Older blog entries for elwell (starting at number 101)

Rant


[aelwell@pcitgtelwell ~]$ man dvbnet
No manual entry for dvbnet
[aelwell@pcitgtelwell ~]$ dvbnet --help

DVB Network Interface Manager
Copyright (C) 2003, TV Files S.p.A

dvbnet: invalid option -- '-'
Segmentation fault (core dumped)
[aelwell@pcitgtelwell ~]$ dvbnet -h

DVB Network Interface Manager
Copyright (C) 2003, TV Files S.p.A

Segmentation fault (core dumped)




that is all.

Syndicated 2012-11-26 13:42:00 (Updated 2012-11-26 13:42:24) from Andrew Elwell

k-net / ipv6 / toastman / tomato USB

I have a reflashed router using the toastman mod - which works really well *but* the ipv6 configuration pages miss out one crucial setting when configuring the native ipv6 stack from k-net here, notably the WAN ipv6 address...

ssh root@router and
# ip addr add 2A03:4980::XXXX/96 dev vlan2 (IP D'interco)
# ip -6 route add default via  2A03:4980::11:0:1 (Gateway)

and lo, it should now work from clients on lan.

Blogging so I know where to find the info next time...

Syndicated 2012-11-14 22:34:00 (Updated 2012-11-14 22:34:49) from Andrew Elwell

Alice and Bob go hashing

Alice wants to share some files with Bob over a public medium. Alice's computer is presumed 'secure'

she can easily generate a nice long 'passprase' by generating a cryptographic hash of the plaintext (say sha256sum) and use this as a key for a symmetrical crypt

ie

alice$> echo "hello world" > plaintext # generate sample input file
alice$> sha256sum plaintext # a948904f2f0f479b8f8197694b30184b0d2ed1c1cd2a1ec0fb85d299a192a447

and then crypt the file


alice$> openssl aes-256-cbc -in plaintext -out ciphertext
enter aes-256-cbc encryption password: [SHA256SUM GENERATED ABOVE]
Verifying - enter aes-256-cbc encryption password: [ditto]
alice$> ls -l plaintext ciphertext
-rw-rw-r--. 1 alice alice 32 Nov  7 16:01 ciphertext
-rw-rw-r--. 1 alice alice 12 Nov  7 16:00 plaintext



Alice can then send the symmetric key to Bob via their normal secure channel (assumed to be working)
and bob can decrypt with

bob$> openssl aes-256-cbc -d -in ciphertext 
enter aes-256-cbc decryption password: [SHA SUM]
hello world


So - is using a hash function a Bad Idea? 
The method is predictable -- yes but Mallory would need to know the plaintext (in which case, game over) to generate quickly, or would need to bruteforce ($time++)


Discussions / comments welcome

Syndicated 2012-11-07 15:10:00 (Updated 2012-11-07 15:10:28) from Andrew Elwell

Metering Musings

I've been intermittently trying to get our smart metering datafeed out to to a server for better logging, but I don't want to run a 300W PC to tell me my baseload in the house is 300+N W. There are several clamp meter / arduino designs thanks to the folks like OpenEnergyMonitor and Nanode, but things should be easier as there's a nice serial out already documented by ERDF (there's also the upcoming 'linky' interface but we're still on old-school)


How much does all this malarkey cost -- off the shelf there are USB opto interfaces, but they're about €50 each (erk) I originally purchased an arduino datalogger shield (€40 + an arduino) hoping to use it with a nanode, but I  didn't get ethernet sending working (even after the slight hardware mod) - possibly due to known issues with stash depletion

So - where do we go (cheaply) from here? a R-Pi gives me cheap hardware with more stable ethernet but I'd have to interface in the opto tty interface (gpio? usb?) as there's no onboard serial. Plan B is to use my bifferboard and use the console interface: small, yep. Low power, yep. Decent ethernet and OS (openwrt) - yes.

So, time to order some parts and get down to prototyping...

Syndicated 2012-09-23 19:14:00 (Updated 2012-09-23 19:15:34) from Andrew Elwell

Aaaand we're back

Yay. I now have shiny broadband again thanks to <a href="http://www.k-net.fr/">k-net</a>. One difference between now and last time is that I also have an ipv6 prefix off them, so my home machines are accessible withoit needing port forwarding. Well, would be if I could get the RA working better on the router.

I have a linksys E3000, but that doesn't sipport ipv6 by default, so instead I have one of the TomatoUSB variants installed that does. I'd rather not use stateless config, but pre-assign IP addresses in advance so I can keep say kids machienes in a separate subnet. Overall - seems to work faiely well and the 'sam knows' box seems to have noticed too:


Syndicated 2012-09-19 20:45:00 (Updated 2012-09-19 20:45:57) from Andrew Elwell

Radio Scrobbling via MQTT

Since I often listen to the most excellent Soma FM during the day (go support them, it's worth it!) I often wish that I could go and stash some similar tunes to listen to when I'm not online. To do this, I sell my soul to CBS and use last.fm to generate similar / listened to by others recommendations.

Sadly Rhythmnbox doesn't scrobble radio stations (even though the scrobble API has a flag for this
track.scrobble(chosenByUser=0) to indicate that its been chosen by a radio service), despite it updating my 'now listening' status on IM. So, in a geeky overkill solution I decided to save time in the long run and use a pub/sub system with MQTT. Oh, and use some python and twitter along the way...

The design is that I have an MQTT publisher that uses the tritter streaming api (via tweepy) and filters for all the somafm twitter streams that Rusty pushes with BigUrl. This gives me near realtime announcements of the start of the track being played (after some trivial split / strip manipulation)

ie

justcovers       Pat Boone - Enter Sandman  (2012-06-25 07:20:30)
digitalis        Zephyrs - Stand Round Hold Hands (Ulrich  (2012-06-25 07:20:37)
secretagentsoma  Eat Static - Love Truncheon  (2012-06-25 07:21:02)
beatblender      Kerry Chandler (Lazy Dog Ben W - Isis  (2012-06-25 07:21:29)
sonicuniverse    In The Country - Only The Birds Can See Us  (2012-06-25 07:21:29)


..which I can then publish to an internal MQTT broker using mosquitto python bindings.

In a separate process I have a subscriber that I can point to the broker and 'subscribe' to the radio station when I'm listening and it scrobbles that information to last.fm

All in, an interesting sunday evening work. 

Syndicated 2012-06-25 07:29:00 (Updated 2012-06-25 07:29:19) from Elwell

Temp / Humidity update

Since yesterdays posting, I plugged the FTDI outpur from the nanode into my bifferboard (needed to install kmod-usb-serial-ftdi) and have knocked up a simple python script to read the output and post to pachube^Wcosm

and lo:
https://cosm.com/feeds/60594

Syndicated 2012-05-22 09:25:00 (Updated 2012-05-22 09:25:33) from Elwell

DHT22 + Arduino

I recently purchased a DHT22 (Also known as RHT03 on Sparkfun) from Proto-Pic temp and humidity sensor with the aim of using it as an outdoor sensor in the garden. Although there are several DHT22 libraries on github I couldn't get the nethoncho one (or the patched forks) to return anything other than checksum error.

However the combined dht11/22 one I found linked on arduino.cc seems to work just fine. Need to test with -ve temps next but an overnight plot on the bench seems reasonable

Despite many forums saying that it needs 5v I've managed to get it working OK with the 3.3v pin on my nanode, next step is to test on a jeenode and send the output via RF. Oh, and then get a solar panel to run the thing...

Syndicated 2012-05-21 06:32:00 (Updated 2012-05-21 06:33:38) from Elwell

8 Mar 2012 (updated 8 Mar 2012 at 13:09 UTC) »

Prowling round Android

One of the apps I miss from my iphone days is Prowl - This also allowed me to receive IRC messages when away (screen detactched) - Since then I've discovered Notify My Android which does the same thing to android devices, and lo, a quick patch of my script is available

as normal, on github (https://github.com/Elwell/irssi-prowlnotify)

Syndicated 2012-03-08 11:06:00 (Updated 2012-03-08 11:23:46) from Elwell

Yubico / Yubikeys

I'm impressed.

I have small keyring with a USB memory stick, 2 yubikeys and a cofee machine cashless RFID key on. Stupidly I left said key in the vending machine. The system operators at work collected it and set about finding the owner. 1st up, they discovered that they can't read any files off yubikeys (heh) but googled the image and found the manufacturers website and said they had found serial #.... and #.....


Having spend the last 2 days rummaging in car / home looking for it, I got an email from yubico saying that <email> had found my key, based on the serial no of the one I purchased. Work also got an email for the other serial no, which they traced to me.

I'm *very* impressed by this level of attention at yubico, and it means when distributing keys within the business it pays to keep track of the serial no (printed under the 2d barcode).

It does raise the question of how (if) one should notify yubico if they're passed on - especially if I overwrite the yubi profile (as I have done) to prove that I am the rightful owner of the key.

Things to consider with revocation / blocking, especially with a distributed architecture like Fedora....

Syndicated 2012-02-27 19:12:00 (Updated 2012-02-27 19:12:28) from Elwell

92 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!