Older blog entries for mcr (starting at number 66)

8 Sep 2010 (updated 14 Sep 2010 at 16:09 UTC) »

How to run XEN on Ubuntu Lucid

http://www.chrisk.de/blog/2008/12/how-to-run-xen-in-ubuntu-intrepid-without-compiling-a-kernel-by-yourself/

documents how to install the Debian DOM0 kernel on Ubuntu LTS. This is an update.

aptitude install libuuid-perl
wget http://ftp.de.debian.org/debian/pool/main/l/linux-2.6/linux-image-2.6.32-5-xen-amd64_2.6.32-21_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-25_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/l/linux-2.6/linux-base_2.6.32-21_all.deb
dpkg -i linux-image-2.6.32-5-xen-amd64_2.6.32-21_amd64.deb linux-modules-2.6.26-2-xen-amd64_2.6.26-25_amd64.deb linux-base_2.6.32-21_all.deb

Syndicated 2010-09-08 15:47:00 (Updated 2010-09-14 16:09:37) from Michael's musings

24 Aug 2010 (updated 8 Sep 2010 at 20:07 UTC) »

Netgear IPv6-enabled l2/l3 switches

Netgear makes a relatively inexpensive managed switch, the FSM-726 (300). It's a 24-port 10/100 switch with two 1000/SPF combo ports.

The latest firmware for it is IPv6 capable, and I think they deserve some kudos. I haven't tried it as an IPv6 router, but you can manage it over IPv6.

FSM726V3) #show network

Interface Status............................... Always Up
IP Address..................................... 10.9.7.16
Subnet Mask.................................... 255.255.255.0
Default Gateway................................ 10.9.7.1
IPv6 Administrative Mode....................... Enabled
IPv6 Prefix is ................................ FE80::226:F2FF:FEAB:B0F2/64
IPv6 Prefix is ................................ 5001:abcd:ef01:2:226:F2FF:FEAB:B0F2/64
IPv6 Default Router............................ FE80::250:BAFF:FE2E:7AF1
Burned In MAC Address.......................... 00:26:F2:AB:B0:F2
Locally Administered MAC address............... 00:00:00:00:00:00
MAC Address Type............................... Burned In
Configured IPv4 Protocol....................... DHCP
Configured IPv6 Protocol....................... None
IPv6 AutoConfig Mode........................... Enabled
Management VLAN ID............................. 1

(Yes, I have obsured the IPv6 address, since yes, actually, you can get to this device from the Internet. Note in the picture that you have to put [] around literal IPv6 addresses in most browsers)

Management Interface in IPv6

I was also able to copy the configuration to another host via SCP over IPv6:

(FSM726V3) #copy nvram:startup-config  scp://roster@5001:abcd:ef01:1:216:3eff:fe86:6f45/home/roster/fscm726-v3.cfg
Remote Password:********

Mode........................................... SCP
Set Server IP.................................. 5001:abcd:ef01:1:216:3eff:fe86:6f45
Path........................................... home/roster/
Filename....................................... fscm726-v3.cfg
Data Type...................................... Text Configuration

Management access will be blocked for the duration of the transfer
Are you sure you want to start? (y/n) y

File transfer operation completed successfully.


In production, I will have the management interfaces on IPv6 networks, which will not be globally announced. Why is this better than 10. network addressing? because the addresses are unique, regardless of where you go.

Syndicated 2010-08-24 15:42:00 (Updated 2010-09-08 20:07:59) from Michael's musings

25 Jun 2010 (updated 24 Aug 2010 at 20:11 UTC) »

Android G1 broken Home button: software issue?

About 10 days ago my Android G1 (running on http://www.WINDmobile.ca) turned itself into a unitasking iPhone. The HOME key stopped working. I figured it was dirt in the case or something... until...

On the Android the HOME key, pushed once, brings you back to the main screen. If you hold it down, then it acts like a task bar (ALT+TAB for any windows readers) and lets you select a running app to switch to.

I realized that the screen would stop locking too! No pocket phone calls, but some actual pocket web surfing and the like. Very annoying.

I had been running http://www.cyanogenmod.com 4.2 on the phone since I started carrying a G1 in January. (I switched from the Rogers Dream to the T-Mobile Dream to get the right radio for WIND in April. I did that with a nandroid backup and restore...)

I was not running APPS2SD before, I had a 4G microSD card, which will plenty big for apps, since Meaghan's new phone needed an uSD card for her MPs, we each got 8G uSD cards. I meant to partition the 8G, flash up to CM 5.0 and run apps2sd.

I started this yesterday with a wonder... since booting with HOME key down is how you get into the recovery image... was I screwed if my HOME key was broken? MIRACLE, it works.

Yesterday, I did a nandroid backup on the 4G uSD card, and then did a factory wipe/reset. SURPRISE. HOME key works. It was somehow a software issue!

I then took the 4G uSD card, inserted it into my laptop, did a tar.gz copy of the contents of the disk, and then inserted the 8G uSD. I partitioned it as 2G for /sdcard, 1.5G (advice from google/forums) for apps, and a 4.5G ext3 partition for... other stuff. Since these partitions can show up on a laptop/etc.

I'll put some "away" SSH keys on it, and likely put some other stuff that never needs to be seen by a windows computer (which I don't own). I'm thinking about putting a copy of QEMU on the windows drive, along with a live x86 image, and maybe I can mount the ext3fs there directly? What happens if I put a copy of MSDOS.COM on it, or install grub on it... can I boot a random x86 PC from my phone right into Linux?

So I restored the /sdcard image from my tar.gz copy. I then discovered that my phone has already been DangerSPL'ed... nice. Thanks to the ebay guy that I bought it from... too bad he won't return my emails, because I'd thank him directly again.

CM5.0.8 installed, mostly without a problem. First app I re-installed was NewsRob and ConnectBot.

I found that I couldn't install apps however! I hooked up adb and found that the package manager couldn't create directories. It died with:

Couldn't create temp file for downloaded package file

After some investigation (including grep'ing the source tree), I found that my /data/app was a symlink to /system/sd/app, which didn't exist. I pointed the second place to /sd-ext, and commented on IRC. Nope, don't do that. Instead, /data/app needs to be recreated:

rm /data/app /data/app-private
mkdir /data/app /data/app-private
chown system:system /data/app /data/app-private

Hurray for Cyanogen!

Syndicated 2010-06-25 12:58:00 (Updated 2010-08-24 20:11:16) from Michael's musings

5 Jun 2010 (updated 25 Jun 2010 at 17:07 UTC) »

Datavalet hotel Internet "service" is broken

If you've stayed at a Hotel that "features" Internet service from Montreal supplier datavalet, you may experience that it... well... isn't Internet.

It's not surprising that hotel Internet services think they are "forced" to use Network Address Translation (NAT), so you aren't really on the Internet, but only half of it. It is also not surprising that they intercept all of your packets until you sign in through their portal (possibly paying).

What is surprising is that after doing that, that they continue to intercept many of your packets, violating both your privacy and BREAKING THE INTERNET.

What does Datavaley do? Well they intercept ALL of your DNS requests. DNS is the Domain Name System, the thing that translates names like www.kame.net to IP addresses like 203.178.141.194, but also to IPv6 addresses like: 2001:200:0:8002:203:47ff:fea5:3085.

Except that Datavaley doesn't. If you ask them for the IPv6 address (the AAAA resource record), then instead of answering either "do such name", they just don't answer. And they do this, even if you asked your own corporate server rather than their server. It requires EXTRA programming to do this.

The result? Anyone running with IPv6 turned on experiences the Internet to be broken. Who does that? Today, if you are running modern software: Windows 7, Linux, Mac OSX. Even XP and Vista (if you turned on IPv6).

I first experienced this at Indigo Hotel at the Toronto Airport in April. I reported this to the hotel and to DataValet. My colleagues report that the Holiday Inn (Terasse de Chaudiere) also has this.

My advice: don't stay there. DataValet broke RFC1034/RFC1035. Those documents are 23 years old --- the is no excuse for breaking the fundamental protocols. There is also no excuse for not having fixed this in the past two months.

Syndicated 2010-06-05 13:37:00 (Updated 2010-06-25 17:07:02) from Michael's musings

Huawei U1250 -- not so good afterall

Three weeks ago I switched from Rogers/Fido to WIND. While I had purchased an unlocked quad-band Motorola RAZR back in 2007 in anticipation of more open competition in GSM, this didn't help me. Anyway, I moved with a T-Mobile UMTS Android G1. After that success, I wanted to move my wife too.

Her Nokia (locked to Fido) was not going to do UMTS, so she needed another phone, alas. We picked a Huawei U1250, and everything seemed good for a few days. She liked the size, the weight, and the headset that came with it. To play music, we needed a microSD card, and fortunately I read the instructions which told me that 8GB was the biggest it would take. I bought two (one to upgrade my G1), and they arrived today.

We plugged it into her Ubuntu Hardy desktop with the USB cable. Up pops a window, and I think we are golden. Oops. It's a CDROM image, with windows drivers. Maybe there are Mac ones there (is that what 'res' folder is?) too, but I can't tell.

DUMB. DUMB. DUMB. DUMB. Make it a USB DRIVE. Then it's totally useful. Imagine, you go to the grocery store with your... PHONE CAMERA and plug it in, and guess what... it just works, and you make print outs.

Okay, we got out the microSD/USB adapter and copied some things to the card. I copied some ogg and some MP3. Guess what... yes, you guessed it, ogg fails. Even some of my MP3s didn't work.

My opinion: don't buy a Huawei U1250. It has only been five days, and I may try to return it.

Syndicated 2010-06-04 01:57:00 from Michael's musings

Huawei U1250 -- not so good afterall

Three weeks ago I switched from Rogers/Fido to WIND. While I had purchased an unlocked quad-band Motorola RAZR back in 2007 in anticipation of more open competition in GSM, this didn't help me. Anyway, I moved with a T-Mobile UMTS Android G1. After that success, I wanted to move my wife too.

Her Nokia (locked to Fido) was not going to do UMTS, so she needed another phone, alas. We picked a Huawei U1250, and everything seemed good for a few days. She liked the size, the weight, and the headset that came with it. To play music, we needed a microSD card, and fortunately I read the instructions which told me that 8GB was the biggest it would take. I bought two (one to upgrade my G1), and they arrived today.

We plugged it into her Ubuntu Hardy desktop with the USB cable. Up pops a window, and I think we are golden. Oops. It's a CDROM image, with windows drivers. Maybe there are Mac ones there (is that what 'res' folder is?) too, but I can't tell.

DUMB. DUMB. DUMB. DUMB. Make it a USB DRIVE. Then it's totally useful. Imagine, you go to the grocery store with your... PHONE CAMERA and plug it in, and guess what... it just works, and you make print outs.

Okay, we got out the microSD/USB adapter and copied some things to the card. I copied some ogg and some MP3. Guess what... yes, you guessed it, ogg fails. Even some of my MP3s didn't work.

My opinion: don't buy a Huawei U1250. It has only been five days, and I may try to return it.

Syndicated 2010-06-03 21:57:00 from Michael's musings

8 Apr 2010 (updated 4 Jun 2010 at 02:07 UTC) »

Legends of Zork

A friend turned me on to www.legendsofzork.com. It's a web game, really more straight D&D, rather than the text adventure that Zork was. It was kinda fun to hit "fight again" while waiting for compiles. The UI was okay, I just didn't like that it scrolled rather fit into a single regular height browser window.

I haven't played in awhile, and I tried last week.

They changed it ... a lot. The graphics are all over the place. I can't focus on anything. When the battle is over, there is a pop up (it's slow to pop up too!) to tell you what happened.

Now it takes two clicks to fight... and my eyes can't follow what is going on. I stopped playing.

Syndicated 2010-04-08 16:57:00 (Updated 2010-06-04 02:07:47) from Michael's musings

28 Mar 2010 (updated 8 Apr 2010 at 21:07 UTC) »

Online Fraud

My MPP, Yasir Naqvi has been in the news complaining that someone "stole" his identity, and sent out an email mis-representing his views. Nevermind what his views are.

http://www.yasirnaqvimpp.ca/pressreleases.aspx?id=61

http://www.ontla.on.ca/web/members/members_detail.do?locale=en&ID=7097

Mr. Naqvi's identity was not stolen --- he is clearly still him. If it was stolen, then he would no longer have it.

His email account was not "hacked" --- someone simply set up a new identity on gmail claiming to him. But really, there are dozens of higher-tech ways to impersonate him. In fact, ANYONE CAN IMPERSONATE ANYONE on the Internet.

The press have repeatedly written the story wrong. http://www.vancouversun.com/news/politician+livid+after+fake+mail+sent+list/2732203/story.html

"On the Internet, nobody can tell you are a dog", was the comic from over a decade ago.

The real question is, why, in 2010, 12 years after S/MIME became a standard (1998) and 14 years after PGP was documented (1996), our governments and representatives are still completely in the dark about what it means to be online.

http://www.rfc-editor.org/info/rfc1991 http://www.rfc-editor.org/info/rfc2311

And there are lots and lots of further documents about PGP, OpenPGP, and S/MIME. My email has been signed with PGP since about 1994. Think about this: I've been signing my email longer than the kid serving you at McDonald's has been alive.

"Poor planning on your part does not constitute an emergency on my part".

You were warned. MANY MANY MANY TIMES.

Provincial governments and federal governments have very clear, centralized IT support and services, and they could trivially roll out email security.

Have they done so? Why haven't they? It seems like NEGLIGENCE to me.

I documented above when the standards were written, but in fact that is 3-8 years after the technology became available --- so it's more like 20 years since you could have started using PGP.

It's not like S/MIME is not ubiquitous --- it's one of the major reasons that I've been told that government organizations HAVE to run Outlook: Nothing else has been evaluated by the CSE for use in government work. (Why that is, is another rant)

SO WHY ARE THEY NOT USING IT?

This is not a rhetorical question. I want to know. What part of "email is not secure" did they not get? Maybe they were not there that day in class.

Shame on you Mr. Naqvi. Go do some learning and start asking some real questions.

Syndicated 2010-03-28 12:36:00 (Updated 2010-04-08 21:07:51) from Michael's musings

Thing I saw at Active Surplus

I was in Toronto at the AGM for http://www.EspressoCode.com/. I had to stop at Active Surplus for switches and what-not for my model railroad. I certainly the a "what-not"

Check it out:

[[http://www.sandelman.ca/mcr/humour/2010-02-04-10-46-whatnot.jpg][Some kind of Pumpy Thing]]

Syndicated 2010-02-08 01:40:00 from Michael's musings

8 Feb 2010 (updated 8 Feb 2010 at 02:11 UTC) »

Thing I saw at Active Surplus

I was in Toronto at the AGM for http://www.EspressoCode.com/. I had to stop at Active Surplus for switches and what-not for my model railroad. I certainly the a "what-not"

Check it out:

[[http://www.sandelman.ca/mcr/humour/2010-02-04-10-46-whatnot.jpg][Some kind of Pumpy Thing]]

Syndicated 2010-02-07 20:02:00 (Updated 2010-02-08 02:11:25) from Michael's musings

57 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!