Planet

September 25, 2017

Iain R. Learmonth

Face

Updated Blog Theme

I’ve taken a go at updating the theme for my blog. Previously I’d been using a theme that was a hacked up version of a theme from the Hugo themes directory. I tried to look just now for the theme I’d based it on, but can’t seem to find it.

In the new theme I’m aiming for accessibility and some machine readableness. Accessibility really comes down to making sure you’ve separated content from presentation so that it can be easily converted into other mediums automatically. For machine readableness, I’ve been exploring XFN, RDF (Dublin Core, FOAF, Open Graph) and, of course, Atom.

I’ve still got things to finish off but I feel the new theme has matured enough now to be put to use. You should also find that I no longer have any dependencies on CDNs or other externally hosted assets unless they’re specifically included for a particular post. Do let me know if you spot anything out of place. This is particularly of use for those visiting my site via the Onion services.

September 25, 2017 09:45 AM

September 24, 2017

Iain R. Learmonth

Face

Free Software Efforts (2017W38)

Here’s my weekly report for week 38 of 2017. This week has not been a great week as I saw my primary development machine die in a spectacular reboot loop. Thanks to the wonderful community around Debian and free software (that if you’re reading this, you’re probably part of), I should be back up to speed soon. A replacement workstation is currently moving towards me and I’ve received a number of smaller donations that will go towards video converters and upgrades to get me back to full productivity.

Debian

I’ve prepared and tested backports for 3 packages in the tasktools packaging team: tasksh, bugwarrior and powerline-taskwarrior. Unfortunately I am not currently in the backports ACLs and so I can’t upload these but I’m hoping this to be resolved soon. Once these are uploaded, the latest upstream release for all packages in the tasktools team will be available either in the stable suite or in the stable backports suite.

In preparation for the shutdown of Alioth mailing lists, I’ve set up a new mailing list for the tasktools team and have already updated the maintainer fields for all the team’s packages in git. I’ve subscribed the old mailing list’s user to the new mailing list in DDPO so there will still be a comprehensive view there during the migration. I am currently in the process of reaching out to the admins of git.tasktools.org with a view to moving our git repositories there.

I’ve also continued to review the scapy package and have closed a couple more bugs that were already fixed in the latest upstream release but had been missed in the changelog.

Bugs closed (fixed/wontfix): #774962, #850570

Tor Project

I’ve deployed a small fix to an update from last week where the platform field on Atlas had been pulled across to the left column. It has now been returned to the right hand column and is not pushed down the page by long family lists.

I’ve been thinking about the merge of Compass functionality into a future Atlas and this is being tracked in #23517.

Tor Project has approved expenses (flights and hotel) for me to attend an in-person meeting of the Metrics Team. This meeting will occur in Berlin on the 28th September and I will write up a report detailing outcomes relevant to my work after the meeting. I have spent some time this week preparing for this meeting.

Bugs closed (fixed/wontfix): #22146, #22297, #23511

Sustainability

I believe it is important to be clear not only about the work I have already completed but also about the sustainability of this work into the future. I plan to include a short report on the current sustainability of my work in each weekly report.

The loss of my primary development machine was a setback, however, I have been donated a new workstation which should hopefully arrive soon. The hard drives in my NAS can now also be replaced as I have budget available for this now. I do not see any hardware failures being imminent at this time, however should they occur I would not have budget to replace hardware, I only have funds to replace the hardware that has already failed.

September 24, 2017 11:00 AM

Onion Services

In the summer 2017 edition of 2600 magazine there is a brilliant article on running onion services as part of a series on censorship resistant services. Onion services provide privacy and security for readers above that which is possible through the use of HTTPS.

Since moving my website to Netlify, my onion service died as Netlify doesn’t provide automatic onion services (although they do offer automated Let’s Encrypt certificate provisioning). If anyone from Netlify is reading this, please consider adding a one-click onion service button next to the Let’s Encrypt button.

For now though, I have my onion service hosted elsewhere. I’ve got a regular onion service (version 2) and also now a next generation onion service (version 3). My setup works like this:

  • A cronjob polls my website’s git repository that contains a Hugo static site
  • Two versions of the site are built with different base URLs set in the Hugo configuration, one for the regular onion service domain and one for the next generation onion service domain
  • Apache is configured for two virtual hosts, one for each domain name
  • tor from the Debian archives is configured for the regular onion service
  • tor from git (to have next generation onion service support) is configured for the next generation onion service

The main piece of advice I have for anyone that would like to have an onion service version of their static website is to make sure that your static site generator is handling URLs for you and that your sources have relative URLs as far as possible. Hugo is great at this and most themes should be using the baseURL configuration parameter where appropriate.

There may be some room for improvement here in the polling process, perhaps this could be triggered by a webhook instead.

I’m not using HTTPS on these services as the HTTPS private key for the domain isn’t even controlled by me, it’s controlled by Netlify, so wouldn’t really be a great method of authentication and Tor already provides strong encryption and its own authentication through the URL of the onion service.

Of course, this means you need a secure way to get the URL, so here’s a PGP signed couple of URLs:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

As of 2017-09-23, the website at iain.learmonth.me is mirrored by me at
the following onion addresses:

w6d6vblb6vhuqxt6.onion
tvin5bvfwew3ldttg5t6ynlif4t53y3mbmb7sgbyud7h5q6gblrpsnyd.onion

This declaration was written and signed for publication in my blog.
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEfGEElJRPyB2mSFaW0hedW4oe0BEFAlnG1FMACgkQ0hedW4oe
0BGtTwgAp9PK6x1X9lnPLaeOOEALxn2BkDK5Q6PBt7OfnTh+f53oRrrxf0fmfNMH
Qz/IDY+tULX3TZYbjDsuu+aDpk6YIdOnOzFpIYW9Qhm6jAsX4RDfn1cZoHg1IeM7
bCvrYHA5u753U3Mm+CsLbGihpYZE/FBdc/nE5S6LxYH83QZWLIW19EPeiBpBp3Hu
VB6hUrDz3XU23dXn2U5/7faK7GKbC6TrBG/Z6dUtaXB62xgDIrPEMorwfsAZnWv4
3mAEsYJv9rnIyLbWamXDas8fJG04DOT+2C1NYmZ5CNJ4C7PKZuIYkaoVAp+pzLGJ
6BEBYaRvYIjd5g8xdVC3kmje6IM9cg==
=lUvh
-----END PGP SIGNATURE-----

Note: For the next generation onion service, I do currently have some logging enabled in the tor daemon as I’m running this service as an experiment to uncover any bugs that appear. There is no logging beyond the default for the version 2 hidden service’s tor daemon.

Another note: Current stable releases of Tor Browser do not support next generation onion services, you’ll have to grab an experimental build to try them out.

Viewing my next generation onion service in Tor Browser

September 24, 2017 09:45 AM

September 23, 2017

Iain R. Learmonth

Face

VM on bhyve not booting

Last night I installed updates on my FreeNAS box and rebooted it. As expected my network died, but then it never came back, which I hadn’t expected.

My FreeNAS box provides backup storage space, a local Debian mirror and a mirror of talks from recent conferences. It also runs a couple of virtual machines and one of these provides my local DNS resolver.

I hooked up the VNC console to the virtual machine and the problem looked to be that it was booting from the Debian installer CD. I removed the CD from the VM and rebooted, thinking that would be the end of it, but nope:

The EFI shell presented where GRUB should have been

I put the installer CD back and booted in “Rescue Mode”. For some reason, the bootloader installation wasn’t working, so I planned to reinstall it. The autopartition layout for Debian with EFI seems to use /dev/sda2 for the root partition. When you choose this it will see that you have an EFI partition and offer to mount it for you too.

When I went to install the bootloader, I saw another option that I didn’t know about: “Force GRUB installation in removable media path”. In the work I did on live-wrapper I had only ever dealt with this method of booting, I didn’t realise that there were other methods. The reasoning behind this option can be found in detail in Debian bug #746662. I also found mjg59’s blog post from 2011 useful in understanding this.

Suffice is to say that this fixed the booting issue for me in this case. I haven’t investigated this much futher so I can’t be certain of any reproducable steps to this problem, but I did also stumble across this forum post which essentially gives the manual steps that are taken by that Rescue Mode option in order to fix the problem. I think the only reason I hadn’t run into this before now is that the VMs hadn’t been rebooted since their installation.

September 23, 2017 09:45 AM

September 22, 2017

Iain R. Learmonth

Face

It Died: An Update

Update: I’ve had an offer of a used workstation that I’m following up. I would still appreciate any donations to go towards costs for cables/converters/upgrades needed with the new system but the hard part should hopefully be out the way now. (:

Thanks for all the responses I’ve received about the death of my desktop PC. As I updated in my previous post, I find it unlikely that I will have to orphan any of my packages as I believe that I should be able to get a new workstation soon.

The responses I’ve had so far have been extremely uplifting for me. It’s very easy to feel that no one cares or appreciates your work when your hardware is dying and everything feels like it’s working against you.

I’ve already received two donations towards a new workstation. If you feel you can help then please contact me. I’m happy to accept donations by PayPal or you can contact me for BACS/SWIFT/IBAN information.

I’m currently looking at an HP Z240 Tower Workstation starting with 8GB RAM and then perhaps upgrading the RAM later. I’ll be transplanting my 3TB hybrid HDD into the new workstation as that cache is great for speeding up pbuilder builds. I’m hoping for this to work for me for the next 10 years, just as the Sun had been going for the last 10 years.

Somebody buy this guy a computer. But take the Sun case in exchange. That sucker's cool: It Died @iainlearmonth http://ow.ly/oLEI30fk0yN
-- @BrideOfLinux - 11:00 PM - 21 Sep 2017

For the right donation, I would be willing to consider shipping the rebooty Sun if you like cool looking paperweights (send me an email if you like). It’s pretty heavy though, just weighed it at 15kg. (:

September 22, 2017 07:30 AM

September 21, 2017

Iain R. Learmonth

Face

It Died

On Sunday, in my weekly report on my free software activities, I wrote about how sustainable my current level of activites are. I had identified the risk that the computer that I use for almost all of my free software work was slowly dying. Last night it entered an endless reboot loop and subsequent efforts to save it have failed.

I cannot afford to replace this machine and my next best machine has half the cores, half the RAM and less than half of the screen real estate. As this is going to be a serious hit to my productivity, I need to seriously consider if I am able to continue to maintain the number of packages I currently do in Debian.

Update: Thank you for all the responses I’ve received on this post. While I have not yet resolved the situation, the level of response has me very confident that I will not have to orphan any packages and I should be back to work soon.

The Sun Ultra 24

September 21, 2017 09:10 AM

September 20, 2017

Iain R. Learmonth

Face

Easy APT Repository

The PATHspider software I maintain as part of my work depends on some features in cURL and in PycURL that have only just been mereged or are still awaiting merge. I need to build a docker container that includes these as Debian packages, so I need to quickly build an APT repository.

A Debian repository can essentially be seen as a static website and the contents are GPG signed so it doesn’t necessarily need to be hosted somewhere trusted (unless availability is critical for your application). I host my blog with Netlify, a static website host, and I figured they would be perfect for this use case. They also support open source projects.

There is a CLI tool for netlify which you can install with:

sudo apt install npm
sudo npm install -g netlify-cli

The basic steps for setting up a repository are:

mkdir repository
cp /path/to/*.deb repository/
cd repository
apt-ftparchive packages . > Packages
apt-ftparchive release . > Release
gpg --clearsign -o InRelease Release
netlify deploy

Once you’ve followed these steps, and created a new site on Netlify, you’ll be able to manage this site also through the web interface. A few things you might want to do are set up a custom domain name for your repository, or enable HTTPS with Let’s Encrypt. (Make sure you have apt-transport-https if you’re going to enable HTTPS though.)

To add this repository to your apt sources:

gpg --export -a YOURKEYID | sudo apt-key add -
echo "deb https://SUBDOMAIN.netlify.com/ /" | sudo tee -a /etc/apt/sources.list
sudo apt update

You’ll now find that those packages are installable. Beware of APT pinning as you may find that the newer versions on your repository are not actually the preferred versions according to your policy.

Update: If you’re wanting a solution that would be more suitable for regular use, take a look at repropro. If you’re wanting to have end-users add your apt repository as a third-party repository to their system, please take a look at this page on the Debian wiki which contains advice on how to instruct users to use your repository.

Update 2: Another commenter has pointed out aptly, which offers a greater feature set and removes some of the restrictions imposed by repropro. I’ve never use aptly myself so can’t comment on specifics, but from the website it looks like it might be a nicely polished tool.

September 20, 2017 07:30 AM

September 19, 2017

Iain R. Learmonth

Face

Small Glowing Thing

Quite a while ago I obtained an Adafruit NeoPixel Stick. It was cheap enough to be an impulse buy but it took me some time to get around to actually doing something with it.

I’ve been wanting to play a little more with the ATtiny range of microcontrollers so these things seemed to go together nicely. It turns out that getting an ATtiny programmed is actually rather simple using an Arduino as an ISP programmer. I’ve written up some notes on the procedure at the 57North Hacklab wiki.

The thing that caught me out is that while you don’t actually need to burn a bootloader to the ATtiny, you do still need to select that option from the menu, as this sets the soft fuses to determine the speed it will run at. For a good hour I was wondering why all my Neopixels were just white and not changing and it was because the ATtiny was still running at its default 1MHz.

The Neopixels in action commanded by the ATtiny85

September 19, 2017 07:30 AM

September 18, 2017

Iain R. Learmonth

Face

The Final Click

On my desktop, I had been using a Logitech G500 mouse. This was a really nice mouse that had the perfect feature set for me but it had a problem. Single clicks would turn into double clicks and it was nearly impossible to click and drag.

Some consequences of this include tweets being unliked instantly after liking them, ordering twice as many apples as necessary from Tesco and pasting my entire Twitter timeline into an IRC buffer instead of the two lines of log file. If there’s going to be an electromechanical component of your computer go wrong, the left mouse button is not a great choice.

I set about this morning to try to fix the switch. This is apparently a known issue with these mice. Unfortunately the bit of metal that is the key part of the switch is so flimsy, I haven’t been able to improve the situation and so I’m going to have to either look at a new switch assembly or, failing that, a new mouse.

The internals of my Logitech G500

September 18, 2017 06:00 AM

September 17, 2017

Iain R. Learmonth

Face

Free Software Efforts (2017W37)

I’d like to start making weekly reports again on my free software efforts. Part of the reason for these reports is for me to see how much time I’m putting into free software. Hopefully I can keep these reports up.

Debian

I have updated txtorcon (a Twisted-based asynchronous Tor control protocol implementation used by ooniprobe, magic-wormhole and tahoe-lafs) to its latest upstream version. I’ve also added two new binary packages that are built by the txtorcon source package: python3-txtorcon and python-txtorcon-doc for Python 3 support and generated HTML documentation respectively.

I have gone through the scapy (Python module for the forging and dissection of network packets) bugs and closed a couple that seem to have been silently fixed by new upstream releases and not been caught in the BTS. I’ve uploaded a minor revision to include a patch that fixes the version number reported by scapy.

I have prepared and uploaded a new package for measurement-kit (a portable C++11 network measurement library) from the Open Observatory of Network Interference, which at time of writing is still in the NEW queue. I have also updated ooniprobe (probe for the Open Observatory of Network Interference) to its latest upstream version.

I have updated the Swedish debconf strings in the xastir (X Amateur Station Tracking and Information Reporting) package, thanks to the translators.

I have updated the direwolf (soundcard terminal node controller for APRS) package to its latest upstream version and fixed the creation of the system user to run direwolf with systemd to happen at the time the package is installed. Unfortunately, it has been necessary to drop the PDF documentation from the package as I was unable to contact the upstream author and acquire the Microsoft Word sources for this release.

I have reviewed and sponsored the uploads of the new packages comptext (GUI based tool to compare two text streams), comptty (GUI based tool to compare two radio teletype streams) and flnet (amateur radio net control station software) in the hamradio team. Thanks to Ana Custura for preparing those packages, comptext and comptty are now available in unstable.

I have updated the Debian Hamradio Blend metapackages to include cubicsdr (a software defined radio receiver). This build also refreshes the list of packages that can now be included as they had not been packaged at the time of the last build.

I have produced and uploaded an initial package for python-azure-devtools (development tools for Azure SDK and CLI for Python) and have updated python-azure (the Azure SDK for Python) to a recent git snapshot. Due to some issues with python-vcr it is currently not possible to run the test suite as part of the build process and I’m watching the situation. I have also fixed the auto dependency generation for python3-azure, which had previously been broken.

Bugs closed (fixed/wontfix): #873036, #871940, #869566, #873083, #867420, #861753, #855385, #855497, #684727, #683711

Tor Project

I have been working through tickets for Atlas (a tool for looking up details about Tor relays and bridges) and have merged and deployed a number of fixes. Some highlights include: bandwidth sorting in search results is now semantically correct (not just an alphanumeric sort ignoring units), added when a relay was first seen to the details page along with the host name if a reverse DNS record has been found for the IP address of the relay and added support for the NoEdConsensus flag (although happily no relays had this flag at the time this support was added).

The metrics team has been working on merging projects into the metrics team website to give a unified view of information about the Tor network. This week I have been working towards a prototype of a port of Atlas to the metrics website’s style and this work has been published in my personal Atlas git repository. If you’d like to have a click around, you can do so.

A relay operators meetup will be happening in Montreal on the 14th of October. I won’t be present, but I have taken this opportunity to ask operators if there’s anything that they would like from Atlas that they are not currently getting. Some feedback has already been received and turned into code and trac tickets.

I also attended the weekly metrics team meeting in #tor-dev.

Bugs closed (fixed/wontfix): #6787, #9814, #21958, #21636, #23296, #23160

Sustainability

I believe it is important to be clear not only about the work I have already completed but also about the sustainability of this work into the future. I plan to include a short report on the current sustainability of my work in each weekly report.

I continue to be happy to spend my time on this work, however I do find myself in a position where it may not be sustainable when it comes to hardware. My desktop, a Sun Ultra 24, is now 10 years old and I’m starting to see random reboots which so far have not been explained. It is incredibly annoying to have this happen during a long build. Further, the hard drives in my NAS which are used for the local backups and for my local Debian mirror are starting to show SMART errors. It is not currently within my budget to replace any of this hardware. Please contact me if you believe you can help.

This week's energy was provided by Club Mate

September 17, 2017 05:00 PM

August 22, 2017

Tom Jones

Face

FreeBSD on the GPD Pocket

In the distant past before smart phones became identical black rectangles there was a category of devices called palmtops. Palmtops were a class of PDA PC thing that fit in the palm of your hand. Today the Psion 5 series of devices most often capture peoples attention. Not only are they small and awesome, but they have something like a real keyboard.

This form factor is so popular that there are projects trying to update Psion 5 devices with new internals. The Psion 5 is the sort of device I have complained isn't made for a long time, at some point I picked one up on ebay with the intention of running the NetBSD port on it.

Earlier this year the world caught up and two big crowd funding projects appeared for modern Psion like palmtop devices. Neither the Gemini or the GPD Pocket campaigns convinced me that real hardware would ever appear. In May reviews of the GPD Pocket started to appear and I became aware of people that had backed and received their earlier campaign for the GPD WIN.

With a quirk in indiegogo allowing me to still back the campaign I jumped on board and ordered a tiny little laptop computer.

GPD Pocket vs Psion 5mx

FreeBSD

FreeBSD is the only choice of OS for a pc computer. Support is good enough that I could boot and install without any real issues, but there was enough hardware support missing that I wanted to fix things before writing a blog post about it.

Somethings don't work out of the box others will need drivers before they will work:

  • Display rotation
  • WiFi (broadcom 4356)
  • Bluetooth (broadcom BCM2045A0)
  • Audio (cherry trail audio chrt54...)
  • Graphics
  • Nipple
  • USB C
  • Keyboard vanishes sometimes
  • Battery
  • Suspend
  • Touch Screen (goodix)
  • fan (there is some pwm hardware)
  • backlight
  • I2C
  • gpio

Display

The most obvious issue is the display panel, the panel it self reports as being a high resolution portrait device. This problem exists in the bios menus and the windows boot splash is rotated for most of the time.

GPD Pocket FreeBSD bootsplash

Of course the FreeBSD bootsplash and framebuffer are also rotated, but a little neck turning makes the installer usable. Once installed we can address the rotated panel in X, accelerated graphics are probably in the future for this device, but the X framebuffer drive is good enough for FreeBSD hacking.

With X we can sort of the rotation problem. xf86-video-scfb is required to use the framebuffer.

# pkg install xf86-video-scfb

And the following lines have to be added to /usr/local/etc/X11/xorg.conf.d/driver-scfb.conf

Section "Device"
    Identifier "Generic FB"
    Driver "scfb"
    Rotate "CW"
EndSection

 Section "Device"
     Identifier    "Card0"
     Driver        "scfb"
 EndSection

GPD Pocket FreeBSD

The screen resolution is still super high, there doesn't seem to be anyway to do DPI hinting with the framebuffer driver (or in i3 at all), but I can make terminals usable by cranking up the font size.

Keyboard and touchpoint

A Keyboard is vital for a usable computer, out of the box the keyboard works, but the touch point does not. Worse, touching the touch point caused the built in USB keyboard to die.

Some faffing trying to debug the problem with gavin@ at BSDCam and we got both keyboard and mouse working. For some reason my planck keyboard presents as a mouse among other things, pluggin in a mouse and power cycling the USB device caused ums(4) to correctly probe and attach.

Manually loading ums(4) at boot got the touch point working correctly. In fact, ig4(4) also attaches when manually loaded.

Add these lines to /boot/loader.conf

ums_load="YES"
ig4_load="YES"

The dmesg shows some problems with ACPI probing, this is probably the source of some of the device problems.

Other devices

Wifi, bluetooth and graphics are bigger problems that will hopefully be caught up in others work and made to work soon. The touchscreen controller is adding a driver and support for Cherry View GPIO, there are datasheets for these and I am working on them.

No battery level indicator makes it annoying to use the GPD Pocket out and about. Without a driver the charge controller is using a really low current to recharge the battery. Datasheets are quite readily available for these devices and I am writing drivers now.

GPD Pocket

The Pocket is a great little device, I think its 'cuteness' makes everyone fall in love with it on first sight. I am really looking forward to getting the final things working and using this as a daily device.

August 22, 2017 12:00 AM

August 21, 2017

Tom Jones

Face

Gherkin 30% keyboard

Gherkin

I like keyboards, I have been using an OLKB Planck as my daily driver for 18 months now. I saw a really nice ortholinear 30% keyboard go by on mastodon and I had to have one.

The keyboard I saw was actually the excellent gherkin by di0ib. di0ib has worked in the true spirit of open source and provided all of the design files and firmware for the gherkin. Beyond that they have included child proof instructions to order pcds.

Gherkin PCB

I tricked some friends into agreeing to build boards if I got a run of PCBS and set off. Amazingly easyeda.com was offering 5 more boards (10 vs 5) for just $2 extra. I managed to get 10 sets (board, key plate and base) of the PCBs for about £80.

Build

The build was really easy to do, there is some advice for the socket on 40 percent club, but if you test fit everything as you go it should be straight forward. A build is probably around 2 hours depending on proficiency.

Parts Per Keyboard:

1  Keyplate PCB
1  Bottom PCB
1  Main PCB

16 M2 Spacers (14mm length)
32 M2 screws

30 key switches
30 key caps

1  Arduino Pro micro
1  machine pin socket (wide 24 pin (2x12))

30 3mm leds (your choice of colour)
30 1N4148 diodes
1  100 ohm resistors
1  100k ohm resitors
30 470 ohm reistors
1  mosfet (probs A04406A 4406A)

Key caps are a harder thing to buy (so many awesome choices) so I ended up using some spares I found in a desk drawer.

Flash

Flashing the firmware to the keyboard was a little harder to figure out. Eventually I found some instructions that included the correct avrdude flags on hackaday.io, you also need to use a switch pulling RST down to GND to put the micro controller in programming mode.

Pro Micro flash switch

Most of the work is done by the TMK make file, but you must manually specify a target for the program command. The command I used looks like:

# programming directive
MCU = atmega32u4
OPT_DEFS += -DBOOTLOADER_SIZE=512
PROGRAM_CMD = avrdude -p $(MCU) -P /dev/tty.usbmodem1411 -c avr109 -U flash:w:$(TARGET).hex

Use

With the board built and programmed (first try) it is time to figure out how to use it. It took a couple of months of daily use to get used to using the planck, it will be the same with the gherkin. To help learn I have printed out the keyboard layout and the combination of layers.

Gherkin Layout

I modified the default layout a little to make it more similar to how I normally type. I moved space bar to my left hand, made 'X' a repeatable key(gotta be able to delete chars in vim) and added a 'CMD' key. I have a fork of the repo with my layout and Makefile changes.

The layer system is easy to use, if you hold any of the keys on the base layer it will enable the alternate function for a meta key or it will switch to another layer for a layer key.

August 21, 2017 12:00 AM

July 22, 2017

Yakamo

Yakbox 2.0 - 34c3

Thats right im making a second yakbox!

I started last month so ive been a bit late posting any info about it, but i was thinking what could i do thats more interesting. so i managed to scavange 4 15" screens with a resolutoin of 1280x1024 which i thought was good enough to show fun stats like yakbox 1. So far i have only figured out what to put on 3 of the screens maybe only 2 once its all crammed in.

This is gona be more expensive than the last yakbox as im using alot more material and 5 computers instead of just 1.

Main idea is a cube with 4 screens on each horizontal side with a case, each screen is powered by a "Banana pi m2u+ with 8gb flash" and those tiny bpi's are connected to the network through a Bpi-R1 which is a router which i will have to self configure, i will be using armbian(debian minimal) and building up shit from there.

Also making one of the Bpi's in yakbox vunrable to see if anyone hacks it and to see what fun stuff they do

I am also making little survailance Boxes with the same little Bpi's the screens are using to collect dns request data and other fun info (this data will be destroyed at the end of the event). Its going to be fun trying to physically secure these to prevent access and to make them secure on the network.

So far i have managed to create the first prototype frame that holds the screens, its strong and holds perfect but due to crap tools and a lack of experience its not perfect, luckly i bought some tools that will let me cut the wood much more flush on the final frame. So far i would say the prototype is holding up well, but im struggling to figure out how to do the case, and which material should i use. Black stone tiles caught my attention the most, but i will have to find out how realistic that is to use and how expensive.

Here are some photos of the prototype so far:

Sorry for the shit quality, will upload better on the next post.

1
2
3
4
5

Any suggestions or even donations are totally welcome!

July 22, 2017 11:00 PM

June 27, 2017

Yakamo

Simple python script to pull text/ascii files from a site

This simple python script will let you pull text/ascii files from a standard page where the folder on a server has been exposed, code could easily be modified to pull everything from jpgs. to mkvs really quickly.

import urllib2

urL = "http://example.com"
file_Ext_Type = "txt"
data = urllib2.urlopen(urL).readlines()
location_to_save_to = ""

for x in data:
    if file_Ext_Type in x:
        filename = txt_list.append(x[x.index('">'):].replace('"> ','').replace("</a></li>","").strip())
            with open(location_to_save_to + filename ,"w") as handle:
                handle.write(urllib2.urlopen(urL + filename).read())

Not sure how well this will perform on all pages, give me feedback or improvements.

June 27, 2017 11:00 PM

June 10, 2017

Yakamo

Yakbox part 3 finally

Ok so this is a tad overdue, this is what yakox finally looked like in the end, it survivded 4 days before it got owned by mkz, due to me being lazy and not sanitizing a variable.

Below are several shots of yakbox including the point where it got owned by mkz!

image1
image1
image1
image1

June 10, 2017 11:00 PM

June 07, 2017

Yakamo

Simple wifi DNS survailance with Scapy

So you will need to put your wifi device into monitor mode using airmon-ng then run this program and watch it show all dns requests it finds on nearby open wifi networks. Im going to add another article if im not too lazy showing you how to do the same on encrypted networks that you have the password for.

from scapy.all import *
import socket

interface_name ="mon0"

def find_dns_requests(pkt): #checking to see if any dns requests found
    if pkt.haslayer(DNS) and pkt.getlayer(DNS).qr == 0:
        print str(pkt.getlayer(DNS).qd.qname) #domain name
        print str(pkt.addr2) #mac address
        print str(pkt.getlayer(IP).src) #ip address

sniff(iface=interface_name, prn = find_dns_requests, filter = 'dst port 53') #start sniffing and apply the function to find your data

June 07, 2017 11:00 PM

May 23, 2017

Bob Taylor

Dementia Tax

So it is well known that the Tories have been nibbling at the NHS to privatise services but to actually privatise social care is shocking.

The idea behind the NHS was that everyone would be covered by a country wide insurance scheme so why now try to make everyone pay for their own long term care whether that be in the house or a care home.

The tempter for Tory politicians and their right wing friends is the amount of money currently swilling about in houses and bank accounts for a section of the elderly.  This is a big prize. So these financial corporations have already got equity release products that could, I presume, easily be adapted to suck money out of your assets making these financial companies very happy.

So in effect this was a staggeringly stupid attempt to give the financial corporations a huge boost to profits on the back of the grandparents.

Then there is the notion that this is intergenerational fairness.  It is nothing of the sort.  If the money is taken out of your house value it then does not go to your children and grandchildren as an inheritance.

Make no mistake this was an attempt at "mugging" all generations on the back of a long term sickness.

There are plenty of other ways of raising money to cover social care that are fair and do not penalise sick old people while at the same time penalising the young people's inheritance.


by BobT (noreply@blogger.com) at May 23, 2017 07:21 AM

March 27, 2017

Tom Jones

Face

Findlater Castle

Findlater Castle


Reading: The Moon is a Harsh Mistress, The Difference Engine

Aberdeen, Scotland: 14°C, Mostly cloudy starting in the evening.

March 27, 2017 12:00 AM

March 26, 2017

Tom Jones

Face

More bread

I did more bread, but at batch 8 this is no longer really interesting to anyone other than me.

People have been complaining that my tweets are marked as offensive material, which is really funny I only really tweet about bread and technology. I looked at my settings and the 'mark as offensive' option was enabled on my output.

I'm sure I accidentally enabled it, but the twitter documentation does say they will add it to accounts that have flagged posts.

I have no love for twitter, if literally anything else had the communities I want to pay attention to posting I would move away. Ideally something federated, but that is only a pipe dream.


Yes my phone autocompleted flour to four, you can't edit twitter posts and phones are the worst thing ever.

It is Sunday, so that makes seven days of writing.

Reading: The Moon is a Hard Mistress, The Difference Engine

Aberdeen, Scotland: 15°C, Clear throughout the day.

March 26, 2017 12:00 AM

March 25, 2017

Tom Jones

Face

Notification Band Thing

Last night I converted by pebble from being a single contained unit, to a 3 part kit.

I am probably going to have to replace it.

Pebble the company is dead, I can still get replacement hardware from amazon or ebay and I suspect it will be generally available at reasonable prices for a year or two.

I used my pebble for 3 things

  1. It's a smart watch, so I used it as a watch for time and date
  2. I used it for weather, with the awesome relaxing watch face
  3. The vibrate function is amazing for notifications. My phone hasn't been off silent for since I got the pebble, notifications for calls and messages are awesome. Better I can forward notifications from a service bus app like pushover and generate them based on things I want.

I can just wear a watch to deal with 1, for 2 I am probably going to use the awesome forecast.io app and not rely on being able to casually check the temperature.

For 3 I am really at a loss what to do. I could just replace the pebble, but really I think I want a smart band with a vibration motor for notifications.

If what I want doesn't already exist, it is probably too niche to ever become a thing.


Reading: The Moon is a Harsh Mistress, The Difference Engine

None, Scotland: 15°C, Partly cloudy until afternoon.

March 25, 2017 12:00 AM

Subscriptions

Last updated:
September 25, 2017 06:30 PM
All times are UTC.

Powered by:
Planet

Planetarium: