Cheers,
Nelson
> --
> To post to this group, send email to tins...@googlegroups.com
> To unsubscribe send email to tinspire+u...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com.au/group/tinspire?hl=en-GB?hl=en-GB
> The tns documents shared by group members are archived at
> http://lafacroft.com/archive/nspire.php
Let's also remind of the existence of the Symbolic FlashApp for 83+/84+,
and of the fact that arbitrary OS can be installed to e.g. the 83+ since
shortly before the 04 signing key's factorization (by virtue of adding a
new "05" key to the certificate memory).
Did it cause TI-Z80 calculators to be banned from standardized testing ?
AFAICT, it didn't...
BTW: independently of OSLauncher, activating the PTT mode triggers a
reboot... and if the calculator hadn't been rebooted since OS 3.0.1 was
transferred to it, some students may face the brick right in the testing
room. Which is an unwelcome source of stress, and also a source of
testing unfairness (and therefore, maybe, litigation ?)...
Lionel.
--
> And I am not so bothered about TI Business model, so much as to my
> students. You may remember that there was a similar incident a few
> years ago with HP48G (IIRC) where hackers worked out how to enable
> the CAS features on the non-CAS handheld... This device was then
> banned from all high-stakes exams.
Did the device you're talking about have PTT ?
Did that device have a way to reflash the OS without erasing the user
portion of the Flash memory ?
I don't know the answer to either of those questions, but I do know that
the Nspire has those two trivial _built-in_ defenses against
OSLauncher-type programs, and I also know that tampering with them is
harder than our current collective knowledge of the Nspire.
> This move in my opinion fully justifies TI stance on the hacking
> community, and its attempts to block Ndless. Whilst as you say it
> may be possible to prevent this at the moment, it seems unlikely
> that someone else in the community won't continue to work on it to
> overcome these limitations with regard to P2T...
That may be. However, it's much more border-line, from a moral and
perhaps also from a legal POV, than merely enabling the execution of
arbitrary OS on the devices we own. Someone willing to do that had
probably better not be a citizen of a Western country.
I did not withhold the source code, obfuscate the binary, include any
protection against launching TI's official OS made for a different
model, or whatever else, since _any_ such protection can be worked
around anyway and is therefore, ultimately, a waste of time.
BTW: execution of arbitrary OS on the devices we own (and more
specifically, the reverse-engineering required to achieve this aim,
since the manufacturer is not providing documentation) is protected by
the DMCA: https://www.eff.org/deeplinks/2009/09/ti-leave-those-kids-alone .
> I have in the past agreed with some of the desires of the hacking
> community, with regard to the desire for more programming
> capabilities, but this is just plain irresponsible!
Keep in mind that RunOS, the first attempt at running arbitrary OS on
Nspires, was made and showcased more than a year ago; it took one year
before someone took a whack at releasing an independent reimplementation
of RunOS. Other people may have created independent reimplementations
in-between, but they didn't release them.
During that timespan, TI made multiple anti-programmer moves, while
consistently keeping a portion of the Nspire's BASIC capabilities below
those offered by the 20-year-old TI-81.
(The actual release of OSLauncher post-dates the discovery of Lua on OS
3.0 by a day, but the code of OSLauncher pre-dates that welcome event.)
Was it responsible from TI to sell the Nspire as secure (e.g. the
"hardware-controlled" nonsense description for the PTT LED, etc.) ?
Anyhow, we'll now see in practice whether any standardized testing
regulation authority finds it smart to prove its complete cluelessness
and incompetence, by deciding to ban Nspires from some exam,
notwithstanding the existence of built-in defenses against
OSLauncher-type programs.
They didn't do that one year ago in the event of Ndless; they didn't do
that in the event of RunOS, though the video clearly showed that it was
not only possible but also easy enough, given that the executable was
very small. The only reason why the OSLauncher binary is more than 1 KB,
is that unlike RunOS, OSLauncher supports compressed OS images (only).
Lionel.
(*): technically, AFAWCT, the difference between the device sold as
Nspire non-CAS, and the device sold as Nspire CAS, is one bit in one of
the hardware ports.
TI cannot be making two different ASICs just for that purpose, because
it's more costly than making an ASIC and twiddling the bit in production
stage. They could easily, at a rather low design-time cost and a low
production-time cost, make the two kinds of devices _much_ more
different than they are from a hardware POV. Therefore, the software
would be very different as well, and fiddling with the OS made for one
model in such a way that it can run on the other model would be a much
harder task than OSLauncher was (three days).
It's not _our_ fault if they didn't do that, it's theirs.
As a followup to my previous mail, for Andy and others: at the same time
as OSLauncher, I released DummyOS:
http://www.ticalc.org/archives/files/fileinfo/437/43702.html
DummyOS is an "OS" that, uh, doesn't do much in the way of useful
things. It may not even be useful as a starting point for a decent
third-party OS. But OSLauncher can start arbitrary OS: DummyOS, or,
well, Phoenix (which I didn't bother trying to prevent, because as I
stated previously, it wouldn't be an effective protection).
OSLauncher is a tool, just like a knife, a hammer, or in general many
objects of day to day life.
The normal purpose of knives is cutting food, but knives can be used to
kill. The normal purpose of hammers is a percussive action on objects,
but hammers can be used to kill. Et caetera.
The source code of OSLauncher contains an interesting note:
"
// This program is a tool for launching (apriori) arbitrary OS from
Nspire OS
// versions supported by Ndless, without installing them.
// I decline any responsibility in users using the program for purposes
// potentially unwanted by TI, if such usages are possible.
"
Lionel.
> I certainly don't mean to diminish the technical achievement here
> which is clearly profound,
Well, even if you had meant that, I wouldn't be really mad at you.
Maybe I haven't made it clear enough by just mentioning "three days",
but Ndless and nDOOM (between others) are deeper technical achievements
that required more work than OSLauncher did.
Like many programs whose binary is less than 2 KB large (most of which
was copied from one of the zlib usage examples), RunOS / OSLauncher is
no rocket science.
(though miracles _can_ happen in a 4 KB binary, e.g.
http://pouet.net/prod.php?which=52938 )
> I just find it sad that the effort couldn't have been put into doing
> something more productive for the education community...
After OSLauncher, I've worked on native CAS programming ;)
But it's practically useless for now, given that it's not interactive
(because Phoenix is complex and hasn't been reverse-engineered enough).
Only a handful of people might dare using that.
> Even if testing authorities don't prevent students using the Npsire,
> teachers will now no longer be able to be certain whether the student
> is cheating in class without insisting that the calcs are always in
> P2T mode which kind of defeats the object!
Well, that was _theoretically_ the case since the end of February 2010
(public release of Ndless) anyway.
> I wish I could be excited about this - I have for a while wished we
> could have a CAS/non-CAS handheld that we could enable/disable the
> case features easily on, but I know for certain that such a device
> would not be passed by the testing authorities, which is why we
> have the arbitrary distinction between the CAS and non-CAS models...
Indeed.
> To suggest that TI should have made the hardware and software more
> different, to prevent this makes absolutely no business sense at all
> as the costs of production and development would have been much
> higher, and therefore the cost to students likewise would have
> increased...
Precisely: I don't think that the development and production costs would
be _much_ higher. They must be configuring the CAS/non-CAS bit in
production stage - so why couldn't they configure other parameters ?
(yes, my post is intentionally vague)
> I completely agree that the difference between the two devices is
> fundamentally arbitrary, but the distinction is essential from an
> educational point of view, and TI are certainly not the first
> company to produce multiple products which are basically the same
> hardware but running different software, and selling them at
> different prices.
Yes, at least Casio did that too. Casio-Bank published a tutorial for
raising the capabilities of the lower models.
> To imply that the people who bought the non-CAS handheld should be
> allowed to run the CAS software on the device implies that all
> they were paying for was the 'hardware' and that the OS software
> is 'free'. Installing the CAS OS on a non-CAS device whilst
> technically possible, basically amounts to theft as you have not
> paid for the right to install that OS
Isn't selling a cheaper hardware at a higher price tag another form of
theft ? ;-)
We do understand that corporations' goal is to make money, but there
must be some moral bounds about that.
> (installing a custom OS would be covered by the DCMA,
Not sure what kind of "covered" you mean (allowed, or forbidden).
At least, from the EFF's defense of the people illegally attacked by TI
in the signing keys episode,
https://www.eff.org/deeplinks/2009/09/ti-leave-those-kids-alone
"
[...]
That's two fatal flaws in TI's DMCA arguments, without even considering
the explicit exemption in the statute (Section 1201(f)) for reverse
engineering in order to create interoperable software (like homebrew
operating systems for your calculator).
"
> but I am not sure installing propriety code you have no license for
> - even if freely downloadable - is covered and I would suggest this
> is dubious legal grounds, however I am a maths teacher so what do I
> know about law!)
IANAL either.
> I am sorry, but for me this is a very sad outcome for educators...
> I wouldn't be surprised if TI have to be even more tight with
> securing the device and preventing downgrading now to reassure
> testing authorities...
Which would be persisting in error. Protection schemes of various kinds
have been used for decades on hundreds of platforms - and their cost is
passed onto consumers - and they always fail and fall some day.
Lionel.
> Secondly in response to them selling cheaper CAS hardware at a more
> expensive price, you are again discounting the cost of the software,
> the development of the CAS side of the software will have been
> significantly more expensive so this is reflected in the modest
> increase in price...
The development cost of the Nspire's Phoenix OS, from the TI-68k/AMS
code base, is actually mostly on stuff _not_ related to the CAS: the
complicated document system, protection system, new computer linking
protocols and code (why not a standard mass storage like Casio did for
the Prizm ?), and in general, what the Nspire running Phoenix can do out
of the box while the TI-68k running AMS didn't.
The fact is that the math functions in Phoenix are _very_ similar to
those of AMS. There are some new higher-level functions in Phoenix (no
ground-breaking new functionality), but for the bulk of what I've found
so far, it's largely the same old code base as AMS, introduced 10+ years
ago on TI-68k calculators...
My Nspire/Phoenix and TI-68k/AMS implementation of Aitken's delta^2
algorithm are twins: after the argument retrieval phase (which doesn't
exist on Nspire/Phoenix, for now at least) they call the same OS
functions with the same arguments. After finding the appropriate
function and variable addresses, it was copy, paste and poof, the
Nspire/Phoenix program worked on my usual testcases, yielding the same
result as the TI-68k/AMS program (obviously, this is a measurement of
similarity, not of absolute correctness).
> The OS for the Nspire is not a free commodity that can be installed
> on any device you like it is licensed to be used on the hardware...
> This I think completely justifies charging more for a device which
> is more capable... even if these features have been removed (note
> they are removed and not disabled) from the software in the numeric
> version... The price difference reflects the difference in software
> not in hardware.
For more than five years, I've been using Linux flavors most of the time
on the computers I have access to, whether personal or for work. Of
course, I use legal copies of Windows (in a VM or on bare metal) if the
vendors' programs don't exist for other platforms, or because I have to
test on Windows pieces of software I'm working on.
But the point is, I'm not really in the "software costs money"
philosophy anymore ;)
Lionel.
Lionel.
Look at what happened with the PS3 made by another company, whose
behaviour bears similarity with TI's: thorough reverse-engineering, with
a goal of fiddling hard with the platform, didn't start until the
manufacturer released firmware updates which disabled the Linux
functionality people had paid for...
As long as the manufacturer acted reasonable, people didn't bother. But
when the manufacturer took off gloves, people did as well. It's not too
late yet for TI to behave reasonably, though - but it might be by one
year (the time it took for the PS3 to be thoroughly broken).
> For me, the release of this code by the hacking community, reflects
> that TI had correctly judged the intentions of (some of) the
> community, and that they were right to add in this extra protection
> in OS3.0...
Well, like it or not, the open development community, for any platform,
has the will (for challenge, fun and other reasons) to run other, non-TI
software on the devices we have bought and we therefore own.
Other purposes, as is the case here, are a collateral damage.
> Ultimately I think this will do significant harm to the community
> and lose what little good-will was left between the company and the
> hacking community...
Well, what "good will" exactly ? ;-)
TI has been carrying an all-out war in the past year (only to name
three: attack on Ndless, downgrade protection on OS 2.1, downgrade
protection on OS 3.0). And even before that, TI has been negating for
four years what made the success in the market place of their
calculators for the 10+ previous years.
OS 3.0 contains a glitter of hope with the advent of a (stripped-down)
Lua, which is no appropriate substitute for native code programming. But
that post-dates the making of RunOS and OSLauncher...
Lionel.
But the two situations are not the same at all, Sony were not
attempting to build a machine that had to be approved by testing
agencies!! As I have said before it is the unfortunate result of the
community adding extra features to the older gen calculators which has
made the testing agencies much more verciferous in their
requirements...
To pretend that these issues are not important is to fail to
understand the fundamental purpose of the Nspire...
Sent from my iPhone
> My guess is we will see some agencies move quite quickly to insist
> that all handhelds are running OS3.0 or above (The IB already
> insist on 1.3 or above but for different reasons)...
That may be, but it is, at best, a temporary band-aid over a problem
that has basically no solution, as evidenced by many years of fallen
protection schemes.
> I have a lot of sympathy for what the community are attempting to
> achieve but I feel releasing this code will do a lot more harm
> then good, especially for those of us who are not in countries
> where CAS is dominant (sadly)...
Only time will tell.
OSLauncher-type programs would provide a way to let Nspire CAS
calculators be usable in standardized tests. Not that this is the way
testing authorities would allow the Nspire CAS, though :D
From here, insistence on standardized testing being devoid of CAS
functionality looks somewhat strange - if nothing else because it's not
representative of real world usage after initial education.
Insistence on "no CAS" policies in exams (until a certain level, I
guess) tends to yield "no CAS" teaching policy in the educational system
below that level. But in real professional life, those who need a CAS
are going to use a CAS anyway... and on average, the longer they've used
a CAS, the more efficient they're going to be at that task.
> I have no issue with hacking the PS3 or iPhone if people want to
> because they are not devices used in high stakes exams...
Just to be clear: I didn't mean that I thought you had an issue with
fiddling with the PS3. As you write, there's indeed a difference between
the PS3 and the Nspire.
But I'm predicting that TI's actions are leading the Nspire towards the
same path as Sony's actions led the PS3 through. Experience, on other
platforms, shows that people 1) interested by thoroughly screwing with
the platform and 2) possessing the technical abilities to do so may rise.
Lionel.
Lionel.
> Your comments about RunOS being hinted at 12-18months ago may well
> be part of the reason that these additional restriction we mentioned
> were added in the 3.0 release...
That may be indeed.
And before that, the anti-downgrade protection in OS 2.1, which
prevented from using OS 1.1, and therefore Ndless 1.0, on calculators
that had been upgraded to OS 2.1.
But that protection fell in one week at best, and Nleash was released
about two weeks after OS 2.1, if memory serves me. That was right in the
middle of the summer break. As a bonus, TI's anti-downgrade protection
enabled finding out how to control the PTT LED (which was supposedly
impossible to tamper with...) at our liking :D
Fully defeating the compression+encryption of documents is probably
going to yield other unexpected gains.
Lionel.