El-Cheapo Power Supply Noise Measurement

If you are not doing power supply measurements every day, you probably don’t have any specialized probe for it. At best you might be using two probes and math channels to get a cheap differential-like probe as the only thing needed for this is your standard probes and a pair of pass-through 50 Ω terminators. Dave went over it on EEVBlog channel better than I ever could.

While this approach might not be perfect, it has advantage of a decent result with minimum parts needed. Assuming you already have the probes, only other parts needed are pass-through 50 Ω terminators that come in handy for other stuff too. If you are lucky, your scope might even have them built-in.

Due to low cost and ease of measurement I actually prefer it to more common single-ended measurements with short ground spring. Not only I find probing with two hands easier than dealing with springy ground wire but it also alleviates the need to worry as much about noise sources. With advent of switched LED lightning single-ended measurements just got too annoying.

Disadvantage, beside the precision, is that all your measurements need scaling as your probes and termination resistor make a voltage divider. Since we already know one side of voltage divider (50 Ω terminator), we need to measure probe’s resistance. From tip to BNC connector that will be in a few hundreds ohms range. Using the voltage divider formula, we get the ratio (for example I measured about 360 Ω):

ratio = (Rprobe + 50) / 50 = (360 + 50) / 50 = 8.2

While simply multiplying by ratio resulting numbers is not too much of a hassle and you could be done here, quite a few oscilloscopes will allow you to create a custom probe. As I usually use PicoTech 2206B, I will explain how to configure custom probe in PicoScope 6 so our on-screen result is already scaled correctly.

In Tools menu the first entry leads to Custom Probes window. There clicking on New Probe will start a wizard dialog. We use the standard volts unit and a linear equation. Our precalculated scaling ratio (7.6 in my case) goes under gradient and offset stays 0. Automatic range management is fine but software frequency filter we set to 20 MHz as PicoScope 2000-series has no hardware bandwidth selection. After naming the probe we can now select it in channel’s configuration.

When dealing with the “standard” probes, be aware that most x1 probes have around 10 MHz bandwidth. As power supply noise is usually measured with 20 MHz bandwidth limit this is something to be aware of. However, the whole measurement setup is on a cheap side and this will rarely be a deal breaker. Yes, you might not see the best fidelity but you’re gonna be in the ballpark regardless.

Further more, we are not interested in the DC component. If oscilloscope supports it, use AC coupling as we’re not interested in DC values – only noise. This will allow you to use all ADC bits for signal you want to see. If oscilloscope supports only DC coupling, you won’t be able to see much as, at ±5V, your 8 bits give you only 40 mV resolution and it goes worse from there. Unless you can get your analog offset configured (unlikely if your scope is so low end that AC coupling is unavailable), you can forget about any meaningful measurement.

Those doing it on cheap can check $140 PicoScope 2204A as it does support AC coupling. For example, assuming 100 mV range, you get quite adequate 0.4 mV resolution. As you go up in model selection you will get better bandwidth and bigger sample buffer but I would think even this works well for what we can get with this testing setup.

And I am mentioning PicoScope here specifically as other cheap scopes (whether PC-based or in MP3 player case) often don’t have AC coupling and lie about bandwidth on a grand scale at a comparable price. While you can get around missing AC coupling by placing capacitor in series, it is much harder to work around bandwidth restrictions and a missing analog frontend. PicoScope is not perfect (and it cannot be at that price point) but they don’t lie about their capabilities and their PC software is the best I’ve seen.

That aside, we’re not done yet. To see our “differential” signal noise, we have one more step. Under Tools there is an option called Math Channels. Here we can select already predefined A-B function and finally we can see the noise in all its glory.

PS: To automate measurements a bit, you can use Measurements, Add Measurement. Selecting A-B as a measurement channel will allow you to add both peak-to-peak and AC RMS as the most useful values.

PPS: The lowest PicoScope model where you can do these measurement comfortably is $350 2206B with 32 MS buffer. Lower models have only either 8 kS ($140 2204A) or 16kS ($225 2205A) making any analysis a bit annoying.

PPPS: Great thing about using PicoScope for measuring power supply is that it can be easily isolated. Just disconnect laptop from power supply and your USB (and thus PicoScope) is floating. :)

WordPress 5.0 Downgrade

I got into habit of installing the latest WordPress as soon as it gets out. Usually I don’t have any problems but this time it was not to be.

With 5.0, the first issue I noted was that I couldn’t schedule my posts. Yes, WordPress would tell me post was scheduled only to find out it was still in drafts. That alone wouldn’t drive me away if I could write new posts. Yep, after upgrade my blogging software wouldn’t blog any more.

It was clear that downgrade was in order. But how?

While going back from the backup was possible, there is something even better – WP Downgrade plugin. Once installed, you can specify WordPress version you want (4.9.8 in my case) and just pretend you’re doing another upgrade. Once completed, you are back on the old, working, version.

If you want to go forward, just deactivate plugin until needed again. Nice!

What Should Every HTTPS Site Owner Do?

You finally got HTTPS running on your web server. Is there anything else you can do? Well, let me tell you about a few (free) things you can do.


Probably the most important work you can do when setting up HTTPS is testing all the changes. While you can use curl and “sweat of your brow”, I prefer using SSL Labs. It covers a bunch of stuff and it gets regularly updated with the latest recommendations. If test finds anything needing an improvement, you will get enough information to fix it.

To be sure your setup is not unnecessarily slow, a speed test does come in handy. If you run the same test toward both your HTTP and HTTPS setup, you should except numbers to be very close. While it will become impossible to test HTTP-only speed once you fully activate HTTPS, you can still benefit from “run A” vs “run B” testing.

There is a lot of small fiddly details with HTTPS and testing will prevent you from going at it blind.

Monitor Certificate Expiration

If you are using Let’s Encrypt it’s a pure necessity to monitor expiration of your certificates. Three month validity might seem long but, once everything starts working, you will forget to check and you have inaccessible web site on your hands. Half an hour needed to setup and testing monitoring is well worth it.

Of course, if you are using commercial certificate provider, you can ignore this as they’ll bug you enough.

Monitor Issued Certificates

As you are already monitoring your certificate expiry, you might also want to monitor who is generating them. If you use Cert Spotter, you’ll get an email every time one of your domains gets a new certificate. For 99% sites, including this, this is pure overkill. But that doesn’t mean you shouldn’t sign up. :)

Setup Expect-CT

If you use any decent certificate provider, you can expect them to report all issued certificates to Certificate Transparency project. Armed with this assumption, you can start sending Expect-CT HTTP header. In practice this protects you from man-in-the-middle attacks by certificate authorities already trusted by your computer. Great examples include your company or flight entertainment CA. If they try to fudge your TLS connection, this way you’ll know.

Setup CAA

If you have access to your DNS settings, you should think about setting up CAA. How far can you go depends on your DNS provider. Some of them, like CloudFlare, support only a subset of needed functionality. Realistically, even that is sufficient but for the full compliance to rules, raw DNS access is the best. In theory this will protect you against issuance of certificate by a non-trusted CA. Since this is based on gentlemen’s agreement, the actual enforcement is yet to be proven.

Setup HSTS

Lastly, once you sort everything else, do look into HSTS. It is a bit of work to apply and get certified for entrance into the preload list with multiple consequences. The most obvious one is that your domain will always be loaded in its HTTPS glory instead of the HTTP redirect. However, that pales in comparison to the most important benefit – the bragging rights since your website is explicitly compiled in the every major browser. That and sense of impending doom as any HTTPS mistake will render your website completely inaccessible. I guess this is not for those of weak heart.

Things That Irk Me With Android Devices

After going exclusively for a while with the iSide of mobile phones, I decided to get back with Android. It felt like greeting an old friend again. However, I found some things that annoy the heck out of me with Android devices these days.

The first one is darn “silent switch” – you have it on the side of every iPhone ever. An easy way to check or adjust whether your phone is silenced or not without looking at it. And no, fiddling with volume buttons in your pocket doesn’t count as “normal” Android behavior is to share media and ringtone volume. And reversing silencing also means guessing your ring volume every time. Or simply giving up and using it in either silent or max volume mode. And don’t blame Apple patents for this as there are (rare) Android manufacturers that have it – like OnePlus.

The most curious thing about this physical switch is that I didn’t miss it before I went to Apple. I was OK with volume buttons and got used to their quirks. However, coming back to Android, I gave up on damn volume buttons for anything except volume control. While getting used to silent switch took no time, getting used to life without it takes eternity.

And frankly I could stop here as all other things together don’t annoy me as that simple switch. However, I will mention a few more issues. :)

Lack of headphone jack on new devices might be OK for some but I find it really limiting. Apple successfully removed it first and then everybody just had to follow. I have a feeling if Apple sold a polished turd, other manufacturers would start rubbing their’s too. Yes, I do know Bluetooth exists and I actually have reasonably good wireless headphones. But they are also pricier, have batteries, and I even sometime forget to bring them with me. You know what I always have? Pair or two of cheap 3.5mm headphones that need nothing. I can use them for rare sessions in (non-Pokemon) gym, driving a bike, or while walking through woods. If I lose them – so what?

And whoever mentions headphone dongle first can stuff it where the sun doesn’t shine.

Notches are my enemy too. Like in the carrot measuring contest (what? you don’t do those?) all manufacturers are trying to have screen to body ratio as high as possible. So they notch the hell out their phones. The more expensive phone the uglier notch (or two) it has to have. Yes, I know, people say you get used to it. Well, I can get also get used to having a screen without notch in the first place. :)

Of course I will complain also about the fingerprint sensor on the back. Not only this allows me to fiddle my phone for an uncomfortable minute before hitting it just right but it also means I need to physically move phone to get under it. Too much work for just a quick glance toward notification.

To continue with “get of my lawn” old man gripes, I find even such inconvenient fingerprint sensor strongly preferred to face unlock. Not only face unlock gives you the same drawback of having to pick up phone to unlock it, but you also cannot share your face with other people (unless you’re Nicholas Cage).

For example my phone at this moment has fingerprints for me, my wife, and both of my kids. My wife’s phone is likewise setup for the whole family. My kids’ phone have my wife and me added as secondary fingerprints as they don’t trust each other. :) And stop yelling privacy concerns as (a) they’re kids, and (b) I don’t actually snoop through their messages nor they snoop over mine (as far as I know :)).

Shared logins are awesome if you play some game together (e.g. Pokemon Go – yes, still) and one of you is not there – no worries, just use your own fingerprint and play on their phone. Or for the admin in the family – i.e. me – when I go over each phone to either setup new app or I need to test something during night and I don’t want to wake everybody up just for login. Yes, I could track their PINs and patterns in password manager but that’s not as friction-free as the good old fingerprint.

I have great hopes for come back of the fingerprint with the new under-the-screen technology but it might be that for the next phone my whole family will have to wear the same mask. :)

PS: And yes, I know that not all these are necessarily just Android faults but general industry trends – especially the damn notch race – but I’m not gonna change title now. :) Maybe some time later I’ll write what I love about Android and why I came back to it to bring balance to the universe.