Last night I was watching a DVD on my MacBook Pro, and remembered that I still kept a Motorola Bluetooth stereo headset from the time I was working at SouthWing and we designed such devices.

Bluetooth stereo headsets use a profile called Advanced Audio Distribution Profile (A2DP), which allows them to receive medium-quality audio at 16kHz from compatible devices. Most USB Bluetooth dongles sold recently have the profile in their drivers, and there are some mobile phones from Nokia, Samsung and Motorola that also feature this profile. The advantage is that you can listen to music wirelessly, and also control the player from the headset, as they feature the usual forward, back, play and pause controls.

Once I found the headset, I switched on Bluetooth on the Mac, and started the pairing process. The headset was recognised just fine, and pairing completed, but I noticed that it had been connected as a Handsfree device, with A2DP nowhere to be found. Since there doesn’t seem to be a method of connecting the headset permanently, so the audio is always routed from the Mac to it, the attempt was frustrated – I couldn’t even listen to the DVD in low-quality audio.

Why has Apple left out this profile, is it a blunder, or a calculated approach? As to this date, Apple doesn’t manufacture or resell any Bluetooth wireless headsets (only one can be found at their store, and it comes with a dongle for the iPod, so it doesn’t count). So, why would they have an interest in adding the A2DP profile, so that we could use any other headset? If they are in the process of designing their own, they might want to keep the profile away from Macs until they launch it.

Then again, if we give Apple a vote of confidence that they are not that insidious, it could be a blunder. And a big one. Windows has been able to work with A2DP headsets since late 2005, so they have had plenty of time to add the profile to their Bluetooth stack.

A few myths and facts about Bluetooth, versions and profiles for the curious:

1. Profiles are mostly independant of the Bluetooth version. It is perfectly possible to have A2DP in a V1.2 Bluetooth device, just the same as a V2.0 + EDR can have just two profiles and miss many of the usual ones – the mix is up to the manufacturer and driver supplier.

2. EDR stands for Enhanced Data Rate – this does not increase the range, just increases data throughput from around 700kbps to around 2.1kbps, by using a different modulation scheme. The Bluetooth protocol and profiles stay just the same – the advantage is that since data takes almost 1/3rd of the time to send compared to non-EDR devices, there is a considerable power consumption reduction.

3. “Device Y doesn’t support profile Z”. Again, this is up to the manufacturer, and it’s hard to add new profiles, specially in embedded devices. Some chipsets use masked ROM, which means that the Bluetooth stack, profiles and other settings are burned at the time the silicon is printed – so, no software updating on these. Masked ROM is considerably cheaper, although has an initial setup cost of $100.000, so it’s only good for high-volume production runs. The chips can drop $1 to $2 compared to the flash EEPROM counterparts.

As an example of a very poorly implemented Bluetooth solution we can find the Logitech MX5000 keyboard and mouse combo – it sucks. A lot. I am preparing a review that will try to investigate why it does the stupid things it does, such as repeating the first letter you type when it wakes up a dozen times, or why the mouse starts wondering around the screen as if it was possessed by a poltergeist.

Last week I attended the WOMBAT 2 conference hosted by WOMMA (Word Of Mouth Marketing Association), at the San Francisco Hilton. The weather was great, most speakers were good, and some networking took place. We managed to take thursday to visit some areas around San Francisco, and ended…you guessed it…in Silicon Valley. More about this in another post.

The most expected keynote was that by Robert Scoble and Shel Israel, on their book Naked Conversations. It was good, but way way too short. How can the organisers give their main keynotes only 45 minutes to speak, and almost zero minutes for Q&As? Specially at a conference where the topic is two-way conversations, and word-of-mouth. It was excellent to get my own copy of the book signed by both Robert & Shel – thanks guys!

Robert talked a bit about his new venture, I won’t go over it extensively here, as you can read a lot more about it in his own blog.

It was interesting to see an industry pre-worried about their future, as the last thing they want is to see word-of-mouth and viral marketing go down the dirty slope that email did. So, the first concept that was hammered into us was ethics. How to ethically get a blogger to talk about you, or how to ethically convice drivers to sell the vehicles you manufacture to their friends. Here are the main basic points on ethical WOM:

• Thou shalt not shill – i.e. pay a blogger to speak good about you.
• Thou shalt release good products – or risk having negative WOM blow you away.
• Thou shalt not deface or destroy property to promote your product (!?).
• Thou shalt not lie. Yes, you heard right. They want to convince marketers not to lie.

There are more, but these are the ones worth considering the most. It was actually very nice to see an emerging industry be so careful about setting the standard of conduct so early on.

What sucked most at the conference? No WiFi. Yes, you heard right. The Hilton wanted $24.000 to put an access point in the conference’s main hall, which the organisers refused. Eventually, people managed to get onto a rather weak AP that emanated from somewhere else in the building, and which gave you access to the internet after going through the hotel’s homepage.

Since I first started tinkering with the Linksys WRT54G router a couple over a year ago, replacing the stock firmware with OpenWRT, I have been thinking about making something special with it.

The router itself is a great piece of hardware, having a WiFi adapter, and two wired LAN interfaces. OpenWRT allows hackers to do almost anything with the device – there are plenty of mods, such as the dual serial ports, SD card to add storage space, and more.

I tried to look for a GSM/GPRS mod, which would add a module to the router, allowing it to communicate with the outside world using data and SMS – but there was no such thing, at least integrated into the router’s casing. So, the challenge was born, to design a PCB that would hold an SD card reader, a GSM/GPRS engine, and a GPS receiver. What could you do with this device? Here is a short list:

• An autonomous wireless IDS with logging and SMS alerts. This could warn you when a pirate is trying to break into your network via WiFi. It would be completely autonomous, only needing a power source to run.
• Self-contained wardriving box, which can save logs to the SD card, and be controlled via SMS messages. It could also periodically send you a status report to your mobile phone.
• Mobile hotspot – by bridging the GPRS data connection to the WiFi signal in AP mode. Not very fast, but wait until 3G modules come out…

Here is a first picture of the PCB mounted onto the WRT54G. It doesn’t show the mess of cables that covers it, but gives an idea of what it will look like.

So, my new 17″ MacBook Pro has been delivered today by TNT, curiously one day late, as Apple shipped it with…no address. Still, I’m very happy. I hope the date is not a premonition, as Tuesday 13ths are as unlucky as Friday 13ths in english-speaking countries…but I digress.

The laptop looks fantastic. From the moment you take the box out of the wrapping, you realise you’re in for a different experience – this is my first Mac since I had an SE when I was a kid. The reason for getting it was partly fueled by the ability to dual-boot Windows. Yes, I do most of my developing in Windows, and until they invent decent circuit design software for Mac, I’ll be stuck there. The Dark Side has been defeated…partially.

My first observation: the keyboard is too far back towards the screen. The reason that this may be a problem? If you’re like me, and wear a watch with a titanium strap, when you rest it on the laptop, it makes this most uncomfortable screech, plus it’s likely that the nice aluminium finish will get scratched in the long run, ruining the cool Apple style.

A few hours into it, none of the reported problems with early versions have been noticed. No noises, whines or heat buildup. I have yet to stress it, but I have to say it looks good.

One curious bit of info the TNT driver gave me – he was surprised that the MacBook had been sent from Shanghai, as most Apple hardware he delivers comes from the U.S. Can anyone confirm where the first-gen MBPs were coming from?

If you’ve done a more expensive one, I’d like to hear it!

Today I had to get to the center of Geneva from the airport, and in a bit of a hurry as the meeting I had to attend was getting close. I decided to take a taxi, which would also allow me to do a quick wardrive using my Qtek and a Bluetooth GPS. Finding almost 80 WiFi access points on the way was great, but the bill was painful! In all, the round trip from and back to the airport cost me 60 euros, some quick math makes each AP cost 75 cents (around $0.96).

Tomorrow, I will post some stats and a quick map of the captured APs. The stats will of course go to WiGLE, and the map will be made using an updated version of StumbVerter I’m working on – this will use MapPoint as usual, but you will also have the option of creating maps in Google Earth format. However, they will not look like the usual 2D icon maps that can be made using existing scripts, but will feature the traditional Netstumbler towers in 3D. How to show the signal strenght is being worked on, any suggestions?

Today, I attended a business meeting in Geneva, and on the way back, noticed the info panel at the airport was on a bit of a vacation. Click the picture for a higher-res version.

Sometimes, I feel like a human GPS navigator. And there are probably many more of us out there. Ever get a call from your wife, asking you to direct her to some remote place she is trying to drive to? My solution was to get a TomTom 500 navigator for her birthday. It comes with the maps for Spain in full detail, and a basic map of Europe, with main roads and cities. It can also be used as a Bluetooth handsfree for your mobile phone, so it’s quite a convenient device.

We set about trying it during a trip to visit my mother – since I knew the way, it would be a good sanity check on the navigator’s ability to lower our phone bills. When I told it where we wanted to go, and it told us to turn west instead of east, I started imagining what would happen. After a few minutes of following the navigator’s instructions without even looking out the window, this is where we ended up:

Yes. It wanted us to go up a dirt path that only horses (and fit ones at that) can manage. Take a close look at the full-resolution picture, and judge by yourself.

After turning around, and following the route we always take, we had to turn off the sound for almost half the trip, as it kept insisting that we should “turn around as soon as possible” so we could take the easy-going dirt track.

GPS navigator manufacturers only make the devices, but not the data that’s in them. There are a few companies, such as Navtech and TeleAltlas, who take care of that, and license the use of the data. In this case, it seems that overzealous cartographers had simply taken anything that looked like a road in survey maps, and turned them into navigable paths. The result is my unfortunate experience. The collateral is that my wife doesn’t trust the device, unless it’s for navigating within city limits – thus limiting it’s usefulness, and not limiting my phone bill so much.

I’m going to start a section called Hacked-up displays, or HUDs for short. I welcome your contributions to this, please send your entries to mike@tech.am

HUDs are public displays, screens and panels which are caught showing something they shouldn’t be, by fault or by hack. There is a classic roadside HUD here, as a good example. I’m posting this phonecam pic of an infoscreen at the Barcelona Metro, which usually shows videos, news and other stuff to bored passengers waiting on the platforms – and with which DirectPlay was not happy.

The rules:

1. Any image of a HUD is allowed, unless it contains foul language and/or explicit images.
2. Pics taken must be submitted with a short explanation of context, or if a hack was involved, a more detailed story of events.
3. Please advise if you want credit or want to remain anonymous. Confidentiality of submissions is guaranteed (thanks Apple!)

Do you work a lot while on the road? If you use Vodafone’s GPRS/3G data service, it could be costing a lot more than you think.
You surely heard about Vodafone blocking Skype on their mobile network in the UK, with T-Mobile following suit, all in the name of ‘fair use’ and distribution of network resources. Supposedly, using Skype instead of downloading MP3s can make their network grind to a halt…let’s just move on.

I was involved in a project about a year ago, the goal of which was to write an IP stack for an embedded device. The approach was to write the stack in an easy-to-debug higher level language on a PC, then port it to the device. So, I went ahead and started writing the PPP code, aided by a GSM modem and a Vodafone SIM card with GPRS enabled.

To my surprise, as soon as the PPP session was established, a public IP address was given by the network, and packets started arriving. Curious about what this data was, but already suspicious of what it could be, I wrote a quick-and-dirty TCP decoder, and rightly so, the misterious packets were nothing more than the usual flurry of port scans any device attached to the internet is receiving all day long. NetBIOS ports, common trojans, SSH, you name it, it was all coming in.

It was obvious that the security implications of these port scans were just as if the internet connection was coming from a DSL line – but there was a twist. GPRS fees are paid for downloaded data, but what is the definition of downloaded data? Is it just the data portion of a TCP or UDP packet? Is it the whole packet? Thus, were you actually paying for these port scans, and even for getting hacked?

“Vodafone customer support, how may I help you?”

Turns out they couldn’t help me much. Not even the technical department understood what I meant by port scans, or ‘rogue’ data coming from the internet and being charged for it. I escalated and called the UK support line, and finally got someone to admit that they don’t perform any form of filtering, “for technical reasons, as it is something very difficult to accomplish”. Besides, they were sure some customer might want their NetBIOS ports open for the whole internet to see.

Fast-forward to 2006…and they are blocking Skype. If someone can come up with a decent explanation, other than they only block data harmful to their revenue, I’d be glad to hear it. They don’t care if some kiddie hacks into your computer, and turns it into a file dump, as long as you pay for the traffic. Alas, if you touch their voice revenue with a VoIP application, they will go to any length to “protect” you.

RFID, which stands for Radio Frequency Identification, is ubiquitous in our lives. We find RFID tags in our library books, grocery, consumer goods, printer cartridges, and are even implanted into people’s bodies.

The basic principle behind RFID is that a simple, passive device responds to a burst of RF with a unique number, which can be used to identify the object to which the device is attached. There are many types of tags, some of them can even be written to. When I have the time, I will write an in-depth article on this subject.

RenderMan, Thorn and Audit have written a book on this topic, titled RFID Security. You can get this book at Amazon.com. RenderMan is very active in the Church of WiFi, Thorn has participated in other books, such as Wardriving: Drive, Detect, Defend. Audit is a very active moderator of the Netstumbler forums, hosts personalwireless.org, and also participates in many WiFi-related projects.