> I also removed the background color so we save ink on actual printing.
It seems reasonable to also remove the #post-title border-top:1rem solid var(--accent-dark) for the same reason? That and the padding-top on the same element struck me as unnecessarily moving the printed content down the page.
> I'm assuming it's to prevent moisture from corroding a port of some kind.
The primary value discussed in the talk was electrical isolation since there's mains voltage in the appliance and the potential for shorts or inadequate isolation would require some kind of isolation, so a path that optically isolates the communication makes quite a bit of sense.
I'm also curious if other devices have gone this route.
LG appliances at least used to use acoustic signaling for diagnostics: hold a phone up and the washer makes some modem-esque (I think it’s 4-tone / 4-FSK) noises and the app or technician can diagnose issues. It was originally engineered to even work over voice codecs, so a customer without a smartphone could relay the diagnostic session to a technician.
The absolutely "leetest" thing I have ever seen was a device where the firmware update was to be done by:
1. Hold a button while booting (pretty normal)
2. This reconfigures the circuit path of one of the LEDs so it is reverse-biased to VCC via its resistor and switches one of the microcontroller GPIOs to ADC input
3. You go to a website that plays a strobe pattern (encoding the firmware)
4. You hold that website in front of the LED till other LEDs blink, signifying a successful update
They could have done this using a photodiode, but no, they had to abuse an LED. Not many people are aware that LEDs can in a certain configuration be used to measure light.
Another example of firmware update reusing something that is already there: some electric guitar effects from TC Electronics can be reprogrammed by bringing a phone close to the guitar pickups. The phone app encodes the data as sound that is picked up by the guitar pickups and sent down the chain to the effect.
There are lots of examples on YouTube, this one seems succinct: https://youtube.com/shorts/3Eb315vL9uw . They picked good tones to make it satisfying IMO. I don’t know of anyone who’s reversed the bitstream in public, though, but it doesn’t seem like it should be very hard.
That's a great example, thanks! I was looking for "LG Smart Diagnostics" and "audio" and then "LG Acoustic Diagnostics" and found TVs calibrating their audio playback but not this. Trying "LG Audible Diagnosis" found a bunch like yours.
That's some advanced gatekeeping right there. Where other appliances might have a blink code or several digit error display (Miele) to look up in a manual, the phone method tires you to the manufacturer.
The support hotline will ask you to hold your phone towards the device. It is less error-prone (than a human) and contains more info than a blink code. I find it really clever.
All the same diagnostics you can do at the machine, the phone home service allowed a remote engineer to diagnose as well. Things like drum rpm, tilt/knock sensors, uneven balance detection. Instead of paying a human $250 to come out and press buttons, they can do it remotely.
I understand in the pessimistic age of John Deere, all remote diagnostics are bad, but that is not the case here. I was able to do all of the diagnosis myself to determine it was a bad stator and then replace it myself.
Electric meters often blink a signal LED for every X kWh, so other devices can read the signal. I'm not sure if this is used for bidirectional communications, though.
Alternatively, I guess you could also use really thin cables to carry the low voltage paths; and that act as fuses, if ever a lot of current at high voltage was flowing across them? But probably not very reliable both in regular operation and as fuses.
We have a Miele washing machine and a Miele dryer. Solid machines all around even after years of use.
Fusible traces aren’t uncommon - but they would effectively destroy the device if current limits are exceeded, and they certainly would be if the power supply is non-isolated, so it wouldn’t actually be a solution to the firmware update problem.
The usual solution here is an optical coupling of some kind - optocouplers (a box with a LED, photodiode, and air gap between them) are very common for this purpose, and are an inexpensive and effective option for digital signaling across an isolation boundary.
In this case they’ve basically built a custom optocoupler out of discrete components, which is a bit unusual, but makes sense when you consider the risk of corrosion due to water ingress at the diagnostic ports, and the need to access it while - for example - a dishwasher cycle is running.
I agree that a front-line CSR or even engineer is not likely the right person, but surely then the responsible action is to redirect the request to the responsible department or person?
Absolutely, and companies that routinely get requests like this train customer service agents on specific trigger words like "license" or "GDPR" that must be redirected. Without that training, it's not obvious why "it's GPLv2 licensed" is more compelling than the last customer's argument that the device warranty obligates you to drop everything and immediately fix the minor UI bug they reported.
Woah. I didn't know about that. I found it from asciiart.eu. This stuff makes me wish HN supported ANSI. We could have so much fun. (Also PRE or preformatted text would be useful).
So what is the state of the art in redaction? Re-publish the document with an insert that says [redaction] so that no (or maybe minimal) length side-channel exists? I imagine someone thinks about clever ideas and it would be fun to read about them and the trade-offs.
See 6.2.1 of RFC8881, where NFSv4 ACLs are described. They are quite similar to Windows ACLs.
Here is kernel dev telling they are against adding NFSv4 ACL implementation. The relevant RichAcls patch never got merged: https://lkml.org/lkml/2016/3/15/52
I see what I misunderstood, even in the presence of an ALLOW entry, a DENY entry would prohibit access. I am familiar with that on the Windows side but haven't really dug into Linux ACLs. The ACCESS CHECK ALGORITHM[1] section of the acl(5) man page was pretty clear, I think.
My only experience with non-UAC endpoint privilege management was BeyondTrust and it seemed to try to do what UAC did but with a worse user experience. It looks like the Intune EPM offering also doesn't present as clear a delineation as UAC, which seems like a missed opportunity.
> I also removed the background color so we save ink on actual printing.
It seems reasonable to also remove the #post-title border-top:1rem solid var(--accent-dark) for the same reason? That and the padding-top on the same element struck me as unnecessarily moving the printed content down the page.
reply