Thursday, December 9, 2010

IAR Kickstart and MSP430 Launchpad

Well, finally, my toys have arrived. And it's awesome. Naturally the first thing we did was say "Let's hook it up!" We performed the typical unboxing procedure:

1. Tear mail package into many small pieces, remove launchpad box.
2. Tear launchpad box into many small pieces, remove all baggies.
3. Tear anti-static bags into many small pieces, remove all components.
4. Ignore QuickStart guide entirely.
5. Google Getting Started with MSP430 Launchpad.
6. Plug things in without reading any results from search.
7. Lights turn on and off, make 'oooo' and 'aaaa' sounds.
8. Download IAR KickStart and install and try to increase LED duration etc using example code.
9. Realize you skipped a lot of steps and don't have any idea wtf you are doing...

So this was all great and fun, we wired the chip to some opto-isolators with some 1K resistors in series, then use a Darlington array and attach some motors and watch them spin up and down all the while giggling like grade schoolers in recess. Now to download a new program to the MSP430 so we can have a little more control over what's happening and leave H-Bridge design to the mechanical engineer (because this makes sense... right?).

H-Bridge design is less than successful, it rolls into 11pm and it's getting late. We're having issues with the IAR KickStart Software (PEBKAC). The mechanical engineer becomes derailed with gear and motor ideas forgetting entirely that the initial hope was to have a basic prototype within the same day. And now you could analyze the increase of personal tension as a third order derivative.

The issue with downloading the new images to the 430 is as follows:
Failed to initialize device
Well... wtf does that mean? Google yields lots of people saying "Use CCS," and "Make sure your drivers are correct." Not being particularly interested in the first option, due to preference and stubbornness, I check my drivers. Low and behold this is not where my problem lies. So I keep researching, keep researching, finding only more of the same garble... then in the comments on some forum somewhere I see it, the thing I should have known better, the thing that the getting started guides should have explained but didn't.
Project -> Options -> General Options -> Target Device
 Of course, I forgot to set my target device!  Somewhere, I would have thought, they would have mentioned this. But alas they did not, and hopefully if you're reading this you're kicking yourself the same way I did. But with the calm collected realization that your project can continue on. Then it was time to stop and sleep.

Wednesday, December 1, 2010

Powershell and MSDeploy.exe

As some people may know, I've been playing with Powershell a lot for work lately. Most recently I've also been using joining powershell with a Web Deploy executable, msdeploy.exe. And I've run into a couple of bugs I've noticed some other people have also had issues with.

At my place of employment we have a multi-tier development environment. This consists of 3 tiers we adoringly call "dev," "test," and "prod." We also have some lateral environments (lateral to our test environment mostly) which we call "staging" and "training." On to the problem and solution...

The issue was syncing a remote server's IIS AppHostConfig settings to my local machine. I tried to sync our dev environment's settings to a package locally, which I will later sync that package to my localhost environment. This script's goal is to allow us to rebuild a development box in rapid order when a developer gets a new or re-imaged machine. Here's the command I was using:

msdeploy.exe -verb:sync -source:appHostConfig="Site1",computername=devserver -disableLink:ContentExtension -disableLink:CertificateExtension -disableLink:FrameworkConfigExtension -disableLink:HttpCertConfigExtension -dest:package=c:\IIS.zip

This was pretty much stolen right out of Synchronize IIS 7 and was very disappointing to see this error occur:

Error: Unrecognized argument '"-source:appHostConfig=Site1  computername=devserver"'. All arguments must begin with "-".
Error count: 1.

Pretty much my first response was a lipping of  "W.T.F." (we have Mormons in the office who may otherwise be offended if I yelled this top of my lungs) followed by an intense urge to Google the error.

So I did.

I did not find any great results...

Then I realized of course, this is probably because all the information I need is in the error! Unrecognized argument "-source:" So what follows the colon must be the expected argument... which we have "appHostConfig=Site1 computername=devserver" wait a second... That isn't what I typed, there is no space, I used a comma! Where'd it go? I am gonna guess it was stripped out by powershell which then invalidates the whole argument for -source.

The Solution you ask? A little quotation magic:

msdeploy.exe -verb:sync -source:"appHostConfig='Site1',computername=devserver" -disableLink:ContentExtension -disableLink:CertificateExtension -disableLink:FrameworkConfigExtension -disableLink:HttpCertConfigExtension -dest:package=c:\IIS.zip


And presto, the double quotes force the whole inner text to be 1 argument, without stripping out the comma. Which is precisely what msdeploy.exe expects. IIS synced.


Cheers,
  -Ken

Sunday, November 14, 2010

Creating an ASCII Experimenter For Young Scholars

If you're not interested in my opinions on education, skip this paragraph. For those still reading, my boss at work, nice guy, has a couple kids in a Montessori School. Anyone who knows me personally, and this blog should now be included, knows that I hold this form of education in high regard. It seems to me that people of all ages have a natural desire to become better at the things they do. The drives to realize mastery in a skill change with age and the needs your individual has in a their environment. In children, if the given environment is one where most needs are met (ie. physiological, safety, community, and esteem) then a child can grow rapidly and approach intellectual maturity far beyond most adults. Yes, children are in their intellectual prime, and they are our future - share your knowledge with them.

Now, my boss asked if I could develop a device to assist in a lesson concerning binary and computation. I thought for a moment and realized that "Why yes, yes I can." I've always been a fan of near instant feed back. It's mostly why I work with computers. So here's the design needs for now:

1. 8 Bit data entry
2. Display corresponding ASCII character
3. Data entry needs to be easy enough for a child to use.
4. We're not all rich so it needs to be fairly cheap.

So here's the plan:
8 switches of some sort + 1 push button for "Enter" (Multiplexed)
8x8 LED Matrix Display
MSP430Gx2xx (TI Launchpad, for grins)

For the display, we'll use the matrix and we'll drive it with 2 8 bit shift registers (more info) and some AND gates for output enabling. The basic layout in my head looks like this:

Display Driver

Notice we feed the Row Select shift register CLK (outer wire at bottom) with the rising edge of the LSB of the Column Select shift register. This will allow us to do entries into the row select only when we're toggling the LSB of the column, this will present some interesting coding challenges.

Originally I didn't have the transistors in there, and then I kinda remembered that the row shift register won't be able to sink the sourced current of the column shift register due to being in high impedance. So we use npn transistors (3904 because I had a bag of them laying around) to sink the current, controlled by the row select shift register, and series in some 500 ohm resistors on the a collector side to protect our LED matrix (which by the way is the most expensive part of this project!)

For the input, due to I/O constraints on the MSP430 (10 pins), I'm thinking we'll use an 8:1 multiplexer which we'll layout kind of like this:


Data Input (8:1 Mutiplexer)


Notice we use the LSBs of the Column Select shift register to control the select lines of our 8:1 multiplexer, so we can address our 8 switches and to prevent the noise of shifting our select bits in, we'll just turn the OE off and voila no display for a fraction of a second while we poll for data when needed.

Now the MSP430 ties together with these other components to make a near complete schematic.
Whole circuit

When the pushbutton on P1.2 (at top, 1 resistor + pushbutton) is pressed, we'll read in the values through the mux, then we'll a display the corresponding ascii character. So in the next post we'll talk about the shortcomings (if I missed something) and the software to drive this groovy display. I may also look into how to get the chip to turn off the display peripherals when it's been inactive for a couple minutes, and other similar things.

Thursday, October 21, 2010

Accessing a MS SQL database in R

I'm going to preface this post with a disclaimer: I'm not really a programmer - I'm actually an ecologist. That being said, I am slowly learning R in the course of my work. R is a programming language and a software environment for doing statistics and making pictures with data. A lot of programmers have never heard of R and those who come to R after learning other languages may complain bitterly about it. Since R is the first language I've learned, I can't really tell you how it's different from other languages, but I can tell you that I struggled quite a bit with the syntax because there are many ways to seemingly do the same thing. But the very subtle differences will kill your code.

With all this talk of death, you're probably as frightened of R as the average ecologist, but there are very good reasons to use R (even the NY Times thinks so!). If you're doing data analysis, you can do it with R and you can probably do it better. Plus, it's free.

To get you familiar with R and some of its capabilities, I'm going to walk you through one of my current projects over a few posts. My lab group has data from several remote weather stations stored in a Microsoft SQL Database. Temperature and precipitation have been measured hourly for about eight years. For a variety of reasons, we have quite a few missing measurements. I need to create a model that (reasonably) predicts those missing values.

The first step is to actually get to the data. Those of you familiar with databases probably wouldn't have had to spend an entire afternoon trying to do that. Those of you not familiar with databases hopefully won't spend all afternoon trying to do that after reading this post. A quick note: I use Windows at work. If you're using something else, this may not be as helpful as I'd hope.

Create Data Source Name
We're going to use ODBC to get R to communicate with the database. Before today, I didn't have a good handle on ODBC. Wikipedia was totally there for me:
Open Database Connectivity (ODBC) provides a standard software interface for accessing database management systems (DBMS). The designers of ODBC aimed to make it independent of programming languages, database systems, and operating systems. Thus, any application can use ODBC to query data from a database, regardless of the platform it is on or DBMS it uses. ODBC accomplishes this by using a driver as a translation layer between the application and the DBMS. The application thus only needs to know ODBC syntax, and the driver can then pass the query to the DBMS in its native format, returning the data in a format the application can understand.
Cool, right? So to get this all working, the first thing you need to do is create a Database Source Name for your database. I didn't really know what that was either, but of course Wikipedia did:

A DSN specifies a data structure that contains the information about a specific data source (database or other data source) that an Open Database Connectivity (ODBC) driver needs in order to connect to it.
Luckily, this is really easy to do and Microsoft will hold your hand the whole way:

Create a System DSN in Windows XP

  1. Click Start, point to Control Panel, double-click Administrative Tools, and then double-click Data Sources(ODBC).
  2. Click the System DSN tab, and then click Add.
  3. Click the database driver that corresponds with the database type to which you are connecting, and then click Finish.
  4. Type the data source name. Make sure that you choose a name that you can remember. You will need to use this name later.
  5. Click Select.
  6. Click the correct database, and then click OK.
  7. Click OK, and then click OK.

Install RODBC package
The next step is even easier. Assuming you already have R installed, you need to install and load the RODBC package. There are a lot of ways to install packages in R, but I installed and loaded the package like so:

install.packages('RODBC') #install
library('RODBC') #load
Anything after a # is a comment in R.

Connect to the database
And we're ready to connect! All I need to do now is give the odbcConnect function the name of the DSN I created and my username and password. I'll call this connection con. You can call it anything you like, as long as it doesn't have spaces or start with a number.
con <- odbcConnect('DSN', uid='username', pwd='password')
The quotes are important. If you don't use them, R thinks you're referring to an object.

Now that I have access to the database through con, I want to know a little bit about the database. odbcGetInfo(con) will tell you some basic information about the database like what database management system you're using, what version you're using, and the name. That's not especially helpful since you should already know these things.

The sqlTables function will return all table like objects. I just want to see what the actual tables are, so I pass it an additional argument, like so:
sqlTables(con, tableType='TABLE')
The parameter tableType is case sensitive, but the argument TABLE isn't. That won't always be the case with an R function. Figuring out errors caused by using the wrong case is a great time.

If I want to know the column names and data types in a particular table I can use the function sqlColumns.
sqlColumns(con, sqtable='hrlyweather')
I could have returned the same output with
sqlColumns(con, 'hrlyweather')
R functions will usually let you get away with leaving off the parameter name (sqtable in this case) as long as you pass the function arguments in the order it expects, but it's a good habit to use the parameter names. It'll make it easier to figure out problems and make your code much more readable.

You can learn more about what you can do with the RODBC package in this handy document (pdf). In my next post I'll query the database through the connection I've created and do some basic data manipulation in preparation for running a model.

Thursday, October 14, 2010

Optimizing the Levenshtein Algorithm in C#

For fun and profit. So maybe that phrase is used too much, but it is very applicable here. Optimization of any program can be fun and more importantly profitable. There are just some algorithms which take a while to run. The Levenshtein Distance is one of these algorithms which can take a while. Its not terribly complex and its O function in a typical case is n2. A brief description is that it is basically an extended Hamming Distance and it works in a very similar manner, but has a larger alphabet. We generally concern ourselves with ASCII, or Unicode as our alphabets because it's useful.

For small amounts of data it's really not that bad, a quadratic run time is pretty damned good in fact - I mean at least its not exponential!

So let's paste some code here to look at:

static public int LevenshteinDistance (string s, string t)
{
int n = s.Length; //length of s
int m = t.Length; //length of t
int[,] d = new int[n + 1, m + 1]; // matrix
int cost; // cost
// Step 1
if(n == 0) return m;
if(m == 0) return n;
// Step 2
for(int i = 0; i <= n; d[i, 0] = i++);
for(int j = 0; j <= m; d[0, j] = j++);
// Step 3
for(int i = 1; i <= n;i++)
{
//Step 4
for(int j = 1; j <= m;j++)
{
// Step 5
cost = (t.Substring(j - 1, 1) == s.Substring(i - 1, 1) ? 0 : 1); // *We'll be looking at this line*.
// Step 6
d[i, j] = System.Math.Min(System.Math.Min(d[i - 1, j] + 1, d[i, j - 1] + 1), d[i - 1, j - 1] + cost);
}
}
// Step 7
return d[n, m];
}
Originally authored by: Lasse Johansen

So most of this is pretty straight forward, and we can just skip to the meat of the implementation, Step 5 & 6. Here we see some pretty simple stuff, get two characters and compare them. If they match, cool, don't increase the cost for this iteration.  Add that cost to the corresponding table cell and go to the next one. Rinse and repeat for the length of string s (n) times the length of string t (m).

So everyone can see this is the part that runs the most and consumes the most time and resources, thus we will focus here. Some of you may be having calculus flash backs and are currently being punched in the face with a derivative concept that the maximum run time of m * n occurs when n=m (maxima) and you'd like to cry yourself to sleep while holding a teddy bear.

But I digress...

Lets talk about objects and why optimization may be necessary =)
//Just the t.Substring(j-1,1) from above.
  IL_009a:  ldarg.1
  IL_009b:  ldloc.s    j
  IL_009d:  ldc.i4.1
  IL_009e:  sub
  IL_009f:  ldc.i4.1
  IL_00a0:  callvirt   instance string [mscorlib]System.String::Substring(int32, int32)


So what is happening here? We push an object onto the stack, in this case t; then we push j, push 1, sub does two pops and 1 push, and yet another constant pushed to the stack. This leaves us with a stack that kinda looks like "t | (j -1) | 1" and we call Substring which goes off and runs lots more logic and loops for doing its thing. Sure seems like a lot, doesn't it? I propose a transform:

t.Substring(j-1,1) => t[j - 1]

Post transform we'll get something like...
//After transform to t[j - 1]
  IL_0097:  ldarg.1
  IL_0098:  ldloc.s    j
  IL_009a:  ldc.i4.1
  IL_009b:  sub
  IL_009c:  callvirt   instance char [mscorlib]System.String::get_Chars(int32)


So this already looks better. As you can see we've reduced the total number of instructions by 1 (there is no second ldc.i4 instruction). Also we're using the get_Chars(int32) method instead of the Substring. As you can guess the internal workings of this method has less logic/looping/work to do than the Substring technique - therefore leading to a performance gain. Yet, there is more occurring here than just this, the return types are different too: strings vs. chars.

So here is yet another kicker for the equation, notice how we are handling the == operation on. In the original the return types are both Strings, this yields the following instruction for the final ternary operation:
//Original: cost = [string] == [string] ? 0 : 1;
  IL_00b0:  call       bool [mscorlib]System.String::op_Equality(string, string)
  IL_00b5:  brtrue.s   IL_00ba
  IL_00b7:  ldc.i4.1
  IL_00b8:  br.s       IL_00bb
  IL_00ba:  ldc.i4.0
  IL_00bb:  stloc.3


Compared to:
//Post Transform: cost = [char] == [char] ? 0 : 1;
  IL_00ab:  beq.s      IL_00b0
  IL_00ad:  ldc.i4.1
  IL_00ae:  br.s       IL_00b1
  IL_00b0:  ldc.i4.0
  IL_00b1:  stloc.3

Here we see the call to [mscorlib]System.String::op_Equality(string, string) which of course pushes some return stuff onto the stack and then executes -more- code. Compared to our transformed code which simply executes a branch if equal (short) on the two char's sitting on the stack and then we set our cost. This is of course another case where a little saving has occurred.


So in personal experience this code change has shown me a huge time saving at a critical point on a project in development. It was fun to analyze and most importantly practical and profitable. This combined with a number of other stricter constraints took a project from an estimated constant run time of 30 days on our systems to an estimated runtime of 18 hours!

I am curious if anyone has any insight on the System.Math.Min methods which are called and how they could be sped up?

Wednesday, September 29, 2010

Public Networks and Torrents

I must advise against using networks without permission, as this violates laws for many states in the U.S. including my state, Arizona. This article assumes you have full permission to use the networks in question and that the techniques herein have been explicitly (or implicitly) deemed acceptable and appropriate for your purposes.


I've heard things like "torrents are illegal;" they're not. Transferring copyrighted content may be, depending on your country. So here is my opinion on the morals and ethics of copyright infringement, et al. ... Just kidding, I find the moral and ethical talk about file sharing a bit boring. So lets talk about the problems people face when attempting to leap technological hurdles instead!


Problem one: How to connect to a network but reduce or segregate the information collected about your specific machine at that time?
Often you don't have to prove anything about yourself on networks, so why sign your name on every piece of data? Wireless networks are all over the place. Once you're given permission and you have that green light to access a network as you wish, you have the leeway to modify your MAC address.


Many systems rely on your MAC address as a 'static' element of your communications. For instance, DHCP servers record your MAC address when supplying an IP address with a lease period. This is because generally your MAC address won't change as you use a network consistently for an hour. In fact in general your MAC address doesn't change when you leave a network and come back a week later. So a DHCP server can keep track of what your most recent IP address was for at least the lease period. However, your MAC address is not a static element of your communications. Changing it often can even provide some benefits. Like controlling the types of traffic your network is routing, or increasing anonymity through diffusion.


Depending on your personal computer there are different ways to change your MAC address. We'll cover the Windows 7 way and a Linux way here:


Using Windows 7:

  1. Start-> Control Panel
  2. Network and Sharing Center
  3. Change Adapter Settings
  4. Right click on your adapter of choice (I use my wireless), disable
  5. Right click on your adapter of choice (I use my wireless), select Properties
  6. Click Configure
  7. Click Advanced Tab
  8. Look for anything related to your MAC address (varies per driver), modify it and save all your changes.
  9. Right click on your adapter of choice (I use my wireless), enable
  10. Confirm in a command prompt by running ipconfig /all to determine if your MAC address changes have taken effect (you should also have a new IP addres).
Linux systems:

  1. ifdown [interface]
  2. Run ifconfig [interface] hw ether [MAC]
  3. ifup [interface]
  4. Confirm by running ifconfig [interface] to make sure the changes have taken effect.
Finally, connect to your network of choice.
Problem two: We're connected, we feel fresh and clean, but we can't seem to connect to the BitTorrent network?
I use a lot of wireless networks, coffee shops, work, bars, libraries, schools, airports, city, you get the idea. Occasionally these networks will limit the types of connections leaving and entering them in part as a safety precaution for the users on the network. A common type of limitation is port restrictions on everything but port 80/443 traffic.


When you only have web channels available but you still really need to torrent that new release of Back Track, you just need to convert your torrent traffic to web traffic. Using a torrent client which supports proxies is a great way to maximize your throughput and control the type of traffic your moving - not to mention depending on the network you've been given this free reign on it can provide you just that a little more anonymity to the rest of the BitTorrent network. Since you're on a public network, you're fresh and clean, it could be anyone located in your geographical location and connected to the same network. 


Just select any proxy which is available to you that runs on port 80 and configure your torrent client to use this proxy. Ideally you'll have a high bandwidth path to the proxy and you'll be able to encapsulate your torrent traffic into web traffic allowing you to access the BitTorrent network.


Cheers

Tuesday, September 28, 2010

Scanning Internal Networks Through Exposed Proxies

Proxies are a really cool idea. They provide us with a way to get to places we couldn't before. A way to hide our true identities from the outside world or in some cases a way to hide our true identity from an inside world. Some networks of interest have such a proxy and it should pique your curiosity about what it provides the outside world when looking in.

This was discovered by looking at a homepage which links to some internally available service. The web server providing the exposed proxy looks typical:
http://some.network.com/
And contains an image from a web cam that has a source that looks like this:
http://some.network.com/proxy/10.1.1.2/jpg/fullsize.jpg
Fascinating, IP addresses starting with 10 are defined in RFC1918 (section 3) as being private. So does this mean we can make a web request to some.network.com/proxy/[desired content] and it'll just pass it along? Lets give it a try, load up a browser and load:
http://some.network.com/proxy/www.google.com/
The results are not only as expected, but exciting! Google appears to be the web page served. But how far can this proxy really go? I wonder...
http://some.network.com/proxy/some.othernetwork.com:84/
Now a more interesting result. Choosing another network which I am aware has a web server running on the non-standard port of 84 we see the slightly less expected result that the proxy actually forms a connection anyway. This means its not confined to web services on port 80 or 443! This is interesting but not exactly as useful as the title implies. We're really just bouncing off the proxy to get back to the Internet from the Internet. But we still have the internal IP address lingering in that source attribute, so if it works one way, surely it works the other way?
http://some.network.com/proxy/10.1.1.2:443/jpg/fullsize.jpg
Praying for an SSL service. "Service is currently unavailable" I think this means "No Dice." This error was received after a significant delay, which means the proxy itself must have been waiting for the TCP/IP connection timeout before actually responding. That's good, since it means it tried and as expected did not rewrite the port to 80. Maybe another host would be more interesting?
http://some.network.com/proxy/10.1.1.3/ --Nope
http://some.network.com/proxy/10.1.1.4/ --Nope
http://some.network.com/proxy/10.1.1.5/ --Nope
http://some.network.com/proxy/10.1.1.6/ --DING!
Awesome, another web server. Contains miscellaneous content of no consequence, but it also has some content that leads us to believe there could be another service running. Lets give it another try...
http://some.network.com/proxy/10.1.1.6:1/ --Nope
http://some.network.com/proxy/10.1.1.6:2/ --Nope
...
http://some.network.com/proxy/10.1.1.6:22/ --Nope
http://some.network.com/proxy/10.1.1.6:23/ --DING!
No way, really? Port 23 is for Telnet, convenient and very interesting. The result is we're served with a 'file' which we go ahead and download it into RAM, since we'll probably be throwing it away, and what do we see?
[Telnet Stuffs]
[System Banner]
Enter Password > 
   ERROR - Timeout
Awesome, it is a telnet server, we've got a nice little banner in there too for the type of system it is running on. We can't go much further than this on that one host (nor would we want to), but as you can see we can easily scan for services of interest on the internal network from the Internet at large.

What is one of the most interesting questions here is: what about firewalls? What are the expected trust boundaries and how do they compare with the actual trust boundaries? Depending on the different web services available and of course other configuration issues, this proxy is likely side stepping a firewall and could be putting a huge chink in the perimeter of the owning network.

Monday, September 27, 2010

Powershell: Start-BitsTransfer & User Authentication

I recently discussed an issue with ActualReverend (alright it was a month and a half ago and I'm just now blogging about it) concerning Powershell and using Start-BitsTransfer against a web server requiring user authentication. Additionally, this is my first time ever using Powershell for any task more than running 'ipconfig /all'. So I suppose we'll start with our problem statement:
"Using 'Start-BitsTransfer', download a file from a web server (an apache/svn service), which requires user authentication against an LDAP server, to a given location. Path is '/path/file.ps1' user credentials are 'username:password.' "
Should be a fairly simple script, he needed it for more but I am mostly interested with why it's not working as expected.
$creds = Get-Credential
Start-Bitstransfer -Source https://ourmixbreedserver.domain.com/path/file.ps1 -Destination C:\destination\ -Credential $creds -Authentication basic
Pretty straight forward script. It prompts the user for their credentials we enter "username" and "password" as that's our credentials. The authentication type is basic, and the server is properly configured to goto LDAP, so we're ready to Rock 'N Roll... But the results are of course not as expected, let's see the error.
Start-BitsTransfer : HTTP status 401: The requested resource requires user authentication.
Well, damn. We thought that providing the username and password pair would cover us but something went wrong and the error is not as forthcoming with the cause as we'd like. We provided credentials and the fact that we wanted the cmdlet to use authentication, so what the hell? Maybe our server logs will provide some insight.
[Thu Aug 19 13:30:50 2010] [error] [client 10.1.1.2] user \\username not found: /path/file.ps1 
 Ah ha, so our user isn't found. Thats weird though why is there a '\\' preceding our username, we didn't enter that! Lets inspect our object $creds and see if it supports this outrageous server log claim (hopefully identify the source of the hiccup).
PS C:\Users\username>$creds 
UserName              Password
--------              --------
\username             System.Security.SecureString
PS C:\Users\username>
Huh so, there is our issue. Our LDAP server certainly has no idea who '\username' is. So our Username property in our... wait what type of object is this? Running $creds.GetType() shows us its a 'PSCredential' type. The MSDN shows us this is in the 'System.Management.Automation' namespace. So in theory I can use the New-Object cmdlet to make a new object with the contents of the old object and clean it up, right? Right!
PS C:\Users\username> $creds = New-Object -TypeName 'System.Management.Automation.PSCredential' -ArgumentList $creds.Username.Remove(0,1),$creds.Password
Alright,  lets check out our object now...
PS C:\Users\username>$creds 
UserName              Password
--------              --------
username             System.Security.SecureString
PS C:\Users\username>

Very cool, so lets try it out (cross our fingers):

PS C:\Users\username> Start-BitsTransfer -Credential $creds -Source "https://ourmixbreedserver.domain.com/path/file.ps1" -Destination C:\destination\ -Authentication basic
PS C:\Users\username> 
VoilĂ , we're now providing our user credentials successfully and downloading the file we want without error! Powershell, you have just made my Windows using experience that much better.