Archive for the 'Technology' Category

There Is No Cloud

Wednesday, March 7th, 2018

..there is just someone else’s computer.

I’ve touched on this before, here. Devices and software we buy can give us great things: we can stream films or music rather than shipping physical media (move bits, not atoms), and deliver amazing connectivity, but when these services depend on someone else’s computer (and if you can’t touch it, it isn’t yours), you can’t rely on them being there.

A very small illustration. I have a bus time app. It is was great. I’d look at a bus stop on the map it grabbed from Google Maps, and it shows me destinations, routes, and more. The data is publicly available, and indeed, Google Maps itself uses the data built into maps- essentially, all the app does is glue together some bits of data, and present it nicely.

Suddenly it stopped working, with a typical error message for phone apps, saying it couldn’t connect and to check my data connection- which was fine. I assumed a temporary problem.

A month or so later, it’ still not working. I email support, and remove the app, re-install it. Clear the data and cache, then eventually wipe the phone. Still no good, so I install on a different phone. Still no good, and still no answer from support.

At this point I can only assume the company is no longer maintaining it, and whatever server it calls home to on the Internet is no longer operational.

For 3-4 quid of app, this is not a problem, but it might piss you off a little if you’ve bought some IoT hardware (Hive, or Ring, for example) and they decide to pull the plug. If you’ve just migrated a huge datacentre into cloud, it could be a disaster.

Remember: if you can’t touch it, you don’t own it, and even if you can touch it and do own it, unless you control every service it needs, it can be taken away from you.

Anyway, not all bad, I ended up with a better app 🙂

[Edit 14/03/2018]

I’ve now had a reply from the app’s author:

Fixed about half an hour ago.
Sorry for the outage and not replying sooner. I have moved suppliers and the problem should not recur.

Which is kind of a shame, as I’ve given up and moved to something else now.

LMGTFY

Wednesday, January 24th, 2018

A minor intertubes annoyance of mine.

I use Google Maps quite a bit. Not massively for sat-nav, as I’m a terrible luddite for navigation, and don’t have a suitable car holder, but for finding pubs, bars, restaurants, stations, shops etc if walking. I’ll use the reviews as a guide, and I contribute back to it as well: I’ll edit places I know are wrong, I’ve added photos of opening times that Google can scan and publish automagically.

Overall, it’s pretty cool. Yes, you’re dealing with a big evil tech firm, and they’re getting a lot of data for free, but it’s useful for me, and the contributions may be useful (they’d be even better if it would let me add The Jigger’s Whistle, but meh).

One thing, though, is troubling me. Nagging away at me like an untraceable rattle in the dashboard.

Questions. Questions asked by people too damn lazy and/or stupid to do even the most basic research on the computer they are in front of or holding in their hand. The maps app on my phone will occasionally prompt me about a place it knows I have been and say

Someone has a question about [place], can you help?

and like a twat, I’ll view the question, because it’s good to help.

Here’s a typical example, with a fairly succinct answer from another contributor.

FFS. Let me Google that for you.

Really? Not even a full sentence, and the answer should be pretty fucking easy with the fucking Internet in front of you, shouldn’t it?

Looks pretty easy to me. Fuckwits.

Ubuntu 17.10 and an abcde ripping failure

Thursday, January 4th, 2018

Recorded here as I couldn’t find any mention online: abcde is a fantastic command-line CD ripper for Linux that does something very clever- it glues together lots of individual tools to automate ripping, encoding, and tagging music files. Handily it can rip to FLAC and MP3 (for the car stereo) in one hit, like this:

I recently had a bit of a mishap involving a laptop, so had to fresh-install Ubuntu, and copied over the config file for abcde. It sort-of worked, but at the point where it has ripped tracks, and is meant to tag them and move them from the working folder to $HOME/Music/mp3 and $HOME/Music/flac it bombed with

tagtrack-mp3-03: returned code 1: nice -n 10 eyeD3 [arguments sent to eyeD3]

Running eyeD3 with the same arguments manually gave

Traceback (most recent call last):
File "/usr/bin/eyeD3", line 6, in
from pkg_resources import load_entry_point
ImportError: No module named pkg_resources

The simple answer is

sudo apt-get install python-pkg-resources

and away it goes. I’m not sure if that package is suggested for eyeD3 or abcde, but it’s clearly not set as a dependency, or apt would install it- apt is usually extremely good at this kind of stuff.

In the Hall of the Greene King

Thursday, August 17th, 2017

So, there was a bit of work needed at an office in Bury St Edmunds- a bit of network diagnosis and install a ID card printer. I’m chief network monkey, so it’s my sort of job. Time was flexible. I’d always fancied seeing the town, so last Friday my other half and I left out at early-O-clock, and hit the M6T, M6, and A14 again.

Pleasingly, Cathorpe has been finished, and the difference is amazing, such that even with a breakfast stop near Cambridge, we arrived at the office well before 9am, untroubled by the speed cameras, which have mostly evolved into average-speed ones, thereby avoiding the horrors I discussed here.

So then, a fight with the printer and it’s terrible drivers, a quick tweak of a Cisco config, fix a few other minor issues, and finished by 13:40. Off to the lovely hotel, and hit the pubs. Bury is a lovely town; historic, beautiful, but not up-itself- a very rare mix. People were friendly, drinks and food reasonably priced. Even my better half’s bus fare into town from the office was a mere 75p.

The next day, we took a trip to Ickworth, a stunning property, and such a short drive not going would have been madness, and then had a look around the town, visited Green King’s cafe, wandered around Abbey Gardens.

I’m not usually a massive fan of GK’s beers, which maybe made a trip to Bury rather an odd one, as it’s Greene King Central, but the good thing was that some of GK’s less usual beers were about- and the double bonus of getting some work that needed doing done and another part of the UK visited was worthwhile.

Diesel Do

Tuesday, August 1st, 2017

So having had the emmissions-test cheat mode removed from my car, I was interested to see on BBC Watchdog (everyone’s favourite combination of fuckwits and whingers) that there seems to be a growing number of complaints following the “service action”.

It seems the complaints centre around limp-home mode getting triggered, and it seems that the EGR valve has been a common failure. It does seem that logically, the EGR may be more active post-fix in order to reduce NOx at the expense of more particulates and reduced power/economy.

The Watchdog article fairly obviously prompted this letter from VW:

Page one of the VW “all is well” letter. Click to embiggen.


Page two of the VW “all is well” letter. Click to embiggen. Note in section 3, bullet point 5.

And there’s something interesting in section 3, bullet point 5 that gives VW a potential get-out. On page 1, they’re saying that they’ll be favourable to clains for 2 years/up to 160K miles, but then say that they won’t cover a DFP full of ash. There’s scant infornmation about what the VW fix does apart from removing the rolling road detection, but consensus seems to be that is alters injection quantity, pattern, and timing, and tweaks EGR. All of these could have an effect on the particulates produced.

Now, since Euro V, we’re not allowed to pump those particulates out to atmosphere (boo hiss!):

So the particulates have to go somewhere, and that somewhere is the DPF. DPFs obviously can get full of soot, and they then need to be regenerated. This can happen passively (if it gets hot enough), or can be triggered by the engine ECU injecting fuel on an exhaust stroke, so that it burns in the DPF. This turns the soot to ash- the ash that VW won’t replace your DPF for if it’s full of it. Which is interesting: you can’t get something for nothing, and the reduced NOx emissions comes (apparently) at a cost of more particulates, which means more DPF regens, and therefore more ash, so a shorter DPF life.

I don’t know what to make of this, to be honest. My own VW seems have economy and performance unchanged, and doesn’t seem to be doing active regenerations often, but you don’t miraculously lose the NOx without paying for it somewhere. I suppose EGR and DPF life remains to be seen. I’d really like to see a full analysis/reverse engineering of the remapped ECU (because, on the 2L engine, that’s all that happens).

This is interesting in the light of news recently that the sale of conventional diesel & petrol cars is to be outlawed by 2040. I think that’s a bit of a non-story: we’re already in the twilight of internal combustion cars: both petrol and diesel cars are now loaded with lots of controls and mechanisms not to increase efficiency or power, but to limit harmful emissions, and even with those they pollute our environment in a way that is impossible to contain. Electric cars will still pollute, of course, (and will still congest the roads), but the internal combustion engine is on it’s way out, inevitably. We’ll still have IC cars on the road by 2040 (and assuming I make it, I’ll be a pensioner), but they’ll be diminishing in quantity.

Watching

Monday, May 29th, 2017

I happened across a tweet from CPMG last week,and retweeted it (amd, indeed, responded to it with both a reply and by completing the survey (which I’d encourage you to do). The conversation that resulted can be viewed on twitter by clicking the first link, but is also screenshotted below:

Screenshot 1 of 2- click to embiggen.

screenshot 2 of 2, click to embiggen.

An interesting conversation, rapidly joined by Livestream Data Systems, who, in their own words, provide backend systems for ANPR. Almost as if they were ready, watching for replies, huh?

They made the very valid point that a number plate (VRM) is public data, publicly visible all the time. This is true, of course, but it’s trivial for people to associate my number plate with me- especially should the “they” be law enforcement, who can look it up in seconds.

Continuing that, it’s pretty trivial to track me by combining ANPR with a few other things. A thought occurred to me as an example: I completed the survey from the holiday flat we rented. I checked the public-side IP of the broadband connection, and it geolocated to within a few miles of my location (I was in Torquay, it said Dawlish). So, taking only public or non-personal data along with potential ANPR data (the camera locations are not public) I follow CPMG on twitter. I completed the survey from a location near Torquay having clicked through from Twitter (this data could be obtained from server logs).

CPMG probably don’t have many followers on the English Riviera, as they’re a Midlands unit.

Now search the ANPR data for cars travelling between the Midlands and the South West. Add in from the server logs that I used Linux, google a bit, and you have me, most likely. You know where I am, what car I drive, and you have my opinions on ANPR, without having to apply for a court order or similar. Analyse ny tweets, dig over this blog and there’s plenty to learn (of course, what I tweet or post here I’m voluntarily supplying, thank fuck I don’t use Facebook).

That might sound a little paranoid, but it’s an example, and it’s why we should all remain vigilant and wary. I don’t have anything to hide, and you could therefore take the view of “who cares”, but are you comfortable with being tracked?

There’s going to be a lot of pressure in coming times for greater surveillance, especially given recent terror events: but one thing to consider here is that if a terrorist is willing to kill or injure many people with explosives, I don’t think using false plates and/or changing vehicles is going to bother them, whereas the majority of us use one or two vehicles regularly, so it’s far easier to track ordinary citizens than the criminals. Most of us voluntarily carry a tracking device (smartphone), use bank cards: do the bad guys do that?

I’d like to make it clear I fully support CPMGs work, keeping the road safe for us all, but I’m a bit concerned about data use (and misuse) here, and this isn’t the first time. It’s the work of seconds to reveal misuse of anti-terror legislation for things as trivial as school catchment areas, and there’s prior cases of ANPR misuse. That’s even before we consider that companies like Livestream- a private company- may be providing the back end and processing for the national network (I don’t know exactly who does), and therefore we could be trusting their systems and employees with this data.

A quick Google search revealed a supplier of services to councils who apparently encrypt ANPR data with SQL.

Errrm?

Oooh- what’s that black helicopter overhead?

Runeaudio

Thursday, April 27th, 2017

I’ve had a Volumio music player for a while: pretty good overall, but sometimes a bit prone to corrupt filesystems. Checking the website, there was a new version, so I thought I’d try it. It was….interesting. Cleverly done, with squashfs filesystem images and a data partition to save data, but using it gave me a few issues. First of all, the original Raspberry Pi model B I was using turned out to be too slow: the initial setup took 20 min to complete, and playing audio was glitchy as it couldn’t shift data down the USB fast enough. Changing to a Raspberry Pi2 fixed that, but then it dropped off the network. With no HDMI monitor nearby, this was impossible to troubleshoot, so I tried an alternative: I had a HP thin client lying about, and Volumio has a x86 experimental version, so with a CF-IDE converter and a CF card to replace the tiny flash disk in the HP, off I went. Working out a few bugs in the BIOS that make booting the CF and not trying to boot the external USB drives that just contain music took a while, but it worked, quite well, with 2 problems- firstly, the web interface and the view through Cantata didn’t agree, and secondly…
(more…)

Ahoy hoy

Friday, March 31st, 2017

It’s not been a good week phone-wise: I managed to lose my Wileyfox Swift last Saturday, so bought a replacement- a Swift 2, which arrived on Tuesday. With it still shiny and new, I went out for a bike ride, and a slightly ill-advised overtake of a jogger resulted in the front wheel getting hung up on the ridges of the path, a slide down the bank, and an unscheduled swim; the first time I’ve gone into the cut in about 35 years of riding.

The canal isn’t as cold as you’d expect, but the ride of about 3 miles home dripping is still quite grim, as was my smell pre-shower. I have no idea if every bearing on the bike is now washed free of lubricant…

The bag of rice failed to resurrect the phone, so back to the old Galaxy S2 it was, and a double claim to the phone insurance. The phones are quite cheap, but doing 2 in in a few days stings a bit.

I’d not been totally happy with the Swift 2: it was dual-SIM like the original, but using a Micro-SD blocked one SIM slot, so I decided to go for a Lenovo Moto G5 Plus, which takes 2 SIMs and a Micro SD, and has a removeable battery, and, like the Wileyfox phones, keeps the bloatware to a minimum, staying quite close to stock Android; The big-name phones, for me, have too much added on, and I’m not going to void the warranty on a brand-new phone to remove it.

Free the Meraki

Wednesday, February 22nd, 2017

So, around 3 years ago, we had some Meraki access points at work. I was pretty keen on the tech, but less so on the licence model, where you pay the going rate for an access point, and then have to pay for a licence to use it, or it becomes useless, because it will only work if connected to Meraki’s cloud managment.

This is no longer true, and became untrue a while ago, and as the Meraki APs we had have come due for renewal, and have been replaced, I had one thrown in my direction.

A bit of searching threw up a few pages suggesting OpenWRT will work just fine, with a couple of caveats about the difficulty of rooting the device to gain enough access to overwrite the Meraki firmware: they’d really rather not let you do this- they give away sample access points, so maintaining their licence model is the way they make money.

Anyway, I already had a CP2102 USB-Serial (TTL level) converter I’d bought to have a play with one of those dodgy webcams, so I bought a PSU from Ebay, and got out the soldering iron, PuTTY, and an ethernet crossover cable.

The basic instructions are here, but to get root, I had to follow the procedure here, and indeed root the standard firmware (to get a reboot command, as my AP would not boot properly with the UART connected to the laptop).

The first challenge was getting the UART cabled correctly: the phrase

an UART adapter wired to the MR18 (speed is 115200). Pinout (left to right): VCC/RX/TX/GND

was misleading for me: first of all, that is corrrect if you hold the AP with the connector at the top like in this picture, and secondly, the RX/TX desgnation refers to which pins you need to connect from the CP2102, rather than their function on the AP, so I had some fun getting the UART cabled.

The second, but not hard, challenge was installing a web server, and realising that openwrt-ar71xx-nand-mr18-initramfs.bin had changed name to openwrt-ar71xx-nand-mr18-initramfs-kernel.bin in a later version.

The third challange was that the AP got stuck in a boot loop from cold with the UART connected, though a warm boot was fine. That wasn’t a problem for the initial rooting (where you hold down “S”), as there’s enough time during the boot cycle after powering up the AP, but when it came to booting the OpenWRT image, I couldn’t hit “2” in time: I resolved this by rooting the Meraki firmware to get a reboot command, then hitting “2”.

With those out the way, it was as simple as setting an appropriate fixed IP on the laptop, connecting the ethernet crossover, logging in to the newly booted image’s LUCI interface, and applying the full firmware image, which erases the Meraki firmware once and for all, and you have a free MR18 🙂

Open the Box

Thursday, January 12th, 2017

Andy presented me with an interesting challenge:

Your mission, should you decide to accept it, is to get Linux on this accursed box.

The accursed box was a Sumvision Cyclone Mini PC: an Intel Atom SoC based PC, in a nice little box about the size of a domestic router. It has been quite popular for a Windows Media playerbox, with wireless built in, and a HDMI-out, but this one was hopefully destined for more geeky things: an easily deployable network monitor, so first thing is Linux.

Apparently others had given up in frustration, and powering it up gave me a particularly unfriendly UEFI shell that didn’t have a scroll-lock, so you couldn’t see the available commands. Nice. I found a way into the BIOS-style setup, and checked all the obvious things; secure boot disabled, clear the secure boot keys, etc. What was notably odd was a OS/BOM seletion screen (that is their typo, not mine) that was set to Windows 8, and all greyed out, and no CSM (or Legacy) boot modes.
(more…)