November 06, 2018



Disk Destroyer

I finally fell into the dd trap. I dd’d a FreeBSD Beaglebone black image to /dev/sdb, where my home directory lives. It should have been /dev/mmcblk0, but I trusted tab completion and didn’t check dmesg. After a quick check of gparted, it was obvious what had happened. I’ve nuked the partition table on the drive. Well done. The data in /home/hibby was intact, however. My home directory was still responding, I could load new files ith no corruption.

November 06, 2018 07:00 PM

October 28, 2018

Iain R. Learmonth


OpenBSD with GPS synchronised NTP

I wrote on Monday about how I’ve swapped my home router for an OpenBSD box. One of the fun things I’ve done with this box is configure it as a network time server using ntpd(8).

Synchronising time with servers on the Internet isn’t that exciting, but I’ve had a USB GPS dongle sitting doing nothing for a while. I originally purchased it to use with amateur radio projects but I haven’t done much radio recently. It looks like you can pick these up on eBay for around £11.00 and the newer ones also support GLONASS (mine only does GPS as far as I can tell).

When you attach this to OpenBSD, it is recognised as:

umodem0 at uhub0 port 4 configuration 1 interface 0 "u-blox AG - u-blox 6  -  GPS Receiver" rev 1.10/7.03 addr 2
umodem0: data interface 1, has CM over data, has no break
umodem0: status change notification available
ucom0 at umodem0

In Linux, I would use gpsd which is userland software and overkill for what is needed to get time out of the device. Instead, OpenBSD provides the nmea(4) line discipline that can be attached to the serial port with only a single line of configuration in /etc/ttys:

cuaU0   "/sbin/ldattach nmea"   unknown on softcar

Now when I reboot and run sysctl hw.sensors:

hw.sensors.nmea0.indicator0=On (Signal), OK
hw.sensors.nmea0.timedelta0=-0.001002 secs (GPS autonomous), OK, Sun Oct 28 17:08:04.998
hw.sensors.nmea0.angle0=57.3748 degrees (Latitude), OK
hw.sensors.nmea0.angle1=-2.3849 degrees (Longitude), OK

This was so incredibly simple I couldn’t believe that was it. If you have ntpd enabled, it will automatically pick up this new sensor too and start using it. I wanted to give a greater weight to my GPS clock than to random servers on the Internet though so I did add a line to /etc/ntpd.conf:

sensor nmea0 weight 5 refid GPS

By default all sources have a weight of 1. Giving the GPS a weight of 5 gives it 5× the influence over the clock compared to servers from The reference seems to be passed to clients but I’m not entirely sure yet what its significance is.

In RFC2132 there is a DHCP option defined for advertising NTP servers, so I advertised the server via this mechanism. Thinking more about it, I’m hoping that nothing is automatically configuring itself using this DHCP option as that seems like something that shouldn’t get reconfigured just because you joined a network. There’s a lot of different options defined in this document and I wonder just how many of them are actually used/useful.

I did spot that I can advertise my RFC868 time server too, so I set up both that and a daytime server using inetd(8) by adding to my /etc/inetd.conf:

daytime stream tcp nowait nobody internal
time stream tcp nowait nobody internal

October 28, 2018 05:00 PM

October 22, 2018

Iain R. Learmonth


OpenBSD with PlusNet VDSL

For a long time we’ve had a Cisco 887VA acting as our VDSL modem and gateway. We got this for the old flat when we moved in there in 2016 and took it with us to where we live now. It’s been quite reliable but the Ethernet interfaces are only 10/100Mbps and there are some limitations to the software where either features are hidden behind additional licenses or they are missing altogether. The software was last updated in 2016 and there’s no easy way to get hold of later firmware.

The replacement for this box is a PC Engines apu3c4. This board has an AMD Embedded G series CPU, 4GB RAM and 3 Gigabit Ethernet interfaces. For storage I have fitted a 16GB mSATA SSD and I’m planning to also fit a 4G modem to allow failover in the event of a broadband outage (as happened once before). This box is running OpenBSD 6.4 which was incredibly easy to install via the serial console, booted from a USB stick.

When the prompt appears after booting from the USB stick:

boot> stty com0 115200
boot> set tty com0
boot> boot

But wait, something is missing here. The Cisco box has a VDSL modem but the APU board does not. The original plan here was to use a Huawei HG612 as the modem and then bridge the connection to the APU board. Unfortunately, I had installed the one I had got for this purpose in the hackerspace, as they now have their sponsored VDSL line installed from Converged. Another hackerspace member had said they would provide me with a replacement, but when I went to install it, it was in fact an ECI Telecom B-FOCus V-2FUb/r Rev.B and not an HG612. These two devices look almost identical if you’re not paying attention. So the temporary solution is to use the Cisco box as a bridge.

The relevant configuration:

no ip routing
interface Ethernet0
 no ip address
interface Ethernet0.101
 encapsulation dot1Q 101
 bridge-group 1
interface Vlan200
 no ip address
 bridge-group 1
interface FastEthernet3
 switchport access vlan 200
 no ip address
bridge 1 protocol ieee

Essentially what this is doing is bridging the Ethernet interface that used to be used by the Cisco box for the PPPoE tunnel to FastEthernet3 instead. By connecting a cable between FastEthernet3 and em0 on the APU board (first Gigabit Ethernet port) it is then possible to terminate the PPPoE tunnel on the APU board instead.

In /etc/hostname.em0:


In /etc/hostname.pppoe0:

inet NONE \
        mtu 1492 \
        pppoedev em0 \
        authproto chap \
        authname '' \
        authkey 'password' \
        peerproto chap \
        peerflag callin \
!/sbin/route add default -ifp pppoe0

The man pages for hostname.if(5), em(4) and pppoe(4) can give you more details on what is going on here. If you’re not doing this on an APU board you might find that your Ethernet interface is named differently in OpenBSD. Interface names are based on the driver they are using.

It took me a while to debug this because the PPPoE driver was attempting to authenticate the access concentrator. Adding peerflag callin fixed this:

The `callin’ flag will require the remote peer to authenticate only when he’s calling in, but not when the peer is called by the local client.

Annoyingly this is only described in ifconfig(8) and so I didn’t see it the first time reading through the documentation. Some combination of DuckDuckGo and the online man page browser did get me there in the end.

So now I have an OpenBSD box as my home network’s gateway. I’ve configured dhcpd(8), ntpd(8) (using an nmea(4) GPS device as a time source) and a bunch of other things that may or may not become other blog posts. I’m expecting the replacement HG612 modem will arrive soon and then the Cisco box will probably find its way to eBay.

October 22, 2018 08:30 PM

October 03, 2018

Tom Jones


EuroBSDCon Bucharest Romania

The Wikitravel page for Bucharest has some scary warnings about taxis. I didn't heaer any horror stories from conference goers, but there was a large variation in prices for the same journey.

He held a two day DevSummit before the conference proper. A DevSummit is a chance to talk through technical issues and hash things out face to face. We did some planning for FreeBSD 13 with the idea of setting GGoals for the release.

We tried to match a bit of a hackathon with the DevSummit, but the tutorial schedules meant we couldn't focus the time very well and it was broken up.


Day One:

  • Keynote1: Lightweight virtualization with LightVM and Unikraft
  • Hacking together a FreeBSD presentation streaming box – For as little as possible
    • That was me, I thought it was quite good :D
  • The Evolution of FreeBSD Governance
  • Using Boot Environments at Scale
  • The End of DNS as we know it
  • Keynote2: Some computing and networking historical perspectives
    • Ron's keynote was unreal and it is a massive shame that this sessions wasn't recorded. Ron has a ton of experience with working with network systems since 1976, he shared some stories and anecdotes. The one closest to my heart was pirating away an IMP front pannel and saving it from the scrappers. If you get a chance to see Ron speak you should jump up and down at it.

Day Two:

  • Taking NetBSD kernel bug roast to the next level : Kernel Sanitizers
  • Livepatching FreeBSD kernel
    • This was an interesting study into how many different platforms do live patching. The FreeBSD way to do live patching could be simplified to 'use dtrace fbt probes'. Which is super reductive of all of the work invovled, but it shows the power of the system we have with dtrace.
  • Profiling Packet Processing: Performance & Peculiarities
  • Debugging lessons learned as a newbie fixing NetBSD
    • Maya is a terrifying person. Somehow she manages to hack productivly across the entire range of the stack and across many different architectures. There were many debuggin gems in here, I hope she continues to present on this the information was great.
  • FreeBSD/VPC: a new kernel subsystem for cloud workloads
  • FreeBSD on IBM PowerNV
    • An recount of the porting work Semihalf did to POWER8. Interesting, I hope it is also sumbitted to AsiaBSDCon. There need to be more written account of bringing up on different architectures.

Day Two concluded with announcing the location of the next EuroBSDCon, Lillehammer Norway.

October 03, 2018 12:00 AM

Presentations with mdp

It feels like work is just a constant stream of preparing, travelling for and giving presentations. Brief words and pictures is an excellent for conveying information between small groups of humans. All of these presentations I write in keynote, keynote manages to be light weight, powerful and not horrific to use. As a bonus, my boss feels at home in keynote and is happy to make edits there.

The keynote workflow does not match well to how I think. When dreaming up a presentation I want to shit of a stream of conciousness and have it magically become slides in the right shape.

I might write a series of headings like:

# intro
# who
# meat 
# details
# questions?

I will iterate on these to add bodies, details and more slides.

For quite a while I have wanted a system where I could write plain text and have it become slides. I [wrote][3] about the [sent][4] tool from suckless, but in the end I found it wanting. I have also considered just showing screens of text, but a nightmare DEFCON wireess village talk by Hak5 scared me away. They attempted to just present using just a plain text file and less, but the window size got out of whack and it all fell apart.

Enter mdp

mdp is a terminal presentation program, it takes slides it approximately markdown and takes over the entire terminal as its presentation surface.

Intrigued I used an opportunity to speak at a [local tech event][5] to try out mdp. [The slides][6] from that presentation can be found on [my talks page][7] and overall I thought mdp worked quite well.

I was able to draft in the stream of conciousness style I want, getting the bulk of the slides written very quickly. Adding diagrams required resorting to ASCII art which isn't so bad, I like [ascii][10] [art][11]. mdp worked great in practice, I had to find readable dimensions for the text by trial and error, but overall it went well.

Plain text as a format does have some major downsides, mdp has a way to encode builds for text (see below), but I couldn't use it with my tools. ASCII art diagrams also meant that the builds I did use were eggregious to maintain, any modification required manual propigation through the build chain.

mdp does not support a portable output format. You may say the source markdown is an excellent format for portability, but I find it lacks the crispness of having a single slide in view at once.

I wanted to be able to point at a viewable copy of my slides and so I hacked together some tools to export the mdp presentation to html, but for this I had to sacrifice the built in build mechanism of mdp

Finally there was no way to include images in the mdp presentation let alone the sacride gif format required to correctly convey nyan cat. I played with some terminal graphics viewers, but none of them worked well and after a while I started to think 'what is the point of reinventing everything'.

Drafting the presentation in markdown fit very well with my work flow, but the difficulties in getting a complete presentation with mdp meant that I didn't want to use it for future presentations.

Exporting to html

Getting html of the mdp presentation hinged on a complete hack. There is a tool I had seen in the past that can output a html dump of a tmux session unsurprisingly called [tmux2html][12]. With some playing around I was able to automate a tmux session to work through the slides and use tmux2html to grab each slide as a frame.

Finding the number of slides in the deck required splitting on the slide seperator from the markdown, this ruled out using the built in build mechanism as I would end up with the wrong number of slides.

The output script runs through the markdown to find the number of slides then uses tmux send-keys to control moving through the deck.


set -e 

command -v tmux >/dev/null 2>&1 || { echo >&2 "I require tmux but it's not installed.  Aborting."; exit 1; }
command -v tmux2html >/dev/null 2>&1 || { echo >&2 "I require tmux2html but it's not installed.  Aborting."; exit 1; }
command -v mdp >/dev/null 2>&1 || { echo >&2 "I require mdp but it's not installed.  Aborting."; exit 1; }

if [ -z "$1" ]
    echo "tohtml [outfile.html]"


if [ ! -z "$2" ]

javascript="<script>function page(){var e=!1,n=document.getElementsByClassName('tmux-html'),l=0; document.onkeydown=function(t){if(t=t||window.event,key=t.keyCode,e)if(13==key){e=!1,l=0;for(var i=0;i<n.length;i++)n[i].style.display='inline'}else{37==key&&--l<0&&(l=0),39==key&&++l>=n.length&&(l=n.length-1);for(i=0;i<n.length;i++)n[i].style.display='none';n[l].style.display='inline'}else if(13==key){e=!0,n[0].style.display='inline',l=0;for(i=1;i<n.length;i++)n[i].style.display='none'}}}window.onload=function(){page()};</script>"


slides=`grep -e "^---" $file | wc -l`

tmux new-session -s $tmux -d -x 96 -y 25

tmux send-keys -t $tmux "mdp $file"
tmux send-keys -t $tmux "Enter"

tmux send-keys -t $tmux 'g'
tmux2html -o $tmpfile $tmux 1>/dev/null

# insert javascript
lines=`cat $tmpfile | wc -l`
styleend=`cat -n $tmpfile | grep -e "</style>" | awk '{print \$1}'`
head -n $styleend $tmpfile > $outfile
echo $javascript >> $outfile
tail -n $((lines-styleend)) $tmpfile >> $outfile
mv $outfile $tmpfile

# remove closing tag
lines=`cat $tmpfile | wc -l `
end=`tail -n 1 $tmpfile`
head -n $((lines-1)) $tmpfile > $outfile

echo turning $file into $((slides+1)) slides 

while [ $i -lt $((slides+1)) ]
    printf "\rSlide $i"
    tmux send-keys -t $tmux 'j'

    tmux2html -o $tmpfile $tmux 1>/dev/null 
    grep -e "^<div" $tmpfile >> $outfile
    (( i++ ))

echo $end >> $outfile
tmux kill-session -t $tmux 
rm $tmpfile
printf "\rwritten to $outfile \n"

[If you view the presentation page][6] you will see the entire slide deck, this was the first output I got from this script. All the slides in a nice order. After a little pondering I wrote up some javascript to give controls, if you hit enter it will go from all slides to single slide. Arrow keys in single slide mode will allow you to move through the slide deck. The unminified javascript for this is below.

function page() 
    var presenting = false
    var elements = document.getElementsByClassName('tmux-html');
    var current = 0;

    document.onkeydown = function(evt) {
        evt = evt || window.event;
        key = evt.keyCode 

        if (presenting) {
            if (key == 13) {
                presenting = false;
                current = 0;
                for (var i = 0; i < elements.length;i++)
            } else {
                if (key == 37) {    //left
                    if (current < 0)
                        current = 0;
                if (key == 39) {    //right
                    if (current >= elements.length)
                        current = elements.length-1;
                for (var i = 0; i < elements.length;i++)
        } else {
            if (key == 13) {
                presenting = true;

                current = 0;
                for (var i = 1; i < elements.length;i++)

window.onload = function () {

[3]: sent blog post [4]: sent link [5]: techmeetup aberdeen [6]: mdp slides [7]: talks page

[10]: ietf ascii art guidelines [11]: draft cco [12]: tmux to html

October 03, 2018 12:00 AM

October 02, 2018

Tom Jones


EMF Camp 2018

Skeleton Dome

EMF Camp is a giant hacker camp that occurs in the deep South of England. It managed to attract nearly 2500 people into a field for four days at the end August.

EMF Camp 2018 was the first time I have volunteered to help with the organisation. I volunteered to help out the content team earlier in the year, it wasn't until the week before that we realised lightning talks needed more organisation. Foolishly I stepped up and got a weird split experience between attending the camp and running a tiny slice of it.

It wasn't sooooo awful, I'll probably do it again.

EMF Camp Map

I attended EMF Camp 2014, since then they have really managed to integrate well with the village system used at other camps. The map shows all the spontaneous events that people put together during the camp, the adage 'it is what you make it' really comes out at these events with many participants helping to make it hole.

Border control point ShoutyTel

In our own way the Scottish Consulate contributed too, with our bureaucratic role playing game going beyond the pale and expanding into operation of a phone network (cups and string) and a Hard border from the rest of the camp.

Polybius Biotech Tenticle

October 02, 2018 12:00 AM

October 01, 2018

Tom Jones


America's Hackercamp

Milliways Dome

Toorcamp is America's Hackercamp, it happens on the stunning Orcas Island an hour or so North West of Seattle. Hacker events always manage to create their own neon lit world, Toorcamp took this to another level and sequestered 500 hackers away in a idillic resort in the Pacific North west and even then it poured on the neon lighting effects to keep us in a dream world.

LED Gateway

Doe Bay resort spreads over three regions, a bay area (were I camped with Milliways), an island outcrop and a field at the top of a hill. This division (especially the hill) make it less enticing to move around the site. It also meant that the nosiy area in the bay, by being far away from most of the camping, was able to go all night long without disturbing too many people.

Call to anywhere but Shady Tel

Toorcamp is serviced by a group of telephone enthusiasts called Shady Tel. They operate a highly reptuable phone company in the American fashion, offering service anywhere on the camp site, whether near an exchange or on a boat out in the bay.

I hate talking to people on the phone, but I found this limited network to be a ton of fun. I must have spent hours wardialling around trying to find people to call. Once I discovered the maintainence line that echo'd back your phone number I started going around and collecting interesting phones.


Because we are hackers on top of this phone network highly ammusing things pop up. Milliways ran a pager network and from their payphone I spent many hours paging people to call numbers. Knowing how to find numbers for a phone I started paging people to call me at random places.

Stage Dome

The Doe Bay resort that hosted Toorcamp would be a wonderful place to go even without an amazing hacker camp in toe. Rather than attempt to describe the event it is easier to link to the 10 intervies the amp hour podcast did on site.

The final night nature decided to turn on a smoke machine and join the party.

Neon Fog

October 01, 2018 12:00 AM

September 30, 2018

Tom Jones


FreeBSD on the Intel Compute Stick STK1AW32SC

Compute stick pieces

A FreeBSD developer has been tricked somehow into working on EFI boot. A large missing piece has been support for 32 bit EFI. Many devices with Intel mobile SOCs have shipped with bios which only support 32 bit EFI for boot even on 64 bit processors.

Rumour had it the Intel Compute Stick STK1AW32SC was one of the platforms with only 32bit EFI. This compute stick has a SOC from the Cherryview family, the same as the GPD Pocket, I want FreeBSD to support this SOC well and 32 bit EFI to boot is a part of that.

This compute stick is end of life and looking around I saw a few on ebay. I managed to win an auction for a new in box compute stick, getting it for about £50. For that I got:

  • x5-Z8330 4 Cores 1.44 GHz
  • 2GB Ram
  • 32GB Internal Flash
  • 1 USB 2 Port
  • 1 USB 3 Port
  • MicroSD Card slot
  • Intel Wireless-AC 7265 + Bluetooth 4.2
  • Intel Integrated Graphics

I asked Allan Jude to take his compute stick to the DevSummit at EuroBSDCon, while he was grabbing it someone else piped up and claimed to have run FreeBSD on the compute stick before. Turns out there is a bios option to switch between 32bit boot and 64bit boot.

Yes, our deliberate FreeBSD brick actually works. Here is how to install FreeBSD on a Compute Stick:

BIOS default settings

Break into the bios by hitting F2 at boot.

BIOS Boot 64

In 'Configuration' change Operating System from 'Windows 32-bit' to 'Windows 64-bit'

Reboot and break into the boot menu and choose your FreeBSD USB stick.

As with the x5 box there is an issue where the uart causes the compute stick to hang.

Break into the loader menu and set:

OK unset
OK boot

Install as normal

Before rebooting at the end of the installer you need to edit device.hints to disable the uart again.

# chmod +w /boot/device.hints
# vi /boot/device.hints
...."0x100""isa"    # comment this line out


Bluetooth is present in the dmesg, but we need to load the iwm kernel module then we can configure WiFi as normal.

# kldload if_iwm


Since setting up the x5 box in January our FreeBSD has has gained support for integrated graphics on CherryView SoCs. Now graphics support is available by installing and loading the drm-next-kmod.

# pkg install drm-next-kmod
# kldload /boot/modules/i915kms


I was unable to find any tear down pictures of the compute stick so I had to make some. The cast is easy to take a part, there is a single screw under a rubber foot once that is removed the rest of the top case is held on with snap fits. Inside the fan is connected with a tiny cable, the 2.4GHz and 5GHz antennas are glued to the side of the case, everything else is held down with 2 screws. 3 screws hold the heat sink assembly to the pcb.

Compute stick top

Inside there is very little to see

On the top is the SOC is in a puddble of goop, an AXP288 PMIC, 64Mb of Winbond flash and two Kingston 4Gb DDR3 Ram modules.

On the bottom there are two more DDR3 modules (taking us up to 2GB), a SanDisk SDINADF4A 32GB eMMC and an Intel 7265D2W WiFi + Bluetooth module..

Compute stick bottom

Copyright (c) 1992-2018 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
    The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 12.0-ALPHA7  r338849 amd64
FreeBSD clang version 6.0.1 (tags/RELEASE_601/final 335540) (based on LLVM 6.0.1)
WARNING: WITNESS option enabled, expect reduced performance.
VT(efifb): resolution 1920x1080
CPU: Intel(R) Atom(TM) x5-Z8330  CPU @ 1.44GHz (1440.00-MHz K8-class CPU)
  Origin="GenuineIntel"  Id=0x406c4  Family=0x6  Model=0x4c  Stepping=4
  AMD Features=0x28100800<SYSCALL,NX,RDTSCP,LM>
  AMD Features2=0x101<LAHF,Prefetch>
  Structured Extended Features=0x2282<TSCADJ,SMEP,ERMS,NFPUSG>
  TSC: P-state invariant, performance statistics
real memory  = 2147483648 (2048 MB)
avail memory = 1955004416 (1864 MB)
Event timer "LAPIC" quality 600
WARNING: L1 data cache covers fewer APIC IDs than a core (0 < 1)
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
FreeBSD/SMP: 1 package(s) x 4 core(s)
random: unblocking device.
ioapic0 <Version 2.0> irqs 0-114 on motherboard
Launching APs: 2 1 3
Timecounter "TSC" frequency 1439997858 Hz quality 1000
random: entropy device external interface
netmap: loaded module
[ath_hal] loaded
module_register_init: MOD_LOAD (vesa, 0xffffffff810e1920, 0) error 19
random: registering fast source Intel Secure Key RNG
random: fast provider: "Intel Secure Key RNG"
kbd1 at kbdmux0
efirtc0: <EFI Realtime Clock> on motherboard
efirtc0: registered as a time-of-day clock, resolution 1.000000s
cryptosoft0: <software crypto> on motherboard
acpi0: <Intel COMSTKFC> on motherboard
acpi0: Power Button (fixed)
unknown: I/O range not supported
cpu0: <ACPI CPU> on acpi0
attimer0: <AT timer> port 0x40-0x43,0x50-0x53 irq 0 on acpi0
Timecounter "i8254" frequency 1193182 Hz quality 0
Event timer "i8254" frequency 1193182 Hz quality 100
atrtc0: <AT realtime clock> port 0x70-0x77 on acpi0
atrtc0: Warning: Couldn't map I/O.
atrtc0: registered as a time-of-day clock, resolution 1.000000s
Event timer "RTC" frequency 32768 Hz quality 0
hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff irq 8 on acpi0
Timecounter "HPET" frequency 14318180 Hz quality 950
Event timer "HPET" frequency 14318180 Hz quality 450
Event timer "HPET1" frequency 14318180 Hz quality 440
Event timer "HPET2" frequency 14318180 Hz quality 440
Timecounter "ACPI-safe" frequency 3579545 Hz quality 850
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus> on pcib0
vgapci0: <VGA-compatible display> port 0xf000-0xf03f mem 0x90000000-0x90ffffff,0x80000000-0x8fffffff at device 2.0 on pci0
vgapci0: Boot video device
xhci0: <Intel Braswell USB 3.0 controller> mem 0x91500000-0x9150ffff at device 20.0 on pci0
xhci0: 32 bytes context size, 64-bit DMA
usbus0 on xhci0
usbus0: 5.0Gbps Super Speed USB v3.0
pci0: <encrypt/decrypt> at device 26.0 (no driver attached)
pcib1: <ACPI PCI-PCI bridge> at device 28.0 on pci0
pci1: <ACPI PCI bus> on pcib1
pci1: <network> at device 0.0 (no driver attached)
isab0: <PCI-ISA bridge> at device 31.0 on pci0
isa0: <ISA bus> on isab0
acpi_button0: <Power Button> on acpi0
acpi_tz0: <Thermal Zone> on acpi0
sdhci_acpi0: <Intel Bay Trail/Braswell eMMC 4.5/4.5.1 Controller> iomem 0x9152c000-0x9152cfff irq 45 on acpi0
mmc0: <MMC/SD bus> on sdhci_acpi0
sdhci_acpi1: <Intel Bay Trail/Braswell SDXC Controller> iomem 0x9152a000-0x9152afff irq 47 on acpi0
mmc1: <MMC/SD bus> on sdhci_acpi1
atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
atkbdc0: non-PNP ISA device will be removed from GENERIC in FreeBSD 12.
est0: <Enhanced SpeedStep Frequency Control> on cpu0
Timecounters tick every 1.000 msec
ugen0.1: <0x8086 XHCI root HUB> at usbus0
uhub0: <0x8086 XHCI root HUB, class 9/0, rev 3.00/1.00, addr 1> on usbus0
mmcsd0: 31GB <MMCHC DF4032 0.1 SN 9557679A MFG 05/2016 by 69 0x0000> at mmc0 200.0MHz/8bit/8192-block
mmcsd0boot0: 4MB partion 1 at mmcsd0
mmcsd0boot1: 4MB partion 2 at mmcsd0
mmcsd0rpmb: 4MB partion 3 at mmcsd0
mmc1: No compatible cards found on bus
WARNING: WITNESS option enabled, expect reduced performance.
Trying to mount root from ufs:/dev/mmcsd0p2 [rw]...
uhub0: 13 ports with 13 removable, self powered
lo0: link state changed to UP

September 30, 2018 12:00 AM

campgnd 2018

                                                        __,--'    :. \.
                                                   _,--'              \`.
                                                  /|\       `          \ `.
                            ____ _   _ ____      / | \        `:        \  `/
  ___ __ _ _ __ ___  _ __  / ___| \ | |  _ \    / '|  \        `:.       \
 / __/ _` | '_ ` _ \| '_ \| |  _|  \| | | | |  / , |   \                  \
| (_| (_| | | | | | | |_) | |_| | |\  | |_| | /    |:   \              `:. \
 \___\__,_|_| |_| |_| .__/ \____|_| \_|____/ /| '  |     \ :.           _,-'`.
                    |_|                    \' |,  / \   ` \ `:.     _,-'_|    `/
                                              '._;   \ .   \   `_,-'_,-'
                                            \'    `- .\_   |\,-'_,-'
Scotland's first Hacker camp.                            `--|_,`'

One of the campgnds I used the tag line 'it happened again!'. It keeps happening and people are still upset about that year we missed. At this point it is easier to keep doing it.


campgnd is the annual camping trip for the hackerspace. We take 10-20 people off into a remote field build up an unreasonable shanty town of tents, feed it with power and data and let our minds go.

pokedex hacking

I love campgnd, it is a chance to escape and an opportunity to test out Village for visiting larger camps around Europe. Getting away and going somewhere is a great way to increase focus, if camping isn't your thing then taking your hackerspace to a makerfaire is a great way to focus on getting projects ready to show.

smelt pour

It seems we are already planning campgnd 2019, if you want to join the madness drop into #scottishconsulate on freenode and ask.

radio hacking

September 30, 2018 12:00 AM

September 29, 2018

Tom Jones


Far Too Much Summer

There was frost on the car this morning we can declare summer concluded. These last 3 months have been very intense, an absolute ton of fun, but the intensity meant very little down time.

I plan to write a series of blog posts to capture some of excellent adventures I had. As always the best things required participation to spare you from inside jokes I will stay close to easily shared realities.

Somehow there was space in this calendar to start running a monthly pancake breakfast at the hackerspace. The next Hacker Breakfast be Sunday the 14th of October.

It is hard to admit. This summer was too much.

It is hard to admin because throughout, despite the travel exhaustion, hangovers and mild illness, it was a ton of fun. The fun came at a cost, post IETF my brain was a puddle and I still had to build a streaming system and write a slide deck based on it.

EuroBSDCon was a major stress inducer for me, I submitted to the CFP with a Proof of Concept, which did work. Getting from the PoC to a presentable system was a lot of work. I allocated time to do this and then filled that time with travel and conferences and my job.

Six large blocks of travel in a row were too many. I need to figure out how to control the commitments I make so I don't become overwhelmed by saying yes.

September 29, 2018 12:00 AM

September 08, 2018



vm-bhyve with NAT on FreeBSD

I’ve been running FreeBSD on my primary server for a while. There’s a number of things I like, and I’m enjoying the challenge of getting to grips with how the system is put together. It’s been a good challenge so far, with many highlights. The idea of the server was to be VM host - bhyve is a lovely hypervisor to interact with, and I’ve tried a few management tools for it.

September 08, 2018 03:45 PM

August 25, 2018

Iain R. Learmonth


MB7VX Shutdown

The APRS digipeater MB7VX has been offline for quite a while now. I’m not going to bring it back any time soon and I have applied for a second NoV to release the frequency and callsign.

The original MB7VX setup using a donated Tait 2 meter radio and a 13.8 volt power supply from the local club junk sale

The original MB7VX setup using a donated Tait 2 meter radio and a 13.8 volt power supply from the local club junk sale

Over time, a number of people have contributed to the running of this station. It has been a really fun project and I am sad that it is coming to an end. Thanks go to all the people that have contributed to the construction, installation, configuration, testing and software development that was required to get this station going.

The primary reason for this shutdown is that I do not have the time to deal with all the arguments. The Radio Society of Great Britain (RSGB) has not made it easy to run this station. The Amateur Radio Observer Service (AROS) have also caused unnecessary problems.

For those that may be unaware, RSGB assist licensed radio amateurs in applying for NoVs. This means getting the relevant paperwork from Ofcom to run the station 247 without me being there. It is also required to allow other amateurs to use the repeater.

The first complaints came from an AROS member who also happened to operate an APRS “IGate” in Aberdeen. To enhance the fun you might have with APRS, it is possible to copy the packets you see to an Internet service. You can then see position reports and messaging at the website, to give one example.

The path that a packet took is interesting. Maybe you were repeated before you get to an Internet-connected station or maybe you’ve got a direct communication with one. As far as I can tell, the AROS member was upset because MB7VX was showing as being the first station to report some mobile stations’ packets and not his.

Here followed a ridiculous debate in which RSGB/AROS were arguing with Ofcom, the regulator, that my license was actually more restrictive than it was. Ofcom (who were the nice people in all this, and I am thankful to those who were dealing with this case) cleared this up and while I didn’t feel that RSGB/AROS had accepted Ofcom’s answer they did somewhat let the matter go.

In a sensible world, this should have been the other way round. RSGB/AROS are meant to be making it easier for radio amateurs to experiment and learn, not harder! At the time, I wrote this blog post which goes in to more detail on the issue.

Later, this AROS member would also jump into conversations we were having and start “educating” us on what we can and can’t do with packet radio. There was talk of moving to another frequency and just having our APRS activity their instead. In the end the usage dropped off and the digipeater mostly sat silent.

At the last renewal of the NoV I was told that the output power would need to be reduced below the point that it would be a useful station. It would still receive packets but the repeated packets wouldn’t be heard. It was RSGB’s view that the goal of APRS was to get your packets to the Internet whereas our group were really more interested in RF to RF communication.

RSGB told me that they were looking to prevent interference that could occur with nearby voice gateways. The fact is that in the whole time the station was operating, I never once received a complaint about interference. I’m also not aware of any voice gateways around the Aberdeen area that even interference would affect. If there were some, I would use them.

So anyway, for now at least, MB7VX is shutdown and I will soon no longer hold the NoV for it.

August 25, 2018 01:20 PM

August 24, 2018

Iain R. Learmonth


Body Scanners at BUD

Note: I wrote this post in the departures lounge at BUD, but it was not posted online until the 25th when I was back home.

I’m really not liking air travel. It makes me ridiculously uncomfortable. Really only one part of it though: security.

Since the introduction of the body scanners in airports, as I have something of an understanding of how they operate, going through security is a pretty terrifying prospect for me. I think that over time it’s got worse too.

My primary objection to them is that in order to function, they necessarily use radio waves that penetrate clothing (what would be the point of them otherwise?) and develop a 3D model of your naked body. Of course, try and put this point of view to the staff and you may get called a liar.

Two airports that have been consistently excellent at dealing with my wish to opt-out of this humiliating and degrading process: AMS and FRA. If you are flying in Europe and you need to go through an airport on the way, then these are my best experiences.

Airports that have been the worst are the London airports. They were so bad that I actually haven’t flown through a London airport since 32c3. Maybe they have improved now, but I’m not holding out much hope.

Despite the fact that you can opt-out of the process there have been two disturbing developments that worry me. One is computer vision. You might notice that in security you are checked without linkage to your identity documents or boarding pass (although depending on the time of day your anonymity set size may vary) and so even if these machines were storing these nude models of everyone going through they are not immediately linkable.

There are assumptions that only hold as long as we also assume that technology will never advance. Policy needs to consider likely futures where things are possible that are not possible today.

Facebook and other companies have been working on face recognition and have large databases of user photos. They even convinced users to tag the photos to provide training data for their facial recognition systems. If one of these machines is accidentally left in debug mode and a large set of these models gets leaked then we’re not that far away technically from identifying each and every person in that set. This could be used for blackmail or just to publicly embarrass someone.

The second development is what has prompted me to write this blog post today. It’s about the layout of the security area. I would have taken a photo but when an ordinary person tries to document such a thing it is considered “hostile reconnaissance” and I didn’t want to have any trouble there. Instead, here is a rough diagram:

   |x|  v  |x|
   |r|  v  |r|
   |a|  v  |a|
   |y|-|v|-|y| Metal Detector
   | |  v  | |
   |b|  v  |b|
   |e||>v<||e| Body Scanner
   |l|  v  |l|
   |t|  v  |t|

You’ll notice that whether you opt-out or not you still have to walk through the scanner. All you have to go on is that the light is yellow and not green meaning the scanner is off probably maybe unless I’ve not worked out how the lights work.

I hunched over and ran through it. It was a horrifying experience for me and probably I won’t be coming to this airport again. This is a reminder though that this technology isn’t going away and all the time we are getting closer to just having standoff millimeter wave cameras (which already exist by the way - they just need to be made a bit smaller) with clothes penetrating vision ubiquitously deployed anywhere we currently have CCTV. It will be the new “high definition” or “night vision”.

While TSA and airlines may use the “Automated Threat Detection” (ATD) software there is nothing that technically prevents others from not using it, and that data with the nude image still exists for the ATD software to process.

For more horrifying thoughts about what might happen in the future when the technology catches up, I recommend watching Charles Stross’ talk from 34c3: Dude, you broke the future!.

August 24, 2018 09:10 AM

August 18, 2018

Iain R. Learmonth


Free Software Efforts (2018W33)

I’m writing this weekly report early this week as I won’t be around tomorrow to post it. I will be mostly offline next week as I will be at ACM SIGCOMM 2018 in Budapest, Hungary.

Here’s what I’ve been up to:

Tor Project

Lots of Onionoo and Debian packaging this week.

Onionoo Graph History Documents

On Monday, we released Onionoo 1.16.1 and deployed this to the official Onionoo instances. This fixed the issue with the serialization of Graph History documents that was breaking history graphs on Relay Search.

Onionoo Reverse DNS Lookups

On Thursday, we released Onionoo 1.17.0 which contained a fix for the missing reverse DNS names in the details documents. We didn’t deploy this though as a patch was almost ready to fix another issue that had arisen…

Onionoo AS number search broken

When we implemented support for searching for relays in any of a list of AS numbers, we broke support for searching for relays that did not have a known AS number. On Friday we released Onionoo 1.17.1 which contained a fix for this issue and deployed it to the official instances.


I also attended the UX team meeting on Tuesday and the Metrics team meeting on Thursday afternoon.


All my Debian packaging this week was related to Tor. I updated the packaging for:

Additionally, I have reviewed and sponsored an initial upload for sbws, a tool to be used by directory authorities (in the public Tor network, or in test networks) for measuring the bandwidth of Tor relays.

August 18, 2018 12:30 PM

August 12, 2018

Iain R. Learmonth


Free Software Efforts (2018W32)

Here’s what I’ve been up to:

Tor Project

Lots of Relay Search and Onionoo this week.

Fixes to the aggregated map and top relays views were made to complete changes that had happened elsewhere in the codebase but not been kept in sync here. Unfortunately there is a little too much logic in Relay Search that really should be handled by the backend which has lead to code duplication in places.

There are now experimental and outdated additional flags for relays as more specific versions of the “Not Recommended” additional flag. While the “Not Recommended” flag is based on an assertion by the directory authorities, there is logic in Onionoo to perform version number comparisons to decide if a relay is experimental or outdated. A recent CollecTor error meant that Onionoo had not been specifying recommended versions, which led all relays to be deemed as “Not Recommended”. It is now assumed that all relays run recommended versions unless specifically asserted that they do not.

Finally, Relay Search views will display the Onionoo protocol version and build revision in the footer of the page which can be useful when reporting errors or bugs.

New Icons

In order to implement the new experimental and obsolete flags, those icons needed to be finished. They are finalised for now as:

Experimental and Outdated Icons

Onionoo Graph History Documents

In this commit we changed the way we configure Jackson (a JSON library for Java) in Onionoo. This change was made to the Document base class but what we had missed is that the GraphHistory documents don’t inherit from this base class. As a result, they were incorrectly configured.

The Onionoo protocol specifies the format for timestamps in graph history documents (for example: bandwidth, weights or clients documents) but Onionoo stopped formatting these correctly and instead starting writing integer timestamps. (See #27039)

In order to fix this, it will be necessary to rewrite the data that is currently stored on the Onionoo servers. In order to get this right the first time, I have set up a local Onionoo instance with the data directory stored in a ZFS dataset. This allows me to easily roll back changes to match the state that the actual Onionoo servers will be in in an almost zero-cost operation.

I’m still playing with using ZFS snapshots for testing like this, but I think it may become a very useful tool for checking potentially dangerous changes before we deploy.


I also attended the Metrics team meeting on Thursday afternoon.

August 12, 2018 05:00 PM

Netlify Mixed Content Warnings

Looking at my blog today, I noticed that Netlify now warns you if you link to non-HTTPS URLs in your site:

2:37:56 PM: Starting post processing
2:37:56 PM: Mixed content detected in: /blog/index.html
2:37:56 PM: --> insecure link urls:
2:37:56 PM:   - http://w6d6vblb6vhuqxt6.onion/blog/
2:37:56 PM:   - http://tvin5bvfwew3ldttg5t6ynlif4t53y3mbmb7sgbyud7h5q6gblrpsnyd.onion/blog/
2:37:56 PM:   -

This is really handy in catching those URLs you’ve forgotten to make into HTTPS URLs, but Tor Project exempts .onion hostnames from mixed content warnings (see Tor ticket #23439) and this is even applied upstream by Mozilla in Firefox (see Mozilla ticket #1382359).

I’ve fixed the link for the Creative Commons license in my template, but those .onion links are correct and I generate them for every page in my website. I hope Netlify will update this new feature to treat .onion hostnames as secure regardless of the use of HTTPS as Tor Project and Mozilla do. There’s just too much output for me to go through and ignore for this to reach it’s full potential for me.

August 12, 2018 04:40 PM



GnuPG as SSH Agent on XFCE4

I tried to set this up so I could use my yubikey as a portable authenticator following the Debian guide, and ran in to a bit of an issue. Despite what I was doing, ssh-agent would auto start, set environment variables and give me lots of trouble. Killing ssh-agent and manually setting the $SSH_AUTH_SOCK to my gnupgp socket fixed the issue, however I couldn’t get ssh-agent to stop starting and setting that variable on login.

August 12, 2018 10:45 AM

August 05, 2018

Iain R. Learmonth


Free Software Efforts (2018W31)

Here’s what I’ve been up to:

Tor Project

This week has been more reviews than writing code.

Onionoo history periods change

To simplify the Onionoo codebase and remove redundant data from the documents, the 3-month graphs will now become 6-month graphs and the 1-month graphs will be dropped. I have been reviewing changes for this in Onionoo and ensuring that Relay Search is prepared for the changes.

Tor Metrics News via Twitter

I’ve been exploring syndicating the Tor Metrics news feed via Twitter using Huginn. It’s not ready for use yet but it’s not far off either.

New icons

I need to extend the icons used by Relay Search (also part of the styleguide) to add new icons for “Experimental” and “Obsolete” relays. I’ve had a first run at this and will be refining the ideas next week.


I reviewed changes to the statistics CSV files that are made available through Tor Metrics. There are some big changes coming up, see #25383 for details.


I also attended a catch up meeting with Open Rights Group to discuss local activities on Thursday morning, and the Metrics team meeting on Thursday afternoon.


Most of my Debian activities this week have been related to the packaging of vanguards. I uploaded a NMU for python-stem to fix some PyPy compatibility issues.

August 05, 2018 05:00 PM

July 29, 2018

Iain R. Learmonth


Free Software Efforts (2018W30)

Last week was my fourth week working full time in the Metrics team at Tor Project.

Here’s what I’ve been up to:

Tor Project

This week has been more reviews than writing code.

OONI Vanilla Tor Data

The plan for implementation of this has now been solidified following discussion at the Metrics team meeting.

vanguards Packaging for Debian

I have begun working on packaging vanguards for Debian, including looking at issues in its dependencies in Debian.

Reviews and Bug Triage

I reviewed a number of Onionoo tickets and made a triage pass over new Relay Search tickets.


I also attended the Metrics team meeting on Thursday.


Most of my Debian activities this week have been related to the packaging of vanguards as mentioned above.

Community and Events

I hosted the monthly Cryptonoise event at 57North Hacklab which had taken a break, but should now return as a regular event. Unfortunately I should be at EMF for the next scheduled date, so either I need to find someone to cover or the next event will have to be a virtual one.

July 29, 2018 05:00 PM

July 22, 2018

Iain R. Learmonth


Free Software Efforts (2018W29)

Last week was my third week working full time in the Metrics team at Tor Project.

Here’s what I’ve been up to:

Tor Project

metrics-bot JavaDoc

In order to ensure metrics-bot remains maintainable, I have now increased the JavaDoc coverage for metrics-bot to 100% of the non-trivial public interfaces.

Onionoo Release

On Monday 16th, the Metrics Team released Onionoo 1.15.0 which implements Onionoo protocol version 6.1 (a minor bump from the previous release).

Reading Code

I’ve been reading through the metrics-web codebase to better understand how the different parts fit together.

OONI Vanilla Tor data

I’ve been working on including OONI’s vanilla Tor reachability data in Tor Metrics, and have a good idea of how to implement this now but haven’t yet implemented anything.


I also attended the UX team meeting on Tuesday and the Metrics team meeting on Thursday.


Since my last weekly update, I have reviewed and uploaded a new package for python-pypcap , which was updated by Hiro.

Community and Events

I remotely participated in the Applied Networking Research Workshop on Monday and attended the 57North Hacklab open day on Tuesday.

July 22, 2018 05:00 PM


Last updated:
November 21, 2018 02:50 PM
All times are UTC.

Powered by: