It's been a while. Summer vacation, if you like.

Jul 06 2019

I haven't actually been on vacation lately, not really.  I decided that I needed to go off and do some different stuff for a while.  I've been in a rut lately and decided that I needed to shuffle some stuff around.  I swapped out the "writing rambling computer nerd blog posts" module for teaching myself a couple of new things and spending some of my downtime offline, curled up with cinnamon tea and a stack of books.  Getting away from a screen for a while seems to have done me some good, and I'm almost back up to my old reading pace of five or six books a week.  I'd all but forgotten how much dead tree books weigh after the fixed mass of a tablet for so long.  The wireless router at home that I set up to replace the astoundingly shitty DSL modem-cum-wireless access point that Annoying, Trying, and Twisted insists we use is starting to act flaky, which suggests that it's reached the end of its functional life, not unexpectedly since this model tends to have overheating problems.  A few weeks back I picked up a new router, a Linksys WRT 1200 AC and promptly made a few hardware modifications to it, which is to say I cracked open the case, unbolted the heat sinks, scraped the crappy thermal tape off of the chips and applied decent heatsink grease, and put the router back together.  I'm considering wiring a small cooling fan onto the motherboard, maybe on one of the development ports.  Lately I've flashed OpenWRT onto the unit and set up quality of service and monitoring so I can keep an eye on things.  I'm still working out how to patch it into my exocortex for realtime status monitoring.  From a practical standpoint I can install Python on the new router, but doing so leaves next to no room for anything else.  I have to think about it some more.  I do NOT want to use SNMP if I can help it.

If you thought you were going to escape computer nerd-related rambling, you were sorely mistaken.

Click for the rest of the article...

Hacking around memory limitations in shared hosting.

May 30 2019

Longtime readers are aware that I've been a customer of Dreamhost for quite a few years now, and by and large they've done all right by me.  They haven't complained (much) about all the stuff I have running there, and I try to keep my hosted databases in good condition.  However, the server they have my stuff on is starting to act wonky.  Periodic outages mostly, but when my Wallabag installation started throwing all sorts of errors and generally not working right, that got under my skin in a fairly big hurry.  I reinstalled.  I upgraded to the latest stable release.  I installed the latest commit from the source code repository401 and 500 errors as far as the eye could see whenever I tried to do anything regardless of what I did.

In a misguided attempt to figure out what was going on, I bit the bullet and installed PHP on one of my servers, along with all of the usual dependencies and tried to replicate my setup at Dreamhost.  What that was a bit tricky and took some debugging I eventually got it to work.  It was getting my data out of the sorta-kinda-broken setup that proved troublesome.

Click for the rest of the article...

Have you tried turning it off and back on again?

May 25 2019

Disclaimer: The content of this post does not reflect my current employer, or any of my clients at present.  I've pulled details from my work history dating back about 20 years and stitched them into a more-or-less coherent narrative without being specific about any one company or client because, as unfashionable as it may be, I take my NDAs seriously.  If you want to get into an IT genitalia measuring contest please close this tab, I don't care and have no interest.

Time was, back in the days of the home 8-bit computers, we were very limited in what we could do in more than one way.  Without even a proper reset button or development tools other than the built-in BASIC interpreter if something went wrong there was really no way that you could debug it.  If you happened to be hacking code in any serious way on the Commodore chances are you'd shelled out good money for a debugger or disassembler and had at least a couple of reference books nearby.  If you were doing everything in BASIC then either you were growing your program a few lines at a time or using some code you got out of a magazine to do low level programming from inside of BASIC (an exercise fraught with frustration, let me tell you).  Even then, if something went sideways it was difficult to figure out where you went wrong and fix it.  The tools just weren't common at the time.  All you could really do was turn off the machine, wait a few seconds, turn it back on, and give it another shot in the hope that the machine wouldn't lock up on you again.

Click for the rest of the article...

Neologism: Disasterbation

May 25 2019

disasterbation - noun - Idly fantasizing about possible catastrophes (World War III, EMP strikes, nexus collapse, civil war, simulation hypothesis system shutdown, full-blown hyper-blight) without considering their likelihood or their possible solutions and preventions.  Very common in the prepper and futurist communities.

Source: M. Alan Kazlev (updated a bit and cross-referenced by me)

Accelerating a RAID-5 array with a solid-state hard drive.

May 19 2019

A couple of weeks ago, one of my co-workers mentioned in passing that he'd surprised himself by adding an SSD (solid state drive) to his file server at home.  To recap a bit, Leandra, my primary server at home has a sizable RAID-5 array storing all of my data.  However, one of the tradeoffs is that stuff recently written to the array is a little slow to be read back.  It's really not noticeable unless you're logged in and running commands, and even then the lag is something like one or two seconds.  Noticeable but not actually problematic.  At any rate, I'd been wanting to do some tinkering lately and had an Amazon order planned because I wanted to do some electronic work on my warwalking rig so I figured that, depending on the cost, I might add an SDD to my order.  Much to my surprise, a 120 gigabyte SSD is incredibly cheap, I paid a hair under $20us for a Kingston A400.  Emminently affordable.

Click for the rest of the article...

Notes from Thotcon 0x0a.

May 15 2019

My notes from Thotcon 0x0a:

Hacking Con Badges for Fun and Profit

  • Given by an EE
  • Badge hacking started with DC23, HHV.
  • Turned his DC23 record-badge into an analog clock.
  • AND!XOR's DC24 independent badge.
  • Maple Mini STM32.
  • Live spectrum analysis of 20-20KHz as an add-on.
  • Mic, pre-amp, FFT running on the uc.
  • Wired into the badge, rock-and-roll.
  • Inspiration and OSINT - look at the badge when it's announced, think about it
  • Get ideas
  • PoC - if you don't have this, you're not going to have anything
  • dev & debug
  • DC25 - NRF52 - 503.party
  • Blow up any images you can and start thinking.
  • BMD-300 module
  • OxVox - synthesizer and firmware for the badge.
  • Thotcon 0x09 badge - Thotcoin miner
  • Arduino to toggle the pin to mine as many coins as possible
  • Spoiler alert: 0 coins
  • ESP8266, similar to the Sparkfun devkit.  Picaxe x4.
  • Rewrote the firmware in the EPROM that holds the coin count and changed the value.  :)
  • Added a speaker and amp, built a CW repeater for morse code.
  • It's not a badge, it's a development board.  Changes how you think about it.
  • Addons - badges for your badges.
  • DC26 shitty add-on connector, four-pin I2C interface, VCC is marked.  Male pins.  0.1" pin pitch.
  • Master badges have female headers.
  • SAO Genie, based on TPM Genie, PoC for I2C sniffing.
  • Badge -> SAO Genie -> Addon to monitor traffic, serial interface to hook to a computer.
  • Destination address, packet contents.  Passthrough, inject, modify, block packets.
  • DCZIA badge - 4x4 keyboard
  • Crappy audio processing unit to make a sequencer or a synth.
  • https://github.com/mediumrehr
  • @mediumrehr

Click for the rest of the article...

War walking with a Raspberry Pi 0 W.

Apr 28 2019

You've probably noticed from the datestamps of my last couple of weeks worth of posts that they were autoposted by an agent.  This is because work has taken a turn for the extremely busy and I haven't had the time or the energy to write anything in particular; certainly nothing really useful.  Rather than wasting everybody's time I decided to relax a bit by picking up an older project, namely a new war-walking rig, and making it work.  Since I wrote that original post a few more security updates have come out for my phone and broke not only the Wigle wardriving app but a couple of other things that I really like, but that's neither here nor there.  I'm still using the equipment outlined in the previous post and the latest Git commit of Kismet right out of the developers' repo.  I made a couple of design decisions that I'll discuss later which are specific to my use case, which you are free to ignore or discard as you deem necessary.

Click for the rest of the article...

Neologism: @here grenade

Apr 25 2019

@here grenade - noun phrase - The act of tagging a message @here (meaning, everyone) in a crowded Slack channel (users >= 100), causing everyone who's busy but monitoring to drop whatever they're doing and flame you for bothering them by messaging @here.  Normally done by a user trying to get a response to a maximum severity ticket that's been ignored for longer than the SLA.

Example: "PFY threw an @here grenade into the #tech-support channel because the border router was on fire and the admins on call were ignoring their pagers.  He got kicked but at least the outage is over."