## On the linkability of Zcash transactions

Today I’m publishing a paper (PDF, arXiv) I wrote about the linkability of certain types of Zcash transactions. I’m also publishing a list of round-trip transactions generated as part of the research. The code used is up on GitHub (parser, database generator). If you don’t feel like reading the whole thing, there’s a summary below!

Note: A draft of the paper was shared with the Zcash Company before publishing. They have published a blog regarding the results.

As you probably know, Bitcoin is a “transparent ledger”, which means that it is very simple (and in fact, essential to verifying its correctness) to trace the flow of coins from one address to another. In this way, the transactions are “linkable”. Zcash is a fork of Bitcoin that adds in a new type of address called shielded addresses or a “z-addrs”. Transactions involving z-addrs use a special type of cryptography (zk-SNARKs) to obscure the parties and amounts of transactions.

nds4droid does not collect or transmit any personal or sensitive user data. The android.permission.RECORD_AUDIO permission is used only to emulate the microphone on the Nintendo DS, which some games use.

## Obscure Ethernet for $200 please, Alex: The Ethernet PAUSE frame This is a bizarre one. It all started when the internet seemed to go out at my house. My desktop, phone, TV, everything stopped working. The usual solution at a time like this is to power cycle the modem and router. While this fixed the situation temporarily, soon after the problem returned. What made me think this was more than just ISP flakiness was that for some reason Chrome actually locked up; good ol’ Windows “this program stopped responding” so like any enterprising engineer I busted open Wireshark. ## When code is suspiciously fast: adventures in dead code elimination Part of a recent assignment for one of my classes involved calculating the Fibonacci sequence both recursively and iteratively and measuring the speed of each method. (BONUS: For a fun diversion, here is a paper I wrote about using the Golden Ratio, which is closely related to the Fibonacci sequence, as a base for a number system). In addition, we were supposed to pass the actual calculation as a function pointer argument to a method that measured the execution time. The task was fairly straight forward, so I fired up Visual Studio 2015 and got to work. I usually target x64 during development (due to some misguided belief that the code will be faster), and when I ran the code in release mode I received the following output as the time needed to calculate the 42nd Fibonacci number: Recursive: 0.977294758 seconds Iterative: 0.000000310 seconds Since calculating$F_{42}\$ through naive recursion requires ~866 million function calls, this pretty much jived with my expectations. I was ready to submit the assignment and close up shop, but I decided it’d be safer to submit the executable as as 32-bit application. I switched over to x86 in Visual Studio, and for good measure ran the program again.

Recursive: 0.000000000 seconds
Iterative: 0.000000311 seconds

## CVE-2016-1562: Unauthenticated “filter” parameter leads to customer information leak in the DTE Energy Insight app

#### BACKGROUND

Here in southeast Michigan nearly all of our electricity (and a good chunk of our natural gas) comes from DTE Energy, which serves 2.1 million people in the greater Metro Detroit area. DTE recently upgraded most of their electricity meters to ZigBee-enabled smart meters, and as part of this rollout they released the DTE Energy Insight app which allows customers to view their energy usage, set targets, and earn a host of achievements (no Steam cards sadly) when meeting different energy goals. In addition, at no charge DTE sends customers an “Energy Bridge”, a small device that connects to a home network and monitors the ZigBee messages generated by a smart meter to give real-time energy consumption information.

Given my curious nature I decided to poke around to discover how exactly the app and the Energy Bridge worked. This post is about a vulnerability in the app itself (although I’ve been tinkering with my Ettus Research B200 SDR to intercept the ZigBee messages as well).

## nds4droid release 47

2016 brings us an update for nds4droid! Nathaniel D. was nice enough to provide a new German translation. In addition I went ahead and converted the code to an Android Studio project and moved everything away from Sourceforge (15 years too late, amirite) and over to GitHub. The code can now be found there: https://github.com/jquesnelle/nds4droid.

Go ahead and grab the latest APK or get it straight from Google Play.

## Introducing MissionControl

A few months back I purchased a Parrot Bepop drone and started writing some code to actually fly it from my PC (being unhappy with only Android/iOS options). In particular I wanted a system that would let my fly it with my shiny new X-55 Rhino HOTAS I got for Star Citizen and Elite: Dangerous. Unfortunately my Bepop drone was stolen, so I’m releasing the code for what I call “MissionControl” a bit prematurely. You can connect and fly your Bepop drone with this, although there is no UI to configure the controls yet. If I get another drone at some point I may pick this back up but I wanted to release what I had because it didn’t seem like anyone had gotten flight control of a Bepop working on Win32 yet.

It’s up on github: MissionControl.

## DEFCON 2015

Hey everyone, I’ll be at DEF CON 23 in Las Vegas this weekend helping at the Car Hacking village. Tweet at me if you’ll be around!

## Penguicon 2015: Scheduling

I’ll be at Penguicon this weekend, Michigan’s largest sci-fi/open source convention! I’ll be giving a talk about my upcoming research paper “Scheduling a conference to minimize RSVP conflicts” which is currently undergoing peer review.

Here are the slides for my talk: Scheduling: The first academic paper about Penguicon

A pre-print of the actual paper: Scheduling a conference to minimize RSVPs

## Foundations of the golden ratio base

Positional numeration systems have come to dominate mathematics, with the ubiquitous base-ten number system used nearly universally. In addition to base-ten, other bases such as base-two and base-sixteen have found widespread usage (for example in computer engineering). We review a particularly novel take on the positional numeration system: the golden ratio base, first introduced by George Bergman in 1957, who was a 12 year old junior high student at the time. We shall prove that the number system is correct, starting with basic properties of the golden ratio up to proofs of the existence and uniqueness of representations for certain classes of numbers, which rely on algebraic number theory. In addition we will introduce simple algorithms for performing arithmetic in the system.