containing unique phrases contained in the article. The idea is that as the site shuffles stuff around / deletes content / recycles numeric links, rather than a 404* the link should preferentially return a clean copy of the article from somewhere else on the Internet if it exists (syndicated copy, fulltext copy-paste into a blog/slashdot post somewhere, etc.).

Let’s see if it lasts any longer than a regular news-site link!

(For anyone interested, the actual query is:

http://www.google.com/search?q=%22A+company’s+backroom+mass+of+servers+and+switches+is+cloudlike.+So+are+social-networking+sites+like+Facebook+Inc.%2C+or+the+act+of+buying+a+book+on+Amazon.+Some+clouds%2C+like+Google’s+email%22&btnI=Lucky

The “%22″ at the beginning and end of the query string itself is the URL-safe encoding for a double-quotation mark (ASCII code 0×22), so that the quote marks in the query don’t conflict with the quote marks in the <a href=”…”> tag. To simulate a click of the “I’m Feeling Lucky” button, replace the button-type code that normally appears in the query (btnG=Search) with “btnI=Lucky”. Also note that apparently Google limits queries to a maximum of 32 words.)

* Modern commercial sites seldom, if ever, actually return a HTTP 404 code when a document is not found, since software including search-engine spiders detect these and drop 404′d pages from their listings. it’s far more profitable to pretend the user/bot has reached some kind of non-error document, swap in a generic landing page and stuff it full of keywords and advertising.

So, apparently I’m not the only one to notice the mid-level marketing types in IT having a big collective nut lately about “Cloud Computing”. This week even the Wall Street Journal ragged about this nonsense on the front page. For those who don’t spend their time around mid-level IT marketing types, cloud computing is… well, nobody who uses this term have actually agreed on a definition, but it can loosely be defined as “the processor and the data it processes are in different places”. I.e. Web apps, like Google Spreadsheet or some Myspace widget where you upload your AIM contact list and it returns some kind of graph of mutual acquaintences you’re all connected to. Search engines. X-Drive / Internet backups of your files. Stuff like that.

“Real Computer Is Elsewhere” has been around since computers; Cloud Computing is only the latest name for it. A little history: In the 1950s, any talk of electronic computers whatsoever assumed a ginormous shared, multi-user machine, since computers were far too new and expensive for everyone to have their** own. In fact, the entire concept of having the user, his data, and the computer in the same room at the same time came much later, when they became small and cheap enough to sit on a standard-sized desk and the term “personal computer” was born. Kind of like one of those little single-serving packets of Sweet ‘n Low, except it was a computer. Back in those days, sonny, you came down to the big mainframe room with a box of punched cards and submitted them to the white-jacketed mainframe acolyte, who (hope against hope) would run your job overnight and return your results in the morning. By the 60s and 70s, technology had advanced to teletypes and terminals (the infamous “glass titty”) – the computer itself was still in the basement of some university, but you could text into it from elsewhere and bask in the warm glow of an amber screen. Then computers started getting cheap enough that people who needed one could put the whole machine right in the same room with them, and from then on the idea of going back to dumb terminals and the big Elsewhere Machine seemed pretty silly.

But companies tried to bring Elsewhere Computing back, and still they do. In the 80s it was the diskless workstation (or as users called them, dickless workstations). People hated them. In the 90s they tried again under a new name, thin clients. Those who remembered the era of time-sharing on mainframes and the Diskless Workstation hated them because they knew it was a Diskless Workstation under a new name; everyone else hated them because they just didn’t work all that well. Now it’s the “todays”* and these guys are hoping this is the decade consumers will get back on board with using their computers as an expensive tool for borrowing time on someone else’s**. My guess is that once the Cloud Computing folks agree on what they’re selling, folks will soon enough figure out what this really means and we won’t have to hear all this hype anymore (it will go the way of “Multimedia”).

* what radio stations who played the greatest hits of the ’70s, ’80s and ’90s a decade ago play the greatest hits of, today. Only one more year until they will be forced to decide what to call this decade! The Zeros? The Aughts? The Double-Ohs? The suspense is killing me.

** the same decade where the concept of subject-verb agreement will go out the window as people try to terminate fractally-growing chains of awkwardness in sentences resulting from attempts to keep them gender-neutral.

Optical mice work by pointing a tiny cheap camera at the surface of your desktop, tracking the motion of ‘interesting’ points in the surface texture (woodgrain, imperfections, highlight/shadow) as the mouse slides around over it, and converting this to an X and Y motion. An LED is used to light the surface beneath the sensor, typically at a very low angle to help highlight any surface roughness (so the sensor still works on rough, but solid-colored, surfaces such as paper). Many of these sensors allow you to read out the raw image, too. Historically, the sensors in optical mice have been a standalone chip with SPI interface, leaving a separate microcontroller to handle button clicks and PS/2 or USB interface – so you could hack a cheap optical mouse to output position or image data for unique scanner or robotics projects. Unfortunately, more and more of these high-volume, low-cost devices are moving to all-in one camera+micro+USB chips under an epoxy blob, so you can’t just buy any old optical mouse and expect any access to this internal data.

Videos:
Absolute microposition sensing using image recognition
Relative position sensing (i.e. just like a mouse) using the DELTA_X/DELTA_Y registers
Downloads:
Arduino Library

Naked mouse cam and lens wired to a microcontroller

Fortunately, standalone SPI sensors are still alive and well. Mouser.com (no pun intended) sells some of these (Avago ADNS-2610 and ADNS-2620) for the exhorbitant price of $1.56 each. It’s a CAMERA for a buck fifty. Not exactly a *good* camera (grayscale, 18×18 resolution), but you can still do some neat tricks with it. Of course, you will still need a cheap optical mouse to steal the lens off of (or maybe an old CD player, etc.).

If you want to be all lame and boring, you could use this mouse camera as, well, a mouse. An onboard DSP is constantly watching the surface below as it slides by, giving you an up-to-date relative position (DELTA_X and DELTA_Y) just by reading a pair of registers. Each ‘delta’ reading contains the number of +/- pixels the mouse has moved in each direction since the last time you read it. Since you are only reading 2 registers, you can read this information at very high speed. There are some additional registers that will give you the max and min brightness, sum of all pixel values, and a ’surface quality’ value that represents the number of trackable points (divided by 2) under the imager.

But if you want to dig deeper, a builtin diagnostic feature lets you bang some other registers and return the entire image under the camera. A few things worth mentioning before you go further, though: this IS meant as a diagnostic feature only; they sell these things as mice and not cameras after all, and this feature is not the best implemented. There are 324 pixels (18×18 array), but you can only grab one pixel per frame. So when you get the image, you are actually seeing pixels composited together from 324 separate frames across maybe 1/2 second. If the camera is moving during this time, you’ll get a garbled image, so if you have this puppy strapped to a robot to take pictures (or position the robot), your robot has to stop for pictures. Also, your maximum full-image rate is only a couple images per second.

Following are some demos of monochrome and color image acquisition, surface identification and micro-position sensing down to the um range.

Circuit:
The ADNS-26xx parts only require a couple external components: an oscillator and a couple capacitors to stabilize its power supply and internal reference voltage. The oscillator frequency (about 20MHz-25MHz) is not critical; any cheap ceramic resonator will work fine here. So your complete parts list is:

1x ADNS-2620 mouse cam
1x 24MHz resonator (speed not critical)
1x 2.2uF capacitor
1x 0.1uF capacitor (optional but recommended power-supply bypass; value not critical)

Grabbing images:

Above is a sample image taken from the sensor, looking at the little “Equal Housing Lender” glyph on some credit card junkmail. See below for some more. The process is straightforward; write once to the PIXEL_GRAB register to arm it, then read it 324 times (18*18) to read out the image bytes starting from the top left pixel. (Or use my Arduino library ;-)

And no, I’m certainly not the first to think of this. See here for a demonstration where someone combined the image and position readouts to use the mouse as a crude handheld scanner. I haven’t tried it, but I wonder how well this can see your fingerprints if the angle is right. (I assume not very well, otherwise mouse companies would have already enabled frame-grabbing on USB mice and tried to sell it as combination mouse and biometric ID thingy.)

Color imaging:
The grayscale sensor can be used as a crude color imager by replacing the standard red lighting with an RGB LED, and taking one frame with each color lit in turn. Depending on the LED, you may have to scale the R/G/B frame data differently for more accurate color representation. I assume like most photodiode technology the mouse cam pixels are most sensitive to the red-IR range, but the LED I used had a pretty weak red, so it was kind of a wash. (The image here is scaled red=0.75, green=1, blue=0.75).

2D position finding using the “Christopher Carter Algorithm”:
Very simple position-finding routine I wrote for testing purposes; named after a magician’s trick where the blindfolded practicioner (renowned hypnotist Christopher Carter, in the first case I saw it) “reads” a name written on a dry-erase board by swiping a finger across it at a few different heights. This is a similar idea, using a basic edge-detection to identify regions (”where to read”), then read them by the brightness at the center of each region.

In this method, you create a known optical pattern (in this example I used Gray Code) and apply it to the surface whose position you want to measure. Then aim the camera at it so that it looks at a small subset of the optical pattern at any given time. Ideally, each ‘pixel’ of the optical pattern should cover a 2×2 or more (3×3 or 4×4) pixel area on the sensor, since the optical pattern and the sensor’s pixels will never be *perfectly* aligned, and thus will blur across a couple neighboring pixels. Now you can identify the unique pixel pattern under the sensor and match it its position in the full optical pattern.

In a project at work, we needed to know how far a visual indicator pin on a piece of machinery was extended at any given time, and whether its position was in tolerance (reducing human observation error in dark and foul weather conditions). Since the sensor could not be permanently attached, we also wanted to be able to measure slop or shifting of the sensor itself relative to the pin, which would produce an incorrect reading. The small space, large pin travel and need for sensor cross-checking made common 1-D proximity sensors less attactive.

Definitions: The “pixel grid” is the actual sensor array. For ADNS-26xx, this is always 18×18. A “region” is one individual mark in the optical pattern, corresponding to a 3×3 (etc.) region of the pixel grid as mentioned above. The “region grid” is the array of these regions overlaid somewhere on the pixel grid. For example, with an 18×18 pixel grid and each region 3×3 pixels, the region grid overlaid onto the sensor can be as large as 6×6.

By performing this 2-stage lookup (find region grid offset on pixel grid, match region grid to known optical patterns), the total computation time is reduced by mainly working with only a small subset of the pixel data (the region grid), and the positioning resolution is at least (region size) and at most (pixel size). Working with only the center pixel of each region, to the extent possible (rather than e.g. averaging the entire region’s pixel values), is also beneficial since the regions may not be perfectly aligned to pixels and the focal plane at close range is very narrow (<1mm), thus the image may not be completely in focus – especially if looking at a curved or otherwise 3D surface. So all the pixels toward the edges of the region will tend to dilute the reading.

Absolute 2D position encoding/decoding using a Gray Code pattern. Position is resolvable generally to 1 pixel, in this case measured at about 2.4 mils (about 70um). The top-right shows the raw image with region grid (black squares) overlaid aligned to the strongest edges (pink crosshairs). The bottom-left shows the edge-detection itself, and finally, the top-left shows the recovered optical pattern. The actual position is the index of this pattern in the known fullsize pattern + the region grid’s offset.

Assuming an 18×18 image sensor:

Perform edge detection by taking the derivative of the image. Embedded systems such as Arduino are barely suited for non-integer math, let alone calculus, but we can take a poor-man’s “discrete derivative” easily by just subtracting neighboring pixels. Neighboring pixels on a uniform surface will not differ by much, so subtracting two neighbors will yield a low number, while along an edge, one will be very different from the other. We want to figure the vertical and horizontal edges separately. And we don’t care about the exact location of ALL the edges per se, just want to know on which rows and columns they occur. Once at least one good, strong edge is detected in each direction (horizontal and vertical), we know where to align the region grid so it is centered on valid regions.

For each horizontal row: For each pixel, its edginess (likeliness of being along a *vertical* edge) is given by the absolute value of (pixel – left neighbor) + the absolute value of (pixel – right neighbor).

v_edginess[row][col] = int(abs(image[row][col] – image[row][col-1]) + abs(image[row][col] – image[row][col+1]));

And of course that entire row’s vertical edginess is the sum of the edginess of all pixels in the row.

For each vertical column: Same thing, only going by columns, taking the pixel directly above and below. Again, the column’s edginess is the sum of the edginess of all the pixels in the column.

Obviously, the leftmost pixels has no left neighbors, and the rightmost pixels has no right neighbors (same goes for the top and bottom rows, they are missing neighbors on one side), so the easiest approach is to exclude them from the loops, e.g. for the 18×18 array, valid results start at (1,1) and end at (17,17). The result is an ‘edginess’ array of 16×16 pixels.

Once the region grid is positioned, threshold the region centers to black/white, then take the resulting region grid (4×4 in this example) and slide it around on an array containing the ‘known’ pattern until the best match is found. Obviously, in a real-world system subject to bad lighting, specks of dust, misalignment or misfocus, the match will not always be perfect. You might also want to know how well you can trust the measurement, so I compute a confidence value too. The confidence value is a function of the absolute % of regions matched, and the difference between the best match and the next best match. For example, if two different positions matched equally well (even if they are both “pretty good” percentage wise), you can’t uniquely identify a position and so your confidence must be zero.

Another thing briefly tested was to place an LED behind the pin and observe its side profile (Alfred Hitchcock Algorithm?), which worked surprisingly well.

Side profile of the pin showing the lower part of the indicator groove.

This is a followup to this post.

Quick video example of finding and bending the music data that plays during Super Mario Bros. 3’s World 1 map, using the FCEUX emulator’s advanced 6502 debugging features. Full-screen if you’ve got it – the video did not survive compression well, and I don’t feel like investing hours tweaking around with it…

Video: Using FCEUX features to bend SMB3’s World 1 map music

Once on the screen of interest, go to the Debug menu and open the Trace Logger window. Tick the two ‘Only log new data…’ boxes, choose a filename for ‘Log to file’, and press Start Logging. These options require the Code/Data Logger to also be running, so FCEUX will prompt you to open it (hit Yes). Pay attention to the ‘Bytes logged as data’ count, it is slowly increasing as data is fetched from the cartridge. Most of the game code is running a complete loop every frame, so the ‘Bytes logged as code’ count should max out quickly. Likewise, MOST of the data being accessed here (e.g. sprites, etc.) will go through their entire rotation within a second or so, but the music takes over 20 seconds to do a complete loop (you can see the data byte count roughly keeping time with the music). Thus the last >20 seconds of data in the logfile will consist of music data fetches. Open the log, scroll near the bottom and notice the resulting disassembly, consisting largely of e.g.:

$E47A:B9 71 A7 LDA $A771,Y @ $A7C5 …

In English that is: Cartridge address $E47A onward contains an instruction with data bytes (B9 71 A7). The first byte is a CPU opcode (LDA $xxxx), telling the CPU to load the data at memory address (specified by the next two bytes, $A771) into its A register. Some subsequent code (purposely omitted from your trace log since it runs every time new data is fetched) processes the sound data. Thus corrupting one or more of those address bytes will cause incorrect sound data to be fetched and parsed, causing audible glitching depending on what the fetched data tells the sound loop to do.

Yeah, back in junior high I had not enough friends and too much time, and discovered that keying in random Game Genie codes would sometimes cause a NES game to (harmlessly) glitch out in interesting ways. :-p Some codes just locked up the game (drat!), while others caused screen glitches, messed with colors, and rearranged levels. Still others would screw up the game music or sound effects. I was always strangely mesmerized by the bleepy sonic barf of a good sound loop crash.

Of course, now that I’m all old and exposed to the Internets, I come to find out there are entire groups devoted to pretty much exactly this–glitching out electronic toys to produce interesting sound effects (circuit bending). So for those folks, here is some info and samples from codebending on the original NES. Hardcore circuit benders might consider this software-bending stuff cheating since the case never comes off ;-)
Read the rest of this entry »

I started using Inkscape, a sweet open-source vector graphics program, to produce (and/or steal from the internet and convert) designs suitable for carving on the CNC as Inkscape has a plugin to export the file as a .DXF. Converting some files, I discovered the current export script does not correctly handle all types of transforms, so some parts of the file may export out-of-proportion to each other or in strange size units regardless of the drawing units of the original drawing (Inkscape’s internal drawing unit is apparently equal to 1/90 of an inch, wait, wtf?). Also, if the drawing contains curved (Bezier) lines, these will be exported more or less as-is (DXF splines) and many free/cheap/itch-scratch-ware programs will not handle the resulting file (since the ‘correct’ representation or interpretation of splines is never disclosed in the published DXF file specifications, so everyone kind of does them in their own way, with less-than-stellar results).

Bob Cook noticed these limitations and updated the script to fix many of the ‘unusual transforms’ scaling issues, and convert Beziers to standard polylines that any program will import. It also adds some support for layers, including special ‘drill’ layers whose drawing objects will be output as single points (no lines) for hole drilling.

In theory, the layer support as he implemented it ought to work (it’s correct and in conformance with the DXF spec, which allows drawing objects to be assigned to arbitrarily-named layers throughout the file). In practice, many of the same free/OSS, low-cost and weekend-warrior tools do not handle this any better than splines. I dug up a copy of the DXF spec, played around a bit and found that these programs expect all layers to be formally declared in a DXF LAYER table in the header section of the file before use. So here is an update to the export script that generates a proper LAYER table, allowing a wider variety of toolpath generating programs to import them correctly. So far it has been tested with ACE Converter and CamBam and seems to work well, but as always this is a quick n dirty, not exhaustively tested script and there is no lifeguard on duty. (Inspect the imported files for problems before commanding your big machine to cut them!)

Better Better DXF Output for Inkscape

Just unzip into your \Inkskape\share\extensions directory. Note that the updated ’simpletransforms.py’ replaces an existing file.

Note: There is still an outstanding issue with Grouped objects in Inkscape being exported with incorrect size. As I understand it (assuming the document structure sent to export scripts is substantially an SVG file), transforms are applied at the Group level, which is sort of a container that has the actual drawing objects (and possibly further nested groups) as its children. Guessing that to handle this correctly, rather than looking for transforms at the node itself, it must also maintain a stack of transforms that have been applied at the node’s parent level, and parent’s parent, etc. For now, it is an easy workaround to ungroup everything before export. Maybe someone with freetime can update this and release it as ‘Better Better Better DXF Output’ :-) (b3dxf?)

After about an entire year of the parts sitting around, next-week, next-month, ya-I-been-meanin-ta, tonight I managed to get my homebrew CNC router* assembled into a usable (or at least testable) state. The entire design (if you can call it that! – it was really kind of ad-hoc) consists, as much as possible, of parts commonly available from any random big-box home improvement store (ours is the ‘Depot). The only ’specialty’ (not available from the hardware store) parts are the electronics – stepper motors, driver boards, and power supply for the above – and machine parts such as ACME nuts and leadscrews, and some standard bearings to help hold the leadscrews in place. The machine’s linear bearings – commonly regarded as the holy grail of low-cost DIY CNC machines (good linear bearings are hard to come by and hard to make!) – are pairs of big industrial-style drawer slides (also from the Home Despot), carefully squared and bolted into place. Not a recommended approach for any remotely heavy-duty machine, but since I mostly intend to carve wood, plastics and the occasional PCB, this shouldn’t pose a huge problem.

Some videos of the machine running:
First test: carving a small face in a piece of foam
Closeup on the business end (Dremel-style rotary tool affixed to the Z axis)
The finished piece
Carving some zombies – here I got smart and attached a light to the machine
Bonus: Dry run (Dremel spindle turned off), showing the melodic sound of the stepper motors :-) (And in the background, the current-limit relay in my borrowed bench supply going nuts. The stepper motor drivers are now powered by a beefy 19V 6A power brick intended for a big laptop.)

Pics

The basic idea (for non-techies):
Imagine spinning a nut on a long bolt – the nut moves up or down the bolt depending which direction it was turned. The same can be done by holding the nut steady, fixing the bolt in place and rotating it – the nut will slide left and right. Attach a cutting head to this moving nut, and mount this assembly (that can move in one axis, e.g. up and down) to two more just like it that move in different directions (left/right, in/out), and you have a cutter that can be moved around in three dimensions by spinning the screws. Attach some motors and a computer can turn the screws automatically by driving the motors forward and backward, moving the cutter in a way that carves out a complex shape.

Components of interest (for techies):
3x Vexta stepper motors, PX245-02B-C8 (6V, 0.8A per phase): $5 each on AllElectronics (sold out shortly after I bought mine)
Stepper drivers: 3x Linisteppers, bolted to a pair of Pentium slot-whatever heatsinks and fan.
Lead screws: 1/2″ x 3′, 10 thread per inch ACME threaded rod (enco.com), with matching ACME nuts attached to the linear guides using J-B Weld (this stuff is amazing!). In retrospect, 10tpi is a bit overkill, and I have to spin the motors like crazy to move the axes at any speed (specifically, 10 rotations to move 1 inch), and stepper motors start losing a lot of torque at higher speeds.
Couplings (motor to leadscrews): Fat vinyl tubing sections and hose clamps

There are still some bugs to work out. For one, though the drawer slides on the X and Z axes are working well, the vertical orientation of the slides for the Y table produces unacceptable play. Basically, the internal part of the slide (the part that actually slides) can shimmy left and right slightly in addition to in and out of the rails that contain it, which gets worse the further these inner parts are extended out of the fixed rails. The force of the cutter pushing left and right into the material causes the table to skew a small amount, which both introduces inaccuracy in the cut and causes the Y table to bind (get stuck). I also still have not found a *good* way to hold down arbitrarily sized and shaped work pieces. Detailed build pics, yet-to-be-tested specs (accuracy, etc.), assembly guides(?) will be in a future post.

*What’s the difference between a router and a mill? Semantics, mainly. The terms are somewhat used interchangeably. From what I can gather reading forum posts on the subject, router implies higher spindle speeds, softer and thinner materials being cut (wood, PCBs), and higher speed overall, while a mill implies a heavy-duty, slower-moving machine cutting metal.

What’s 1-2?

Today, MS Excel tells me it’s +39815. (Tomorrow it will tell me something different.)

Some while back a signup sheet went around the office for our annual lamb roast. Since every problem (nail) in an office environment has a preinstalled office-suite hammer, the signup list was an Excel spreadsheet. Once everyone has entered their number of guests, it totals up how many total guests. Here’s what I sent around before figuring out Excel’s flavor of crack.

Say you don’t know exactly how many guests you will have for the BBQ. Type a range (e.g. “1-2″) in and see what Excel computes for the total numbers of guests/folks.

For “1-2″ guests by my name I get exactly 39084 total guests. Fixed by just saying “1″, but now I’m curious. How is it computing this number?

I can see that being parsed as “one minus two” and yielding a negative number of guests, but I can’t figure out what particular flavor of crack Excel is smoking to get 39,084. Anyone?

I mean, if it had returned NaN or +32767 (or some other signed-unsigned integer conversion failure), I might have understood.

An Excel guru eventually figured it out: The field was hard-set as a numeric field (no auto). Still, it parsed the expression, not as “one minus two” but as a date – “February 1, current year”, and since it was a numeric field, represented this numerically the best way it knew how: the number of days since January 1st, 1900.

The flavor is strawberry.

I once said that this blog would eventually reach a point where any possible entry could be expressed as a sum of references to previous entries. In this case, it’s this one, this one and this one.

I have maintained that a point will be reached where plain old ordinary Web sites will be forced to turn on SSL encryption by default, or otherwise resort to client-side validation to ensure the page content hasn’t been tampered with during transit. Not because they are running online shops or otherwise dealing with sensitive information – to ensure their users view the original site as it was meant to be seen, protect their users against malware injected by man-in-the-middle attacks, protect/ensure their ad sales, and protect themselves from liability (lost sales from angry customers, frivolous ADA/etc. lawsuits, computer repair bills) arising from unauthorized third-party “enhancements” to their site. And I figured the detonator for all of this (besides Comcast’s broken BitTorrent filter) would be local-yokel small-town ISPs, where bored and too-clever midnight admins sit, Perl Cookbook in hand, trying to make a few bucks on the side by replacing random Web sites’ ads with their own, or injecting other forms of malware into customer HTTP streams to gather saleable profiling data.

Nope. It’s the big boys. Among them: Charter Communications, one of the world’s largest ISPs, and British Telecom have secretly tested, or intend to test (respectively) technologies against their paying customers which do exactly that. According to an internal British Telecom memo (fulltext PDF via Wikileaks), the company partnered with online marketing company Phorm, which specializes in consumer profiling and delivery of targeted advertising. According to Wired,

“From late September to early October 2006, British Telecom secretly partnered with Phorm to let the company monitor and track 18,000 of the BT’s customers. Phorm installed boxes on BT’s network that redirected web requests through their proxy server.

Those boxes inserted JavaScript code into every web page downloaded by the users. That script then reported back to Phorm the contents of the web page, which Phorm used to create ad profiles of a user.”

The report goes on to detail the ability of the Phorm proxy box to intercept requested pages and replace the site’s advertising with its own, based on the collected profile for that customer. The report also indicates several deleterious side-effects of this injection, such as flickering problems on some Web pages (which led users to believe their PCs were infected with spyware), frequent browser crashes, and insertion of the rogue code when users tried to post to Web forums. However, they concluded that the test was “successful” since no user was able to successfully pin the blame on BT/Phorm:

“The operation of the system does have noticeable side effects, which included web-page tag insertion and navigation bar flutter.

From the postings, no user correctly determined the source of these effects and users did not post that the system was causing poor performance.

However all postings suspected that their machines had a virus, a malware or a spyware infection.”

*sigh* Remember kids, you (probably) heard it here first. Let’s hope that in the brave new world of encrypt-everything-to-avoid-getting-fucked-by-ISPs, Firefox 4 doesn’t continue to perform that tired 5-warning song and dance every time you visit a non-corporate Web site.

First off, for those who know what I’m talking about and are just as pissed…the fix! (sorta)
Open about:config and set the follwing settings:
browser.xul.error_pages.expert_bad_cert: true
browser.ssl_override_behavior: 2

This brings you down from five clicks to “only” two. :-/

So, a while back I got sick of the nag dialogs, caved and updated to Firefox 3. It works pretty much just as well as FF2, but one thing has been bugging me: Encrypted sites are second-class citizens. In previous FF versions (and pretty much any browser known to mankind), if you visited a site which had SSL encryption turned on but no “respectable” certificate, you would get a simple warning dialog about it, with the option to stop or continue (one click). Now however, this one-click process has been replaced by an extremely cumbersome process of navigating through several warnings, examining the certificate, and adding a special exception to the browser settings for that certificate (permanently). Now, viewing any of the Web’s increasingly “encrypted for the heck of it” pages is a giant pain in the ass.

By “respectable” certificate, I mean something that has been purchased from a certification company such as Verisign with an annual maintenance fee (currently about $400/yr), after said company has (claimed to have) performed some background checks on you to ensure that you are really who you say you are. The certificate then vouches, to any random onlooker, that your site is actually operated by you. This makes great sense if you are a bank, of course. You want your customers to know you’re really the bank, not some guy who bought a bank-like domain. For everyone who isn’t a bank, though, the main purpose of SSL is to encrypt data between the server and the user’s PC, preventing any random monkey-in-the-middle (bored local-yokel ISP admins, airport Wifi no-goodniks) from viewing or tampering with the data flowing between them. Since random hobbyists and bloggers can’t or won’t (and, ahem, shouldn’t) pay $400 a year for a CA certificate just to give away free content, this has historically been accomplished for free by a self-signed certificate, i.e. a certificate generated by the webmaster himself. Obviously, while it performs the encryption task just as well, it cannot vouch for the identify the webmaster – but if Joe’s Blog is just trying to keep some braindead ISP / censorware from “re-expressing” the site, is Joe’s SSL-enhanced blog less secure than Joe’s plain unencrypted HTTP (which does not generate alarm bells from Firefox) blog?. Duh, of course not. So why treat it as though it is?

Some more correct solutions would be:

• Present the Dire Warning Dialog matryoshka exactly once. At the third click is the “I know what I’m doing” checkbox for advanced users which reverts behavior to that of to FF2 and most every other browser in existence (i.e. single-click dismissal for users who understand the difference between encryption and authentication). This approach worked surprisingly well on my LSP-Fix utility, which allows advanced (potentially destructive) operations with an “I know what I’m doing” checkbox and appropriate warnings about how much fun it is to reinstall one’s OS.
• Same as #1, but with a very brief SSL test the user must pass to enable the checkbox, to prove they really understand the difference between encryption and authentication – or for that matter, between either of those and security.
• Keep the 1-click dismissal from the start, but fix the wording for novices: WARNING: This site is no more secure than Joe Blow’s random blog. Do not submit your credit-card number or anything else you wouldn’t put on the frontpage of the New York Times.
• Display a bright red titlebar / address bar and the familiar “broken padlock” symbol for sites with unverifiable certificates. A Bright Red Something works very well as a persistent visual reminder, hours after the dialog-clicking has faded from memory (I use this approach on any GUI logged in as administrator/root, reminding me that I have the power to really screw myself.)
• Release the SSL behavior fix for FF3 as an extension that must be manually installed, for clueful users who want to surf Comcast-proofed sites in peace Looks like a Moz developer’s already done it, though compatibility with different FF3 versions sounds a bit hit-and-miss.

A Mozilla developer’s (non-SSL-encrypted) blog on the subject explains some of the logic behind this UX nightmare, including the (semi-sensible, I must admit) rationale behind making exceptions permanent by defaut. (This, too, should have an advanced-user override switch – I for one don’t want to permanently accept bad certs as good.) Be glad for what you got though, apparently they had initially decided not to allow self-signed pages to be accessed AT ALL.

(Yeah, apparently I’m not the first person to take offense at this behavior, though my beef is not so much in the wording but the sheer ten-click time-wastage and the implication that some encrypted sites are somehow less secure than plaintext ones.)