Archive for the 'Computers' Category

Volumio

Wednesday, January 14th, 2015

I already mentioned my plans for a media streaming server with my Raspberry Pi, and finally got round to it: a friend donated an external disk enclosure that took a pair of 1TB SATA disks, and presented them as a 1TB RAID 1 volume over USB. A cheap USB hub, a case for the Pi, a £2.49 USB wifi dongle, and a quick download of Volumio (a modified Raspbian image) and all the bits are present, fitting them together was pretty simple, and I have a working media server with great sound quality, that uses little power and is completely hidden from view: all the hardware worked, with the only tweaking being a quick edit of /etc/network/interfaces to set a fixed IP on the wireless network.

Volumio is cool: it’s like IPCop in that it’s an open-source appliance based on Linux with a web interface to configure it and use it, but you can delve “under the hood” with ssh. It uses the mpd server, and presents itself on the network via SCP or a SAMBA (Windows network) share for uploads, and advertises on Airplay or DLNA. You can control it with a wide range of clients for all sorts of devices as well as the web interface, and it just found my DAC with no tinkering, and the sound from a FLAC file is as good as the original CD, even with the Pi’s limited horsepower.

I have a good amount of ripping to do…..

Into the Digital Age

Sunday, December 28th, 2014

Regular readers will know that I’ve got some prejudices about audio: for years I didn’t have an MP3 player, eventually relenting, although I still don’t do actual MP3s, and buy music almost exclusively on CD, though it has to be said, my views on downloadable music 10 years ago are starting to be disproved: MP3 at a highish bitrate (which is more practical with increasing bandwidth and storage) is good enough for most people, on most systems, at most times, and lossless formats are becoming more common, especially since Fruitco introduced their lossless format (though of course, they should have introduced it as an open format…).

One thing* has kept me away from using a computer to play music in the house: the analogue outputs of most consumer PCs (and I’m including Fruitco in this) hardware is a bit ropey- but then again, it was never intended for high-quality audio.

Enter the DACMagic. It’s a proper (though very small) hifi component with TOSLink, S/P DIF and USB inputs, and it’ll do the high sample rates that may not be neccesary, but more importantly, it’s a decent DAC chip with the compromise pushed a bit towards quality, and some initial testing sounds as good as the CD with a FLAC file (and, pleasingly, the device was recognised and working within seconds on Ubuntu).

The plan now is a Raspberry Pi and Volumino: the Pi’s analogue audio output is particularly compromised (hardly surprising given it’s a £35 computer) and the ‘proper’ stereo doesn’t have HDMI. There are cheaper ways to get better Pi audio with a Wolfson DAC, but as a bonus, the DACMagic’s inputs can link to my existing CD player too; a respectable but budget Marantz, and also, it comes in a nice black case that looks decent next to the other gear: initial comparisons sound like the DACMagic has improved sound here too, but that could be the confirmation bias- I’ve just bought it, so it /has/ to give an improvement :-).

*OK, two things. I’m an awful luddite, it would seem.

Surface Treatment

Saturday, September 6th, 2014

A few days ago, we got a Microsoft Surface Pro 3 at work. It’s not a bad machine: it’s a Laplet: a hybrid laptop/tablet, and it works well, if we excuse it for Windows 8- the hardware is nice, thin, light, and i7 versions are quick, so it’s a good fit for the very mobile staff that
will be using it.

I remain convinced that Win 8 is a bastardisation of touch-screen tablet OS and a desktop OS that feels like an unholy marriage, though I’m hating it less as I get used to it.

What really creates a whinge is this little stroke of genius, which caused a support call and much fannying around testing chargers this week.

You can see the product launch meeting now:

Dilbert

Yes, Microsoft launched a device, launched a dock for it at the same time (we got the dock a day or two after the device itself), and managed to make the two not work together at launch. Cue a large loss of faith in what should be a good product.

*facepalm*.

You see this a lot with technology, and come to that, with poorly managed processes outside of tech:

1. Decide on arbitary launch date and fix everything to that.
2. Skimp on the preparation/testing, or ignore the problems.
3. Wonder why it’s all gone wrong.

The result is pretty much as you’d expect; you look inept…

Dirty Boy

Tuesday, July 29th, 2014

I’ve gone on here before about how web filtering is wrong and doesn’t work properly, and how the bigger the scale, the harder it is.

We’ve also seen that, according to an Ofcom report (PDF, 1.1MB) customers have greeted the filters with rejection.

That’s quite gratifying, I think. People are being actively prompted to allow censorship, and are rejecting it. Of course, that the tech required is now in place will make it easier to do more packet inspection should law (or other means) request it…

Here’s the Open Rights Group‘s take on it, the approach is humourous, but the message is serious.

If you think this won’t happen, try the Scunthorpe Problem for size.

I’m personally of the opinion that an ISP should do one thing: provide the infrastructure to route packets to the internet, and maybe a few basic services (like DNS, SMTP etc). You might note that the sponsors of that video refuse to offer a filtered connection, something they’re to be congratulated on.

If, like me, you want to defend an open, uncensored Internet with reasonably privacy, then consider joining the Open Rights Group or the Electronic Frontier Foundation. Note that ORG is a UK organisation, EFF is US-based.

Loosely Comnnected

Saturday, July 26th, 2014

This is quite a wierd one: some time ago at a company I work for sometimes, a colleague tried to replace some old 15″ LCD monitors with shiny new 19″ ones, to be confronted by extereme flickering. I had a look, tried the monitors with my laptop, and got a flicker-free picture. I made sure the leads weren’t too close to mains cable, but no change.

We assumed some incompatibility with the (elderly) PCs, and another colleague changed the PCs recently. In the course of doing so, he discovered the real cause. A power lead- just a normal BS1363-IEC C13 (colloquially known as a kettle lead), but, tellingly, with a rewireable BS1363 plug, not a moulded one. Remove the lead, problem stops. This lead was connecting one of the PCs that was working perfectly well, and flicker-free with the 15″ monitor.

I looked at the lead the next day:

The culprit: a badly fitted plug.

The culprit: a badly fitted plug.

and it seemed kind of OK at a glance, though that neutral lead should have been cut shorter.

What did turn out to be wrong was every terminal was loose: loose enough to turn by hand, so I presume that the intermittent connection caused enough noise to upset the new monitor, but not the old one. Disturbingly, this lead had passed a current PAT test, when potentially it’s a fire hazard: loose connections can overheat.

I don’t know if the connections had worked loose (which is one reason why connections in screw terminals should not be tinned with solder) or just sloppily fitted in the first case. The plug did rattle when shaken, but it would do that even with tight terminals, as the pins have a bit of play in the housing. Full marks to my colleague for spotting an obscure fault.

WYSINWYG

Sunday, June 22nd, 2014

Most people are familiar with WYSIWYG- What You See Is What You Get- a computer user interace that displays things in a format that fairly accurately displays on screen what the final output will be, so that (as a simple example) rather than a bit of code:


<b>this text is bold</b>

you get

this text is bold

I’ve spent several hours of my life recently trying to find out why a program I have to use daily was refusing to email people. Here’s the UI:

Skeuomorphic twice over? A web app emulates a phone emulating a slider switch, badly.

Skeumorphic twice over? A web app emulates a phone emulating a slider switch, badly.

.

You’ll notice the option to email two people, controlled by sliders. These are a skeuomorph: soemthing that icorporates design features of something it emulates- in this case, a slide switch. In fact, it’s a double skeuomorph: it’s a web interface impersonationg a smartphone impersonating a slide switch.

I’ve got two problems with it. Firstly it’s unneccesary frippery and animation, and secondly, it plain doesn’t work. It’s distinctly What You See Is Not What You Get. I’ll grant you there’s a certain amount of PEBCAK here on my part, but the control is broken.

If you click on the left-hand side of the control, and swipe accross, like you might with the control it imitates on a smartphone, the control changes to YES. It does the same if you click the right-hand end, or if you click and drag, keeping within the boundaries of the control. The difference is that if you use the first method, like I did, it shows YES, but registers NO to the back-end software, and gives you a several-hour troubleshooting session to work out why the email didn’t send. An older version of the software has a simple check-box here, and I suspect that this is a simple case of layering a bit of wankery over the top for effect…

Opinions differ on skeuomorphs: some consider them to be problematic, and some think them great, for the same reason: they imitate familiar technology, and so either make people confused, or make then feel at home. This one definitely left me confused.

Openretch

Wednesday, April 16th, 2014

Can anyone tell me how BT’s line providing division, Openretch Openreach survive?

The company I work for provides network services to varying people and organisations, and this means dealing with telecoms providers, and that almost certainly means the loose collective of fuckwits we know and love.

So far this week, I’ve had:

1) In response to a circuit order in a building that is partially let out (and where the BT duct enters via the let out area, and is a retail shop) “can we come tomorrow”.

2) In response to an order made 3 months ago, in a central Birmingham hotel, with the clear stipulation “you must make an advance appointment, the circuit is required by 17/4/14″, an “engineer” arrives today, has to wait a few minutes and is told “no, sorry, the room is in use, come back tomorrow”, and says “no”.

Said engineer was told “sorry, you have to. This is required by 1pm tomorrow, and was ordered 3 months ago. It cost a metric shitload of cash, and you haven’t called in advance, like we told you to, and you do this *every time* we request this. The room is available afer 5:30, or anytime tomorrow”

*shaking of head*

This barely describes the quantity of fucks the engineer didn’t give. “Resourcing”, he said. “not gonna happen”. “we’re only supposed to wait 15 minutes, and I’ve been 20″. The guy was, to be fair, a master of fuck not giving.

and not a single fuck was given.

Behold!

He departed. I called my colleague, among whom’s many talents are shouting at BT (and personally, I think it would be worth his salary just for that). He did so. Our circuit should be active tomorrow AM. We have a reference and everything. I will not hold my breath.

Honestly, if they weren’t still a virtual monopoly, they’d be fucked. I’m very thankful to the abilities of my colleagues, and still wondering what shape BT would be in had they not inherited a state-owned monopoly, but thanking my lucky stars I don’t have do deal with Cable and Hopeless Wireless any more, because they had sufficent sense to disappear.

[edit]

The engineer (the same one) came back the next day, and it worked….

Spam School

Thursday, March 27th, 2014

The other day, I was unpleasantly suprised by this email in my inbox:

Spam, spam, spam and spam

Spam, spam, spam and spam

Most spam is pretty generic, and gets culled by Spamassassin without me ever seeing it, but this one stood out as it didn’t hit the filter (sneaking under the radar with 3.9 points of spamminess), and it had an attachment that wasn’t a zip file containing a virus.

As you can see, it’s from Pat Jewitt, whose email address is pat@qe.org, for all you hungry spambots out there.

Pat seems to be registrar of Queen Ethelburga’s School, who are busy promoting their expensive service by spamming me. I took exception to this,

Screenshot from 2014-03-27 18:21:42
as I have no prior relationship with them: for a start, I have no children.

No answer for several days, so I kept trying. Then tried again:

Not Giving Up

Not Giving Up

This was a reference to my UCE policy here.

The mail originated from a netblock goegraphically right for the school, and appeared to be from a legitimate email server for the school too:


Received: from mta3.mail-qe.org ([185.7.151.53])

So this seems to be a fairly blatant bit of spamming from the school itself that they’ve done fairly decisively, rather than handing off to a third party. The links were all correct, not passing thorugh a linkbait or click-thorugh referrer too.

I eventually got a response to my question as to if I should send a bill:

Very Professional.

Very Professional.

Charmed. I’m sure. Do they have a vacancy for a PR officer?

After a few questions (read from the bottom):

Screenshot from 2014-03-26 22:38:20

They changed tack. You’ll note my questions, and the link I posted, refer to this legislation and indeed this definition.

Hmmm...

Hmmm…

Now, in my opinion this sounds like a clear breach. I’ve had no prior contact with this organisation, they have bought my email address from some shady spam company, and are now spamming me with completely irrelevant mass-marketing junk.

At worst this may be illegal, though I should stress I’m not a lawyer. At best, it’s poor netiquette and a pretty unpleasant way to behave.

It’s quite telling that there’s a unsubscribe link, labelled “If you consider this email to be SPAM please report abuse click here” as well as an unsubscribe- this is almost as if they know they’re doing wrong. (The unsubscribe is required by law, I believe). Also, both links are a http request to the sending server- again this looks like they have gone out of their way to set this up themselves.

The school looks to be a well-funded, expensive organisation, just a pity they see fit to tarnish their reputation by buying email addresses. There are ways to market yourself without upsetting the nerds.

At this point, many of you might be thinking that there’s a quick fix: delete the damn email and forget it. I nearly did that, but here’s a thing: I spend my day job working with mail systems. Many of these would be simpler, and more reliable, were it not for all the kludges that we have to implement to stop this rubbish. DNSBLs, sender ID, authenticated SMTP, restricted relays, spam filters, and all the other bits that make mail harder and more complicated are all because of this.

The next time you go onto a wifi hotspot and can’t SMTP mail, or you get an email bounce with a 550 error, or dissapear with no non-delivery report, that’ll be why. Spam is delivered partly at cost to you: using your bandwidth, your disk space, and your time.

If you have a company email server, you pay someone to guard you against this shit. Your ISP and mobile phone provider pay people to do the same. Commercial spam filters cost thousands of pounds to run.

Question is, do I inform the ICO?

Compare the Meraki

Thursday, March 6th, 2014

(The title thanks to my colleagues who misread the SSID (Meraki-test1)I sent them by email)

I’ve been playing with wireless networks a good bit at work: I’ve finally got PEAP going to do 802.1x authentication- the practical result being WPA-2 Enterprise wireless networking with the Cisco 1600i access points. As I’ve commented before, Cisco gear is great, but it can be a game to get going when you come across something new, and this was the case here: there were guides for doing this with wireless LAN contoller systems, but not for autonomous APs, and the interface was just different enough to confuse. Getting the right amount of debug info was tricky too.

Enter Meraki. Like earlier with Aironet, they’re now a division of Cisco, which makes me wonder if we’ll see a merging of product…

Meraki
‘s product is a [*cough*] cloud-based solution. It pains me to say that. Cloud is today’s IT bullshit phrase that is just a new way of saying things. “In the cloud” means “on a server or servers somewhere on the Internet”: the cloud everything bollocks wears thin after a while, but here’s a clever application.

You unpack the AP, power it up, and connect it to any Internet connection. The AP establishes a connection to “the cloud” [cough]bollocks[/cough], and establishes a tunnel. You log into a web page, enter the serial number, place a marker on a Google map, and then manage the device from the web:

The clever dashboard

The clever dashboard

From there you can implement multiple SSIDs, Captive portals, the aforementioned 802.1x, you can monitor devices and applications, time access, and create mesh networks that will track clients (handy for marketing tossers) and all manner of stuff, with an embarrasingly few mouse clicks compared to the pain of a conventional Cisco AP. It’s quick too.

Sounds too good to be true?

Maybe. There is a downside. While the dashboard is impressive, it costs. The APs themselves are a similar price to an enterprise-level conventional AP (a good 300-400 quid or so list), but on top of that, you need a licence for the dashboard (£150 for 1 device for one year list, reducing for quantity), and without the licence, your AP is an expensive ornament.

There’s applications that are a perfect fit: if you have remote sites with no IT staff, the Meraki devices can be shipped with no config, then set up remotely. Potentially big savings there. The tools on the dash are very clever too, but you’re tying yourself to the cloud dash for a few years, effectively leasing the kit.

Next on the list? Aerohive, who seem to do the clever online managment but still allow local config, so no tie-in.

Close Call

Monday, February 24th, 2014

Today, a colleague had this email:

A Spear Phishing attack

A Spear Phishing attack

from “customercare@parcel-tracking.net”. It fooled two people: The original recipient forwarded it to a colleague to deal with, who clicked on the link, and got this:

Nice mock-up....

Nice mock-up….

With graphics nicely nicked from the genuine Royal Mail site. The URL calling the site had a ID embedded, presumably to mark the recipient out as a sucker if they click, so I changed it for my investigation. The Captcha image remains the same, even if you vary the ID.

If you enter the code, you get prompted to download a .zip file with a random filename, and inside the zip file is a windows executable, disguised with a icon for Adobe Acrobat Reader.

Should you be convinced enough to run the attachment, you’ll get a pop-up demanding money to unencrypt your files, and this is no idle threat: running this inside an isolated Windows XP Virtual Machine really does damage files in My Documents- this is known as ransomware. Fortunately, the security measures on the computer used by this user stopped it.

Time for a reminder: think before opening. Questions the user *should* have asked:

1. Why would Royal Mail know my email address?

2. Why would they not just post a card through the letterbox?

3. Why “nobody was at home” for a business address?

4. Why would I need to download and run something just for a receipt?

To be fair, item 4 is picking flies a bit: some websites demand plug-ins or other crap, so differentiating the genuine from the scam gets harder.

Also, the site and email are quite a nice mock-up, using elements from the real site. Fairly convincing, and it also had the correct business name, which is a clever touch.

[edit]
It’s also worth noting that our (up-to-date) anti-virus didn’t catch this, either the original email or the downloaded file. It seems to be a zero-day attack.


This blog is protected by Spam Karma 2: 38481 Spams eaten and counting...