John.Bass

's profile
image
Owner/Sr Engineer

John Bass is a seasoned hardware/software developer and consultant, with over 40 years of industry experience, in a broad span of industry applications. Formal education is diverse with Business, Science, Statistics, Electrical Engineering, and Computer Science training over 11 years, resulting in a B.S. Computer Science from CalPoly, San Luis Obispo. Something like a computer engineering degree, with a strong science and business background. Extensive industry experience with drivers, porting, and operating systems, combined with hardware/software/firmware development of server level systems, embedded systems, motion control systems, and robotics. Other experience includes Reconfigurable Computing applications with Xilix FPGA's, 802.11 mesh networks, and Canopy Wireless networks.


John.Bass

's contributions
  • 03.17.2016
  • Could test and measurement crack Farook's iPhone?
  • I'm assuming the Chinese have access to phones or A6 silicon which has not been programmed, and would be happy to cooperate with the US in this venture. They probably have access to nearly all the IP in the phone, where our government doesn't.
  • 11.13.2015
  • The future is stupid
  • The really stupid part of this is the pending security nightmares ... with cyber warfare just starting, and the potential for zillions more security trojan horses and virus attack vectors behind residential firewalls. And business firewalls too.
  • 08.26.2015
  • Reduce TNS/WNS in synthesis with individual path algorithm
  • When we were doing the FpgaC compiler a decade ago, it rapidly became clear that a few percent of the nets frequently had timing delays 2-3 times the median, and a high std dev above the rest. The solution for this (which was never released because we ran out of effort for a third release when Xilinx got very hostile to HLS) was to automatically insert 1 to 3 additional states for those signals, so that we didn't slow the entire design down to the worst case timing. For some test cases, this provided better than 3x gains.
  • 06.09.2013
  • Voyager: The mathematics of interstellar space travel
  • Relative scarcity pricing based on accessible reserves rather predicts that as soon as that is possible, price depression will rapidly follow. However, the same model applied to construction in space without the cost of lifting refined materials out of earth's gravity, and transporting it great distances without the cost of fossil fuels, means that space can become a significant long term viable habitat. Especially using large solar furnaces to process the ore.
  • 07.27.2015
  • How to improve IoT security
  • Does the security model you have in place include a plan for all the devices being bricked permanently, and disrupting business operations for a significant period of time? Does it include a network isolation plan that prevents the trojan device from effecting business and technical IP theft, or full scale DoS attacks from INSIDE your network? Is the device FULLY transparent, in that you have in your possession full sources for all software (build tool chain, boot loaders, OS, libraries, and applications) and hardware (PLD, FPGA, statemachine ROMS and other programmable memories) so that your staff, or a 3rd party security team, can conduct regular security audits of the device, especially updates BEFORE they are applied? If not .... there is likely to come a day, when you can kiss your job, your business, and your personal assets goodbye. The Sony attack was just a beginning. The attacks by various governments are just a beginning. The cyber war so far has just been for practice ... it's not even really started yet.
  • 07.27.2015
  • How to improve IoT security
  • Product designers and engineers like to think that security is all about making the right decisions about the device, using secure hardware and keys inside the device. With all security attacks, especially those with VERY secure hardware and keys, that auto update, it just means the attack REQUIRES compromising the vendors security. And presto, the mother load is not breaking a single device, or cluster of devices, it's having access to every device the vendor created that's network aware. So trust starts with the vendor .... is the vendor under the control of a hostile government, can the vendor, or it's key employees be influenced by organized crime, or may any of it's key employees effect an attack in support of a rogue influence like hackers anonymous? Is the vendor willing to provide a bond to cover ALL the direct and indirect costs should an attack be directed from, or based on, a security exploit of the vendors trusted position? Can the vendor be purchased by a hostile government? Purchased by organized crime? Purchased by a competitor that would benefit by putting you out of business? Purchased by a rogue business entity that could profit in the markets by disrupting your operations, or stealing valuable business and technical IP from your networks? Any device that auto updates, can instantly turn into a fully compromised trojan attacking your network and business viability in an instant.
  • 07.13.2015
  • Can new job titles upgrade engineers' stature?
  • So a new round of upgrading trash collector titles to something better than Sanitation engineer? It would seem to be more productive to actually make more transparent the responsibilities of a job, and the unique benefits to an organization and society that they position creates. Playing musical chairs with job titles just takes that away, and allows non-productive non-useful positions to hide in the crowd with creative choices for titles.
  • 05.25.2015
  • IoT security may lie in numbers
  • In the greater security domain, IoT devices should be like $100 bills ... minimal device security to detect counterfeits ... but all the physical/environment/network security is the responsibility of the environment they are deployed in, JUST LIKE $100 bills.
  • 06.04.2015
  • The real days of an engineer's week
  • Unless you are a head production engineer responsible for operations (and always on call) at a 24/365 plant, the vast majority of engineers actually really do get the weekend off, and can choose to work or not, depending on their social calendar. In reality that's not much different than senior management being responsible for a large 24/363 retail store, with a lot of young less than professional staff. Or a hospital, long term critical care facility, Ship Captain, senior Airport management, senior military officers on ship or in an active engagement theater, or any of several dozen other jobs that are difficult to walk away from on weekends. At least we can choose which weekends we can see refuge in the lab, without the weekday chatter and disruptions. Or in our home lab or office, in many cases.