Notice. New forum software under development. It's going to miss a few functions and look a bit ugly for a while, but I'm working on it full time now as the old forum was too unstable. Couple days, all good. If you notice any issues, please contact me.
|
Forum Index : Microcontroller and PC projects : MMBASIC ver. 4.6 Beta 21....
Page 1 of 2 | |||||
Author | Message | ||||
Grogster Admin Group Joined: 31/12/2012 Location: New ZealandPosts: 9066 |
Just got my copy of the new Beta - thanks, Geoff. I am delighted to see two extra digits are now allowed on the PIN. That's the "Personal Identification Number" PIN, not the PIN function...... Eight digits and a delay should make it quite bullet-proof. I make the possible permutations to be 1,814,400 using all eight digits. 1814400 x 3(seconds) = 5443200(seconds), therefore: 5443200 divided by 60 = 90720 minutes, therefore: 90720 divided by 60 = 1512 hours, therefore: 1512 divided by 24 = 63 days. Conclusion: Would take an average of 63 days to crack the code, provided the PIN was eight digits long, and if the cracker app was running 24/7, and trying a new code every three seconds that the uM allowed it to make the attempt. Pretty secure for a number-only password, IMO. ...assuming I have not made an obvious mistake in my mathematics... Smoke makes things work. When the smoke gets out, it stops! |
||||
Geoffg Guru Joined: 06/06/2011 Location: AustraliaPosts: 3165 |
I calculated that it would take almost 5 years to crack (on average). My maths is terrible so I would appreciate it if some maths genius could tell us the correct answer. I figured that with 99999999 different numbers to test and with 3 seconds per test, that it would take 299999997 seconds, or 3472 days. Because on average you could expect to find the number after testing half the numbers that would mean 1736 days or just short of 5 years. As I said, maths is not my strong point. Geoff Graham - http://geoffg.net |
||||
BobD Guru Joined: 07/12/2011 Location: AustraliaPosts: 935 |
It may not be your strong point but you take top marks on that one. Bob |
||||
Grogster Admin Group Joined: 31/12/2012 Location: New ZealandPosts: 9066 |
Argggghhhhh - feckin' mathematics! My calculations were based on 10 numbers to choose from, and 8 digits. IE: Any digit can be between 0 and 9, and can be in any of the eight positions. Calling all maths gurus to the front line, please...... Smoke makes things work. When the smoke gets out, it stops! |
||||
atmega8 Guru Joined: 19/11/2013 Location: GermanyPosts: 712 |
Do IT like The linux guys. Increase The delay when The logon attempts a wrong, and The Hacker can hack for ever.. |
||||
TassyJim Guru Joined: 07/08/2011 Location: AustraliaPosts: 5914 |
If we want to get picky, I think I could cut the time down to about a year (but I won't say how). Jim VK7JH MMedit MMBasic Help |
||||
Geoffg Guru Joined: 06/06/2011 Location: AustraliaPosts: 3165 |
Aw, come on... Geoff Graham - http://geoffg.net |
||||
Grogster Admin Group Joined: 31/12/2012 Location: New ZealandPosts: 9066 |
Yeah, you tease! Smoke makes things work. When the smoke gets out, it stops! |
||||
TassyJim Guru Joined: 07/08/2011 Location: AustraliaPosts: 5914 |
I'll tell all by Christmas Next year Jim VK7JH MMedit MMBasic Help |
||||
WhiteWizzard Guru Joined: 05/04/2013 Location: United KingdomPosts: 2794 |
Thanks for the new Beta. I have just tried the WATCHDOG function and it seems to restart the CPU instantly - is this how its meant to be? Previously, WATCHDOG X would delay X seconds before the CPU restarted. WW For everything Micromite visit micromite.org Direct Email: whitewizzard@micromite.o |
||||
Geoffg Guru Joined: 06/06/2011 Location: AustraliaPosts: 3165 |
No, X milliseconds. Geoff Graham - http://geoffg.net |
||||
WhiteWizzard Guru Joined: 05/04/2013 Location: United KingdomPosts: 2794 |
Thanks - panic over I based my comment on the fact that I often used WATCHDOG 1 which delayed about a second before resetting - just shows that I need to refer to the manual more often! Beta 21 looking good so far . . . . For everything Micromite visit micromite.org Direct Email: whitewizzard@micromite.o |
||||
Geoffg Guru Joined: 06/06/2011 Location: AustraliaPosts: 3165 |
Yes, in the last few betas the watchdog timer did have a one second (1.024 seconds to be precise) delay after it expired before it restarted the processor. That was one of the things that I fixed in beta 21 (I did not think that anyone had noticed). You can now also use CPU RESET. Geoff Geoff Graham - http://geoffg.net |
||||
Grogster Admin Group Joined: 31/12/2012 Location: New ZealandPosts: 9066 |
What's the effective difference between the likes of WATCHDOG 1 and CPU RESET? Smoke makes things work. When the smoke gets out, it stops! |
||||
G8JCF Guru Joined: 15/05/2014 Location: United KingdomPosts: 676 |
If I type 'CPU RESET<CRLF>" at the prompt, MMBasic comes back with "Error: Invalid CPU speed" Is CPU RESET restricted to only be used in a program and not in immediate mode ? EDIT : one can enter CPU RESTART<crlf> but not a lot seems to happen, eg no message displayed Peter The only Konstant is Change |
||||
jimbotron Regular Member Joined: 27/11/2013 Location: AustraliaPosts: 46 |
Hi All, Looking good Geoff. The SAVE VAR bug has gone. I tried a few more tricks and can't get it to fail anymore. Looks solid. I like the way that CPU RESTART doesn't display anything, just goes straight into the program or console, as good as RUN as far as I'm concerned. It's also super fast which is important. That gives us complete control over the console serial port. The PIN function passes my tests and yes about 4.7 years is what I calculate as well. A permanent lock would still be useful. Maybe 99999999 can be the permanent lock. I'm guessing the way TassyJim has in mind to speed up the brute force is to reset the Micromite as soon as the PIN fails. You could probably crack it in a month that way. At 38400 baud, we can enter a new pin in about 25ms, allow another 20ms to see if the unlock failed then 0.4ms to reboot and a few ms to send the Ctrl-C. Lets say 50ms for a complete cycle. Therefore 99999999/20/2/60/60/24 ~= 29 days. I'd be interested to know if that is what TassyJim was thinking. This can be countered by tracking the number of failed attempts in flash and increasing the delay as atmega8 suggests. If you have a couple of spare flash bits you can remember up to 3 failed attempts and set the corresponding delays to say 0, 3, 10, 100 seconds for 3 or more failed attempts. You'll need 150 years to crack that. I wish the programmers at work were as fast as Geoff at turning bugs around. Good job. Jimmy |
||||
jimbotron Regular Member Joined: 27/11/2013 Location: AustraliaPosts: 46 |
Hi Peter, The magic happens when you use autorun. It effectively becomes a RUN that can be executed within a program. In this case we don't want the Micromite startup message as that would slow down the restart and could interfere with communications protocols you are using on the console port. Jimmy |
||||
G8JCF Guru Joined: 15/05/2014 Location: United KingdomPosts: 676 |
Ah, so CPU RESTART is really Program Restart, RUN as you say - OK, understand. What's the method of doing a real complete CPU RESET, ie Clear Flash, RAM, Reset all OPTIONs back to default values ? Peter The only Konstant is Change |
||||
Geoffg Guru Joined: 06/06/2011 Location: AustraliaPosts: 3165 |
Sorry, I meant CPU RESTART. Geoff Graham - http://geoffg.net |
||||
Geoffg Guru Joined: 06/06/2011 Location: AustraliaPosts: 3165 |
It is just reflash the firmware or short the console Tx and Rx on powerup. I cannot see the point of doing the same via a BASIC command. NEW works well and there are not that many permanent options to worry about. It just does not seem worth another command which could also be confusing and dangerous. Geoff Geoff Graham - http://geoffg.net |
||||
Page 1 of 2 |
Print this page |