SainSmart 3018-PROver CNC Router – Assembly Errata and Initial Review

January 18, 2020

The materials provided are good: heavy and well-machined aluminum, acceptable quality electronic and mechanical components and fasteners. The 3018-PROver is not nearly as “assembled” as the purchasing data indicates. You can download the assembly video or the manual and see for yourself – there are a couple of hours of assembly work, and there will be much consulting of the online manual, the video, and this errata while you are at it. The three major subsystems are mechanically assembled, but have not had the electrical components, wiring and many little parts mounted, and two major subsystems need to be bolted together. And since the instructions leave a lot for you to figure out, if you’re easily frustrated: choose another project.

The PROver version is based on Open Source software and incorporates its own motion controller software: GRBL 1.1. It does not need to be connected to your computer while the router is cutting. Most people will use Open Source CAD software, which does not come with the unit.

There is also a “3018 Pro MX3” version which requires that you purchase the Mach 3 software for $175, has a different main controller board and a different hand controller, and requires a Windows computer to run Mach 3 while the router is cutting. The 3018 PROver is a better choice for most people, as it avoids this expense and complexity. Mach 3 is motion-control software, not the CAD software. You will still need to find that.

The 3018-PROver controller is based on Arduino. The main controller runs the GRBL 1.1 software developed for Arduino and comes with its own hand controller. Hand controllers for other models, like the one for the MX3 version, are not compatible.

Source code for GPL-licensed software in this unit is not on the SainSmart web site as far as I can tell, and it looks like SainSmart still needs to learn how to comply with the licenses to the GPL binary software they distribute, and directly distribute the source code on their own site. I do not know what differences exist from the GRBL 1.1 developer’s source, but I suspect some might exist for the hand controller.

This machine will be covered with chips after operation and will require some wiping down, including passing some sort of wipe inside of the T-slots. I will try to improvise a chip vacuum for mine, no such thing is available to buy.

To find the assembly video, search for Sainsmart Genmitsu CNC Router 3018-PROVer Build. A few hits down from the top of the search on Google, there is a wiki page for the device at . You can also find this directly on the wiki, but the indexing is based on SKU numbers. There are assembly videos for other models on Youtube, which you might find helpful.

Most of the tools required for assembly are provided. In addition, you will need a wire cutter to remove two wire ties used as a shipping lock, and a container of light oil to lubricate the lead screws, and some electrical tape to wrap moving wires together.

You will need to download the manual and display it on a big screen. That is the only way you will be able to see the photos adequately to be able to assemble the unit. The photos are in a printed manual provided with the unit, but too small and too low-resolution to tell what you should be doing.

Here are the errata I noted during assembly:

Step 1: You will need to provide your own wire cutter.

Step 2: You are told to mount 6 wire holders, but the photo only shows where two of them go! The video is similarly unhelpful! The second two go on the opposite side, identically to the first two. The third two go on the outside of the frame, on the same side as the stepper motor, opposite the two installed inside.

Step 3: The four wire holders mount on opposite sides of the metal piece. The photos don’t quite show this completely.

Step 5 and 6: The long end of the distance tool is held against the back of the frame, inside the channel. The last slider nut should be against the end of the distance tool. Because of the distance tool, everything lines up well and the 12 bolts go in a lot more easily than I expected.

Step 8: The square projection on the slide nut goes outward.

Step 9: Peel the protective film off of both sides of the acrylic sheets. They are clear, tinted blue, once you do that. Hold the sheet so that it fits the shape of the leg of the Y-Z assembly. That is the correct orientation. Put the bolts through from the outside, and put the slide nuts on the other side by hand, one turn only. Orient the slide nuts horizontally, and then push the acrylic sheet to the channel so that the slide nuts insert into the channel. Turn the bolts, and the slide nuts will seat correctly.

Step 10: There is an error on this page. Where they specify the Y+ and Y- connecting wires, they actually mean X! The VER- numbers are correct, Y should be X.

The main controller is attached to two beams, each of which has four channels. The X- limit switch wire must be run behind the main controller along the top of the bottom beam, looping to the front on the side where the controller has the USB connector. The cover strip goes over the wire on the top channel of the bottom beam.

Step 11: It may be necessary to temporarily remove the wire holders next to the limit switches so that there is enough space to insert the plugs into the limit switch sockets. Put the wire holders back afterward.

Step 13: There are different plugs on each end of the stepper motor wires.

Step 15: By “black cover”, they mean the black plastic nut on the barrel of the emergency stop button. Remove that and the square lock washer. Put the switch into the plate, and then put the lock washer on the switch from the back, with the pointy corners facing the metal plate.

This button is unusual: push to stop, twist to release.

Step 16: Whew! A lot left out here! You are supposed to pass all of the Z wires through a piece of the nylon braided web to protect them from friction. But the piece I was provided, although it can be expanded somewhat, doesn’t expand sufficiently to do this. I wrapped the wires with electrical tape.


Before you connect the router to your computer, you can play with it using the manual controller. This is non-intuitive though. I noticed that the files included on the SD card would run into hard limits (trip the limit switches) if run with the router starting in the home position. You will have to move X, Y, and Z close to the center of their operation before starting.

The limit switches are confusing. If you are stuck on a limit, which is sure to happen, run the reset function. Move the stuck axis until it stops again – the limit switch will halt the system when it is set, and again when it is cleared! Run the reset function a second time. Then you can move the axis as expected. At this writing I am not sure if configuration will make this easier.

Invasion of The Ethical Licenses

About 23 years ago, I created the Debian Free Software Guidelines to help the Debian developers decide what software was permissible to include in Debian, which aspired to be 100% Free Software, and what should be consigned to a “non-free” repository upon which Debian would never depend. Nine months later, those guidelines became the Open Source Definition, and I announced Open Source to the world.

It was a deliberate decision that Debian’s definition of Free software would not discriminate against persons, groups, or fields of endeavor (essentially anything someone might want to do).

The idea behind this was that Freedom meant Freedom for everyone, not just Freedom for people we approved of. This meant, among other things, that the Debian system could be used for war. But more importantly, it meant that the Debian system could be a common ground for the sharing of software among people who did not agree on social issues, and just maybe that it would be a way for those various people to work together and gain respect for each other, and ultimately come to greater agreement. The name of the Debian derivative Ubuntu indicates how greatly they value this idea.

Of course, Open Source took all of these good characteristics from Debian, and continues with them to this day.

More recently, there has been a spate of “ethical” licenses, which require specific conduct of the software user. Although there has been a regular stream of such things suggested to the Open Source Initiative over the past 20 years, the most recent crop includes:

  • The Anti-996 License, which requires that the licensee not commit labor abuses which are said to be rampant in China.
  • The Vaccine License, which requires users to get their shots!
  • The Hippocratic License, which prohibits abuses against underprivileged minorities.

The creators of these licenses mean well, and their sentiment is laudable. Unfortunately, their licenses won’t work.

Despite the seeming impossibility of its enforcement, the Vaccine License is the most professionally constructed of this pack, carefully targeting the approval process of the Open Source Initiative – and IMO missing it. But all three licenses appear to be unlikely to obtain the agreement of a court in enforcement, and scaling their requirements would be a sort of full-employment act for lawyers.

Let’s work through how these licenses would be enforced.

When these licenses are enforced, the copyright holder is the plaintiff, a fancy word for someone who makes a complaint. Their complaint is that the defendant, the licensee, committed a tort, a violation of civil law. The tort is copyright infringement.

The important point here is that the complaint isn’t that the license was violated, the complaint is that the defendant did not have a license at all, and is infringing copyright. The defendant then has to prove that they did have a license, and that they were obeying the license’s terms, or that the court should for some reason not honor those terms.

Licenses are also contracts, and thus the tort can be breach of contract. But contracts require the consent of both parties – the copyright holder, and the licensee. Real consent is indicated by signing the contract, but that doesn’t ever happen with this sort of license. Instead, there is a lesser indication of consent by the action of using, distributing, or modifying the software.

However, consider enforcing the Vaccine License: imagine explaining to a judge that someone consented to be injected with vaccine by using a piece of software, and that they become copyright infringers by failing to get their shots. Having the court honor this bizzare argument seems unlikely.

Consider enforcing the Hippocratic license, which attempts to prohibit various sorts of harm against disadvantaged minorities.

The first problem is that this harm is often performed by their own government, which is sovereign, and thus can’t be sued. The United States government allows itself to be sued in a special court, The Court of Federal Claims, in certain cases. But that court will limit itself to paying copyright royalties rather than enforcing arbitrary terms of the license. Since none of these licenses routinely require any royalties, the likely payment would be zero.

One might successfully bring a suit against a federal contractor, although their first attempt at defense would be to hide behind the skirts of the sovereign government that ordered the work. This suit, however, has to be brought in the nation where the offense occurred, where the court of that very same government might not be at all sympathetic to your cause.

If you actually get past all of these hurdles, the most likely outcome is that the court would not honor your license term. The reasons given would be probably be a lack of proper consent, or that the term was illegal, improper or unenforceable.

Who is going to finance these cases? This is not a frivolous question. A single lawsuit I was involved in billed about $650,000 in defense fees, which I have not had to pay due to the court’s findings and the charity of a very kind lawyer and her colleagues, whom I will owe favors for life. Legal fees for either party in lawsuits over these licenses could easily be in the Millions.

Sometimes, organizations like EFF will take on a case pro-bono, without charge, for the public good. Join EFF! But how often could they do this? It doesn’t seem that enforcing any of these licenses could possibly scale to the number of potential violators. We have enough trouble enforcing plain Open Source licenses that do not attempt “ethical” terms. The Software Freedom Conservancy has a list of violations many thousands long, and can bring at most dozens of cases a year.

So, what we’re left with are licenses that lawyers, and probably courts, and the violators themselves, laugh at.

What else is there that we can do? What the creators of these licenses should have done in the first place. Work to enact better laws, that prohibit the actions they despise and levy real punishment for the offenders.

But little software developers feel powerless to do that. So, they try to replace the entire body of civil and criminal law with a few lines in their licenses. It’s a pity that won’t work.


Sorry, Ms. Ehmke, The “Hippocratic License” Can’t Work

Coraline Ada Ehmke has released the Hippocratic License, at

This is an entirely well-meaning effort and I applaud her sentiment. It just won’t work and is, IMO, a bit simplistic and self-contradictory for reasons I will discuss.

I first encountered a license like this about 25 years ago, attached to the Berkeley SPICE software by the University of California. That license prevented the use of the software by the Police of South Africa. By the time I encountered the license, Apartheid was long over and there were Black Police in South Africa. But they were still not allowed to use the SPICE software. Of course they never had any use for an analog electronic simulation package, so the license was symbolic in nature. But the discrimination inherent in the license meant the SPICE package was “non-free”. We put it in the “non-free” archive in Debian.

I was so impressed by the failure of that license that I wrote into the Debian Free Software Guidelines, later re-labeled as the Open Source Definition, rules preventing discrimination against persons, groups. and fields of endeavor. The first two, discrimination against persons and groups, sound a lot like Ms. Ehmke’s intent. The last, discrimination against fields of endeavor, similarly prevents discrimination, but is opposite to her intent. It’s this one that makes the Hippocratic license not Open Source, not that I am clear its proponents care about that.

Let’s go over the problematic terms. Here they are in entirety:

The software may not be used by individuals, corporations, governments, or other groups for systems or activities that actively and knowingly endanger, harm, or otherwise threaten the physical, mental, economic, or general well-being of underprivileged individuals or groups.

Emphasis mine. Obviously, I am not for hurting anyone of an underprivileged group. I am a member of several myself: I am mostly recovered from severe speech and movement handicaps, I am pathologically non-neurotypical, I am ethnically Jewish, I’m aged, I’m left-handed, I could probably come up with more.

The first problem with these terms is that we have a body of criminal law which is meant to prevent people from doing bad things. We also have a large body of civil law that is in general about harm to people and being made good through the courts. Rule of law is there to protect the underprivileged from the powerful. We have a huge process of discussing law, making decisions about law, and making law.

Because Ms. Ehmke isn’t satisfied with the existing laws, with good reason, the Hippocratic license tries to supplement the body of criminal law and civil law in a single sentence of terms in a copyright license.

Copyright law is about a set of reserved rights to copy a work, create derivative works, and to perform a work. A license is used to give people permission to use those rights. So, if you harm someone of an underprivileged group, according to Ms. Ehmke, you are infringing the copyright of the work, or violating the contract inherent in the license.

Unfortunately, It is unlikely that a court would actually enforce Ms. Ehmke’s terms in a way that would change the activities of a violator. Ms. Ehmke can get what she wants by lobbying for better law, and in that would have my support.

The terms are simply far more than could be enforced in a copyright license. To go over just a few of the legal problems, they are self-contradictory (as I will explain) and will be judged to be unclear by the court. There is no required performance in copyright that could be used for their enforcement, many of the entities that perform the objectionable acts are sovereign or otherwise not subject to copyright law, there is insufficient consent to her license.

Let’s go over some of the specific terms, and the problems with them.

We can start with the name. The Hippocratic license, named after an oath shortened as “do no harm”. Unfortunately, what is “harm” just isn’t that simple.  The classical (not modern) version of the Hippocratic Oath includes this (translated):

I will neither give a deadly drug to anybody who asked for it, nor will I make a suggestion to this effect. Similarly I will not give to a woman an abortive remedy. In purity and holiness I will guard my life and my art.

Some versions prohibit birth control, not just abortion. Ms. Ehmke is probably pro-choice, as am I, but pro-life folks would contend that our conduct is immoral. And I would rather see a person with hopeless illness released with dignity from their pain, and hope that Ms. Ehmke would agree with me.

The point here is that the definition of what is ethical changes over time, from place to place, and from one individual to the next. Being an adult has often meant having to make your own ethical choices, even when they go against society. A proponent of the Feminist movement, as Ms. Ehmke is, should understand this.

This choice was faced by my father, who enlisted as an Army Reserve and was called up for both World War II and the Korean War. He went to Europe to kill nazis and fascists in the service of his country. Of course I am proud of his actions and support them, nazis and fascists were out to take away people’s rights and to kill Jews – meaning my entire family.

Because her definition of harm is limited to individuals of an underprivileged group, war is, by her definition, always harmful. The losers will be underprivileged, even when they have horribly violated the rights of others. So Ms. Ehmke’s license closes out a path by which nations and rebel groups work to liberate the oppressed. Not all war is unjust. Thus, Ms. Ehmke’s license is self-contradictory.

It is an unfortunate fact that all law ultimately is administered by the legally sanctioned use of a weapon or imprisonment by someone employed or deputized by a government, or the threat of such use. As a society, we protect people’s rights by hurting the people who violate them. We make judicious use of violence – never as individuals, but as a society.

Ultimately, nobody could enforce Ms. Ehmke’s license without harming someone, or at least threatening to do so. And it would be easy to make a case for that person being underprivileged. Thus, once again, Ms. Ehmke’s license is self-contradictory.

Let’s talk about economic harm. It is an unfortunate fact that all Open Source software economically harms someone. We can live with this because the collective economic benefit to all people is much greater than the harm to a few. We live in a capitalist society with economic competition. So, we can expect that when we make great Free Software, someone who makes, or might otherwise make, proprietary software becomes financially underprivileged, is harmed economically, and is unable to pursue the business and work she or he desired. And obviously, use of the software in a business that competes with other businesses leads to some of those competitors becoming underprivileged economically and economically harmed. And yet again, Ms. Ehmke’s license is self-contradictory.

So, unfortunately, this well-meaning effort doesn’t work, and these terms don’t belong in a license. I will happily support Ms. Ehmke in pursuit of legal reforms meant to achieve the protection of underprivileged people.

– Bruce Perens




About the AMSAT 2019 Director Election

The AMSAT 2019 director election will close voting on September 15. If you haven’t read it, here are the candidates I’ve endorsed.

I wanted to document why I got involved, and what I feel were anomalies in the election procedure.

As I write this, there are a few days left in the election. According to the ElectionBuddy instructions if you haven’t voted, and haven’t received or can’t find your ballot, the election administrator, [email protected], should be able to give you a key and online voting instructions, or direct you to someone at ElectionBuddy who can help. Of course I can’t guarantee that he’ll want to.

I have been supporting the Phase 4 Ground Station project for several years. Michelle Thompson W5NYV, the project lead, had confided that she found it difficult to work with AMSAT management. This eventually became so serious that we decided to create Open Research Institute as a 501(c)3 tax-exempt organization to support the Ground Station project and other Open Source space projects outside of AMSAT. We don’t particularly want to have this done in a separate organization from AMSAT, we just don’t feel there is any alternative at this time.

We had other worries about AMSAT leadership. There are conduct issues. I know many brilliant people who made some of AMSAT’s greatest projects, and have curtailed their work for the organization if they haven’t quit completely. AMSAT can’t support itself from membership fees. And we’d like changes in the technical direction.

So, when five candidates formed a slate to run for the AMSAT board, epsousing similar ideas to mine, I decided to write a public letter in support of their candidacy and to financially support their campaign mailing. I had previously written a similar letter to endorse ARRL board candidates during the “transparency vs. confidentiality” dispute within ARRL. 4 of the 5 candidates I endorsed won the ARRL election, and that was the end of the “confidentiality” issue.

The slate of AMSAT candidates adopted my new letter as part of their campaign material and mailed it to the AMSAT membership. That’s why you’ve received a postal letter from me, although it was mailed by the candidates.

At least one of that slate will win, simply because of the number of candidates.

AMSAT’s bylaws provide these rules regarding the election. I feel they’ve been violated, and that whoever wins, the election was run ineptly and not in compliance with AMSAT’s own rules.

Section 3: Voting shall be conducted by secret ballot in a fair and democratic manner. The Secretary shall prepare written ballots listing all candidates found to be duly nominated and eligible for election. Such ballots shall be mailed to all Members or, at the Secretary’s discretion, included in a publication of the corporation mailed to all Members, in either event such mailing to take on or before July 15 of each year. Duly nominated and eligible candidates shall be afforded equal opportunity to circulate statements of their qualifications and positions to the Members through the corporation’s publications and shall have use of the corporation’s mailing lists for election-related purposes at no cost to the corporation.

AMSAT made no plans to allow members to publish their platforms in the organization’s publications, as is called for in its own bylaws, and there has been no such publication. The ballot mailing included no information on the candidates. Severely-limited candidates statements, constrained to 350 words and prohibiting URLs and criticism of individual AMSAT officers, were carried on the web site, but I received complaints from AMSAT members that they did not know of this, that the link was initially in too small a font to stand out, and that even after the link text was enlarged many members never found the candidate’s statements on the web site before they voted.

AMSAT also made no plans to provide mailing lists to the candidates to enable them to perform their own campaigning. They had to be forced, with a letter from a candidate instructing them on their own bylaws, which they seemed to be ignorant of.

The candidate statement guidelines and a set of radically different election rules than in the past were communicated to the candidates on July 3, 2019, at the start of a holiday weekend shortly before the election opened. Thus, the candidates were not given adequate time to prepare, and were not able to get their mailings out to members before the ballots arrived.

I feel that all of this was prejudicial to anyone but the incumbents, who are frequently heard in AMSAT’s publications and online services. The incumbents must also feel this way, since they haven’t bothered to create a mailing of their own.

I don’t know if any of this is due to malice, or simply ineptitude. AMSAT has rarely had a contested election at all, indeed it’s been difficult to find people to fill the necessary offices.

But the election has been somewhat contaminated by AMSAT’s gaffes in operating it. This applies whoever wins.

Whatever happens, the candidates, and I, will be back next year for the next AMSAT election. And we’ll demand better processes, leading up to the election.

Bruce Perens K6BP

AMSAT Director Election 2019: It’s Time For Change

Please pass this on to other AMSAT members, until September 15, 2019. The canonical version of this document is at

Hi, I’m Bruce Perens K6BP. You might have seen me as the guy in the IBM commercial who says Let’s Champion Data Rights as Human Rights! I am one of the founders of the Open Source movement in software, and an innovator and evangelist for advanced Amateur Radio technology like FreeDV, Codec2, and HT of the Future. I founded No-Code International to end code testing, and still work intensively on Amateur Radio policy today. I’m an AMSAT member and AMSAT President’s Club donor.

AMSAT is absolutely vital to continue the role of Amateur Radio in space, one especially important when we’re seeing the start of a challenge to our 2-meter band allocation internationally. But there are problems with AMSAT: It’s now 15 years since AO-40 went SK. We’ve not done anything nearly so ambitious again in North America, while Europe and Africa now have a geostationary 10 GHz transponder for Amateur use. AMSAT’s current management is hogtied and overly fearful of ITAR while the Open Source community, provider of the cryptography in every web browser back when that was under ITAR, has had that problem solved for decades. And AMSAT can’t support itself with the current member dues.

I’d like you to consider these candidates for the AMSAT board:

  • Howie DeFelice AB2S is Senior Principal Engineer with Intelsat General Communications, where he designs solutions for government. Howie was also one of the creators of 50dollarsat, the first PocketQube satellite, which validated the usefulness of that kind of 1/8U microsatellite.
  • Jeff Johns WE4B is a two-decade satellite operator, involved in elmering young people, and frequently made satellite contacts from his patrol car while he served the public as a deputy sheriff.
  • Brennan Price N4QX was CTO of ARRL, and thus our leader on many technical and regulatory issues. He is now Director of Regulatory Affairs in the Washington, DC, office of Inmarsat.
  • Patrick Stoddard WD9EWK (and VA7EWK) is an AMSAT life member, has been an AMSAT area coordinator, ambassador, board alternate, and other positions in his two decades of service to the organization.
  • Michelle Thompson W5NYV (and follow-up) is an AMSAT life member. She holds an MSEE in Information Theory and is a specialist in error correction, signal processing, and communications theory. She formerly worked for Qualcomm and is now a Distinguished Visitor for IEEE. Michelle is second violin in an orchestra, developer of an AI pipe organ called Organ Donor, and is recipient of the 2018 Don Hilliard award from Microwave Update, for service to and innovations in amateur satellite communications. Somehow she finds time to do that and be a mom of three beautiful children.

Four slots for directors are open this year, and I’ve recommended five people. Please select your favorite four. You can read in the candidate’s statements why there is need for a new board. Most unsettling to me is that there are conduct issues with the current board which make AMSAT no fun to work for, and that’s fatal for a volunteer organization. About 30 of the smartest people I know in Amateur Radio, the names behind some of the biggest projects AMSAT ever did, now either refuse to work for AMSAT or have severely curtailed their activities. Active AMSAT members will be aware of the missing faces. Patrick and Jeff both go into behavior issues of the board in their candidate’s statements. Michelle had to move the Phase 4 Ground Station project out of AMSAT due to the ITAR policy and board conduct issues. She discusses in detail how to solve the problem in these two posts: 1, 2. Howie also believes AMSAT’s ITAR policy must change.

AMSAT has severely limited the candidate’s statements on the ballot this year. The ballot sent to you will only include a tiny 350 words from each candidate, allowing no negative statements about anyone, no URLs, and only one phone number and email. Candidates have been given your postal address to mail to at their own expense, but not your email address. So, it’s important to read the candidate’s unrestricted statements on the web.

Thanks for listening. You can reach me by email to bruce at perens dot com. Please remember to vote as soon as you receive your AMSAT ballot. Ballots will be counted on September 15. Again, my recommendations are:

Bruce Perens K6BP

Yes, It Is Legal To Use Cryptographic Signature on Amateur Radio. And That’s Important!

It seems there is widespread confusion about using cryptographic signature on Amateur Radio. Cryptographic signature is a way to “sign” a message that remains in the clear, authenticating the sender’s identity and that the text of the message is exactly what the sender wrote. Can you use it on the air? The uninformed say “you can’t use cryptography on the air”, but the truth is more nuanced.

Part 97, in several places, prohibits messages encoded for the purpose of obscuring their meaning. This is either using spread spectrum or an undisclosed code. Exceptions are made for satellite control.

Is cryptographic signature obscuring the meaning of the message? NO! It leaves the message text in the clear, and adds authenticating data. Thus, you may use cryptographic signature on the air. The message itself and identity of the sender MUST be clearly readable by everyone.

Yes, there is a secret in cryptographic signature, which is some private key used for either public-key or symmetrical encryption. But nothing in the cryptographic signature conveys that secret. The cryptographic signature is just a number that, when matched with another number, says “someone who knew a particular secret authored this message, with this exact text”. That doesn’t obscure anything.

This is actually REALLY important for modern Amateur radio. With new digital satellites, we will be able to use digital signature to authenticate that all of the users are actually hams, and we’ll be able to keep the non-hams off of the satellite. This is already in development at Open Research Institute, and elsewhere.

Did you know that ARRL is already ready for hams to use digital signature? LOTW is a certification authority! You can extract an X.509 private and public key from your LOTW certificate, load it into your web browser, and authenticate yourself with it to any software that has the ARRL CA certificate loaded. Don’t do that over the air, the HTTPS protocol implemented in browsers definitely obscures the message. But you can use the same certificate to sign a message and leave the message contents in the clear.

Did you know that there is even a registered extension to X.509 for callsigns?

This also gives us a way to control systems over the air without encrypting the control message, and without allowing unauthorized persons to control those same systems. Wouldn’t you like to use that when you convert your repeater, etc., from touch-tone to digital control?

Slims will be non-existent or not last long. If they steal your key, you can repudiate it.

HT of the Future – New Design

A few years back, Chris Testa and I tried to make a mobile SDR called “Whitebox” or “HT of the Future”. That didn’t work out because the design was too noisy, and we made some mistakes, but we learned a lot.

A few years later, I’m ready to do a new design. It’s a smartphone-controlled 40 mW single-band transceiver based on the AX5043 from On Semiconductor. The hardware design and software are 100% Open Source. You connect to it using a web browser over WiFi, and it takes over your phone’s microphone and speaker, runs a codec in webassembly, and provides a completely-portable UI that runs on Android, Mac, Windows, and anything that runs an un-handicapped version of Chrome or Firefox (which may still not be Apple iPhone). It will be dirt-cheap, and should be able to do FM, packet (1200 and 9600), digital voice using Codec2 (with the codec running in the smartphone), and many experimental modes with data from 0.1 to 125 kilobits per second. It has WiFi (client and standalone access point simultaneously) to connect to your phone and the internet. and Bluetooth Low-Energy.

There is also a cryptographic coprocessor on the board. It cost less than $2. Under FCC rules, we can use digital signature to authenticate hams over the air, as long as the message content is not encrypted. So, there will be lots of interesting applications. But my main reason is that I don’t want to support clones. So, your radio can authenticate itself over the internet. It also provides support for SSL/TLS with a hardware-sequestered key, and lots of interesting general-purpose cryptographic power.

The overall bill of materials is under $25. So, I might be able to create the Baofeng of digital modes.

Here’s my first pass at a schematic. This is my first time using KiCad, and I’m not an electrical engineer or an RF head at all, so expect mistakes.

This simple design can obviously be enhanced, but I like how simple it is because it will hopefully be easy to get it working.  For example, the radio chip is so cheap (under $2 in quantity) that it works best to do multiband with one chip per band – and thus one separate working radio per band.


Want to chat? Email bruce at perens dot com

Bruce Perens featured in new IBM ad, during Oscars TV Program

Here’s the IBM ad used to open their Think 2019 conference, featuring Buzz Aldrin, Arianna Huffington, Janelle Monae, Miaym Bialik, more illustrious celebrities, and astonishingly: me. A shorter version will run on the Oscars TV program.

Dramatis Personae

Music composed and performed by Philip Glass.

Director: Mark Romanek

Production Company: Anonymous Content

Ad Agency: Ogilvy USA

ARRL Web Site Publishes Questionable Virus Notice

ARRL should not be publishing this sort of notice,  because ARRL does not have the expertise to determine its legitimacy or correctness. In the case of Linux, virus warnings should come only from the producer of your Linux system: Ubuntu, Debian, Red Hat, etc. These people are responsible for removing any holes that allow a virus in, and will tell you how to update your system correctly. Linux is not Windows, and does not depend on third-party virus scanners for its security.

The company that published the virus warning has a commercial interest, in that it produces commercial virus and security programs and services, and these notices have the purpose of promoting their expertise (if they are right) and thus selling their products and services. The Open Source developer community provides these products and services at no cost, and the providers of your Linux distribution generally use the Open Source ones. They will update their systems as necessary to remove the threat, and will publish their own warnings as appropriate.

If you would like to learn more about this issue, please read this guide to responsible disclosure of security issues.

If you trust unauthorized sources to instruct you on the security of your Linux, Windows, or Mac systems, it will be a short time before one of them instructs you to perform some action which defeats your security. ARRL should know better.


    Bruce Perens K6BP (Co-founder of the Open Source movement in software.)

The Day Microsoft Disclosed its Plans to Sue Open Source Projects

Of course these days Microsoft has made its peace with Open Source. They are a member of the Open Source Initiative and actually support my work on Open Source and Standards. It wasn’t always that way. There’s something I need to get off of my chest:

One day in the early 2000’s while I was working for HP, Microsoft met with HP management and disclosed to HP their plans to sue major Open Source projects. An HP vice president documented the meeting and sent an email about it suggesting that HP back off of its involvement with Linux, which was forwarded to me. My HP manager at the time was Martin Fink, a section manager at that time and later HP CTO. Martin told me to destroy the email.

Microsoft did not carry out the disclosed plans to bring those suits, but was subsequently documented to have been “backstop” of one of the investors of SCO while they brought their lawsuits. All of this time, I was aware of Microsoft’s plans and unable to talk about them due to an NDA. Other Open Source folks associated with HP were probably also aware and limited by their NDAs: Jeremy Allison said at the time: “please subpoena me”, meaning that he knew something he wished to have in the public but was constrained from talking about it.

Obviously, it’s not the same Microsoft today. However, I have been bothered now for decades about having to keep this secret from the Open Source community, to whom I owed a much greater loyalty than I could ever owe to HP. Obviously any legal binding that HP ever had upon me has expired.