May 04 2008

a problem slug

I bought myself another slug recently so that I could have one dedicated to internal work and the other used for public facing webs. I wasn’t really comfortable with having my network backup and apt-get mirror on the same beast as a public web. I know from experience that public facing systems are vulnerable and I have to assume that my webcam slug is disposable.

However, it seems that I picked exactly the wrong time to build a new slug because I fell foul of a previously undocumented bug in the new initramfs-tools (version 0.92) in Debian testing. This version generated a ramdisk that made the slug unbootable. This bug was particularly irritating because it only manifested itself at the end of the complete Debian install – i.e at the point when the installer had flashed the new initramfs and rebooted. Because I had been so successful with the earlier slug only weeks before, I thought at first that either I had made a mistake, or, worse, I had bought a problem slug which I could not return having voided the warranty. So I wasted some more time reflashing first with unslung and later with the original Linksys image – just to satify myself that I had a working beast. Then I checked the debian-arm mailing list. A couple of other users reported similar problems and the cuplprit – initramfs-tools – was quickly identified and rapidly fixed (see bug #478236).

When researching the problem, I picked up a useful tip from the mail list on a quick way of backing up a working slug image which is not documented in the how-to section of the slug website. This tip enabled me to take a copy of the image from the known good working slug and flash it to the non-working new slug at the end of (yet another) complete Debian install.

On a working system, do “cat /dev/mtdblock* > backup.img”, and copy that backup image off to a safe place. Use that image with upslug2 to flash to a non-working (or corrupted) slug thus: “upslug2 -i backup.img”.

The problem I encountered is now fixed with the release of 0.92a of initramfs-tools which is now in the Lenny tree.

Permanent link to this article: http://baldric.net/2008/05/04/a-problem-slug/

Apr 07 2008

slugs as pets

Following a recommendation from a friend of mine, I have recently been playing with a Linksys NSLU2. This device is no larger than a paperback book yet packs some remarkable capabilities. It was originally designed by Linksys (Cisco) to act as a “Network Storage Link for USB 2.0 Disk Drives” (hence NSLU2).

The Linksys NSLU2

Externally, the rear of the box offers two USB 2.0 ports and a 10/100 ethernet RJ45 port for connectivity and sports front panel based LEDs for power, disk and ethernet status. Internally it has an XScale-IXP42x CPU (Intel’s implementation of ARM) running at 266 MHz (early versions were apparently underclocked to 133 Mhz) 8Mb of flash memory and 32Mb of SDRAM. Most interesting, at least from my point of view, is that the OS in flash is a version of Linux. Better yet, that can be changed for a full blown OS such as Debian so long as that OS is installed to external disk and the NSLU2 firmware is reflashed with an image which tells it to look for a bootable kernel on disk. Too good an opportunity to be missed – so I bought one and attached a 500 Gig Lacie USB disk so that I’d have room to play.

There is extensive documentation on-line about reflashing and upgrading the slug (as they are affectionately known by their users). My experience is documented here. My own slug now runs Debian Lenny (kernel 2.6.24-1-ixp4xx) and acts as the local apt-mirror for my home network. That mirror is run out of cron overnight so that I save on my bandwidth allowance. Having a local mirror speeds up software installs and security updates and I know that I can run local downloads to any of my machines at any time without impacting on either my monthly allowance or my external access speed. The slug runs lighttpd (changed from Apache) to give me internal virtual webservers as well as access to the mirror and I also backup my internal files to it via rsync over ssh. For example, my primary desktop machine runs a cron job to rsync to the slug.

Oh, and it also runs a webcam – just for fun.

webcam image

A web search for “webcam on slug” led me to the deliciously bizarre “Slug Racing online” site. Quote – “Slug racing is an exciting and cheap alternative to other racing forms. Slugs are available almost everywhere, often in abundance. Seen as a pest by many people, they can be a great pleasure in cultivated slug racing.” Unquote.

Some people have the strangest hobbies.

Permanent link to this article: http://baldric.net/2008/04/07/slugs-as-pets/

Apr 06 2008

google oddness

A google search for “loadlin” produces a sponsored link for “Inflatable lilos”. Strangely no references to insects or food however.

Permanent link to this article: http://baldric.net/2008/04/06/google-oddness/

Mar 01 2008

ssh through http proxy

On a mail list I subscribe to I have recently been involved in a discussion about the restrictions sometimes placed on users of WiFi hotspots or hotel networks (to say nothing of the restrictions placed on corporate networks). Some of the suggested solutions involve tunnelling ssh connections over http(s). Other solutions assume that the network is simply restricting access with packet filters so that you may just need to connect to a non-standard port (such as 80 or 443). If this is the case, then you simply have to configure your target ssh daemon to listen on that port. However, some networks force you through a proxy, in which case you need a utility like corkscrew. I had not previously heard of this neat little utility – but it turns out to merit some exploration if you find yourself needing such a tool.

Corkscrew is relatively simple to set up, but if you have problems, take a look at Andrew Savory’s blog entry of 27 February 2008.

Permanent link to this article: http://baldric.net/2008/03/01/ssh-through-http-proxy/

Jan 19 2008

another vulnerability in the home hub

The guys at gnucitizen have posted details of another vulnerability in the BT home hub (and related Thomson routers). This vulnerability allows a remote attacker to reconfigure the router using the UPnP functionality which is turned on by default. UPnP is an authenticationless protocol designed to allow local devices to reconfigure the router – typically to allow insertion of port forwarding rules or similar changes to the firewall. On the Thomson routers (and the home hub) UPnP configuration can be found under “Game and Application Sharing” on the web configuration interface.

If you haven’t already done so, I recommend that you turn off UPnP. There is no good reason to leave it on. If you find that some device on your network needs a particular port forwarding rule to be set, then set it manually. Better still, consider whether you really need that device on your network.

Permanent link to this article: http://baldric.net/2008/01/19/another-vulnerability-in-the-home-hub/

Jan 13 2008

psp hardware and software specs

I have just stumbled upon a very good resource listing specifications of the hardware and software revisions for the PSP. I would have found this site most useful when I was researching how to format video for the psp last year.

The site is at www.edepot.com/reviews_sony_psp.html

Permanent link to this article: http://baldric.net/2008/01/13/psp-hardware-and-software-specs/

Jan 06 2008

ain’t standards wonderful

I’ve just changed my mobile phone for the first time in nearly three years. I know this makes me unusual, particularly as I am normally a gadget lover, but to me a phone is primarily intended to be communication device. I don’t really need it to be a camera, or a music player, or a games console. I really want my phone to work as a phone when I need it and I don’t really want to find that the battery is flat at exactly the wrong moment just because I have been listening to Peter Green for hours. My daughter seems to change her mobile every six months or so – but then she seems happy to tie herself into a network provider’s contract in order to update what is essentially a fashion accessory. I’m not prepared to do that and I pay a satisfyingly small sum of money each month to my provider because I don’t expect them to subsidise the cost of a phone.

I bought my new phone on-line. And nice and shiny it is – and I admit it appeals to the gadget lover in me. Besides the obvious voice and text messaging capability it offers: multimedia messaging, email, MP3 and MP4 audio/video (video? on a screen that size?), video calling, web access including an RSS reader, games, a radio, a calendar, an organiser, a calculator, stopwatch and of course the obligatory high resolution camera (which I confess is quite nice).

The phone even includes a file manager to allow the user to shuffle the umpteen MP3/4, jpeg/gif whatever files around and provides bluetooth, USB and infrared local communication capability over and above the GSM connectivity actually needed in a phone in the UK – plus of course 3G capability for all that high bandwidth you will need if you try to actually use all the phone’s functionality. Somehow I don’t think my current ten pounds a month contract is going to cover that.

Now with all the thought that has obviously gone in to the design of this wonderful gadget, why on earth couldn’t the company stick with some obvious existing standards in its physical design. I can just about put up with the need to learn a whole new layout on the keypad – hell the device has some dozen additional keys over and above the keypad itself – but why should I have to carry another set of earphones when I already have a perfectly good set of in ear bud phones with a standard minijack? Why should I have to use the phone’s non-standard USB connector when I already have a USB lead on my PC which terminates in a mini USB connector used by my PSP, and my cameras. Why should I have to buy yet another form of the company’s own proprietary memory sticks when I already have plenty of high capacity memory cards in said cameras and PSP?

Oh, and of course the recharger is different to every other such device in my home.

As an old colleague once said to me (quoting Tanenbaum) – “I love standards, there are so many to choose from”.

Permanent link to this article: http://baldric.net/2008/01/06/aint-standards-wonderful/

Dec 31 2007

the war against hair gel

David Malki ! is an interesting character who creates some wonderful cartoons from images drawn from his collection of 19th-century books and periodicals and from other early rare books held at the Los Angeles Central Library. He publishes a collection of his cartoons at wondermark. I recommend that you spend some time flipping through his archive. The man has a completely anarchic sense of humour.

One of my personal favourites is:

hair-gel

I am grateful to him for permission to republish the image here.

Permanent link to this article: http://baldric.net/2007/12/31/the-war-against-hair-gel/

Dec 30 2007

reflashing the BT home hub from a linux PC

As I mentioned in an earlier post, I found several references to successful reflashes of the BT hub to a genuine Thomson 7G image on a variety of sites. None of those sites gave instructions as to how to do this if you run a linux PC.

So I have documented how I did it here.

Permanent link to this article: http://baldric.net/2007/12/30/reflashing-the-bt-home-hub-from-a-linux-pc/

Dec 15 2007

homehubblog goes off-line

Some of my earlier posts have referred to the “homehubblog”. The author of that blog seems to have had his domain name stolen from under his feet. The address given now links to an estate agent site. I know that there are robots out there just waiting to pounce on domains which come up for renewal so that existing traffic to established sites can be hijacked, but this is just ridiculous. I strongly recommend that anyone using a domain they value get it locked by their ISP or domain manager so that renewal in their own name is automatic.

Needless to say, any references to the homehubblog in my earlier posts should now be ignored – they just won’t work.

Permanent link to this article: http://baldric.net/2007/12/15/homehubblog-goes-off-line/

Dec 15 2007

leaving BT Broadband

My contract with BT has now expired and I am shortly to move my ADSL connection to one of the Entanet resellers (TitanADSL). All the Entanet resellers I have read about get good reviews. I picked TitanADSL because they offer additional webspace and mySQL databases on top of their broadband service. With luck my IP service will improve hugely (BT consistently throttle service at peak times) and I know that my “support” service will improve beyond recognition.

I know I shouldn’t have bothered, but I actually made the mistake of emailing BT Broadband “support” requesting a MAC (Migration Activation Code) so that I could get my new supply sorted. I received the response below. I cannot believe that I actually received an email from someone “trying to be part of the solution”. Needless to say I received no MAC so I phoned the number given on the the BT website and got the code over the phone in minutes.

——–
BT Email

Dear Sir / Madam,

Thank you for your e-mail dated 6/12/07 regarding your request for MAC code.

With regards to your email, I would like to inform you that I have to forward this matter to the relevant team for further assistance. Therefore, I would request you to kindly forward your account details, i.e. the customer account number and the telephone number in reply. We need this information for security reasons, as well as to access your account and assist you further.

I can assure you that on receipt of your account details we will assist you in an appropriate way and will make every possible endeavour to solve your concern as soon as possible.

I realise that I have not been able to resolve your concern immediately. I can assure you that I am trying my best to be a part of the solution and in the meantime I would like to thank you in anticipation of your continued patience and co-operation, and to assure you of our best intentions at all times.

Thank you for contacting BT.

Yours Sincerely,
eContact Customer Service

Permanent link to this article: http://baldric.net/2007/12/15/leaving-bt-broadband/

Nov 30 2007

if Microsoft made the iPhone

I’m sorry. I know I really shouldn’t do this, but I loved this so much I watched it three times in succession. It’s vicious, it really is. And best of all, it was apparently made on a Mac.

Permanent link to this article: http://baldric.net/2007/11/30/if-microsoft-made-the-iphone/