Archive for the ‘linux’ Category

« Older Entries
Newer Entries »

We’ve got computers, we’re tapping phone lines, I know that ain’t allowed…

Sunday, April 28th, 2013

Two things collided in my head last week. After I picked up the wreckage, I thought there might be a worthy blog post in the aftermath.

(Picking up the wreckage took a while, because the week was so busy. At least nobody took part of a locomotive through the eye. Anyway, I apologize if this is old news.)

Thing one: Andrew Huang’s post on the $12 Gongkai phone (by way of LWN). It doesn’t come as any great shock to me that cellphone hardware has become cheap: at last year’s DEFCON, the Ninja Networks party invitations were fully functional cellphones. (I do not know what the Ninja Networks cost per phone was: as I recall, the Ninjas stated they got substantial financial and technical support from Qualcomm. However, the fact that the phones were cheap enough to pass out as party invites is significant in and of itself, in my ever so humble opinion.)

Thing two: Dr. Richard Stallman and his position on cell phones. I don’t want to reopen the whole debate on whether Stallman is a hypocrite for not having a cell phone but being willing to use other people’s phones. Rather, I want to ask a not-so-simple simple question: is it possible to build a phone that overcomes Stallman’s objections?

…most of them are computers with nonfree software installed. Even if they don’t allow the user to replace the software, someone else can replace it remotely. Since the software can be changed, we cannot regard it as equivalent to a circuit. A machine that allows installation of software is a computer, and computers should run free software.

Well, it looks like we can put together a cellphone computer for about $12. Maybe less. I don’t see any reason to think that someone   (more likely, a small group of someones) could put together a reference hardware spec for an open cellphone, complete with schematics, PCB layouts, and a parts list. I know I don’t have the skills or equipment to do SMD soldering, and I wouldn’t ask, say, my mother to build a phone from a kit either. But it is just as easy for me to visualize a scenario where some organization (say, the FSF) contracts with a manufacturer to build phones from the reference design, with an organizational seal of approval. They could sell the phones outright, or offer them as a premium for donations: I think I’d give at least $50 to FSF for a phone like the one Huang describes. Add WiFi, GPS, a color screen and a camera and I’d go up to $100, possibly more depending on my mood, the phase of the moon, and other factors.

But we need an operating system for our cellphone computer, right? Right. Android is open source. Note well, however, that there is a difference between “free software” and “open source software”, and that these are not equivalent concepts. But it seems pretty easy to imagine (as long as were are imagining) a fork of Android that is truly “free” by the FSF definition. As a matter of fact, we don’t even have to imagine; while I was researching this post, I stumbled across Replicant, which is exactly that.

…tracking and surveillance devices. They all enable the phone system to record where the user goes, and many (perhaps all) can be remotely converted into listening devices.

I’ll deal with the second objection first. With a truly open source and free OS, I think you can pretty much eliminate the capacity for remote bugging. As to the first objection, I don’t see a way around that. It seems pretty clear that the phone system has to know where your phone is for you to make calls and get calls. But: if the system only stores that information for the minimum necessary length of time, and discards it after the call is completed, is that good enough for Stallman?

(Even if you’re not actively engaged in a call, I think the network still has to know what cell you’re in. But could the network only store your current cell, and not the history of cells you’ve been through?)

(From this point forward, I’m going to refer to this idea as the “open” network. Calling it the “free” network carries with it the connotation that people aren’t paying for it. I’ll come back to that.)

Okay. So we expect AT&T and Sprint and Verizon and T-Mobile and the Grace L. Ferguson Cell Phone and Storm Door Company not to store this information. Right. I’ll wait for you to finish laughing.

Done? Okay. So we not only need consumer hardware, we need an entire “open” cell phone network. Is that something that could be reasonably built? Well, we need radio spectrum. It is unlikely that the carriers will give up spectrum for an “open” network. So what do we do? Could we use amateur radio frequencies, like the 2390-2450 MHz band? Is it even possible that local amateur radio groups could set up and maintain cells in their local areas? (I don’t imagine the equipment to set up a cell is cheap, but I also don’t imagine it is beyond the reach of a group of talented amateur radio operators with a GNU software radio. And if the equipment becomes widespread, the prices should go down. I hope.)

Could you even do away completely with the cell network, and just run all the communications over IP? You’d need to be associated with an access point, but aren’t most folks near one at home or at work most of the day? Would it be possible for amateur radio operators to set up networks of access points along major urban corridors? WiFi hardware is even more of a commodity item than cell hardware, and there are protocols for linking access points together or doing mesh networks.

Someone has to pay for this, right? Right. We don’t want movements and activity tracked, but I don’t see any philosophical problem with a simple lookup based on each phone’s unique identifier. All you need is one bit to indicate the customer is paid up and entitled to use the network. As for the actual cost and billing, it seems to me that can be handled by systems outside the network. If you’re giving unlimited everything for one flat fee, you don’t need to track anything except paid or unpaid. If you want to start getting into per voice minute or per KB data charges, it seems to me that you can still track usage (minutes, KB, or texts) without tracking activity and bill based on usage. The money from service fees could, in turn, be routed to the cell providers. I’m sure we could come up with a fair way of doing this; for example, X cents per call routed through an individual cell. Busier cells get more money, which they can invest in upgrading service; more remote cells probably have lower demand, and don’t need the same capacity.

(One big problem if you’re using amateur radio frequencies: FCC regulations prohibit “communications in which the operator has a pecuniary interest, including communications on behalf of an employer“. There’s a strong tradition, in addition to the FCC regulations, against using the amateur radio bands for business purposes. One could argue that this kind of network wouldn’t be a business, though; rather, it would be a maintained as a public service, and the money that comes in would go back out to local amateur organizations to cover their cost of maintaining cells. I sort of see this in the same way as I do the repeaters maintained by some amateur radio clubs for the use of their members.)

So I said this was a not-so-simple simple question. Basically, what I don’t know about cell phones and cell technology could fill books. (Indeed, it has filled books, which are located in places called “bookstores” and “libraries”. But I digress.) I think I’ve outlined a possible path to an “open” network, but I acknowledge the limits of what I know. I would welcome criticism from people who know more than I do: those who work in the industry, computer security experts, and heck, even cyberpunk writers.

I mention cyberpunk writers for a reason. Maybe I am over-romanticizing this a bit, but I have this mental image of guys in the Sprawl with “open” cellphones spread out on blankets in the street, and gangs like the Panther Moderns using those phones. A guy can dream, can’t he?

(Subject line hattip: the greatest rock song ever, by the greatest band ever. Like you needed it anyway.)

Edited to add: I knew there was something I was forgetting. How reliable would this network be? After all, AT&T spends hundreds of millions of dollars a year on their network, where what I’m talking about here is something that is, at best, a fringe network primarily used by people highly concerned with privacy, and possibly maintained by amateurs on a spare time basis. On the other hand, AT&T spends hundreds of millions of dollars a year on their network. Enough said.

My inclination is to say that you could probably build something that’s “good enough”. You might not be able to get to the same level of service as, say, Verizon, but you could probably get to a level of service where people are willing to make the tradeoff between guaranteed privacy and a small amount of inconvenience. I think this is one place where my plan is weak.

Edited to add 2: 1500 words? I haven’t written like this since I was in college. In other words, last year.

Posted in Android, Geek, linux, Radio | 1 Comment »

Lessons learned.

Monday, August 6th, 2012

So…somebody I know was having problems with their netbook running Ubuntu.

The somebody in question decided (for good and sufficient reasons) that part of the problem might be due to them having done several upgrade installs of recent Ubuntu versions which left cruft on the system. This somebody thought the best thing to do was to make a backup of /home, reformat the box, and reinstall Ubuntu 12.04 from scratch, blowing away all the existing data and partitions.

Which they did.

The somebody in question had a MySQL database on the box that had somewhere around ~2,500 records in it. It was a fairly simple database, probably overkill for MySQL: one table, a few columns.

It turns out that MySQL doesn’t store databases in /home. MySQL stores databases in /var/lib/mysql by default, and the somebody in question never changed the default. (This vaguely makes sense if you think about it; after all, MySQL is intended to be a multi-user database, so why would you store databases under an individual user’s home directory by default?)

The somebody in question found this out after blowing everything away. And, of course, the somebody in question only backed up /home.

Fortunately, the database isn’t that important, and much of the data on it can be recovered from older .CSV files that were used to import the data into MySQL.

But next time, the somebody in question is going to backup every damn thing, not just /home.

The somebody in question is also going to try to get out of the habit of making assumptions about where things are stored.

Posted in Backups, Geek, linux, netbook, project_e | 5 Comments »

Hmmmmmmmm.

Friday, August 3rd, 2012

In the DEFCON 20 day 2 notes discussing the ADS-B presentation by Renderman, I alluded to some work on using USB TV tuners to pick up ADS-B broadcasts.

I did a little more research on this earlier today, just to satisfy my own curiosity.

The RTL2832U outputs 8-bit I/Q-samples, and the highest theoretically possible sample-rate is 3.2 MS/s, however, the highest sample-rate without lost samples that has been tested so far is 2.8 MS/s. The frequency range is highly dependent of the used tuner, dongles that use the Elonics E4000 offer the widest possible range (64 – 1700 MHz with a gap from approx. 1100 – 1250 MHz). When used out-of-spec, a tuning range of approx. 50 MHz – 2.2 GHz is possible (with gap). [Emphasis in the original – DB]

Holy cow! I’ve been wanting to mess with software defined radio, but the $1,500 cost for hardware is a bit discouraging. This looks like an excellent way to get started for about $20 instead. The necessary software is linked from the rtl-sdr page, and you can even get a script that will build gnuradio with the proper components.

What has been successfully tested so far is the reception of Broadcast FM and air traffic AM radio, TETRA, GMR, GSM, ADS-B and POCSAG.

Yow!

Edited to add 8/4: We are not amused. In the past two days, we have been to Fry’s. The shelves at Fry’s were almost completely stripped bare of USB TV adapters. We have also been to three different branches of Discount Electronics; none of them had any of the listed adapters. We have checked Google, and all of the adapters listed with the E4000 tuner do not appear to be available from vendors in the United States. The only adapter on rtl-sdr’s list that we were able to find was the Ezcap EZTV645 DVB-T Digital TV USB 2.0 Dongle with FM/DAB/Remote Controller which DealExtreme sells. However:

  1. There are conflicting reports as to whether this is the one rtl-sdr is talking about, and whether this one has the E4000 tuner.
  2. There are a lot of reports that DealExtreme is slow in shipping; as in, a month or longer.

I’ve ordered the Newsky TV28T that’s listed on the sysmocom site (linked from the rtl-sdr page). With shipping, it came out to 23.30 euros, or about $28.86 in dollars. That’s still well within my price range for tinkering with SDR. I’ll update when the device gets here.

In the meantime, if anyone has any GNURadio or general SDR tips, advice, or suggestions, please feel free to leave them in comments or shoot me an email. Contact addresses are in the usual place.

(And thanks, Borepatch.)

Posted in DEFCON 20, Geek, linux, project_e, Radio | 2 Comments »

After action report: Las Vegas, NV 2012.

Tuesday, July 31st, 2012

I don’t have much new to report as far as equipment, but I do have a couple of notes on existing stuff. DEFCON for the past few years has run a “secure” network using MSCHAPv2 authentication.

  1. This worked fine on the Kindle Fire. I was able to log in and browse whenever the network was working. However, there seems to be some sort of bug in the Kindle Fire: after a certain amount of time, the wifi setting on the Fire would either stop responding completely (on/off switch wouldn’t do anything) or would immediately crash (with an error message) as soon as I tried to open the setting.
  2. The default Network Manager on Ubuntu 12.04 would not connect to the “secure” network at all, but just constantly brought up the authentication prompt. Google turned up more than a few reports of Ubuntu issues with Network Manager and MS-CHAPv2 authenticated networks, so it seems this is a known issue. I worked around this by downloading and installing wicd, which was able to connect. However, wicd does not appear to save network settings, so every time I wanted to connect to the network, I had to re-enter the configuration.

(In general, I’m seeing more and more problems with project e and Ubuntu 12.04. I suspect some of these may be issues caused by doing several upgrade installs in succession, so I may try doing a backup of /home, reformatting project e, and doing a scratch install and restore of 12.04.)

Food: I had excellent meals at Lotus of Siam (the sea bass drunken noodles) and at Piero’s Italian Cuisine, which is a very old-school Italian restaurant near the convention center.

That was some swell osso bucco. And I don’t think I paid much more for it than I paid for osso bucco at Ciola’s when they were still open.

I also broke with one of my rules and went back to Shabu Shabu Paradise again. In my defense:

  1. I really like these people and want them to be enormously successful.
  2. I haven’t been there since my last trip with Andrew and Mike the Musicologist.
  3. I kind of have a tiny little crush on the waitress. Who, by the way, recognized me from my previous visits, even though I was clean-shaven last time. (I think she’s married to the chef, so nothing’s going to come of that.)

I also had a good meal at Mint Indian Bistro, and very good breakfasts at Blueberry Hill on Flamingo and The Egg and I on Sahara. (The rule doesn’t apply to breakfast, as it is very very hard to find good breakfast places that aren’t casino buffets, Denny’s, or IHOPs in Vegas. If anybody does have a recommendation for a good breakfast place in Las Vegas, please feel free to drop it into the comments.)

I’ve been driving past Hofbräuhaus Las Vegas for years now, considering giving them a try and then not going after all. This time, thanks to Tam inspiring a German food craving in me, I thought I’d give it a shot. The verdict: meh. It wasn’t a horrible meal. The service was pleasant and efficient. But it seemed like I paid a fair amount of money for pretty average food. Walburg is better and cheaper and really not that bad a drive if I go there from work. (You’d be hard-pressed to spend $50+ at Walburg without either being too full to move or too drunk to drive.)

I drove past Flavor Flav’s House of Flavor several times (it is very close to my preferred ATM in Las Vegas, which, in turn, is far enough away from DEFCON that I’m not any more paranoid than usual about using that ATM), and I regret not getting a photo.

I did get some photos (but they didn’t come out well) of “Lynyrd Skynyrd BBQ & Beer“. BBQ and beer? I can haz both?

(By the way, I was never offered a full can of soda on any of my Southwest flights. But I did get a full can of drinking water between PHX and AUS.)

Thanks to: Everyone at DEFCON 20 (staff, goons, presenters, and attendees), the folks at Shabu Shabu Paradise, Lotus of Siam, the Egg and I, Blueberry Hill, and Mint Indian Bistro, the Mob Museum, Amber Unicorn Books, Greyhound’s Books, Borepatch for linky-love, and anyone else I missed.

Posted in Books, DEFCON 20, Food, Kindleing, linux, Mixology, project_e, Travel | 2 Comments »

0-day DEFCON 20 notes.

Friday, July 27th, 2012

I got in line for my badge around 7:30 AM. Registration opened at 8 AM, according to the schedule.

I got my badge at 9:30 AM. I have no idea how many people were in line, but it was packed. We were told that folks started camping out for badges at 10:30 PM Wednesday night.

But, hey! I got mine!

After what was (in my opinion) last year’s badge fail, they went back to an electronic badge this year, still tied in to a “crypto-mystery” game, but at least the badge does something useful.

Or perhaps can do something useful, would be a better way of putting it. The designer calls it a “development platform”: there’s holes for I/O pins at the top, and we were issued VGA (1) and PS/2 connectors (2) with the badge to attach ourselves. And remember my inquiry a while back about microcontrollers? The badge CPU is a Parallax Propeller.

(I haven’t been able to get the badge and Project E talking yet. I suspect a bad or wrong USB cable.)

I hit two panels today. Worth noting is that today’s theme was “DEFCON 101”: there was only one programming track, and the theme of those items was more “introduction to” rather than “deep dive.”

DaKahuna’s “Wireless Security: Breaking Wireless Encryption Keys” wasn’t quite what I expected, in that he didn’t do a live demo. (Though he did suggest that there would be systems available for practice in the Wireless Village.) Rather, this was something of a “view from 10,000 feet” presentation, giving a basic introduction to hardware requirements and tools for attacking wireless keys, along with explanations of how WEP and WPA keys work, and where the vulnerabilities are. A lot of this stuff I already knew from my academic studies, but then again, I wasn’t the target audience here, and I did pick up a few tips.

The presenters for “Intro to Digital Forensics: Tools and Tactics” sold me in the first five minutes by pointing out that:

  • Not everyone knows everything.
  • It would behoove the community to stop acting like dicks when people ask reasonable questions, like “What switches should I use for NMap?”.

The presenters then proceeded to give example usages for what they considered to be the top five tools for testing and exploration:

  • The Metasploit framework, which they sadly ran out of time while discussing.
  • Ntop, the network traffic analyzer.
  • Nmap, for doing port scans and OS fingerprinting. For example:
    #nmap -v -sT -F -A -oG 10.x.x.x/24
    What does this mean?
    -v turns on verbose mode
    -sT forces NMap to do a full TCP connection to each host
    -F enables fast scan mode
    -A tells NMap to do OS fingerprinting
    -oG tells NMap to output in a format grep can work with,
    10.x.x.x/24 tells NMap the range of hosts to scan.
  • tcpdump, which captures packets on a given network interface.
    tcpdump -i eth1 -n -x
    -i specifies the interface
    -n turns off /etc/services translation, so instead of displaying the service name (ftp, telnet, etc.) it just shows the port number.
    -x dumps hex output to the screen
  • Netcat, which creates TCP sockets that can be used for communications between systems. But that’s a little misleading. Let’s say we have two systems, our localhost and a machine at 192.168.1.128. On the .128 machine, we run:
    nc -l -p 2800 -e cmd.exe
    -l tells netcat to listen for a connection
    -p tells netcat to listen for that connection on port 2800
    -e tells netcat to run a command when a connection is made on that port: in this case, netcat will run cmd.exe.
    On the local system:
    nc 192.168.1.128 2800 connect
    which establishes a connection between our system and the remote system. The remote system will run cmd.exe, which (on a Windows system) should give us a command shell on the remote system that we can use from our localhost.

I took the rest of the day off to visit a couple of bookstores (both are still there, pretty much unchanged) and the Mob Museum.

My first thought was that $18 seems a bit stiff. Then again, the Atomic Testing Museum is $14, And the Mob Museum seems to have more people on staff, and may possibly be a little larger than the ATM. (I can’t tell for sure, but the Mob Musuem bascially has that entire building: all three floors.) ($5 for parking cheesed me off a bit, though.)

Anyway, while the Atomic Testing Museum is still my favorite Vegas musuem, the Mob Museum is well worth visiting, especially if you have an interest in organized crime in the United States. (Not just in Vegas, though that is a key focus; the museum also talks about organized crime in other areas, including NYC and Cleveland.) There is a lot of emphasis on Estes Kefauver, perhaps just a little more than I thought was warranted.(I admit, I chuckled at the “Oscar Goodman” display.)

Two things that surprised me:

  1. The number of families with small children at the Mob Museum. Parents, would you take your kids to a museum devoted to organized crime? (There’s some pretty graphic stuff, but the Museum confines it all to one section, warns you before you enter the section, and gives you an option to skip past it.) (And I feel kind of hypocritical saying this: if my parents had taken me to the Mob Museum when I was, say, 10, wild horses couldn’t have dragged me out of there.)
  2. The popularity among small children of the firearms simulator. Kids were having a lot of fun pretending to be cops, running through various scenarios (like a domestic dispute) and busting caps in bad guys. (I didn’t tell any of the kids that, had they actually been out on the street, they’d be dead before they got their first shot off. Do I look like an asshole?)

Tomorrow is when things start for real. Look for an update, but probably late in the evening.

(Oh, I did want to mention Chad Everett’s death yesterday, but I was using the Kindle to blog, which was a pain, and things got kind of sideways leaving LAX and arriving in Vegas, so consider this your obit watch.)

Posted in Cops, DEFCON 20, Geek, Guns, Law, linux, Museums, Obits, project_e, Travel | Comments Closed

Followup roundup.

Friday, June 1st, 2012

Looking at site stats this morning, I noticed that my ThinkPenguin endorsement seems to be getting some traffic. I thought I’d bop over to their site and check: yes, they have the new dual-band wireless N USB adapters available. And to tell the truth, I like the design of this adapter better than the one I have.

Earlier this week, I commented on the death of Mack Wolford. Lauren Pond, a photojournalist, had been working with Rev. Wolford for the past year as part of a documentary project on the Pentecostal snake-handling religion. Ms. Pond was at the service where Rev. Wolford was bitten, and sat with him and his family as he died. Some of her photos, and her thoughts about what happened and her obligations, are in the WP.

Posted in Clippings, Endorsements, Geek, linux, Photography, Reptiles, Snakes | Comments Closed

I heartily endorse this event or product. (#7 in a series)

Friday, February 3rd, 2012

ThinkPenguin.

Back in May of last year, I wrote about upgrading my wireless router to a dual-band Netgear WNDR3700, and the problem posed by the lack of a dual-band wireless adapter in the Project e netbook.

Since then, I’ve been looking for a dual-band 2.4GHz – 5GHz 802.11N USB adapter that was fully supported by Ubuntu out of the box; no NDIS wrapper, just straight plug it in and have it work. I actually bought and returned one adapter that ended up not meeting those requirements. I kept looking, and kept beating my head against a wall.

The last time the issue came up, I noticed a mention of ThinkPenguin on the Ubuntu “WifiDocs/WirelessCardsSupported” page. “Okay,” I said to myself. “Why not check to see what they have?”

Sure enough, ThinkPenguin offered a dual-band USB wireless 802.11N adapter that they claimed would work right out of the box with all current versions of Ubuntu. It was a little more expensive than the 802.11N adapters that you find on sale at Fry’s, but by this point I was willing to pay a few extra dollars for something that would Just. Freaking. Work. So I placed an order.

I picked up the adapter last night, booted up the netbook, plugged it in, and…

…It. Just. Works. Right out of the box. Ubuntu had no problems recognizing the device, I had no problems connecting to my 5 GHz network (even without external antennas; more on this in a moment), and I’m getting the expected substantial speed improvement. If I get a chance, I’ll see if I can post some direct speed comparisons between ThinkPenguin’s adapter and the Asus built-in one.

I’ve also had occasion to communicate with ThinkPenguin support, and I was extremely impressed with the speed of their response; using their online support form, I got a response back to my questions in less than one hour. I consider that outstanding.

I will concede, as I said above, that ThinkPenguin’s offerings are a little more expensive than the stuff you find at Fry’s. I paid $64 for the adapter I ordered (plus about $6 for priority mail shipping); dual-band adapters at Fry’s typically seem to run about $40 (plus local tax of 8.25%) for name brands. The thing is, my time is worth more than $20/hour to me; I’m willing to pay for stuff that works right away, and does what I want it to do without limits.

If that’s the way you feel, I recommend you check out ThinkPenguin.

(One other point: you’ll note that I didn’t offer a specific link to the adapter I bought. That’s because, according to ThinkPenguin support, they’ve dropped that adapter from their catalog. TP states they plan to introduce a new adapter in the next month or two, as soon as they can raise funds to get the adapter produced. In the meantime, while the adapter I ordered is not listed on their site, TP still has a small stock available, and you can purchase it by contacting them through their website or calling 1-888-39-THINK (84465). Please note that I haven’t received any freebies from TP; I’m just a very satisfied customer.)

(Edited to add: Also, if you’re going to order an adapter that supports external antennas, just a note: it is easier to order both the adapter and the antennas at the same time. TP will still sell you the antennas as a separate item; they just don’t have them cataloged, and it will require an email/phone call.)

Posted in Endorsements, Geek, linux, netbook, project_e | Comments Closed

NFS: Not For Storage

Wednesday, December 21st, 2011

The Unix-Haters Handbook (which I am proud to say I own a physical copy of) is now available for free download.

(Hattip: Unix tool tip.)

Posted in Books, Geek, linux | 2 Comments »

Tinkering.

Monday, May 30th, 2011

It has been a somewhat slow holiday weekend, and I’ve been spending a good-sized chunk of it messing with stuff.

I wanted to upgrade my existing wireless router to something that had dual-band (2.4GHz/5GHz) support, and would also run the dd-wrt firmware. So, thanks to the great Jeff Atwood, I went ahead and ordered a Netgear WNDR3700, got it on Friday, and started trying to get it set up on Saturday.

I like dd-wrt in principle, and I think if you’re willing to put up with it, the firmware offers a very rich feature set. But the documentation could use a lot of work. I bricked the router several times (though I was able to recover it): the instructions on this page work just fine for flashing the factory_NA.img file, but the router would lock up and require a tftp reflash as soon as I tried to flash any other version.

Once I got past that, it took a little more skull sweat (though not quite as much) to get my Maxtor EasyShare NAS working as a CIFS device, and to get a static IP assigned to it. (The dd-wrt docs on assigning a static IP even admit that the assignment process is buggy.)

A little more skull sweat after that and I was able to get the 1 TB drive I’d attached to the USB port on the router mounted using Samba and accessible from both the MacBook and Project e. So now I have about 1.3 TB of network accessible storage, which is nice. Transmit power seems reasonable: I can get a signal on my Evo well out into the parking lot of my complex. (I haven’t tried tweaking the transmit power or other settings for the radios in the router, which is one of the nice things dd-wrt lets you do.) I also like being able to put in three DNS servers; again, acting on a Jeff Atwood suggestion, I downloaded and ran namebench, and added a tertiary name server based on its recommendations.

Ah, but there’s a problem. I want to run a closed network using the 5 GHz radio only (for maximum speed) and an open network using the 2.4 GHz radio (isolated from the main network). It turns out that, while the netbook does support wireless N, the adapter only runs on the 2.4 GHz frequency. So if I want to get top speed on the netbook, I need to get a USB wireless N adapter that supports 5 GHz and is supported under Ubuntu. (I don’t want to go through the whole ndiswrapper thing.) And I haven’t been able to find that yet…

Oh, yeah: I also upgraded Microsoft Office to the 2011 version: prior to all of this, I upgraded the MacBook to 10.6.7, and Office 2011 seems to run much better under 10.6 than the Office 2004 I was using. And I can get rid of the file conversion utility.

Still on my list of things to do before school starts up again, besides updating the Saturday Dining Conspiracy pages:

  • root the Evo. But since 2.3 is rumored to be coming down the pike real soon now, I think I’ll wait for that update before rooting.
  • upgrade Project e to Ubuntu 11.04. But given the things I’m hearing about the Unity interface, I’m having second thoughts on that. Apparently, you can disable Unity on 11.04, but it’ll be the only interface in 11.10.
  • do a BIOS update on Project e. Which isn’t that big a deal, except for the part about preparing a DOS bootable USB disk under Linux or MacOS.
  • I still want to work on improving my photo setup so I can take better gun photos. Mostly, I think that’s a matter of building a light box, and perhaps purchasing some additional lights and a tripod.
  • I’d like to get part three of “Talkin’ GPS Blues” up before I go back to school.
  • I’d also like to get back into the MIT Open Courseware swing.
  • I’ve got most of the parts for a dedicated NAS box sitting under a desk, and should probably start trying to assemble that. Missing: RAM, storage space for the FreeNAS OS, and storage drives.

There’s travel in there as well. And somewhere, Mike the Musicologist is snickering at me…

Posted in Apple, asus_eee, Geek, linux | Comments Closed

Talkin’ GPS Blues (part 1).

Sunday, January 9th, 2011

A long time ago, my great and good friend Glen pointed me in the direction of a Steven Jay Gould essay about his encounter with Richard Feynman. Gould’s point in that essay was that he thought Feynman wasted a lot of time trying to understand evolution from the ground up, time that Feynman could have spent making valuable contributions to the theory instead. My response is that I think I understand where Feynman was coming from; the only way he felt like he could contribute something was to start from first principles and work his way forward until he understood each step. I’m not anywhere near as smart as Feynman or Gould, but I feel much the same way as Feynman did. Hence, the long and rambling nature of this entry.

I have six GPS systems. That’s probably more than any one sane person needs, but we can leave that discussion for another time.

(more…)

Posted in asus_eee, CompScI, Geek, GPS, linux, netbook, Nokia, project_e | 4 Comments »

Do Androids dream of electric apps?

Thursday, September 9th, 2010

As noted previously, I finally resolved the phone issue. (And AT&T can still die in a fire.)

The number one question I’ve been getting (replacing “Where did you get that shirt?” at the top of the charts) is: “How do you like your new phone?”

Answer: I like it just fine, but…below are some preliminary thoughts on Android (at least, as implemented on the EVO 4G; I do realize that some of these may be issues with the built-in apps, rather than the Android OS itself):

  • It is disappointing to me that the alarm built into the EVO’s clock app can’t be set to play arbitrary sound files as alarms. (I fall into Ihnatko’s 2% who haven’t seen the movie yet, but I love the story behind “Non, Je Ne Regrette Rien“.)
  • Ditto that I can’t set an arbitrary sound file for text message notifications.
  • It is also disappointing to me that there’s no basic Notepad type app provided with the EVO. I’m sure there’s probably 300+ on the Android marketplace, but I needed to make a shopping list this morning and didn’t have time to sort through all of them. Any tips?
  • Integration between the built-in music player and the built-in navigation app is also a disappointment; the navigation app will pause the player to make route announcements, but you have to manually start the player up again, rather than it automatically resuming play.
  • On the plus side, the sound is great; I can listen to podcasts in the car without having to hook into my (currently non-functional) stereo system.
  • The on-screen keyboard is vastly better than using the keypad (even with T9) was on the T616, and somewhat better than the on-screen keyboard on the N800. However, I still have a lot of trouble hitting the correct key with my large-ish fingers.
  • One of the drawbacks of purchasing an Android phone is synchronization with the MacBook. If I had purchased an iPhone, everything would be simple (or at least, simpler). But, no, I had to be different and resist peer pressure… At some point, I suspect I will end up ordering this. (Right now – and I do realize this is a phone controlled setting – the MacBook sees the phone as a USB disk drive with photos on it, and automatically opens iPhoto. I can browse the Android file system and copy files to or from it without problems.)
  • Speaking of iPhoto, I’ve done almost nothing with the built-in camera yet.  I need to work on that.
  • The EVO’s calendar app has a noticeable lag; it takes a couple of seconds to switch to the current date when I bring it up.
  • If there’s a way to sync the EVO’s calendar app with Google Calender, I haven’t found it, and there doesn’t seem to be a separate Google Calender app (like there is for Maps, Voice, Earth, etc.). Do I need to grab some other calender app off the Android Market? (Edited to add 9/10: Okay, I think I’ve figured this one out. You can sync the EVO app with Google Calender, it just isn’t quite as straightforward as I was looking for.)
  • The EVO also seems to lag behind in changing screen orientation when I rotate the phone.
  • I managed to get the Android SDK and the ADT plugin installed without problems on the MacBook, but the ADT plugin won’t install into Eclipse on Project e. It looks like there are some dependencies that Eclipse can’t resolve, but I can’t figure out what those are. I may have to blow away and reinstall Eclipse (which isn’t a major issue; I don’t have a bunch invested in Eclipse on Project e).
  • I either need to dig out my old Java textbook, or see if I can find an updated edition cheap online.
  • Speaking of textbooks, and having nothing to do with Android in particular, I just paid $180+ for a damn textbook. This makes me mildly cranky.
  • My old T616 in the case fit neatly into the magazine phone pocket of my 5.11 tactical pants. The EVO? Doesn’t fit. Dear 5.11 folks: maybe we could think about redesigning that pocket to fit smartphones? (I wear 5.11 tactical pants (or, as some people call them, “Kaiser blade Internet pants“), not because I’m a mall ninja, but because they are the most comfortable and toughest pants I’ve found. Plus they make it really easy to carry all my stuff.)
  • Battery life is…well, middling. I haven’t really tried optimizing power consumption, though, except for turning off WiFi and Bluetooth. (Hurrah for the EVO’s control panel that allows easy access to those settings.)
  • There’s a few applications I’m looking for and would welcome advice on finding in the Android market. The first one is a good WiFi scanning utility; ideally, it would have the ability to log access points with GPS coordinates, note if the points are A, B, G, or N, note if they’re open or closed (and if they’re WEP, WPA, WPA2, etc.), and write all this data to a XML or KML file. It looks like there are several apps in the market that meet these criteria, but I’m not sure which ones are good.
    The second app I’m looking for is a good vehicle management application. At a minimum, I’d like to be able to enter an odometer reading and number of gallons, and get a miles-per-gallon figure for that tank, as well as an average MPG for all tanks to date. It’d be spiffy if I could also enter a price per gallon, as well as other expenses (insurance, repairs, maintenance) and get a cost-per-mile figure as well.
  • I love the GPS Status app.
  • I’ve played a little with the Amazon Kindle app; so far, I’m more impressed with it than I am with the refurbished Kindle I purchased earlier this year.
  • The EVO’s screen is impressive. Much better than the N800’s. I haven’t done a side-by-side with an iPhone 4 yet, but I’m willing to bet it gives the iPhone a run for its money.
  • The EVO’s video player can decode H.264 video! (I haven’t done anything with the camcorder app, so I don’t know what format it encodes video in.)
  • Waiting for a sale on those 32GB microSD cards…
  • Edited to add: There’s also no general file browser app on the EVO.

Again, I generally like the phone; most of these are just minor quibbles that I can probably solve one way or another.

Posted in Android, asus_eee, Books, Geek, Kindleing, linux, Movies, netbook, Nokia, Pants, Photography, project_e, School | 4 Comments »

After action report: Las Vegas, NV.

Wednesday, August 4th, 2010

I covered a lot of stuff in my previous travel report, so this will mostly just be updates.

  • Project e worked spectacularly well at DEFCON. This is the first chance I’ve had to really push the battery life, and I was able to get an good 12+ hours out of the battery without running it totally dry. (This was with the machine set to “powersave” and putting it into “standby” or “hibernate” when I was in the dealer’s room, or driving around with Mike the Musicologist and Andrew. Continuous usage with the wireless would have been more like 6+ hours, I think, which is still pretty impressive.)
  • My one regret is that I forgot my Alfa external WiFi adapter. I would have enjoyed playing with that at the convention.
  • The 5.11 bailout bag also worked out well for lugging around Project e and various other equipment. Again, I was able to carry a pretty good load, including the laptop, charger, books, a couple of bottles of water,  the small camera, and miscellaneous other necessities.
  • MtM has the Nikon with him and has been taking a lot of photos. As you saw below, I did use the Nikon to take some Gehry photos. When I have more time, I’m going to put up an expanded and annotated Flickr photo set; I did some side-by-side experiments with aperture priority vs. automatic exposure.
  • Food in Las Vegas was, without exception, pretty darn good. The worst meal I had (at the Four Kegs) was still better than average (and I didn’t order the stromboli, which is the house specialty). We also had a very good (if loud) tapas meal at Firefly* on Paradise, the usual wonderful meal at Lotus of Siam, the previously mentioned dinner at Shabu-Shabu Paradise, and a Moroccan meal at Marrakech. (I had not previously had Moroccan food, so I can’t comment on how authentic it was. I certainly enjoyed my meal, and the belly dancer didn’t hurt.)

    Vegas does have something of a shortage of good breakfast places outside of the casinos (and even inside of the casinos, if you’re not looking for a buffet). We had several good breakfasts at Blueberry Hill on Flamingo and one excellent breakfast at The Egg and I on Sahara. I know that MtM and Andrew went to a good Italian place in New York, New York while I was at the convention, and I’ll let them comment on that.
  • Between Tucson and Las Vegas, the refurbished Kindle I ordered arrived, and it went on this trip. I’m sure I’ll have more to say about the Kindle later on, but my first impression is “Meh”. I did manage to read John Clark’s Ignition! in PDF format and a Project Gutenberg MOBI format copy of Heart of Darkness without too much trouble, but my experiences with other PDF files and eBooks have been inconsistent.
  • On the other hand, I finished, and highly recommend, Ubuntu for Non-Geeks 4th Edition and am almost finished with Cisco Routers for the Desperate 2nd Edition (also recommended). No Starch Press rocks. And the coupon code “DEFCON18” will get you a 30% discount. And they’re running a half-price sale on all e-books.
  • My Southwest experience this time was much more pleasant. No misplaced bags, and no flight delays. One thing that was particularly unusual was going through the security line in Las Vegas; I had, literally, no wait. Just walked straight up to the TSA agent and got in line for the metal detector. It took longer to take my shoes off and the laptop out than it did to get through the rest of security.

My thanks to, in no particular order, the DEFCON 18 staff and presenters, No Starch Press, UNIX Surplus, SEREPick, Lotus of Siam, Shabu-Shabu Paradise, Sarah at the iBar in the Rio, and the unknown belly dancer at Marrakech.

Special thanks to my high-speed, low-drag travel companions in the primary, Mike the Musicologist and Andrew “Porous concrete? What were they thinking?” Wimsatt.

Posted in asus_eee, Books, DEFCON 18, Endorsements, Food, Gehry, Kindleing, linux, Photography, project_e, Thanks, Travel | 3 Comments »

DEFCON 18 notes: Day 3.

Wednesday, August 4th, 2010

“The Search for Perfect Handcuffs… and the Perfect Handcuff Key“: It seems that Sunday morning at DEFCON has become the default time for the lock picking and other physical security panels. Sometimes this bugs me a little; I can only sit through so many panels on compromising high security locks with common household objects before my eyes glaze over and I leave for the dealers room. It isn’t that these panels aren’t interesting, but three in a row…

Anyway, I say all that to say that this presentation from TOOOL was one of the better Sunday morning lock bypass presentations I’ve seen at DEFCON. Deviant Ollam and his crew gave a comprehensive overview of handcuffs, how they work, and how they can be defeated. Some key points:

  • A group of Dutch hackers managed to defeat the high security Dutch handcuffs by taking a photo of the key (hanging off someone’s belt) and using a 3D printer to duplicate it. The key can be found here.
  • You can shim many handcuffs with paper, believe it or not. Paper money (especially European paper money, which in many cases is more like plastic or Tyvek than paper) works especially well for this, as currency is generally designed to be tear resistant.
  • Handcuffs are generally a pretty simple mechanism. If they aren’t double-locked, it’s really easy to “shim” them (force a flat piece of metal, or something like that, down between the pivoting ratchet arm and the cuff itself), or pick the lock with something like a paper clip. (You know what really works well for a cuff pick? The sort of U-shaped metal arm that comes on those steel binder clips you can buy at Office Depot.)
  • If the cuffs are double-locked, it makes shimming and picking attacks harder. One way to defeat double-locking is the “whack attack”; slam the cuffs against a hard surface, and inertia will pop the double-lock locking bar back into the unlocked position.
  • It doesn’t take a lot of strength to break handcuffs. Breaking them is just a matter of binding the chains up. Once you’ve done that, it’s just leverage and simple physics to break the chain.
  • You can also rough up the chain with a small easily concealed diamond saw blade to make it easier to break. The folks at SEREPick sell such a thing; you can hide it in the seams of your clothes, in a belt, in the top of a shoe…
  • There’s a lot of design variation in handcuffs, which can cause problems, especially if you’re trying to find a universal handcuff key. Keyway sizes, size and number of pawls…lots of things can cause problems.
  • The TOOOL folks have collected a bunch of cuffs, so they got as many as possible together, took very precise measurements of the keys, and came up with a single “universal” handcuff key that opened all the cuffs they were able to try. No, they don’t sell it, but diagrams and measurements for the key were part of the presentation. The easiest thing to do, according to the presenters, is to start with a Smith and Wesson handcuff key, as that’s closest to the final dimensions of the universal key. After that, all you need is some minor cutting and filing which can be done with a Dremel tool.

(I suspect there are some people who are going to ask “Why would you want to break out of handcuffs? And don’t you feel bad about sharing this information with criminals?” In the first place, the criminals have already learned all these tricks at one of our many institutes of higher education. In the second place, the bad guys are starting to use things like handcuffs and zip ties to restrain their victims; you might as well learn how to defend yourself.)

“Electronic Weaponry or How to Rule the World While Shopping at Radio Shack“: I’ll cut some slack for this guy being a first time presenter, but this was a “Meh” panel for me. It was heavy on the theory of things like RF jamming and EMP attacks, but short on practice. Most of the theory I already knew, so there wasn’t a whole lot there for me. At the end, he did demonstrate a “sound cannon”, which was interesting. It did not, however, even approach the “annoying” level for me, much less the “weapon” one, though the presenter was running it without amplification.

“Breaking Bluetooth By Being Bored”: Dunning (who also built Vera-NG, a Bluetooth and WiFi sniping rifle) presented a series of tools for banging on Bluetooth. These tools included:

  • SpoofTooph, a utility for cloning and spoofing Bluetooth devices. SpoofTooph can also be run in a logging mode, where it will collect data on devices it encounters.
  • The Bluetooth Profiling Project, which uses programs like SpoofTooph to collect Bluetooth device profiles for analysis. (For example, which device addresses correspond to which manufacturer?)
  • vCardBlaster, a utility for running a denial of service attack against a Bluetooth device by flooding it with vCards.
  • Blueper, which sends a stream of files over Bluetooth. You can send files to multiple devices in range, or target a single device and flood it with files. This is interesting because many devices cache received files before asking the user to accept them; if you push a continuous stream of files to one of those devices, you can fill up internal storage and possibly crash the device.
  • pwntooth, a suite of automated Bluetooth testing tools.

As a side note, after some banging around (mostly to resolve dependencies) I managed to compile and install SpoofTooph on Project e. So far, I’ve only tested it in my lab environment, but it seems to work as designed. This is one of the reasons I love going to DEFCON, as there’s nothing like that moment when you say “Holy f—ing s–t, that f—ing f—er actually f—ing works! S–t!”

There was no final attendance figure announced at the closing ceremonies. According to Joe Grand’s badge documentation, there were 7,000 electronic badges made, and those went fast. I would not be shocked if there were 15,000 people at DEFCON this year, and from what I saw in the closing ceremonies, a lot of those folks were attending for the first time.

The big piece of news from the closing ceremonies is that, after four years at the Riveria, DEFCON is moving to the Rio next year. My hope is that the move will make it easier to get into the more popular panels (DEFCON apparently will be using the Penn & Teller Theater at the Rio), and provide more room to move around. (And maybe even more room for vendors.)

Coming up later on: the final after action report and thank-yous.

Posted in asus_eee, Bluetooth, DEFCON 18, Geek, linux, Locks, project_e, Radio | Comments Closed

Computers. You know, for kids.

Sunday, August 1st, 2010

We would also like to draw your attention to the Statesman‘s profile of Ken Starks and the HeliOS project.

The HeliOS people take in donated computers, refurbish them, put LINUX on them, and then get them into the hands of poor kids whose families can’t afford to buy computers.

Frequently, these families also can’t afford Internet access, which is the next big problem that the HeliOS people are trying to solve; so far, they haven’t had much luck with that.

Posted in Clippings, Geek, linux | Comments Closed

After action report: Tucson, AZ.

Wednesday, July 21st, 2010

My regular readers (and my irregular readers, too; come to think of it, “Whipped Cream Irregulars” would be a good name for a band) may have figured out by now that I’ve spent much of the past week on the road. Specifically, I was in Tucson for the annual convention of the Smith and Wesson Collectors Association. (You might have been able to guess that I also made a brief trip to the Phoenix/Scottsdale area so I could visit Taliesin West.)

I’m not going to talk much about what went on at that convention here, since it is a closed private convention, and I’m not comfortable discussing the organization’s affairs on a public blog. (Jay G. and the rest of the Vicious Circle gang might be amused to know that there was an actual S&W police bike, manufactured in Springfield, MA and complete with lights and siren, on display at the convention. I didn’t get a chance to take a photo.) I will say I had a great time at the convention, and in Tucson in general. Sadly, I didn’t have time to hit any used bookstores or gun stores in the area, but maybe next time.

This is the first extended road trip I’ve taken since last year’s DEFCON, so I thought it might be interesting to do some notes about what worked and didn’t work on this trip.

(more…)

Posted in Apple, asus_eee, Endorsements, Food, Geek, Guns, linux, Museums, netbook, Photography, Planes, project_e, Travel | 2 Comments »

« Older Entries
Newer Entries »