Secure Owncloud Server

This article is about how to securely configure the machine where your Owncloud instance will be running.
Even if you set-up your connection with Owncloud in a secure way,  your data still can be compromised by exploiting security flaws in the underlying architecture.

In the following we specifically will cover the underlying software stack and brute-force password hacking attempts.

Automatically install security updates

No software package is perfect – there might be security holes in the the whole stack – starting with the linux kernel up to the used SSL library.
However most security holes that are being exploited are publicly known and security updates have been provided for them.
The only reason why they still can be exploited is that people do not install the security updates in time. Especially if there is no server-admin dedicated to maintaining the Owncloud machine one might easily miss on such updates.

Fortunately it is very easy to enable automatic security updates on debian based distributions with

sudo dpkg-reconfigure -plow unattended-upgrades

Prevent brute-force password hacks

Unfortunately Owncloud 6 is still vulnerable to brute-force password attacks in its default configuration as it does not enforce timeouts after failed login-attempts.

Therefore one might just try all possible passwords gain access to your machine in about 3 days for a typical password length:

To prevent this we can use fail2ban to enforce a timeout after a certain number of failed login attempts.

First install fal2ban

sudo apt-get install fail2ban

Fail2ban works by parsing the log files of a service and then reconfiguring the firewall in order to ban the offending ip-address.

So we need to tell owncloud to log the failed login attempts. To do so edit

owncloud/config/config.php

  'logtimezone' => '<TIMEZONE>',
  'logfile' => '/var/log/owncloud.log',
  'loglevel' => '2',
  'log_authfailip' => true,

Note that logtimezone must match the clock of your server.

Next create the following filter definition for fail2ban

/etc/fail2ban/filter.d/owncloud.conf

[Definition]
failregex={"app":"core","message":"Login failed: user '.*' , wrong password, IP:<HOST>","level":2,"time":".*"}

Together with the following service definition

/etc/fail2ban/jail.local

[owncloud]
enabled = true
filter  = owncloud
port    = https
logpath = /var/log/owncloud.log

Now restart fail2ban and try to log in 4 times with a wrong password. The 4th attempt should give you a timeout. (for 15min)

How to manually update a deb package from source

Probably everyone has encountered a package in Ubuntu which was not the newest released version while one for some reason needed the newest one. The first step is to search for a PPA with the desired version. But what if there is no such PPA or you want to build the version yourself? This is where this guide comes in. Note however that this is not aimed at ordinary users – you need some experience with programming/ compiling to successfully build a package.

Before you start

Before you start make sure that you have source packages enabled in your software sources.
Next you obviously need the upstream source tar-ball of the new program which should look something like <packagename>-<version>.tar.gz.
Download this tar-ball to a new directory <somedir> and extract it there.

Updating Package info

For the following commands I assume you are in the previously created directory <somedir>.

First we need to get the old version of the source package

apt-get source <packagename>

This will download and extract the old source package into <packagename>-<oldversion>.

Now we need some helper scripts to perform the upgrading as well as the build-time dependencies of the package

sudo apt-get install dpkg-dev devscripts fakeroot
sudo apt-get build-dep <packagename>

Next change into the extracted sources of the old package and update the packaging

cd <packagename>-<oldversion>
uupdate -v <newversion> ../<packagename>-<newversion>.tar.gz

# change into the extracted new package
cd ../<packagename>-<newversion>

# update version info
dch -l ~ppa -D $(lsb_release -sc)

For more information see the Debian New Maintainers Guide.

Building the program

To trigger a rebuild of the program simply execute

dpkg-buildpackage

Uploading your version to a PPA

To upload a package to a PPA you first need to sign it to prove that you are the author. To do this you have to execute the following in the <packagename>-<newversion> directory

debuild -S

Furthermore you need the upload tool dput to actually perform the uploading

sudo apt-get install dput

Now change to <somedir> and execute

dput ppa:<your_username>/<repository> <source.changes>

You can find more information at Launchpad.

Secure Owncloud setup

While the Owncloud Manual suggests enabling SSL, it unfortunately does not go into detail how to get a secure setup. The core problem is that the default SSL settings of Apache are not sane as in they do not enforce strong encryption. Furthermore the used default certificate will not match your server name and produce errors in the browser.

In the following a short guide in how to set-up a secure Apache 2.4 server for Owncloud will be presented.

Generating a secure Certificate

A secure TLS connection starts with the Server authenticating itself to the client with the server certificate. Therefore we will start the setup of our server with generating that certificate.
The purpose of the certificate is to ensure that if you type in “your.website.net” you are indeed talking to your server and not to a man-in-the-middle who intercepted your connection. Therefore the certificate contains the server name and the public key of the server.

As mentioned above the default certificate will not match your server name and therefore you will have to generate a matching one.

Unfortunately following the apache SSL FAQ will results in a certificate using the possibly vulnerable SHA-1 hashing function. A better alternative is SHA-256, but it has to be explicitly requested during certificate creation. The according call to openssl for certificate creation is

openssl req -new -sha256 -x509 -nodes -days 365 -out your.website.net.pem -keyout your.website.net.key

The resulting certificate and private key have to be referenced in Apache as following

SSLCertificateFile    /path/to/your.website.net.pem
SSLCertificateKeyFile /path/to/your.website.net.key

Note that this results in a so called self-signed certificate. Usually certificates on the web are approved by a Certificate Authority (a digital notary) which confirms your identity. By trusting the CA you can also trust websites that are otherwise unknown to you, but which were approved by the CA.
While this makes sense for public websites, you probably already trust your own server, so there is no need for a CA signed certificate.
Just add your self-signed certificate to the trusted list of your browser on first visit.
If you fear a man-in-the-middle attack during the initial connection, you can also manually copy the generated pem file on a USB-drive and import it in the browser from there.

Using secure ciphers

Using the secure certificate we only know that we are indeed talking to the server we want to talk to. Next we actually want to start sending encrypted messages. In theory we could encrypt data with the public key of the server using asymmetric encryption like RSA. However asymmetric encryption is slow and therefore not suitable for large amounts of data. Furthermore our communication could be decrypted if somebody would record it and at some point in the future get access to the private key of the server. Therefore we want to use a one-time symmetric key. This way we achieve forward secrecy.The symmetric encryption should be also secure in a sense that even when large amounts of data is collected, it is must not be possible to reconstruct the key and decode the data.
Last but not least the chosen cipher should be supported by our clients. Surprisingly it is the Owncloud desktop client which does not support modern ciphers, while current browsers and even the android app does.

Instead of discussing all available ciphers in regard of the above requirements, I would rather refer to the excellent TLS server configuration guide by Mozilla.
Yet we can still improve the suggested configuration. Mozilla has to consider compability with old web-browsers which we do not have to. So without further ado this is the recommend cipher configuration

SSLProtocol all -SSLv2 -SSLv3
SSLCompression off
SSLHonorCipherOrder On
SSLCipherSuite EECDH+AESGCM:EECDH+AES:EDH+AES

The rationale behind this suggestion is

  • Allow TLS 1.0 for compability with mobile apps
  • Disable SSL compression to mitigate the CRIME attack
  • always use Diffie Hellman(DH) key exchange(Kx) for forward secrecy
  • prefer Elliptic Curve Diffie Hellman (ECDH) for performance
  • always use AES for symmetric encryption
  • prefer AES GCM mode for security and performance

Notes

Actually only the Owncloud desktop client forces us to enable ordinary DH key exchange. Besides being much slower than ECDH, a weak modulus is used for DH Kx up to (including) Apache 2.4.6. While there are no practical attacks exploiting this yet, we can only be completely on the safe side by updating to Apache 2.4.7 or fixing the root issue in the desktop client. (bug status)

Also we only allow TLSv1 for compability with the mobile apps as openssl in android does not yet support TLS1.1+. This circumstance is not really critical as BEAST is not applicable in the sync apps and browsers will connect to the server with TLS1.1+ or work around the vulnerability.

Enforcing HTTPS

At this point the secure connection to your server is ready, but we still have to ensure that it is the only way data is exchanged with the clients.
While you can only enable apache on port 443, you will always have to remember to type in https:// in the browser. A better way is to automatically redirect from port 80 to port 443 like

<VirtualHost *:80>
        ServerName your.website.net
        Redirect permanent / https://your.website.net/
</VirtualHost>

Note that you do not have to use mod_rewrite here as Owncloud sets the HSTS header, so browsers will automatically prefix all requests with https after the first visit.

But whatever you do, remember this

 

How to root Android using Ubuntu

The Big Picture

Android consists of three parts relevant to rooting

  1. the bootloader
  2. recovery system
  3. main system

typically only the main system is running, that is the Linux Kernel, the launcher, the phone app etc.. If we talk about rooting, that means we want to add an additional app to the main system which may access secured parts of the main system and also acts as a gatekeeper for other apps that want to get access too.

The problem is that we need access to the secure parts of the system in order to do so, which means that we cant simply install that app (e.g. an apk) from within the main system.

This means we have to go one level down. This is where the recovery system is. Typically you do not see it, as it is only active when the main system can not run – either because a system update is installed or because you do a factory reset.
As the recovery system can do a full system update, it means that it has also access to the secured parts of the main system – exactly what we need. Unfortunately the stock recovery system does not allow installing apps, so we have to replace it.
But before that we have to talk about the bootloader.

The bootloader is a tiny piece of software which decides wether to start the recovery or the main system (or another main system, like Ubuntu Phone). But in the default configuration in only starts systems that it knows and trusts. In this configuration the bootloader is called locked. Although it prevents malicious software to change the phone and spy on us, it also prevents us from replacing the recovery system. This concept is also coming to the PC btw where it is called secure-boot.

Here is a graphical overview of the Android components:

android-brs

So what we need to do in order to get root access is

  1. unlock the bootloader
  2. replace the recovery system
  3. install a superuser app

Preparations

First you need to install the fastboot binary to be able to perform low-level communication with the device

apt-get install android-tools-fastboot

Next you have to allow non-root users to execute commands over USB, so you do not have to run fastboot as root. For this create the file

/etc/udev/rules.d/51-android.rules

with the following content

SUBSYSTEM=="usb", ATTR{idVendor}=="<VENDOR>", MODE="0666", GROUP="plugdev"

you can find the value for <VENDOR> on the page linked here.

Finally you have to reboot into fastboot mode. Usually there is a key combination you have to press on startup.

Remember this key combination as you will need some more times.

Samsung Devices however, like the Galaxy S3, do not support the fastboot mode – instead they have a download mode, which uses a proprietary Samsung protocol. To flash those you have to use the Heimdall tool. While this article does not cover the heimdall CLI calls, the general discussion still applies.

Unlocking the Bootloader

for google devices, like a Nexus 4 or Nexus 7 it is just

fastboot oem unlock

if you have a Sony Xperia device, like a Xperia Z, you additionally have to request a unlock key and then do

fastboot oem unlock 0x<KEY>

where <KEY> is the key you obtained.

Replacing the Recovery System

There are two prominent alternative recovery systems with the ability to install apps

Clock Work Mod (CWM) is probably most known so we will use that one. From the Website linked above download the recovery image which fits your phone.
Here you have the choice between the ordinary recovery which uses the volume buttons of your device for navigation and the touch recovery which supports the touch screen.

fastboot flash recovery <RECOVERY>.img

where <RECOVERY> is the name of the file you downloaded. For instance for a Nexus 5 and CWM 6.0.4.5 it would be

fastboot flash recovery recovery-clockwork-6.0.4.5-hammerhead.img

Installing the superuser app

Again we have several choices here

although SuperSU is the most prominent one, I would recommend getting Superuser by CWM, as it is open source and also nag-free as there is no “pro” version of it.

To install we need to get this zip archive and copy it to the device. To install it, we need to reboot into fastboot mode and then select “Recovery Mode” to get to the recovery system. Once in Recovery mode select

install zip -> choose zip from /sdcard

then browse and select the “superuser.zip” you just copied.

Once installed select

Go Back -> reboot system now

Once the system has started you should have a “Superuser” App on your device. Congratulations, you are done.

Optional: flash stock recovery

As the recovery is responsible for installing system updates it is a good idea to revert to stock version after you installed root, so the system can auto-update itself again. However a system update will also remove your superuser app so you will have to repeat the above procedure again.

If you have a Google Nexus Device, you can grab the factory images here.  There you will find a image of the stock recovery and restore it by

fastboot flash recovery recovery.img

Repairing the Philips HD4685 Kettle

The Philips HD4685 is one of the more advanced kettles, as not only automatically shuts-off when the water is boiled, but also allows setting a target temperature below 100°C. This is quite handy if you want to drink green tea, which is supposed to be boiled with only 80°C warm water. Unfortunately the extra electronics is another part which can make the Kettle fail. And this is exactly what happened to me.

Symptoms

I used the kettle for about 3 years on daily basis. One day however it stopped to make the “beep” which indicates that the water is ready when cooking at 100°C. But as this is not an essential functionality I just kept using the kettle. Unfortunately a few weeks later it did not cook at 100°C at all. Instead the kettle just turned off after reaching 80°C – even though 100°C were set.

Diagnosis

Under the hood one of the capacitors forming the capacitive power supply for the electronics started failing. Instead of supplying 0.47 μF, it merely supplied 0.1μF. So what was happening is that once more power consumer like the 100°C LED and the speaker were activated the power supply broke down and the whole circuit shut down.

So the solution is to replace the respective capacitor.

Therapy

Before you try to fix the kettle on your own, be aware that wrong assembly of the kettle can lead to a short-circuit that can cause a fire or lead to an electric shock. You should have fundamental knowledge of electrical engineering.

To access the faulty capacitor one must first disassemble almost the whole kettle:

  1. remove the screws on the bottom cover (torx 8)
  2. lever out the bottom plate with a flat screwdriver
  3. disconnect the power supply cables
  4. remove the screws on the top cover (torx 10). Then remove the top cover and the metallic ring. Also remove the handle cover.
  5. Pull out the electronics box, which is now free as you disconnected the power cables(3)
  6. unscrew and open the electronics box.
  7. replace the capacitor. (requires soldering) The capacitor specifications are MKP X2, 26.5 x 10 x 19 mm, 0.47 µF 275 V/AC ±10%, 22.5 mm pitch

For reassembly perform the steps in reverse order. The kettle should work now.

I would like to give credit to the according thread at elektronikwerkstatt.de, where I found the informations to create this post.

Final Words

I am not really sure if this is a case of planned obsolescence or just of insufficient testing, but I would really like philips to use higher quality capacitors and/ or rethink their power supply design. The kettle which is worth 50€ is still fully functional and just failed because of a 1€ part.

Walkera QR W100 video streaming to PC

Walkera recently released a the new QR W100 FPV quadrocopter (see video for an review). What makes it stand out is that it uses WiFi for video transmission, making FPV very easy to set up, as you do not need a special FPV receiver.

When powered up the Quad will create a WiFi named WKxxxxxxxx, where xxxxxxxx is a random 8 digit number. Note that this is not a full fledged access-point – while multiple devices can connect to it, only the first one will get the video stream. So if you do not get any video, check your other devices.

Receiving with VLC

While in theory you could any WiFi capable device to receive the stream, Walkera unfortunately only has released an iOS app so far.
However as they are using a standard HTTP MJPEG for the video, one can use any video player, like VLC for receiving.

Connection settings for VLC
Connection settings for VLC

The address of the Quad is 192.168.10.123 and the video is sent over port 7060, so the video URL is http://192.168.10.123:7060. If you want to do FPV also make sure that you disable any buffering as it introduces latencies (1s by default in VLC)

Recording

You can also take pictures and record video with VLC – for this enable View -> Advanced Controls and the according buttons will appear in the UI

vlc recording

What is missing

Unfortunately VLC on android does not allow disabling network-caching or video recording, so you cant quite use the QR W100 with Android yet. Furthermore the iOS app also allows controlling the Quad over WiFi, which obviously requires more than a video player on the PC.

Flying RC helicopters in 3D

In case you are wondering what is so fascinating about flying RC helicopters – maybe you just got bored flying your own 4 channel helicopter – it is 3D flight. One might say that basically all helicopters are flying in 3D (up/ down, left/ right, forward/ backward), but 3D in this context means flying 3D pirouettes like loops and rolls which is not possible with an ordinary coaxial helicopter. See the following video to get an idea of what I am talking about

If you liked the video, but have no idea what collective pitch or 4 channels means, you might be interested in my introduction to RC helicopters.

In this post I want to discuss which machine one should get if one wants to progress from a simple 4 channel helicopter. Of course you might skip the 4 channel helicopters altogether and directly start with a 3D helicopter – but be prepared for a steep learning curve.

Choosing the right Helicopter

So one obvious choice is the SAB Goblin 700 from the video above, which is definitely capable. But there are a few hurdles with starting with that beast. First of all there is the price of about 1000€, then there is the size; the span of the rotor is about 150cm and it weights around 2kg. Thinking about physics and forces this means, that you can perfectly kill yourself using this thing (the guy in the link was only using a 450mm class helicopter), but also that on each crash something expensive will break (again due to the forces). Besides you will also need a small flight field to fly it.

I would rather suggest you to start with a micro sized collective pitch helicopter in the 100mm (rotor radius) class. They are basically capable of flying all the manoeuvres the big helicopters can, but as they are smaller and lighter, they do not break as much on crashes and do not hurt much in accidents. So what are the choices?

Nine Eagles Solo Pro 125

This is the helicopter I unfortunately started with. Priced around 125€ RTF it is probably the cheapest entry and also quite powerful in flight, but it is not really suited for beginners. As Nine Eagles use a cheap plastic, it breaks easily on crashes, which rules it out for indoor flight. However it might be acceptable if you only fly on grass. But based on my experiences I would not recommend it.

Walkera Genius CP v2

Somehow Walkera is not much present in europe. They have very nice build and technically advanced helicopters however. This one costs around 200€ RTF which is quite a number, but the package will get you one of the most durable helicopters out there. You have to try really hard to break it. Additionally you get 6 axis gyro/ accelerometer stabilisation and telemetry. While 6 axis stabilisation sounds better than the 3 axis stabilisation of the contenders on paper, it is not always an advantage. It literally nails the helicopter in the air – ignoring wind and performing some auto levelling. This is very good for beginners coming from a fixed-pitch helicopter, but gives you less control during 3D. Still the stabilisation helped me while learning flips and rolls, so I guess this makes it a good stepping-up helicopter. The telemetry is a less arguable feature; by sending voltage and temperature to the radio it you saves your battery and motor.
Probably the only bad thing about this helicopter is however that the landing skid is fused together with the main frame. The landing skid is the Achilles’ heel of this heli, meaning that it actually breaks sometimes. It is not that often, but when it does you have to disassemble the whole heli to replace it.

Blade mCP X v2

This probably the most prominent helicopter in this class. It will set you back around 200€ RTF and according to forums it has the best flybarless system. However it is said to be less durable than the Walkeras. I have no personal experience with this one, so I cant say much more here.

Walkera Mini CP / Super CP

These tow are really similar. Lets start with the Mini CP. It costs around 170€ RTF and features an improved construction and a stronger motor over the Genius CP v2. It uses the same durable materials, but has separate landing gear/ main frame, which makes it much easier and painless to repair. Furthermore the battery bay is larger, also fitting the walkera 350mAh batteries – whereas the Genius CP only fits the 240mAh batteries.
If the Mini CP would not lack the 6 axis stabilisation system, it would make the ideal beginners CP helicopter. As it is however, the Genius CP v2 is still a little bit easier to control (not much though).

The Super CP is a streamlined(i.e. cheaper) version of the Mini CP. It uses the weaker Genius CP v2 motor and has no temperature telemetry function. Furthermore Walkera moved the servo controllers onto the main board, which makes the servos cheaper in production (also the spare servos). All together makes it 150€ RTF. This makes it a pretty good package for beginners as saving 50€ for spare parts is worth more than the 6 axis stabilisation of the Genius.

Accessories

While choosing the helicopter(-system) is the most important part, there are also some accessories you might want to consider:

Training Gear

If you are coming from a flybarred helicopter, you should consider getting yourself a training gear along the way, was flying a flybarless helicopter is quite different. While a flybar helicopter stabilises itself when you release cyclic control, a flybarless helicopter keeps flying in the current direction until you bring it back to hover manually. What seems just to be a small difference in theory is actually a quite big difference in practice, so prepare for crashes ;)

Glue

Unfortunately most super-glue does not hold the Walkera plastic. This is especially unfortunate if you have to disassemble the Genius CP just because the landing skid cracked. However the Pattex Plastix superglue does hold the plastic, so this a clear recommendation. (hint: Pattex is called Loctite in the US)

Swashplate leveling tool

While you can use the trim function on the remote to compensate an uneven swashplate on a flybarred helicopter(not that you should), you would most likely confuse the flybarless system when doing so on a flybarless helicopter. Therefore evening out the swashplate mechanically by adjusting the servo arms is a much better idea. A swashplate leveling tool comes in handy here. See this video, for instructions on how to use it.

Devention Theme for Deviation

In case you got confused by the title. This post is about a theme for the open source firmware Deviation to make it look like the original Walkera Devention Firmware.

Although the default theme of Deviation is more readable, you might have got used to the Devention icons, so this theme eases the transition.

Download Theme

Open issues:

  • the standard TX signal icons uses 8 bars, but the Devention one only displays 6. So you lose some information if you use the included “txpower.bmp”
  • The Devention icons are not quite as telling as the original ones, and Deviation unfortunately does not display any labels below the icons.

Note that this theme is based on the artwork included in the Walkera Devo 12S Firmware package. I assume the usage of this firmware is not restricted by Walkera copyright as not stated otherwise on their webpage. But obviously the CC-license of my website does not apply to this work.

Flying the Nine Eagles Solo Pro 125

If you are considering getting into 3D flybarless helicopters, one of your choices is Nine Eagles (NE) Solo Pro 125 (SP125) helicopter. As Nine Eagles is a quite prominent brand and the price of about 150€ RTF is affordable, this once is certainly worth considering. Unfortunately there is very little information on the Internet regarding reviews and flying experiences. So this is what the following text intends to change.

First of all lets see what an experience pilot can do with it

This is the official marketing video and obviously the pilots are very capable. But you get the idea what you could to with it – especially if you are used to flybar helicopters. But lets continue to the first-hand experiences I made.

Remote Control

The RTF package comes with the Nine Eagles J6Pro remote control. It is programmable and has model memory. This means you can also fly other Nine Eagles helicopters with it as long as they use the new protocol (J4Pro, J5Pro). At least the Solo Pro 270 works, but you have to figure out the settings yourself as they are nowhere documented.

Once you got the hang of the J6Pro, you can use it quite nicely – but again the documentation is quite bad and the usage principles are not clearly documented. Therefore I recommend watching this series of videos explaining how to change the most common settings

However the build quality of the remote is quite poor – the plastic feels cheap and I already had to repair one of the control sticks because of cracks in the plastic. You get what you pay is the rule.

Helicopter

The build quality of the helicopter is solid on the other hand – maybe too solid, as it breaks easily in crashes. More elastic parts could better withstand the crashes. Therefore you should directly order some spare parts – the following ones are quite handy from my experience

  • A metal swash-plate. This one costs about 20€ which is about double the price of the original plastic swash-plate by Nine Eagles. However with the plastic swash plate, each collision with something able to block the main rotor broke off one of these tiny balls on mine – the metal swash-plate on the other hand is more durable and in doubt something cheaper will break.
  • Several SP100 tail booms. This is probably the most fragile part of the SP125. Unfortunately you can can by the SP125 booms only in a package with the motor, which makes it unnecessarily expensive. The tail motor is able to survive most crashes. Luckily the SP100 tail boom also fits the SP125 and is just about 1/4 of the price.

Additionally the following parts are available which are really helpful when flying this helicopter

  • As you most likely have to change the swash plate at least once, a leveling tool is really handy – otherwise it is quite hard to get the swashplate straight on these tiny things.
  • The stronger 300mAh batteries are only 1.5g heavier than the stock ones, but give you more power and more flight time.

You can even upgrade to a better Radio using the Deviation Firmware. It allows using telemetry capable Devo Radios to controll J6Pro compatible helicopters. This way you can even get a nice touch-screen radio like the  Devention Devo 6S.

Repairs

Once you got the metal swashplate, unfortunately the servos will be more likely to break. This is ok as they are a cheaper than the swashplate, but in the long run it is still expensive.

Fortunately when the servo stops working it is most likely that only one of the gears which are inside broke – so if you have several broken servos you can combine the spare gears to get one working servo.

The inside of the NE251328 servo. You can use this picture as a reference for assembly.
The inside of the NE251328 servo.

The image above shows the assembly of the gears inside the NE251328. You can use it as a reference how to re-assemble the servo from single gears.

Long term experience

After flying the little bird for about one month, I have spend 100€ in spare parts and many hours repairing it. As I replaced the swashplate with a metal one, the parts breaking most often were the tail broom, the landing skids and the servos. Furthermore one of the Control sticks of the J6Pro remote got loose and had to be repaired. Realising that I already spent about 250€ for the bird and as I wanted to upgrade the controller anyway, I took a leap and bought the Genius CP V2 with the Devo 6S controller.

While the controller is obviously a class on its own, also the Genius CP V2 is much more durable in comparison. Having already experienced similar crashes to the Solo Pro 125, there is nothing broken yet. Presumably the much more flexible landing skids and main rotor blades on the Genius CP do their job.

If you are a beginner, I would strongly recommend buying the Genius CP V2 over the Solo Pro 125 – the price difference is small and really justified. If you are an experience flyer and know what you are doing, the SP125 is probably still worth considering; the brusheless version of it, the solo pro 126 is quite a bit cheaper than the Blade mCP X BL.

 

 

 

 

Getting into RC Helicopters

Everything started when I got myself a coaxial RC helicopter for Christmas. I was playing with the idea for quite some time, and the moment seemed perfect to waste some money. Since then I have learned quite a lot about how helicopters work an by now I have moved on to a more capable helicopter. Unfortunately it is also more expensive to fly.. This post shall explain some general topics about RC helicopters which are useful if you are also considering getting a RC helicopter yourself. One can already get a small indoor RC helicopter for about 30€, but most likely you will get bored flying it after a few days. If you want to have something that lasts longer, there are some things you should consider, which we will discuss next.

 The remote Control

The idea to buy an helicopter first came up, when I saw an Infra Red (IR) controlled coaxial helicopter RC in a local coffee shop. It came with an traditional Remote Control (TX) as well as an IR module attachable to the headphone jack of my smart-phone. While the idea to control the helicopter with your phone sounds cool in the first place, it actually is not. If you ever tried to play a game with a digital-controller on the touch-screen, you will know what I mean. As there is no haptic feedback it is very difficult to give precise input without looking at the touchscreen all the time. So the smart-phone module is actually quite a useless gadget.

The other problem with that package is the Infra Red transmission technology – basically the same you have in your TV remote. Therefore it also suffers from the same shortcomings; if there is an object between you and the helicopter it is pure chance if it will receive a signal or not. Next the transmission is quite sensitive as there are many natural IR source around like the sunlight, heat or even light-bulbs. As one wants the transmission as reliable as possible, you should avoid IR remote controls.

An infra red controlled helicopter - dont get one of these.
An infra red controlled helicopter – dont get one of these.

An alternative transmission technology is radio in the 2.4Ghz spectrum, which is not only more reliable but also has a larger operation range. Fortunately 2.4Ghz radio controllers are not more expensive than the older IR controllers, so pay attention to get one of these. If you want to learn more on the used radio technology I recommend the Wikipedia article on Radio Gear.

How many channels do I need

Looking at the offered helicopters some are advertised as 3 channel or 4 channel. But how many channels do you need? First lets take a step back and explain what channel actually means in this context. Lets look at a simple remote controlled car for this. It can either go forward or backward and left or right. The important word here is “and”. As the car can go for instance forward and left, we need two independent communication channels: one for steering and one for acceleration.

Obviously a helicopter needs more channels; besides steering and accelerating forward and backward it can also lift or fall (throttle). So we need at least 3 channels to be able to do something with it. Now steering left and right can mean two things in the case of helicopters. Either you can rotate around the main rotor axis (yaw) or go straight left or right along the horizontal axis (cyclic bank). Therefore you need 4 channels to be control all possible movements of the helicopter.

Directions you can steer in a 4 channel helicopter
Directions you can steer in a 4 channel helicopter

But even though 4 channels are enough to control the movements, you actually need 5 channels to fly advanced manoeuvres like flying upside down or flying loops. You can think of the 5th channel as the gear stick in the car which changes the transmission. For helicopters the transmission roughly corresponds in the pitch of the rotor blades – and this is exactly what the 5th channel is for. But to fully understand why you need it, you have to understand how the physics of a helicopter work.

How real helicopters work

Instead of explaining all the theory by myself, I rather point you to Destins “Smarter Every Day” Series. They are really entertaining to watch and you get to know everything you need about RC helicopters physics – they are actually using a RC helicopter to explain the physics behind real ones.

You probably noticed that real helicopters are also quite fragile if not handled properly. That aside you should now also know that the 5 channel helicopters are called collective pitch and which manoeuvres you can do with them.

So what should you buy

After watching the 3D flight demos above, you probably want to go with a collective pitch helicopter straight ahead. But remember that it probably took the pilot years of practice and hundreds of € in spare parts to learn how to fly like that. There will be no “inverted flight” button on the remote control. Therefore you probably should start with a cheap 4 channel helicopter to see whether you enjoy flying enough to spend more time and money on it. The only thing you should observe with your first helicopter is that there should be spare parts available. Otherwise your first crash might cost you the whole 30€ of the helicopter instead of just 5€ for a spare rotor blade. This does not mean you neccesarily have to buy from a brand, which is more expensive. I ended up with a coaxial helicopter called “super uncommon 9998″, which could use the spare parts of the e-flite blade MCX system.

You should practice the basic manouvers with that cheap helicopter, as it will survive more crashes due to its slower flight speed. I recommend the rchelicopterfun youtube tutorial for an overfiew of exercices. You will need a collective pitch flybarless helicopter for the later ones, but you can do the first ones with a coaxial helicopter just as fine.

Once you are hooked up and decide to buy a more expensive collective pitch helicopter, you might be interested in my experiences with the Nine Eagles Solo Pro 125.This was just a small outline of the broad RC helicopter topic. If you want to know more I recommend you the excellent rchelicopterfun website.