Go to Post I know nothing. - Erin Rapacki [more]
Home
Go Back   Chief Delphi > Technical > Programming
CD-Events   CD-Media   CD-Spy   FRC-Spy  
portal register members calendar search Today's Posts Mark Forums Read FAQ rules

 
Closed Thread
Thread Tools Rate Thread Display Modes
  #1   Spotlight this post!  
Unread 03-22-2010, 07:37 PM
Thomas Clark Thomas Clark is offline
Hacker
FRC #0237
 
Join Date: Mar 2010
Rookie Year: 2010
Location: Watertown, CT
Posts: 10
Thomas Clark is infamous around these parts
Driver station coding and other

Okay, I accidentally caused another thread to get hijacked and locked, so I thought I should create a new one specifically for this topic.

After my first season, I'd like to say is that, truthfully, the FIRST tools are poorly thrown together. Although I'm not as experienced here as some people, I'd like to say a few things about them and ask if anyone agrees.

The robot itself runs an unprotected FTP server. I really fear someone exploiting this, and I've already demonstrated that this is possible (no, I won't post the code). IMHO, they should either use a password, or, better yet, use encrypted SSH file transfer (SFTP).

The compiler doesn't support anything besides Windows, and some of us prefer Linux. The IDE I don't care about (I never use IDEs, just makefiles), but FIRST is limiting users' experiences by limiting who can program and on what operating system. IMHO, they should provide a build of the WPI library and compiler for Linux.

Another this is the library. Although it's obvious that tremendous effort was put into it, I can tell that it was rushed to be finished before the build season started. All I can say is that I hope it's better next year.

Agree? Disagree? Another other notes?
  #2   Spotlight this post!  
Unread 03-22-2010, 07:44 PM
Team#2057-Vegas's Avatar
Team#2057-Vegas Team#2057-Vegas is offline
Team2057LasVegas
AKA: Justin Major
FRC #2057 (AV CyberBulls)
Team Role: Leadership
 
Join Date: Mar 2010
Rookie Year: 2008
Location: Las Vegas
Posts: 113
Team#2057-Vegas can only hope to improve
Re: Driver station coding and other

Do remember everything starts with bugs no matter what it is technologically. Things have to be fixed over time. I think if they keep this system it will eventually give us some better results. Interesting thoughts though.
__________________
Justin Major
2057 Team Leader

"We will kick you off our pasture" -- 2057 Motto
  #3   Spotlight this post!  
Unread 03-22-2010, 08:02 PM
Tanner's Avatar
Tanner Tanner is offline
Registered User
FRC #1261 (Roblions)
Team Role: Programmer
 
Join Date: Jan 2007
Rookie Year: 2007
Location: Suwanee, GA
Posts: 311
Tanner is a splendid one to beholdTanner is a splendid one to beholdTanner is a splendid one to beholdTanner is a splendid one to beholdTanner is a splendid one to beholdTanner is a splendid one to behold
Re: Driver station coding and other

Quote:
Originally Posted by Thomas Clark View Post
The robot itself runs an unprotected FTP server. I really fear someone exploiting this, and I've already demonstrated that this is possible (no, I won't post the code). IMHO, they should either use a password, or, better yet, use encrypted SSH file transfer (SFTP).
I noticed this while playing with some file system stuff last year for some recording code and it didn't occur to me to bring it up during the beta or to use it for evil. Although shouldn't the encrypted bridge prevent such things from happening?

Quote:
Originally Posted by Thomas Clark View Post
The compiler doesn't support anything besides Windows, and some of us prefer Linux. The IDE I don't care about (I never use IDEs, just makefiles), but FIRST is limiting users' experiences by limiting who can program and on what operating system. IMHO, they should provide a build of the WPI library and compiler for Linux.
If I remember correctly, it has been this way (i.e. Windows "only") for a while and the new technology is just allowing the beginning the future of what can be done. It's just a matter of time.

Quote:
Originally Posted by Thomas Clark View Post
Another this is the library. Although it's obvious that tremendous effort was put into it, I can tell that it was rushed to be finished before the build season started. All I can say is that I hope it's better next year.
Suggestions? Point out what's wrong to the developers of the libraries, otherwise it won't get fixed. Very hard to fix what isn't noticeably wrong.

-Tanner
  #4   Spotlight this post!  
Unread 03-22-2010, 08:13 PM
BEEKMAN BEEKMAN is offline
Registered User
AKA: Brendan McLeod
FRC #0190 (Gompei and the Herd)
Team Role: Mentor
 
Join Date: Feb 2009
Rookie Year: 2008
Location: Londonderry, NH
Posts: 137
BEEKMAN is a splendid one to beholdBEEKMAN is a splendid one to beholdBEEKMAN is a splendid one to beholdBEEKMAN is a splendid one to beholdBEEKMAN is a splendid one to beholdBEEKMAN is a splendid one to behold
Re: Driver station coding and other

Quote:
Originally Posted by Tanner View Post
Suggestions? Point out what's wrong to the developers of the libraries, otherwise it won't get fixed. Very hard to fix what isn't noticeably wrong.
Agreed, all this code is written by WPI Grad Students, who have lives of their own, its OKAY to mod their code! You can even send it to them and maybe they'll reconsider their methods
  #5   Spotlight this post!  
Unread 03-22-2010, 08:17 PM
FRC4ME FRC4ME is offline
Registered User
FRC #0339
 
Join Date: Feb 2008
Rookie Year: 2007
Location: Fredericksburg, VA
Posts: 324
FRC4ME has a brilliant futureFRC4ME has a brilliant futureFRC4ME has a brilliant futureFRC4ME has a brilliant futureFRC4ME has a brilliant futureFRC4ME has a brilliant futureFRC4ME has a brilliant futureFRC4ME has a brilliant futureFRC4ME has a brilliant futureFRC4ME has a brilliant futureFRC4ME has a brilliant future
Re: Driver station coding and other

Isn't programming with the Java language already possible on non-Windows platforms?

Also, I should hope we can trust teams to be graciously professional enough to not hack the system.
__________________
Go directly to queue. Do not pass pit.
  #6   Spotlight this post!  
Unread 03-22-2010, 08:17 PM
Vikesrock's Avatar
Vikesrock Vikesrock is offline
Team 2175 Founder
AKA: Kevin O'Connor
no team
Team Role: Engineer
 
Join Date: Mar 2006
Rookie Year: 2007
Location: Manchester, NH
Posts: 3,305
Vikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond repute
Send a message via AIM to Vikesrock Send a message via MSN to Vikesrock Send a message via Yahoo to Vikesrock
Re: Driver station coding and other

Quote:
Originally Posted by Thomas Clark View Post
The robot itself runs an unprotected FTP server. I really fear someone exploiting this, and I've already demonstrated that this is possible (no, I won't post the code). IMHO, they should either use a password, or, better yet, use encrypted SSH file transfer (SFTP).
This thread is very likely to go the same route as your posts in the other thread did.

Having said that I will repeat my claim that the robot is protected by WPA encryption when on the field. WPA encryption has not been fully cracked to my knowledge, although there are vulnerabilities with the handshaking which allow for offline dictionary attacks. I don't recall the exact length or nature of the keys in use but I believe they are randomly generated keys that at the very least contain lower case, upper case and digits. A key generated in this fashion, even of the minimum 8 characters, should take far too long to brute force unless you are extremely lucky.

If I am wrong and you have a way to crack a WPA key in a timeframe that would be useful for attacking the FRC network please let me know what it is via PM and I will gladly test it and agree with you after confirming it works.

An FTP password would either be obnoxious for teams (randomly generated) or more vulnerable to a dictionary attack than the WPA key (team chosen)
__________________


2007 Wisconsin Regional Highest Rookie Seed & Regional Finalists (Thanks 930 & 2039)
2008 MN Regional Semifinalists (Thanks 2472 & 1756)
2009 Northstar Regional Semifinalists (Thanks 171 & 525)
  #7   Spotlight this post!  
Unread 03-22-2010, 08:29 PM
Radical Pi Radical Pi is offline
Putting the Jumper in the Bumper
AKA: Ian Thompson
FRC #0639 (Code Red Robotics)
Team Role: Programmer
 
Join Date: Jan 2010
Rookie Year: 2010
Location: New York
Posts: 655
Radical Pi has a spectacular aura aboutRadical Pi has a spectacular aura aboutRadical Pi has a spectacular aura about
Re: Driver station coding and other

I believe I read somewhere (don't bother asking for a link) that all of the bots on the field are isolated between the DS and the bot, so no team can access another team's bot. This is most likely why you get assigned a specific station, since only that one is setup to recognize your robot IP

Also, Java can be built from linux. That's the entire point of Java, to be platform-independent. The robot runs a VM, so Java code can be made from any old java compiler.

Also, C++ is using a slightly modified version of GCC, so if you set the right command-line stuff I think a regular distribution of GCC might work
__________________

"To have no errors would be life without meaning. No strugle, no joy"
"A network is only as strong as it's weakest linksys"
  #8   Spotlight this post!  
Unread 03-22-2010, 08:30 PM
Thomas Clark Thomas Clark is offline
Hacker
FRC #0237
 
Join Date: Mar 2010
Rookie Year: 2010
Location: Watertown, CT
Posts: 10
Thomas Clark is infamous around these parts
Re: Driver station coding and other

I never tried connecting to the wireless network while at the competition, but software on the robot or driver station, which are already on the network, could access other robots' files. This would mean it would have to be someone in the competition doing it, but that's still a vulnerability.

The FTP is handled behind the scenes by the IDE, isn't it? I suppose changing it to SSH and adding a password would be easy and require minimal user interaction, since the IDE can save the password just like a web browser would for your email.

As for the library, there was some messed up thing that had to be done with double inheritance with the Jaguar class, and I think a few bugs I can't remember. The naming scheme is also a bit arbitrary, but there wasn't anything too major (that I'm aware of), and I suspect that it's just because it's a relatively new technology.

And Java programming on Linux and Mac, while possible with the special bytecode thing it uses, would still limit our choices. If my preference is Linux and C++, I shouldn't have to choose between the two, should I?
  #9   Spotlight this post!  
Unread 03-22-2010, 08:36 PM
Vikesrock's Avatar
Vikesrock Vikesrock is offline
Team 2175 Founder
AKA: Kevin O'Connor
no team
Team Role: Engineer
 
Join Date: Mar 2006
Rookie Year: 2007
Location: Manchester, NH
Posts: 3,305
Vikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond repute
Send a message via AIM to Vikesrock Send a message via MSN to Vikesrock Send a message via Yahoo to Vikesrock
Re: Driver station coding and other

Quote:
Originally Posted by Thomas Clark View Post
I never tried connecting to the wireless network while at the competition, but software on the robot or driver station, which are already on the network, could access other robots' files. This would mean it would have to be someone in the competition doing it, but that's still a vulnerability.

The FTP is handled behind the scenes by the IDE, isn't it? I suppose changing it to SSH and adding a password would be easy and require minimal user interaction, since the IDE can save the password just like a web browser would for your email.
The field control setup uses separate VPN for each team so being on "the network" does not give you access to other team's robots.

As for the FTP, while most teams use it simply for uploading code built through their IDE of choice quite a few teams use it for other things such as autonomous scripts, log files, and saving images.
__________________


2007 Wisconsin Regional Highest Rookie Seed & Regional Finalists (Thanks 930 & 2039)
2008 MN Regional Semifinalists (Thanks 2472 & 1756)
2009 Northstar Regional Semifinalists (Thanks 171 & 525)
  #10   Spotlight this post!  
Unread 03-22-2010, 08:55 PM
Thomas Clark Thomas Clark is offline
Hacker
FRC #0237
 
Join Date: Mar 2010
Rookie Year: 2010
Location: Watertown, CT
Posts: 10
Thomas Clark is infamous around these parts
Re: Driver station coding and other

Quote:
Originally Posted by Vikesrock View Post
The field control setup uses separate VPN for each team so being on "the network" does not give you access to other team's robots.
Ah, okay. That's good to know.
  #11   Spotlight this post!  
Unread 03-22-2010, 10:21 PM
Greg McKaskle Greg McKaskle is offline
Registered User
no team (Team NI)
 
Join Date: Apr 2008
Rookie Year: 2008
Location: Austin, TX
Posts: 3,914
Greg McKaskle has a reputation beyond reputeGreg McKaskle has a reputation beyond reputeGreg McKaskle has a reputation beyond reputeGreg McKaskle has a reputation beyond reputeGreg McKaskle has a reputation beyond reputeGreg McKaskle has a reputation beyond reputeGreg McKaskle has a reputation beyond reputeGreg McKaskle has a reputation beyond reputeGreg McKaskle has a reputation beyond reputeGreg McKaskle has a reputation beyond reputeGreg McKaskle has a reputation beyond repute
Re: Driver station coding and other

Close. the field doesn't do VPNs, but it does do VLANs for each team. This means that traffic through the wifi router is effectively on six different subnets with no routing between. Also, the bridge is configured to join the network hosted by the field.

Greg McKaskle
  #12   Spotlight this post!  
Unread 03-22-2010, 10:26 PM
Vikesrock's Avatar
Vikesrock Vikesrock is offline
Team 2175 Founder
AKA: Kevin O'Connor
no team
Team Role: Engineer
 
Join Date: Mar 2006
Rookie Year: 2007
Location: Manchester, NH
Posts: 3,305
Vikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond reputeVikesrock has a reputation beyond repute
Send a message via AIM to Vikesrock Send a message via MSN to Vikesrock Send a message via Yahoo to Vikesrock
Re: Driver station coding and other

Quote:
Originally Posted by Greg McKaskle View Post
Close. the field doesn't do VPNs, but it does do VLANs for each team. This means that traffic through the wifi router is effectively on six different subnets with no routing between. Also, the bridge is configured to join the network hosted by the field.

Greg McKaskle
Uggh, that's what I get for second guessing. I thought it was VLAN's but remembered a post that said VPN.
__________________


2007 Wisconsin Regional Highest Rookie Seed & Regional Finalists (Thanks 930 & 2039)
2008 MN Regional Semifinalists (Thanks 2472 & 1756)
2009 Northstar Regional Semifinalists (Thanks 171 & 525)
  #13   Spotlight this post!  
Unread 03-23-2010, 07:14 AM
codedr codedr is offline
Registered User
FRC #0537
Team Role: Mentor
 
Join Date: Mar 2010
Rookie Year: 2009
Location: Wisconsin
Posts: 30
codedr is an unknown quantity at this point
Re: Driver station coding and other

Quote:
Originally Posted by Thomas Clark View Post
The compiler doesn't support anything besides Windows, and some of us prefer Linux. The IDE I don't care about (I never use IDEs, just makefiles), but FIRST is limiting users' experiences by limiting who can program and on what operating system. IMHO, they should provide a build of the WPI library and compiler for Linux.
The WPI library would be the same if built on linux because the target is still the robot.

Building a cross environment on Linux would require
- build a ppc cross compiler for x86 linux
- integrate and test compiler in eclipse
- test the method for downloading the code to robot
- support all of the above for all the users

versus
- taking the existing wind river environment and deploy

When you consider that supporting the environment on windows is taking
all of the current volunteer time, you can see why adding another platform of
limited utility to a small number of users is not a priority.

If you can convince a small group of robo linux enthusiasts to build the
environment, you could grow support for this endeavor.
  #14   Spotlight this post!  
Unread 03-23-2010, 02:29 PM
Thomas Clark Thomas Clark is offline
Hacker
FRC #0237
 
Join Date: Mar 2010
Rookie Year: 2010
Location: Watertown, CT
Posts: 10
Thomas Clark is infamous around these parts
Re: Driver station coding and other

Quote:
Originally Posted by codedr View Post
Building a cross environment on Linux would require
- build a ppc cross compiler for x86 linux
GCC was ported to Linux almost twenty years ago. It can be easily targeted to vxWorks PPC.
Quote:
Originally Posted by codedr View Post
- integrate and test compiler in eclipse
Not really. Eclipse already runs on Linux as well.
Quote:
Originally Posted by codedr View Post
- test the method for downloading the code to robot
FTP on a normal non-VPN connection. (or non-VLAN or whatever)
Quote:
Originally Posted by codedr View Post
versus
- taking the existing wind river environment and deploy
Which required Windows. As I said, not everyone uses Windows.
Quote:
Originally Posted by codedr View Post
If you can convince a small group of robo linux enthusiasts to build the
environment, you could grow support for this endeavor.
Good idea. This would be easier, of course, if there were some sort of open specifications on how the virtual terminal monitor thing works. Is it SSH? Telnet? RSH?

In the meantime, I'll try getting GCC and WPIlib to work together on Linux and maybe write a small IDE in PyGTK.
  #15   Spotlight this post!  
Unread 03-23-2010, 04:13 PM
LukeS LukeS is offline
Registered User
AKA: Luke Shumaker
FRC #1024 (Kil-A-Bytes)
Team Role: Programmer
 
Join Date: Mar 2009
Rookie Year: 2009
Location: Indianapolis, IN
Posts: 59
LukeS is an unknown quantity at this point
Re: Driver station coding and other

Quote:
Originally Posted by Thomas Clark View Post
The robot itself runs an unprotected FTP server. I really fear someone exploiting this, and I've already demonstrated that this is possible (no, I won't post the code).
Yes, but an attacker can only get to the robot through the WPA encryption

Quote:
Originally Posted by Thomas Clark View Post
IMHO, they should either use a password, or, better yet, use encrypted SSH file transfer (SFTP).
1) FTP transmits passwords clear-text, so adding a password to normal FTP is pretty pointless.
2) SFTP isn't very common, FTPS (SSL) would be a better option.

Quote:
Originally Posted by Thomas Clark View Post
The compiler doesn't support anything besides Windows, and some of us prefer Linux. The IDE I don't care about (I never use IDEs, just makefiles), but FIRST is limiting users' experiences by limiting who can program and on what operating system. IMHO, they should provide a build of the WPI library and compiler for Linux.
1) the build of WPIlib would be the same, as it will be built for the target system
2) Java is already supported for ``Linux''
3) C++ is not out-of-the-box supported on *NIX systems, people have gotten it working. Notable posts I've found are here, and here. I haven't tinkered with this, as we used Java this year, and have been pretty busy. Now that we've been knocked out of the competition, I think I'll get this working, and throw together a .deb package.*
4) LabVIEW can be developed on ``Linux'', but you must specially request the Linux version of LabVIEW (no cost for FRC teams). Though the RTM needed to deploy is Windows only.
5) Just be glad that the whole thing is open-source, and not a black-box system like 2008 and earlier.

Quote:
Originally Posted by Thomas Clark View Post
Another this is the library. Although it's obvious that tremendous effort was put into it, I can tell that it was rushed to be finished before the build season started. All I can say is that I hope it's better next year.
All I can say is that I hope you file some patches before next year. It's fully BSD-3 licensed, on a public SCM. When free-software sucks, you don't get to gripe about it, you find what you don't like, write a patch, and fix it.

*If anyone has any pointers on getting this working, or has experience with other package formats, PM me.
Closed Thread


Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
2010 Driver Station Netbook Driver Account and Java joshholat FRC Control System 2 01-10-2010 02:04 PM
Spare router and/or driver station? TD912 FRC Control System 4 09-28-2009 05:04 PM
paper: Set and display your Auto-Mode using LabVIEW and the Driver Station PhilBot Extra Discussion 0 02-11-2009 11:32 AM
Camera and driver station viperred396 General Forum 8 02-05-2009 09:12 AM


All times are GMT -5. The time now is 08:40 AM.

The Chief Delphi Forums are sponsored by Innovation First International, Inc.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright © Chief Delphi