Friday, 17 December 2010
Being Prepared
With this winter in Scotland already a repeat of the freezing conditions of last year we are still astonished at how many people leave themselves at risk by being entirely unprepared. Not only does this cause them problems, but it also causes some impact to those who are prepared. As a follow up to the brief post on Rory Alsop's personal blog we thought we'd provide a few notes on how to minimise the impact from adverse weather and foolhardy unprepared individuals on the roads.
Obviously the simplest solution is don't go outdoors - get stocks of food and drink in and batten down the hatches. Cosy, but not always a workable solution, so lets have a look at what you can do if you do need to go somewhere.
Practice:
Okay, so Rory A is a petrolhead, and so takes any opportunity to go out on a racetrack, but knowing how to handle ice is within anyone's grasp. While the Andros Trophy could be a little excessive, having at least one skid pan session under your belt will get you through a lot of ice. You'll learn how to use the right amount of torque - unlike the many people we have seen over the last couple of weeks trying to drive under full power, wheels spinning and sliding - resulting in some interestingly stuck vehicles! The driving test in Finland requires a test on a slippery course - is it any wonder they do so well in the World Rally Championship?
Planning the route:
Look at an OS map to understand the hills. Last winter Rory A had a very tense hour driving the last couple of miles to Drumoak in Aberdeenshire as he didn't prepare his route (but trusted a Tom Tom... mistake!) - he ended up descending a very steep slope using the ditch on the right hand side of the road as a runner to stop the car sliding off the left hand side of the road, which had no barrier other than some trees further down the slope. Learnt that lesson now, but wouldn't ever want to go through it again.
Avoid motorways - you would think they would be fine as the inclines are minimal, and they are wide, but unfortunately they are not sheltered, and when conditions deteriorate it is all too easy to be caught out, or get stuck behind someone else who does. When the inevitable crashes happen, you can't get off a motorway easily, and being stationary in heavy snow can lead to being stuck there for many hours.
Mechanical:
Defrost/de-ice your car every day. Not only will this help you avoid having to call out the AA/RAC/equivalent for your country, but you will avoid the doors freezing solid, ice buildup inside (which can easily damage wiring.) In addition you'll find it much easier to keep all your windows and lights clear of snow and ice - this doesn't seem to be understood by many road users. Personally we like to be able to see everything around us, and ensure they can see us - don't want to be anywhere near another car with the windows all frosted up and just a small patch on the windscreen for them to peer out! Minimising risk here is a good thing (tm)
At the start of winter you really want to ensure the car is properly serviced. Fresh tyres, new wiper blades, engine oil, antifreeze levels correct. Then take every opportunity to fill up the petrol tank - just in case you need to run the engine for warmth while stuck for days! In the more remote areas you should consider snow tyres, snow socks or even chains - they can make all the difference.
Supplies:
Everyone should have a blanket, sleeping bag or slanket in their car anyway. They are so cheap or even free at garages that you might as well. Not just an essential to keep you warm if you do have to overnight in the car, but they are really useful to give you grip if you are really stuck - tucking a blanket or rug under the tyres can give a lot of traction.
Gloves and Hat - yep, simple, but if you are trying to dig yourself out and the temperature is down below minus 15 you want to conserve heat! Possibly a Cthulhu Balaclava is the best solution.
YakTrax Ice Grips - get yourself a set of these essential accessories:
Snow shovel - if you can find one! The telescopic ones can easily be stored in the boot.
Drinks - would be really nice to have a flask of hot coffee or soup, but realistically you can keep juice or cans in the car really easily. You can dehydrate very quickly when stationary and running the engine to keep the car warm. Keep some bottled water as well, and ideally some coffee powder (see below)
Food - cereal bars or chocolate are easy to store in a car for long periods of time.
The important bit - Geek essentials:
An inverter - ideally reasonably high wattage, so you can charge your laptop.
Torch - ultrabright LED torch, or for extra bling, one of these 10 Million Candlepower torches.
High gain antenna (at least 9dB) and 802.11 card if necessary. How are you going to update your blog, check out your Stack Exchange posts and twitter feed, follow the Met Office updates detailing the cold and ice coming your way, or keep yourself entertained with iPlayer if you can't connect?
Immersion heater - either a 12v car version, or a 240v one to run off the inverter - so you can make coffee.
USB Handwarmers - keep your typing speed up. Or your strafe speed in Brink!
eBook Reader - whichever flavour floats your boat.
In car mp3 player - you don't want to run out of tunes before help arrives! Ideally at least a half a terabyte of music will avoid any risk of boredom. Especially this kind of music!
Best wishes for the festive season - see you in 2011
7 Elements
Thursday, 16 December 2010
Apple iOS Devices and Encryption
As I've had cause recently to spend some time looking at Apple iOS encryption, and I've picked up some information that was new to me, I thought it'd be worth putting hand to keyboard about it.
Recent iterations of Apple's iOS based devices (iPad, iPhone, iPod touch) have got a number of encryption features which can protect data on them. However some of the descriptions of the features can leave people with a false sense of security, so it's important to realise what they can and cannot do for you.
First up is Apple's "Hardware Encryption". By default all data on the user partition of an iOS device is encrypted with keys stored in hardware on the device. Apple describe this as protecting "data at rest" and also enabling their fast remote wipe capability.
One interesting thing to realise about this capability is that it is not designed to protect user data from a "lost or stolen device" scenario. In looking at my own iPad, which has the latest version of iOS installed, it was initially possible to get access to all the user information stored on it, without knowing the passcode.
Accessing this information can be done by booting an alternate operating system and then using SSH to view and copy data from the device, over the Apple connector cable (a description of the requirements and process for setting this up is available here ). So whilst this attack is relatively technical, there's really no major barrier for a technically savvy attacker, as all the information required is in the public domain.
Apple also have an additional layer of protection available to them, which is their Data Protection feature. This feature encrypts specific information on the device with a key derived from the users passcode.
There's two interesting things to note about this feature. Firstly, it requires applications to specifically support its use, and at the moment there don't appear to be many that do. From Apple's perspective, only their mail client supports it in current iOS release.
Secondly, if a device has had iOS 3.X on it and has been upgraded to iOS 4.X, then Data Protection is not enabled, until the device has had a complete operating system restore carried out on it, as described in this Apple Support Document .
Once Data Protection is enabled, e-mail data seems to be quite well protected, although it's worth pointing out that as the key is derived from the users passcode, it becomes very important to ensure that the user has a strong passcode set (ie, not just the 4 digit simple passcode option), to prevent a brute-force attack.
From having seen some of Apples technical information around Data Protection it actually seems like a good concept for mobile device protection, so once it's more widely in use, I think that it'll greatly enhance iOS devices resistance to attack in a "lost device" scenario, but at the moment it's a bit limited.
Recent iterations of Apple's iOS based devices (iPad, iPhone, iPod touch) have got a number of encryption features which can protect data on them. However some of the descriptions of the features can leave people with a false sense of security, so it's important to realise what they can and cannot do for you.
First up is Apple's "Hardware Encryption". By default all data on the user partition of an iOS device is encrypted with keys stored in hardware on the device. Apple describe this as protecting "data at rest" and also enabling their fast remote wipe capability.
One interesting thing to realise about this capability is that it is not designed to protect user data from a "lost or stolen device" scenario. In looking at my own iPad, which has the latest version of iOS installed, it was initially possible to get access to all the user information stored on it, without knowing the passcode.
Accessing this information can be done by booting an alternate operating system and then using SSH to view and copy data from the device, over the Apple connector cable (a description of the requirements and process for setting this up is available here ). So whilst this attack is relatively technical, there's really no major barrier for a technically savvy attacker, as all the information required is in the public domain.
Apple also have an additional layer of protection available to them, which is their Data Protection feature. This feature encrypts specific information on the device with a key derived from the users passcode.
There's two interesting things to note about this feature. Firstly, it requires applications to specifically support its use, and at the moment there don't appear to be many that do. From Apple's perspective, only their mail client supports it in current iOS release.
Secondly, if a device has had iOS 3.X on it and has been upgraded to iOS 4.X, then Data Protection is not enabled, until the device has had a complete operating system restore carried out on it, as described in this Apple Support Document .
Once Data Protection is enabled, e-mail data seems to be quite well protected, although it's worth pointing out that as the key is derived from the users passcode, it becomes very important to ensure that the user has a strong passcode set (ie, not just the 4 digit simple passcode option), to prevent a brute-force attack.
From having seen some of Apples technical information around Data Protection it actually seems like a good concept for mobile device protection, so once it's more widely in use, I think that it'll greatly enhance iOS devices resistance to attack in a "lost device" scenario, but at the moment it's a bit limited.