Monday, December 12, 2016

aprs.fi moving to TLS

In an effort to increase security on the web at large scale, web browser vendors and other organisations such as Google are making changes which encourage web sites to move to TLS/SSL encryption. Even web sites which previously did not seem to need it – ones with static content only, and ones without any login / password functionality. This is good and fine – even if it's not a banking web site, it's good that third parties along the network can not observe or modify the content being downloaded. The Chrome web browser has started to label non-encrypted sites with an informative '(i)' symbol which warns the user that "Your connection to this site is not private", and will eventually make those warnings stronger. Google gives better ranking in the search results for https sites.

A real, practical issue right now is that the geolocation Javascript API is no longer available on non-HTTPS sites in recent Android and Chrome versions. This actually broke map center and tracking functionality on the aprs.fi web site.

I wholeheartedly support this movement, it will make the Internet a better place!

These days, with performance-improving developments such as ECDHE, GCM mode AES and hardware accelerated AES, running TLS on a web server is not much of a performance issue any more. Most of the CPU time will be spent on application logic, anyway.

The fun part is that HTTP/2, a new protocol used by modern web browser to access web sites, is only used over TLS/HTTPS – it is not available over plaintext connections. HTTP/2 is faster than older HTTP versions, and a surprising side effect is that a web site may well open up faster over HTTP/2 + TLS than over HTTP 1.1 without the encryption!

Picture not related. I just took it last summer. Kyyttö cows © Sappion luomu.
Before now, aprs.fi has only used TLS/HTTPS for its login and user account management pages. Fairly soon I will have a maintenance break on the aprs.fi servers, upgrade the operating system to the next major release, and install a new version of the aprs.fi software which supports access over both HTTP and HTTPS. To reduce duplicate content (same stuff being available over both HTTP and HTTPS) it will prefer HTTPS and nudge clients that way every now and then, but initially plaintext access should be possible, too. Later on, if there are no surprises, the nudges will gradually become stronger.

There are a few issues which need to be addressed. There are possibly a few Amprnet users accessing this site over amateur radio frequencies. On the other hand, they're then practically surfing the Internet over radio, and probably doing a few requests to other encrypted sites now and then, too, so maybe it's not a big problem for them.

Another thing is that apparently users in China can't access the Google Maps API over HTTPS, so those users would still need the plaintext access for now. I might make the zh.aprs.fi site plaintext only, and bump those users that way, or something along that way. Maybe the Amprnet users can use that, too?

Sunday, October 9, 2016

aprs.fi iPhone/iPad app update: v1.6.2

Version 1.6.2 of the aprs.fi iPhone/iPad app went out yesterday evening. I've been adding a few features and fixes here and there on the weekends, but most of the larger changes in the code are actually under the hood and not yet visible for the users. I've also spent a good amount of time upgrading the aprs.fi web site backend and fixing a few bugs here and there.

Here are the visible changes in 1.6.2, all of them were recently requested by users of the app:

  • Tapping a station on the map multiple times switches the track line colour for that station.
  • Track line width can be adjusted in Settings. The default size is slightly thicker than the previous default.
  • The maximum tracked station tail/track length is now 6 hours.
  • Previously selected stations and addresses can be deleted by swiping the respective table row to the left.
  • Previously selected address search results are retained even if the application is killed manually by the user.
  • Some small visual adjustments (more space between "Beacon now!" and "Delete station" buttons, etc).

Some folks are also asking for a feature to track multiple stations at the same time, but that can already be done, since version 1.0 – just tap the '+' button on the additional stations info view to add them in tracking. This video demonstrates tracking many stations in the iOS app.

Here are some of the new features added in previous versions this summer:

  • Setting to hide/show station callsign labels on the map
  • Setting to disable (accidental) map pinch rotation
  • Latest packets of an APRS station can be viewed by clicking a new button in the station information view. Tap a packet to decode it using the aprs.fi packet decoder.
  • Filtering feature to control what is shown on the map, for hiding weather and AIS stations, for example. Complex custom filtering will be available in the future.
  • A feature to display road traffic information (traffic jams). The information can be hidden in Settings.

I'm also currently working on APRS-IS beaconing and messaging features, and arbitrary date/time range selection (with long time ranges), but they're not complete yet. Larger features take more time.

The app is already getting quite happy reviews, but it still needs a few features to really make it complete. The 5-star average rating and these reviews are for version 1.6.1, from users from the USA:




Sunday, December 13, 2015

aprs.fi iOS app for iPhone and iPad!

The new, official aprs.fi iOS application went live on the App Store a week back. It runs on the iPhone and iPad, and currently supports iOS 7 to iOS 9. Purchase once – run on up to 10 devices associated to the same iTunes accounts!

It provides immediate, near-real-time visibility to APRS traffic around you, and has quick search-as-you-type station and address search functions. Zoom around the world as easily as on aprs.fi, or look up stations by their callsign. Multiple stations can be tracked at the same time.

Telemetry, weather, and APRS station statistics can be viewed as graphs.

The new high-resolution symbol graphics look crisp on Retina displays. iOS 9 Split-Screen multitasking is supported on applicable devices (iPad Air 2, iPad Pro, iPad mini 4, and newer). Landscape and portrait modes work too, of course.

Position beaconing to aprs.fi works great, although, as usual, GPS use in the background reduces battery life noticeably. The minimum transmit interval slider can be used to reduce transmission rate, allowing the GPS to turn off for longer periods of time. The app does not require location information, but it can be helpful for automatic map centering and calculating distances.


A little expectation management needs to be done at this point: Some future features will only be available for a small additional yearly price, through an in-app purchase. That price will be lower than the purchase price of the app. The rationale behind this is simple: There's only a rather small number of APRS iOS users around the world, and once most of them have bought the app once, there will be no more income from the app, ever. Having a small, steady income nicely keeps up the motivation in maintaining and improving the application in the future. A few APRS apps have already been practically abandoned on the app store, with no updates in one, two or three years. The original app, simply named "APRS" recently got deleted and replaced with something completely unrelated.

Some new features, and all bug fixes of course, will be free updates. The current version does not even include any support for in-app purchasing yet – it'll maybe come up some time next year, after the base features are ready.

Purchase the app now, and you'll get a nice APRS web site for free!



Frequently Asked Questions


What about Android?

Yes, maybe later. It takes a lot of time to produce these things. I concentrated on iOS mostly because all my devices happen to be iOS, I have some previous experience on iOS development, and APRSDroid is already so good.

Filtering, I wish to hide AIS vessels and/or weather stations?

Yes, that's on the top of my list of things to do, I can't live without them either.

Can not beacon to APRS-IS?

Not yet! This is the aprs.fi app, not an APRS-IS app, so it talks primarily to the aprs.fi service, not other services. Beaconing to APRS-IS will come later, stay tuned.

Connecting to the aprs.fi database makes the immediate real-time view happen, so that there's no need to wait 30 minutes for everyone to transmit their position once after opening the app. On the downside, if aprs.fi happens to be down, the app doesn't do much either. Luckily aprs.fi has proven to be very stable during its operation since 2007.

Messaging?

Yes, of course, later.

Tuesday, November 3, 2015

New symbol graphics and better support for mobile devices

Old symbols, scaled up, pixels obvious
[updated 2015-11-03: the set is now available on github.]

I've just upgraded aprs.fi to use my new APRS symbol graphics set. The new symbols are drawn in vector format (as opposed to a raster format at a fixed resolution), allowing them to be rendered at larger and smaller sizes without distortion or blurriness. The new symbols are slightly larger than the old ones, making them easier to recognise on modern displays having smaller pixels than the old ones. They're also available in double resolution so that they're properly sharp on the 4K/retina displays found on many modern tablets, phones and computers!

New symbols, scaled up - no pixelation!
One downside is that they are just a little bit bigger than the old ones, taking up more space on the screen. On the other hand, the old ones were a bit too small on modern displays, and the very small resolution did make it hard to understand what the symbol tried to mimic.

The new aprs.fi symbol set is available as open source on GitHub, in both vector (Adobe Illustrator/PDF) and raster (PNG) formats. Other APRS applications may then use them, too, at no cost. Raster renderings are available in 24x24, 48x48, 64x64 and 128x128 pixel resolutions - drawing from raster sprites in apps is usually quicker and easier than working with the vector source material. Having the vector sources makes it possible to improve them and and replace individual symbols easily. If you need to render other resolutions or make some other fine tuning, you can run Illustrator for free for 30 days. The symbol set release even comes with a little piece of javascript which crunches out the 3 PNG files (primary, secondary, overlay characters) at the 4 resolutions in a few seconds.

Naturally I did not draw all of the symbols myself. Many are loosely or strongly based on the original symbol graphics, primarily to keep the familiar and consistent look. Some symbols I obtained from other sources, such as Wikipedia. In those cases I picked SVG versions which allow commercial reuse (source known, and the work is placed on public domain, or with a CC license which allows adaptation and commercial reuse). In any case, the source and copyright information is documented separately for each symbol.

The aprs.fi symbol graphics set does not contain additional symbols for overlays yet, mostly because it takes lots and lots of time to draw them, and the effort it took to create this set was pretty high already. Maybe later!

There is one obvious difference in the new symbol set: the "ham store" symbol has been replaced with a more generic "store" shopping cart, reflecting the current \h symbol definition in the master index. Please use the 'H' overlay character to specify an amateur radio shop.

To complement the symbol graphics, I've previously published a machine-readable (CSV/JSON/XML/YAML) APRS symbol description index, which is easier to integrate in applications than Bob's master list.

Improved mobile device support

aprs.fi will now work better than before on mobile devices. I fixed the signup/login flow and most of the text and data table views to scale more nicely on small devices, allowing  horizontal scrolling of tables. It'll need some more work to make it very nice, but this is a good start.

Friday, October 9, 2015

OpenStreetMap available again


Earlier this year aprs.fi was unavailable for a short while after Google disabled Maps API access due to mixed OSM/Google content being visible on the site.

I now spent a couple evenings setting up OSM again in a way that would not interfere with Google's policy of not allowing Google content such as Street View or address search results to be shown on top of non-Google maps. The result of that work is now live on aprs.fi.

OpenStreetMap maps are again visible, but Street View buttons and controls are hidden while in OSM mode.

While using OSM, address searches are done by using the GeoNames database. City lookups work quite well, but address searches do not seem to work, at least not for Finland. City/country lookups do not return information on how large the found place is, so zoom level does not adjust automatically to cover the place.

Wednesday, October 7, 2015

Beware: Cookies.

Credit: star5112 / Flickr Creative Commons
This is not the feature I actually wanted to implement next, but here goes.

aprs.fi now displays one of those oh-so-common warnings saying "This site uses cookies". There is some code in there to try to show the warning only to visitors from the European Union, but due to the inherent inaccuracy of GeoIP-type lookups, it may fail either way for some users.

aprs.fi has used cookies from the beginning, just like roughly all the other web sites in the world. Nothing in the use of cookies has changed (they're used everywhere and by everyone), but new regulations set by the European Union, and requirements set by Google, require aprs.fi to display this warning.

Once you click the '✖' button in the corner of the warning, a cookie will be set, so that your selection is remembered, preventing the warning box from appearing again. It'd be annoying if the box appeared every time. If you have disabled cookies, the warning will appear every time, since the web site cannot know if you have dismissed the box before or not, since that information would be stored in a cookie.

More information:


Sunday, June 21, 2015

DKIM, SPF and assorted tricks to get through spam filters

Today I've set up DKIM (DomainKeys Identified Mail) on the aprs.fi servers and within the aprs.fi DNS zone. A week back I already set up the SPF (Sender Policy Framework) records in the DNS, and fixed the reverse DNS information for the IPv6 addresses used by aprs.fi to send out email.

Mike Mozart / Creative Commons / Via Flickr: jeepersmedia
In non-technical terms, this should help GMail and other services to figure out cases of others sending email (spam?) on behalf of aprs.fi, and correctly classify those as junk. It also might help GMail figure out that the registration confirmation and password reset emails sent out by aprs.fi are actually not spam.

It has been a rather persistent problem - GMail has consistently labeled the registration emails as spam, and people have been asking why they're not getting the emails. In all cases the mails have been found in the spam folder. We'll see if this helps!

Thank you to postfix and opendkim for making this a rather easy thing to get going.