Daniel Álvarez’s Blog

Google is now activating over 500,000 devices each day, growing at 4.4% week on week. This huge raise, led to a big explosion of apps being downloaded from the Android Market, which - at the time of this writing - is 6,148,593,955 (more info at http://www.androlib.com/appstats.aspx).

Among these, there is one particular kind of application which is potentially useful for every single Android user: an app which allows you to locate, track or find your phone in case of theft or loss. SecuDroid is one of those must-have apps which you’d better not need to use, but you’ll definitely be glad to have it when somebody steals your phone or you lose it somewhere.

 Features: 

• Location information including accuracy, speed and altitude 
• Periodic tracking
• Silent pictures using either the front or back camera
• Remote Lock & Wipe functions
• SIM card change notification 
• FindMe Ringtone
• Invisible Mode
• E-mail integration  

FAQ: 

• How does SecuDroid work?

SecuDroid sleeps silently in your Android device waiting for commands sent from any cellphone by SMS. The answer to these comands will be sent by SecuDroid either by e-mail or by SMS.

These SMS will not show up on your phone because they are intercepted by SecuDroid, so the thief will not suspect that you are on your way to recover your phone.

• How can I be sure that nobody will be able to track me if I install SecuDroid?

When you request an action from SecuDroid you must precede the command with a password. This password can be changed at any times from the SecuDroid configuration window and, by default, it is set to “PW” (without quotes).  Anyone who knows this password will be able to track you or even wipe your data off your phone.

• How can I hide SecuDroid so that noone knows that it’s there?

SecuDroid will appear as “eNotes” under the installed applications list. Also, you will be able to remove the launcher icon from the configuration window.

• If I remove the launcher icon, how can I modify the settings?

You’ll be able to launch the configuration window by dialing a pre-configured code from the stock phone app. This code, by default, is 3535 but you can change it at any times.

• Will SecuDroid be able to determine my location even if GPS is off?

In order to switch GPS on, Android enforces the user to do it manually. However, SecuDroid will enable the GPS hardware without user interaction (by tricking the OS) to get the location and, afterwards, it will switch it off automatically to hide itself. Nonetheless, it is highly recommended that you test this feature in your particular device because this is likely to be avoided by Android in the future. In this case, just leave the GPS setting on (no impact on battery life) or you’ll only get positions based on GSM towers triangulation.

• Somebody stole my phone and I want to find out who, will the thief be able to locate the pictures in the phone storage?

No. Pictures are stored temporally without image extensions and they will be erased right after being sent

• If I take a picture remotelly, will the thief hear the camera shutter sound?

SecuDroid will take pictures silently by disabling the shutter sound. However, some devices are impossible to get the shutter sound disabled due to legal restrictions so you must make sure how your device works by testing it first. You’ll probably be able to disable it by some other means like rooting your phone and removing the sound but SecuDroid doesn’t encourage you to root your phone unlike other apps.

• The FindMe function is pretty cool but what if I left the phone in silent/vibration mode?

Just send a BEEP command to your phone and SecuDroid will ring loud for 60 seconds or until you switch the screen on/off no matter what the previous state was. After this command, volume will be set at maximum leve so you’re free now to call and find out where the sound comes from

• Just realized that I lost my phone with critical information. How can SecuDroid help me?

Before trying to track or locate your phone, you should lock it with a password to make sure that noone can access to your sensitive data or even make calls. If you feel that the information inside your phone is even more important than the device itself, wipe the data within a few seconds by issuing a WIPE command.

• Transparency is really important. Does SecuDroid include any phone-home component that could compromise my privacy?

SecuDroid does NOT include any phone-home component. You can be completely sure that SecuDroid will not connect to a 3rd party server and will not use your location or personal information in any ways.

• What e-mail account does SecuDroid use to send the pictures and location info to?

You can configure a GMail account from SecuDroid settings window and this will be the account used to send the answers to remote requests. If, for example, this account is removed or you change the password, the answers will be sent back via SMS (or MMS if a picture was requested). The default destination e-mail address is also configured and has not necessarily to be a GMail address.

Details: http://www.secudroidapp.com/secudroid
Instructions: http://www.secudroidapp.com/instructions
FAQ: http://www.secudroidapp.com/faq

Last week, we attended two of the most important championships in Spain with Silvestre and uXbot.

• In Hispabot, the track had a ramp which was pretty challenging for our robots since they were not designed with this in mind. The major problem was that the robots got blind for a while in their way up and also in their way down. This problem was worse for Silvestre since it’s larger and its sensors spent more time in the air, reason why the uXbot managed to get to the top of the podium with Silvestre right behind him on the 2nd place.

• Robolid hold a really crowded championship with around 80 robots taking part in the robotrackers category and 20 robots in the Line Following contest. Silvestre and uXbot had to fight with most of the best robots in Spain and they finally won with Silvestre in the 1st place and uXbot 2nd.  On a side note, a new electronic system was used during the contest to measure lap times, average and top speeds and Silvestre’s top speed was over 5 meters per second (18 km/h)!

 The most remarkable features of the robots are:

• DC Maxon motors
• FPGA to accurately read the quadrature signals from the encoders and real-time processing (Silvestre)
• Inertial sensors
• Track learning: the algorithm takes about 2-2.5 laps to identify when the lap starts over and extract the characteristics and speed-up/braking points.
• Adaptative behaviour: Throughout the laps, the robots modify their parameters (speed, speed-up/braking points,…) for each part of the track. This allows the robot to adapt themselves to the track conditions (dust, creases, …)

Below you can see a video from the training days to the final round of the latest contest. Some slow motion parts show how the robots performed over the ramp at Hispabot and how they had to fight with the skids right after the downhill

D.

One of the things I’ve found more interesting and useful in Robotics is debugging.

Most of the time we use to print out traces through a serial port and, the luckiest ones, who own a JTAG emulator, can dig deeper into their bugs but always with a cable plugged.

So, now thanks to the excellent Espardino project and the help of its author, Ajo, who is a very good friend of mine, I decided to write my own stub for the ARM cortex-m3 architecture. You can check out more information about Espardino’s remote monitor here.

 Also, the following are a nice source of information I used to write this stub:

•  The definitive guide to the ARM Cortex-m3
•  Application Note 209 Using Cortex-M3 and Cortex-M4 Fault Exceptions by Keil
•  Daniel Jacobwitz patch for the Linux Kernel - single stepping Thumb2 programs

The video below shows a debugging session of the stub running inside the LPC1343 ARM Cortex-M3 of the uXbot robot. The GDB is connected to a tiny application which acts as a bridge between the TCP connection and the bluetooth link to the robot. Given that this application is listening on a TCP port, the GDB debugger can be running somewhere else (on my iPhone? ;)) and it would still work.

In my next article I will get more into detail about the stub itself and the exception handling.

Cheers,

Daniel Alvarez

I want to show you how easy is to start playing around with FPGAs. The following example is based on the Actel A3P250 Devel board programmed with the microJTAG board.

The idea is simple: we’re going to design a PWM module and make the on-board leds flashing at different rates. The RTL design of the PWM module is shown in the picture below:

 Let’s have a look at the components inside the PWM module:

As you can see the 10-bit PWM module has got one register, a 10-bit counter and one comparator. To test our module, I’ll write a simple VHDL code:

-- test.vhd
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
use IEEE.STD_LOGIC_ARITH.ALL;
use IEEE.STD_LOGIC_UNSIGNED.ALL;       

entity example2 is
    Port (       

                LEDS:out STD_LOGIC_VECTOR(3 downto 0);
                CLK_in: in STD_LOGIC;
                RESET_in: in STD_LOGIC       

           );
end example2;       

architecture Behavioral of example2 is       

component pwm is
    Port (        

        CLK_in:     in std_logic;
        PWM_in:     in std_logic_vector(9 downto 0);
        PWM_load:   in std_logic;
        PWM_reset:  in std_logic;
        PWM_out :   out std_logic       

        );
end component;        

      signal counter: natural range 0 to 48000;
      signal result: STD_LOGIC_VECTOR (9 downto 0);
      signal pwmout: STD_LOGIC;
      signal clk_div: std_logic;       

begin       

    pwm1 : pwm port map ( CLK_in => CLK_in, PWM_in => result,
 PWM_load => '1', PWM_reset => not RESET_in,
 PWM_out => pwmout);       

   process(CLK_in,RESET_in,counter)
    begin
         if (RESET_in='0') then       

            counter <= 0;
            clk_div <= '0';       

        elsif (CLK_in'event and CLK_in='1')    then       

            if (counter = 47999) then
                clk_div <= not clk_div;
                counter <= 0;
            else
               counter <= counter + 1;       

            end if;
        end if;       

    end process;       

    process(clk_div, result)
    begin
        if (clk_div'event and clk_div='1')    then
            result <= result + 1;
        end if;       

    end process;       

    LEDS <= (others => pwmout);       

end Behavioral;

The frequency divider makes the ‘result’ signal increment every 48K*2 ticks of the main clock (24MHz). The ‘result’ signal is connected to the input of the PWM module which will load its value every time it changes because the LOAD signal is always ‘1′.

The result will be that every 4ms, the PWM input will increment by 1 from 0 to 1023 (10 bit value). The PWM output - which is connected to all LEDs in the  board - will take all values after 4 seconds and the cycle will repeat continuously.

You can download the whole source code from the link below:

 VHDL Source code

The A3P250 Devel kit was a present from my friend Ajo and I want to thank him for such a nice board

Cheers,

Daniel

Last 8th October took place the 3rd edition of the CRJET International Robotics Competition in Cataluña.

Silvestre was the WINNER of the Line Following Robots category. During the qualifying session in the morning, Silvestre set the fastest time, completing 3 laps to the 11.752 meters track in 14.02 seconds (2.5m/s average speed). Piolin - Silvestre’s little brother - made the second best time at qualifying but had some issues and got a final 3rd place losing against Shibuya in the Semifinal round.

Its revolutionary positioning system allowed Silvestre to identify the main straight and to speed up to 4.8 m/s. Thanks to its inertial sensors and the wheel encoders, Silvestre could brake at the right point reaching the corner at a safe speed. This strategy had not been seen in any Line Follower competitions so far making Silvestre look even more impressive.

 Silvestre Highlights (the slow motion part is very cool )

Final Race, Silvestre VS Shibuya:

For the next contests, the challenge is to make another key improvement to keep Silvestre on the top of the podium.

Also, Tobias was awarded with the “Most High-Tech” prize in the “Best of Show” category so it was a pretty successful weekend

Daniel

I’ve been playing around with SMS PDUs encodings and recently observed some curious things regarding the way that cellphones treat the text messages when they include special characters.First look at these two tables of the GSM alphabet:

The tables above show the GSM Alphabet using a 7-bit encoding which implies a maximum number of 160 characters per text message. However, sometimes this is a little bit more tricky and the count is not so straightforward:
If, for instance, you type a character from the second table, it needs to be escaped with the escape character 1) 0xB1, and it will take two characters instead of one. What happens if your text message contains 160 characters and one of them is a ‘]’?
Simple: You will get charged for two text messages because you’re exceeding the maximum length of a simple PDU.
Usually your cellphone won’t warn you about this and you will send it anyways without knowing the fact that this text message will cost twice than you think. The same happens with the ‘€’ symbol and some other not showing up in the table above.If you have a closer look at the tables, you might realize that the ‘é’ symbol appears but where are ‘á’,'í’,'ó’ and ‘ú’? The GSM alphabet was originally designed by France and they only use ‘é’ so if you want to use accents, there’s no way using this encoding.
I have tested some cellphones and they behave in two different ways:

1. Removing those characters with accents (except ‘é’) and substituting them by the same character without accent.
2. Using a 16-bit UNICODE encoding to allow sending every character (in this case, the maximum length of the textmessage is 70 characters).

In case 1, the only ’side-effect’ is that the recipient of the text message won’t get your accents and you can send up to 160 characters.
In case 2, your cellphone won’t warn you and you might send up to 160 characters thinking that it will take just one text message.However, again, you will be charged for up to 3 text messages without knowing it! The recipient will get a multi-part message showing all the characters you sent with no modification.
Here you can see the decoding of a PDU (using PDUSpy) of a text message sent with accents and encoded using UCS2:

• PROTOCOL IDENTIFIER (0×00)
• MESSAGE ENTITIES : SME-to-SME
• PROTOCOL USED : Implicit / SC-specific
• DATA CODING SCHEME (0×08)
• AUTO-DELETION : OFF
• COMPRESSION : OFF
• MESSAGE CLASS : NONE
• ALPHABET USED : 16bit UCS2

If the accents are removed from the original text message, the cellphone will automatically use the GSM7 alphabet and you will be allowed to send up to 160 characters in just one PDU (you will get charged once).All in all, be careful and if possible make some research to figure out what your cellphone does and check it against your bill because you will probably save some (or a lot of) money.
Cheers,
D.

Disclaimer: All the information posted is intended for illustrative and educational purposes only. I just want to show you that it’s possible to set up the iPhone SDK on a Virtual Machine. Please, BUY an Apple Mac OS X License if you are going to use this and BUY a Mac computer (Apple’s EULA agreement states that you cannot run Mac OS X under non Apple hardware).

In this post I will try to explain how to set up the SDK for iPhone OS 3.1 on a PC running Windows (Vista 64 in my case). From the readme file of the SDK you can read:

Xcode 3.1.4, when used for Mac-only development, is compatible with Intel and PowerPC Macs running Mac OS X Leopard 10.5 and later. Use of the iPhone SDK requires an Intel-based Mac running Mac OS X Leopard version 10.5.7 or later.

So we need a Leopard 10.5. By googling a little bit you will realize that there are some modified ready-to-use Leopard images out there that you can download and run out of the box on VMWare.

I’m running a 10.5.2 version (which takes about 5 mins to boot on my quad core). Once you get a Mac OS X running on your PC, you can download the free iPhone SDK from developer.apple.com and install it.

The iPhone SDK for OS 3.1 won’t install under a version prior to 10.5.7 so I had to ‘trick’ the installer rather to update the Mac OS X which seems to be a painful process. To do this, you have to modify the /System/Library/Core Services/SystemVersion.plist and change both the ProductUserVisibleVersion and ProductVersion keys to 10.5.7.

With this done, I selected just the SDK for 3.1 (to save space in my hard disk) and the installation process begins.

  And 3.5 hours later…. 

Once you have the iPhone SDK installed, you can run Xcode (from SpotLight) and launch a new project using a template just to try it out on the iPhone Simulator:

At this point you can develop your own iPhone applications and test them on the simulator. Also, if you joined the Apple developer program (the standard one is $99) you can test them in your iPhone as well.

If you’re planning to play around with the SDK I strongly recommend you to sign up on the iPhone Dev Center because there are lots of resources available: Getting started documents, videos,  sample code, etc.

More to come,

Daniel

I’ll briefly explain how to generate the signature file for a given library in order to import it from IDA Pro and get the library functions identified by the disassembler (which can save you hours from digging into ‘well-known’ functions).

Requirements: FLAIR tools installed.

Execute the COFF parser

> pcf ms32.lib miracl

ms32.lib: skipped 0, total 432

>sigmake miracl miracl

You might get collision errors here:

See the documentation to learn how to resolve collisitions.
: modules/leaves: 9021136/432, COLLISIONS: 382

At this point, just edit the .exc file, remove the comments in the first lines and re-execute the sigmake command.

Now you’ll see a miracl.sig ready to be imported from the FLIRT signatures window in IDA Pro.

EOF,

Daniel Álvarez

Hello,

I’ve developed a little application that switches the audio output from the rear speaker to the front one and viceversa. This is useful for VoIP applications which are quite unusable without headphones since the audio comes from the back speaker. It just runs for 10 minutes and it’s supposed to work at least with the latest HTC models.

Download PocketPC Trial version:

PPC-AudioSwitch.zip

Download SmartPhone Trial version:

SmartPhone-AudioSwitch.zip

Don’t hesitate to contact me for any further information.

Warm regards,

Daniel

When I had to write some formulas in the blog I used to render them from LaTeX to images using some websites such as Online LaTeX Equation Editor. It has the disadvantage that you’ve got to write the equation, render it, save it to your harddisk and then upload to the WordPress file manager. Now, thanks to an interesting plugin written by Steve Mayer you can embed its usage into WordPress just by typing the LaTeX commands between special tags.

It uses MimeTeX  which is an standalone program that directly renders LaTeX expressions into images without using the entire TeX package or its fonts. Thus, it’s a simple, lightweight and elegant solution ready to be used in your websites or blogs.

D.