S2S Technology Blog

I was looking for a useful tool for teaching students, and myself the basics of robotics. I, like most people, am interested in robotics but don’t have the time or budget to spend $500+ on a kit from a hobby store, and then to justify that cost by having it sit in my garage.

After a little research online I found an free open source tool that works on both Windows systems and my native Linux box. Guido van Robot is a free simulation program that teaches the basics of sound programming logic to a first time programmer. Users will pick up useful programming concepts like correct syntax, loop structure or iteration, conditional statements, and naming conventions. I particularly liked the 18 sensor tests that the robot can perform allowing users to program their robot to interact with a changing virtual landscape. They even include 18 predefined tutorials, I mean how can you beat that for the price?

The robot is rendered as a black triangle with a Blue G inside of it. The world is an X, Y plotting system in the first quadrant, meaning 0, 0 is in the bottom left hand corner although it actually starts at 1, 1. Walls are represented by red lines between points on the grid. Users can write or load world programs and write or load robot instructions. I like this because it allows the user to write a set of instructions an then test them in unique environments.

Guido van Robot is not meant to be an end all way to teach all aspects of the programming or robotics fields. Some limitations include no variable calls or storage of information, no passing of variables to subroutines (this would effectively eliminate any object oriented training). Also the program executes from a top down structure and the robot executes all defined commands whether they are called or not, this is almost like a self check before performing duties, but could cause problems if he doesn’t have a large starting area.

My experience level in programming is strong administrative server scripting in both Linux and Windows. I have also written scripting programs in Perl that do everything from updating Cisco IOS on hundreds of machines to defeating CAPTCHA schemes on websites (don’t worry I never applied that to any live sites). As a free tool this is great for the beginning or inexperienced programmer. Experienced programmers may want to peruse this for a few minutes as I did and then move on to some more complex simulations like Stage or Gazebo which can be downloaded free at www.sourceforge.net. Unfortunately these last two work on only linux based devices.

When we talk about security from an I.T. standpoint we are really referring to three distinct aspects. These allow us to look at the very complex problem in a modular, or broken down and simplified manner. The three aspects of Security are:

Data Confidentiality- When we talk about confidentiality we’re talking about who’s eyes are able to view the data or who’s systems are able to copy it. This is a huge issue as confidentiality issues in data security don’t always manifest themselves as problems. Take for example, a few months back a couple of government employees were fired for viewing the records of Hilary and Obama. The system alerted the proper authorities when the files were accessed, but for every 1 system correctly configured like this there are 10,000 that are not. Confidientiality of data from a personal standpoint protects people from identity theft, but from a business standpoint it is the risk of losing competitive advantage, something many companies cannot afford to do.

Data Integrity - Data integrity is referring to the data being in the same condition as you left it. Essentially this is the ability to protect your data from being tampered with either intentionally or unintentionally. It seems to me when I first started to get into computers in the late 80’s that hackers and viruses were still content to wipe your system out and frustrate you to no end. Now, however they have moved more toward destroying the confidentiality of the data and leaving it intact, but that does not mean this aspect is to be overlooked. Integrity of data is checked through md5 checksums to ensure data is not altered  en route to or from storage, or during transfers.

Data Availability - Availability of data refers to the data being available to you when you want to access it. I like to tell people I can guarantee them 100% that I can keep any system in the world from ever getting a virus, the only caveat is that I get to put it down in a basement, in a safe, with no internet connection. This is a silly example, but for the purpose of showing that availability of data requires us to venture out into that deep dark world of the internet. There are a lot of security measures that can be put into place to ensure that the systems containing the data and the systems transmitting the data are kept secure. Regular patch management should be monitored on server equipment, Yes, Linux AND Windows boxes. Security audits using port scanning are a great way to ensure that the devices making your service available (yeah we call em servers, and you thought us techs just made that up) remain that way.

I hope this brief overview of how security professionals view the dangers of networking helps you as a business manager or even in your personal life shift your view and take security a little more seriously. Let me leave you with a quote.

Richard Clarke, the special adviser to the president on cyber security once told a group of security experts at the 2002 RSA convention, “If you spend more on coffee than on IT security, then you will be hacked, What’s more, you deserve to be hacked.”