How does doing "head -c ...." check on SD card at 49:05, verify that the bootloader and root is correct? That does not feel right to me. EDIT: My bad. This is correct, and actually necassary, due to SD card (sda) being bigger in total than the content on relevant partitions or the CD. "head -c ...." does verify the bootloader, partition tables and their content. All good.
At 1:13:10 during OP2 or OP3 audit. Serial communication is corrupted, few characters are missing. Fortunately not critical (the internal clock is not correct anyway). Please use better and shorter cable tho. This caused issues at 2:03:00, in few places. Including Serial Number readout. The staff incorrectly say this is a bug in a firmware, where in fact it is a fault of a cable.
After the ceremony, thorough testing took place where we were able to reproduce the issue with a different HSM of the same exact variety, and our initial assumption that it had to do with the HSM firmware ended up being completely wrong, but it's also not a cable issue. Further testing with our testing laptop and HSM allowed us to isolate the issue to the updated version of STTY’s translation of the RS232 controller. We consistently receive a random 1-2% error rate in the captured HSM output. Testing suggests the previous version of STTY included with the former version of COEN (our ceremony operating system) was performing error correction more optimally with our former hardware combination. Multiple USB to serial port adapters utilizing the STDI chipset were tested to circumvent the laptop’s onboard RS232 controller and serial port. We ran several diff comparisons of the captured output with consistent results, showing only anticipated character changes such as the HSM reset count and timestamps. We plan to return to using USB to serial port adapters in future KSK ceremonies. USB to serial port adapters were used with the previous generations of ceremony laptops in KSK ceremonies from 2010-2018 without issue. Hope this clears things up.
@@iana-org Hi IANA. Thanks for the response. That makes sense, serial could be finicky. It is weird that the built in serial was not cooperating. Maybe some flow control lines were not handled correctly, or driver has issues, all possible. Thanks for testing, and finding a hopefully secure workaround.
@@movax20h It really appears to just be the way the RS232 controller built into the laptop for that built-in serial port was doing the translation with the new version of STTY. It was a pretty deep dive down the rabbit hole to make that determination. At KSK Ceremony 50 we successfully used the USB to serial adapter combined with the same version of STTY without any issues, so we don't anticipate any issues of this variety to arise again.
![[4K직캠] BABYMONSTER(베이비몬스터) - FOREVER](http://i.ytimg.com/vi/PS3UAFto1z8/mqdefault.jpg)
banger
I concur!
How does doing "head -c ...." check on SD card at 49:05, verify that the bootloader and root is correct? That does not feel right to me.
EDIT: My bad. This is correct, and actually necassary, due to SD card (sda) being bigger in total than the content on relevant partitions or the CD. "head -c ...." does verify the bootloader, partition tables and their content. All good.
At 1:13:10 during OP2 or OP3 audit. Serial communication is corrupted, few characters are missing. Fortunately not critical (the internal clock is not correct anyway). Please use better and shorter cable tho. This caused issues at 2:03:00, in few places. Including Serial Number readout. The staff incorrectly say this is a bug in a firmware, where in fact it is a fault of a cable.
After the ceremony, thorough testing took place where we were able to reproduce the issue with a different HSM of the same exact variety, and our initial assumption that it had to do with the HSM firmware ended up being completely wrong, but it's also not a cable issue.
Further testing with our testing laptop and HSM allowed us to isolate the issue to the updated version of STTY’s translation of the RS232 controller. We consistently receive a random 1-2% error rate in the captured HSM output. Testing suggests the previous version of STTY included with the former version of COEN (our ceremony operating system) was performing error correction more optimally with our former hardware combination.
Multiple USB to serial port adapters utilizing the STDI chipset were tested to circumvent the laptop’s onboard RS232 controller and serial port. We ran several diff comparisons of the captured output with consistent results, showing only anticipated character changes such as the HSM reset count and timestamps. We plan to return to using USB to serial port adapters in future KSK ceremonies. USB to serial port adapters were used with the previous generations of ceremony laptops in KSK ceremonies from 2010-2018 without issue.
Hope this clears things up.
@@iana-org Hi IANA. Thanks for the response. That makes sense, serial could be finicky. It is weird that the built in serial was not cooperating. Maybe some flow control lines were not handled correctly, or driver has issues, all possible. Thanks for testing, and finding a hopefully secure workaround.
@@movax20h It really appears to just be the way the RS232 controller built into the laptop for that built-in serial port was doing the translation with the new version of STTY. It was a pretty deep dive down the rabbit hole to make that determination. At KSK Ceremony 50 we successfully used the USB to serial adapter combined with the same version of STTY without any issues, so we don't anticipate any issues of this variety to arise again.
Peep the live chat replay