A Murky Future for Self-Driving Cars

Feet-first into fire! This short essay was written in response to the 2016 Report of the One Hundred Year Study on Artificial Intelligence (AI100) for CS 343H, Artificial Intelligence Honors.

Although I am ostensibly a student of computer science, I am also an urban studies minor, transportation geek, and public transit advocate. Thus, the One Hundred Year Study is of special interest to me, and its analysis of urban transportation doubly so. Continue reading “A Murky Future for Self-Driving Cars”

Print Your Stuff from the Terminal with utprint.py

Recently — in the spring of 2016, I believe — the UT Austin libraries rolled out a new printing system that allows students and staff to upload documents via a web interface. This was a huge deal to me because previously, I had to get off my laptop and sign in to a library computer to print things.

Functional but frustratingly slow.

It works well enough, but as is always the case for university computer systems, it’s a little cumbersome to use. My typical workflow looked like this:

  1. Log in
  2. Upload my essay
  3. Set my standard printing options: no color, duplex

That works out to about ten clicks and a password manager access. The horror! We can do much better. We have the technology.

Over the last two weekends, I put together a Python script that can send documents straight from the command line. It stays authenticated for two weeks at a time and there’s a configuration file to specify preferred printing settings.

$ ./utprint.py ~/Documents/utcs.pdf
Print settings:
  - Full color
  - Simplex
  - Copies: 1
  - Page range: all
Logging in with saved token ... done
Uploading utcs.pdf ... done
Processing ... done
    Available balance: $1.16
    Cost to print:     $0.42

    Remaining balance: $0.74

I’m sure it will prove useful to all the… one… UT Austin students who are handy with a terminal and do a lot of writing. Find it on GitHub.

Hacking Piazza with Cross-Site Scripting

Piazza is a free classroom discussion service marketed for science and mathematics classes. It is best described as a hybrid wiki and forum; students can post questions, and other students can collaborate on answers. Like WordPress, content can be formatted with a rich-text editor or with plain HTML with a restricted set of features. Piazza’s distinguishing feature is the ability to post anonymously, which it claims makes underrepresented groups in the sciences more comfortable with interacting with the class. At UT, the computer science department makes extensive use of Piazza for most of its classes.

Piazza is primarily accessed through the web interface on piazza.com. Of great interest, there is also a “lite” web interface designed for mobile devices and accessible browsers at piazza.com/lite. I will demonstrate that Piazza is susceptible to common client-side web attacks, such as cross-site scripting, as a result of its reliance on web apps. (There are also native iOS and Android apps, but they are awful, and nobody uses them.) Continue reading “Hacking Piazza with Cross-Site Scripting”

Self-Driving Cars: a Reality Check

Today, the media is awash with buzz about the inevitable arrival of autonomous automobiles, personal vehicles that could transport passengers under complete computer control. Writing for Forbes, David Galland predicts that ten million autonomous cars will be on American streets by 2020 (Galland). He expects the adoption of autonomous cars to have profound, transformative effects on our society, by “reducing the number of traffic accidents by upward of 90%,” offering new mobility options for seniors and people with disabilities, eliminating the need for expensive and scarce downtown parking, and “[banishing] the whole idea of rush hour … to the history books” (Galland). Ford plans to sell “true self-driving cars” without controls for human drivers such as pedals or steering wheels by 2021 (Isidore). Not to be left behind, US Senators Gary Peters and John Thune have announced they plan to introduce new legislation to foster the development of autonomous vehicles that will “[leave] room for innovators to reach their full potential” (“Joint Effort”). They believe that autonomous cars “have the potential to dramatically reduce the … lives lost on our roads and highways every year and fundamentally transform the way we get around” (“Joint Effort”).

But before we speculate on the long-term impacts of autonomous cars, and especially before we formulate sweeping national policies concerning them, we ought to consider just how soon they will become reality. There are difficult ethical, technical, and human interface challenges that the industry has not yet addressed and hard questions that our society has not yet answered. Should autonomous vehicles favor the survival of passengers or pedestrians in the event of an accident? How will we produce and maintain high-resolution maps of every road on which autonomous vehicles will be expected to operate? How will we keep passengers alert and prepared to retake control in the event of an emergency? We are not five years away from autonomous cars, as Ford claims, much less six months away from “full self-driving” Tesla vehicles, as CEO Elon Musk claims (@elonmusk). The barriers to designing safe and reliable autonomous cars are so massive that they will preclude their mainstream introduction for many decades, if not indefinitely. Continue reading “Self-Driving Cars: a Reality Check”

Central Valley Airports: Update #0

With school out for the summer, I found myself getting back into flight simulator development. My plan is to model the terminals of the Fresno and Bakersfield airports. I am targeting FlightGear Flight Simulator specifically, since I am familiar with the platform, but am also going to try and get the models on FSX.

Hopefully this is one project that I will be able to finish.

So, without further ado, here is the first update – what I’ve been working on for the past couple weeks. You can expect another one every other week or so. Enjoy!

I’ve started out with Meadows Field. This being my home airport, I’ve put a lot of effort into being accurate, especially since the small terminal means more attention is drawn to small details.

I’ve made substantial progress on the airside portion (and have refrained from announcing this project until then). I am using Blender’s material and rendering system to bake textures into the model. This is my first time doing something like this, but if all goes well, it should look almost this good in the low-poly sim model, too.

Here is a panorama of the actual terminal for comparison. (The irony – Delta Connection no longer flies here, though all air service is still operated exclusively by SkyWest CRJ200s.)

BIOS Mods and Integrated GPU’s: a Tale of Hybrid Graphics

Well, today I called it quits with my designated “home gaming” laptop. It was a HP dv7t-6000 laptop with the following equipped:

  • CPU: Intel Core i7-2630QM
  • Integrated GPU: Intel HD Graphics 3000
  • Discrete GPU: AMD Radeon HD 7400M

Despite being augmented with a discrete GPU, its gaming performance was never anything to write home about. However, I had been keeping it serviceable for the last couple years by using modified AMD graphics drivers from Leshcat. The performance was slightly improved with the newer drivers, especially with games like Wargame: Red Dragon that were released long after HP had ceased supporting the machine’s software.

This month, however, during a routine upgrade to the latest Leshcat release, it appeared that my discrete graphics stopped working. Programs were suddenly reporting that they were being run on the HD Graphics 3000 iGPU.

I’m still not sure what happened but I think that the latest Leshcat release dropped support for older “fixed” switchable graphics. Thus, I was now using “dynamic” switchable graphics, which means that work done by the iGPU is offloaded to the dGPU. Programs still see the active graphics processor as the HD Graphics 3000 even though the 7400M is doing all the work.

In the process of figuring all this out I discovered that the InsydeH2O BIOS that comes with many HP laptops actually has a few hidden screens that grant access to a plethora of settings.

The advertised easy method (F10 + A) didn’t work for me, so naturally the next step was to flash a modded BIOS – which not only granted access to the secret settings but also removed the infamous HP wireless card whitelist.

With switchable graphics working again (after forcing the now-modded BIOS to use “dynamic” mode to work with Leshcat), my graphics performance was back but seemed… lackluster.

The benchmarks confirmed this. Here are the PassMark scores for every laptop GPU I’ve ever owned:

  • Nvidia GeForce 310M: 221
  • AMD Radeon HD 7400M: 634 (?)
  • Intel HD Graphics 4600: 726

That’s right, the entry-level integrated graphics from 2013 smoked the 2010 and 2011-era discrete GPUs. It’s surprising what difference a couple of years can make.

I’ve now retired the Sandy Bridge HP. My Haswell laptop, of all things, now holds the crown for the most powerful GPU in the household.

The Technology Gap

As written in an application for the East Bakersfield Rotary Scholarship:

The greatest enigma that we face today is that people do not understand how technology works.

While we are quick to admit that our elders have trouble using computers, the younger generation gets a pass on technology education. We don’t usually think of Internet hipsters using Facebook on the latest iPhone as “technologically challenged.” But in reality, we are all in the same boat. We do not really understand the devices that we use everyday.

The average person knows how to use a web browser to open websites and type a document using Microsoft Word. That is all. He can barely navigate files and folders, he cannot solve computer problems by himself, and he almost certainly cannot maintain the machine properly. Good security practices will stop nearly any computer virus, but he runs out to buy the latest copy of his favorite anti-virus software. Computers are modular and can be progressively upgraded, but he purchases a new system every year. And the mere thought of the average man being able to program a computer is simply ludicrous.

This lack of comprehension is disturbing because it can be so easily exploited. TV infomercials advertise miracle virus-removal programs that actually scam ignorant computer users out of their money; shady websites and tech startups offer low-quality software that over-promises and fails to deliver, frustrating customers who didn’t know any better; people buy the latest and greatest models every year because their old devices, thanks to neglected maintenance, have become “too slow.” It’s almost as if the tech industry profits from our lack of computer education.

But the most concerning development has been the rise of cloud computing: services that entice computer users to upload their data onto Internet servers. Google, Microsoft, and Apple tempt consumers by marketing these services as easy to use and safe. What most people don’t realize is that there is a hidden cost. Companies make money on their cloud services by selling the data to advertisers – and government agencies such as the NSA can also snoop through it.

If American youth expect to get ahead in the 21st century, they must be able to use technology to its fullest potential. Today, computer education is stuck in the 1990’s. Students are only taught how to write documents and, occasionally, create presentations. We need to change this! Computer classes should expand their curricula with lessons about keyboard shortcuts, installing new software, using files and folders, and maintaining operating systems. And of course, schools must embrace the exciting new field of computer science! Teaching basic programming logic could benefit all students by giving them new insights into science and mathematics. And for those who want to dive deeper, low-cost minicomputers like the Raspberry Pi could allow schools to create truly innovative robotics and electronics courses.

We have been taught how to use computers, not how to understand them. Today’s children deserve better.

Creating a Guest Network with a Tomato Router

Here are my notes on how to portion off a guest wireless network for… you know, guests… if you have a router powered by the excellent Tomato third-party firmware. (I run Tomato RAF on a Linksys E4200.)

It’s not meant to be an exhaustive guide, because there are a few already on the Internet. Rather this is how I achieved my specific setup:

  • Do not allow guests to make connections to the router, thus preventing them from accessing the web interface or making DNS requests.
  • Firewall guests from the main network and any connected VPN’s.
  • Push different DNS servers and a different domain to the guest network.

First you’ll need to create a separate VLAN and a virtual SSID for your guest network. My router has two antennas, so I could have used a dedicated antenna for the guest network, but I opted to use a virtual SSID anyway because the second antenna is used for the 5 GHz band.

By default, VLAN 1 is the LAN and VLAN 2 is the WAN (the Internet). So, I created VLAN 3 for my guest network. I then attached a virtual wireless network on wl0.1 named openwireless.org.

This is where most guides stop, since Tomato already firewalls the new guest network from the rest of your LAN. Instead of bothering to tweak the firewall, they simply advise you to set a strong administrator password on the web interface.

This didn’t satisfy me, though – I wanted firewall-level separation. Also, the guest network is still able to access any VPN’s the router is running. So here’s some iptables magic:

# Add a special forward chain for guests. Accept all Internet-bound traffic but drop anything else.
iptables -N guestforward
iptables -A guestforward -o vlan2 -j ACCEPT
iptables -A guestforward -j DROP
iptables -I FORWARD -i br1 -j guestforward

# Add an input chain for guests. Make an exception for DHCP traffic (UDP 67/68) but refuse any other connections.
iptables -N guestin
iptables -A guestin -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT
iptables -A guestin -j REJECT
iptables -I INPUT -i br1 -j guestin

This goes in Administration > Scripts > Firewall. Simple and easy to understand. Note that ‘br1’ is the network bridge for your guest network and ‘vlan2’ is the WAN VLAN. You probably don’t have to change these.

Last thing that bothered me was that Tomato by default assigns both networks the same DNS and domain settings. This means that guests can make DNS queries to your router for system hostnames, like ‘owl,’ and get back legitimate IP addresses. Overly paranoid? Probably, but here’s the fix:

# DNS servers for guest network
# Domain name for guest network

This goes in Advanced > DHCP/DNS > Dnsmasq custom configuration. Combined with the iptables rules above, this will force your guests to not use the router’s DNS.

Once again, ‘br1’ is the guest bridge. You can also specify your own DNS servers instead of OpenDNS.

And there you have it – a secure network for your own devices and a guest network, carefully partitioned off from everything else, solely for Internet access.

There are two pitfalls with this setup: no bandwidth prioritization and the possibility that someone could do illegal things with your IP address.

I don’t really care about bandwidth, because I already have a QoS setup, and I live in a suburban neighborhood so users of my guest network will be few and far between.

However, I am considering forcing all my guest traffic through the Tor network. That may be a future post.