Hammers and Saws and IOT – oh my

After moving to a new apartment I needed to get some hardware in order to hang a few pictures in the livingroom. A quick trip to the hardware store should allow me to make my apartment a home. While walking through the store I was surprised to see smart sockets wedged in between fans and light bulbs. Not only smart sockets but also a small selection other smart components such as light bulbs and light switches.

When seeing that I had to decide on a smart socket, smart light bulbs, or smart light switches. I thought that perhaps the most flexible item that I could use would be smart socket, no electrician required.

Smart sockets are just a rather clever bit of hardware which includes a small relay for switching on the power on and off. The real brains for the smart solution is the phone app that controls the device.

I thought I would get a few more smart sockets and see how smart I could make my apartment.


The first device tested was that first smart socket from the hardware store. The first real step for all these smart sockets is install the corresponding app from your app store – this app was in both the Google store and the Apple store.

The instructions that came with the device instructed to install the app with the name “REC Smart” by Ankuoo[1]. The app requires that you create an account and once the account is created you log into the app everything works pretty much as you might expect.

Pairing a new device is just a matter of holding down the power button on the smart switch for at least five seconds and then it is in discover mode. You can see that by the blue led flashing on the device and then just follow the prompts to add the device Illustration 1.

Illustration 1: Malberg

This smart socket and its supporting app really does provide a lot of basic functionality. The app will keep a list of all the sockets that have been registered. Initially the app will give each device a generic name but it is also possible to assign a friendly names to each device.

The functionality that makes the smart sockets smart is the ability, with the addition of software, to create schedules when it should be switched on or off. One of the nice features is the countdown timer. The timer offers six predefined times (5, 10, 15, 30, 60 and 120 minutes). There is actually one little quirk for this particular feature. The timer functionality assumes that the socket is already turned on.

Traditional hardware timers make it is possible to schedule when the socket should turn on or off. With software it is easier to make this a bit more flexible. The rules can be setup for either individual days or to run at the same time on multiple days.

Scheduling tasks is fairly orthogonal, it is possible to add schedules, remove schedules but more important they can be disabled and re-enabled at a later time.

The final bit of functionality is called “anti-theft timer”. Much like the schedule functionality you select a time range for a day or for days. The app will turn the socket on and off at random intervals during this time period.

Note: When you enable the anti-theft timer a warning comes up that the other functionality will be disabled while the anti-theft timer is running.

I used wireshark to watch the traffic when adding a device to the app. The smart switch does make a number of connections over the internet. Once this connection has been defined it is possible to control the device using the data connection from a cell phone.

The communication between the device seems to be UDP messages[2]. However, despite the information available on how to control such a device on the internet I was unable to control the socket myself. The information that I did find implied that the packets were unencrypted and it was possible to resend packets to control the device. My experience did not match that of the other users from the internet. It is possible that over the last few years[3] that the manufacturer has modified their devices to put security first and remove this avenue of control. It is also a bit sad as I did not find any API that would allow me to control this device from Linux.

[1] https://www.hornbach.at/data/shop/D04/001/780/491/304/314/6216499_Doc_02_DE_20180117133221.pdf

[2] https://github.com/Diagonactic/Ankuoo

[3] https://news.ycombinator.com/item?id=11211037

S1 Series

The next device I tested was the “S1 Series WiFi socket”. This socket is marketed as also working with Alexa which is some additional functionality that the Malmberg socket does not support. I do not have an Alexa so my tests were focused on the basic intelligence on the socket and the app that controls it. Like the Malmberg device, it appears that most of the intelligence is not in the device itself but is actually in the smart app that controls the device.

Just like the Malmberg socket, adding a device is actually quite easy. Press the power switch for 5 or more seconds until the led starts to flash. From that point follow the steps in the app to add a device. (Illustration 2)

Illustration 2: S1

The only complicated part about adding a new device is the wide breadth of types of devices that are supported by this app. This is a double edged sword for the technically less savy as you need to be aware of which type of device you are trying to join up.

ZigBee Low power digital radio

Bluetooth Short wavelength UHF radio waves

WiFi Standard wireless networking

Just like the Malmberg device, it is required that you create an account with the manufacturer, Tuya, in order to use the app.

Not unsurprisingly the app has a fairly simple set of features, quite similar to the previous app but Tuya seemed to give more attention to the development of the app, it just felt more polished.

The timer also has a much finer level of granularity. The timer can be defined for how many hours and minutes before the device is switched off but it can also be defined to switch on after a given amount of time.

It is also possible to setup a schedule to turn devices on and off at different times. I found it to be a bit odd that this device only allowed you to define a day and time for switching the device either on or off. This does obviously maximize flexibility but it also creates a larger list to be searched when matching up the pairs of on/off times as the number of entries increases.

The S1 Series device is different from the other two devices reviewed as it supports Alexa and that the Tuya corporation appears they have made some libraries and documentation available[4][5]. This should allow people the ability to control their own devices.

I did take a look at the documentation that was available but it is not for the faint of heart. I was unable to create anything myself using this but it is possible due to the number of projects on github. Just search for project with Tuya in the name.

From looking at the website of the Tuya corporation, it seems that they might be licensing the design of their smart switch solution. This is because their web site allows for the creation of your own app with using your own branding[6].

[4] https://docs.tuya.com/en/app/app-sdk/android-sdk.html

[5] https://github.com/TuyaInc/tuyasmart_android_sdk/tree/master/TuyaSmartAndroidSdkDemo/libs

[6] https://docs.tuya.com/en/app/app-autobuilding.html

Sonoff S20

The Sonoff S20 smart socket is only one of many different Sonoff smart devices. The company also sells smart sockets that also measure temperature, monitor humidity as well as remote controlled light switches[7].

The S20 is controlled by the eWeLink app to support setting up a timer for creating a schedule for turning the device on and off.

The pairing of devices is as simple as starting the synchronization on the switch itself while adding a connection from the smartphone app. One of the things that make the Sonoff app different from the other two is that it does assume that there can be difficulties in the pairing process, illustration 3. Based on the realization that difficulties can occur, the app included a frequently asked questions section with a list of the most common problems, illustration 14. The list is both long and very helpful.

Illustration 3: Sonoff S20

All three applications are generally friendly and are localized to the language that has been selected on my smart phone. One difference in the eWeLink app, used by the Sonoff, is that it explicitly supports 22 different languages. You can select the language on the app itself which does allow you to select a language on the application that is actually different than the underlying phone operating system.

Although changing the application language does work for all of the application menus and status’s there is one tiny little inconsistency for the eWeLink app. All of the text that is available under the frequently asked questions remain in English and does not change despite what language is selected for the application.

[7] http://sonoff.itead.cc/en/

All of these smart sockets are well built and the smart phone apps are easy enough to use. Unfortunately all of these smart sockets are produced by separate companies each with incompatible protocols which prevents a single app from controlling them all. The solution is to either purchase only from one manufacturer or modify these smart sockets with some open source software.

Posted in programming | Leave a comment

Repeating myself

It doesn’t seem like all that long ago that I purchased an EDIMAX repeater to fill in the gaps in my home wifi network. This solution did seem to work out for me, which actually means me and my laptop, over time it did not prove to be the best solution for the rest of the family. Everyone else, actually uses other types of equipment such as smart phones, tablets and ipad and they were uniformly less happy. During the intervening months I had to turn the repeater off and on again as well as to use the following rational to quell unrest.

It works for me. I am also using wifi so it must be fine.

I don’t want to imply that a ultimatum from my spouse is all that it takes to cause a revolution but the device stopped working for me as well so it needed to be replaced. The question is do I want or need to get a different solution.

Powerline extender

This solution connects your router to your power wires. It is then possible to plug another device in to a socket in another room and use the internet from there. There is a limit to the number of devices you can use but the technology doesn’t always have the throughput that is advertised. This might not be a fault of the technology but my experience in old old apartment buildings.

Wifi repeater

This solution picks up the existing wifi network and then transmits a boosted signal.


A bridge is used to connect two separate network segments together.

I want the new device to work longer than the previous one and I want it to make all of the “hard to please” members of the family fully satisfied, so I have splashed out and purchased a new Fritz!Repeater3000.

I didn’t purchase this device because I knew with certainty the best one on the market but rather because it looked pretty good, had good reviews and I already owned a Fritzbox 7590 router. It was an odd coincidence but the day I was shopping for a solution I met someone who works for TP Link at the store and he was trying to convince me to purchase their solution. Despite being fairly well convinced I went with the more boring solution of all devices from a single vendor. Who wants a couple of devices and a problem and the difficulty of proving where the problem actually lies.


The biggest decision was how exactly should I configure my device. The Repeater3000 actually supported three different modes.

  • Repeater
  • Wlan bridge
  • Lan bridge

I just want to extend the network into the living-room so I set this up as a repeater. Before I could begin I did need to make sure that my firmware for the router was updated to 7.12. There were a couple of setup methods but I did take a rather less traditional approach (for me) and used the wps button on the router. The repeater and the router were joined without any fanfare.

Once the repeater was setup it worked just fine. The specifications are also pretty impressive.

  • Maximum WiFi performance thanks to the intelligent use of three radio units (2 x 5 GHz and 1 x 2.4 GHz)
  • Wireless AC with up to 1,733 Mbit/s in the first 5-GHz band
  • Wireless AC with up to 866 Mbit/s in the second 5-GHz band
  • Wireless N with up to 400 Mbit/s in the 2.4-GHz band
  • Connects to a router/FRITZ!Box via the dedicated 5-GHz band
  • Compatible with all wireless routers compliant with the 802.11 ac/n/g/b/a radio standards
  • Adopts the configured encryption of the wireless network (WPA2)
  • Wi-Fi Protected Setup (WPS) – easy and safe configuration of wireless network at the touch of a button

I cannot say if this solution will make everyone happy but over the last few weeks I have only happy family members who.

Posted in Review | Comments Off on Repeating myself

More like postcards than like letters

Every couple of years, sometimes more often, some politician or law enforcement officer brings up that encryption is preventing them from doing their job. Just recently reported in Arstechnica was such an article about the US Attorney General William Barr.

“Encryption seriously degrades law enforcements ability to detect and prevent crime before it occurs.”

It is true that when messages or data is encrypted it is difficult to impossible to decrypt depending on how well the encryption was done. I do have to agree that as a law professional it must be frustrating to be thwarted by locked phones, encrypted messages, mail or documents. In the “good old days” you only needed to turn on the device to be able to browse through it looking for something incriminating. In retrospect that should probably be thought of the as the golden age of law enforcement starting with the creation of the personal computer and lasting up until about 2000. It is a subjective date but at the time the new kid on the block was the BlackBerry which was a cell phone with secure encryption. This was the first wake up call that information could be encrypted so that it could not be simply intercepted and examined. This allowed anti-government groups to both communicate in real time without the fear of that information getting out.

Over the years since then more and more security (ie encryption) technology has become main-stream. So simple in fact that you only need to know how to make a call or send a message and not be forced to use other intrusive methods to protect your message.


The argument of Mr. Barr and all of these other well meaning people is that if this information was not encrypted it would allow law enforcement the ability to prevent bad things from happening. This is both a very admirable goal but quite lofty as well. The number of emails sent per day is 269 billion while the number of text messages are 18 billion per day. I am not sure what the US infrastructure would need to be in order to process this bulk of information, but it would be substantial. It is not the few computers needed to sift through the data but what happens to the threats that are found. If the goal was to prevent crimes then coordination between a group of potential bank robbers in rural Nebraska should be reported to the nearest authorities.

To be honest, I cannot see this level of access by the government being all that helpful for local crimes. I would imagine that they would focus on Federal crimes such as threats to the nation’s leaders or general Terrorism. Unless the terrorists are pretty stupid, they would not be telegraphing their movements.


We will all meet at the corner of 3rd street as planned on Tuesday 13 March at 5pm.


We are meeting on Tuesday at 5pm


The plan is on, meet next Tuesday at the spot we agreed.

These exact messages are not so much help unless you have the context. These messages could be for some sort of terrorist plot or it could be meeting for a bachelor party. The context may be found in a single email but more than likely it would need to be gathered through many mails with other methods (ie humans interacting with bad guys). The emails, despite the massive volume, may not provide enough information.

Improve access or allow overreach

Allowing lawful access to encrypted information without prior approval or assistance of the party being surveilled would be really nice. The government has knowledge that you are purchasing very questionable materials and would like to take a peek into your communications to verify this. This request, if guarded by impartial people, on the ground of national security does seem reasonable. Nobody wants a bombing or a plane crash to occur if it can be prevented.

Yet there is always mission creep. If this ability to access emails were possible and the government decided that they would also use this power to tackle large scale fraud and corruption it would probably be viewed as good. It would not be long before some ambitious person decided that people cheating on their taxes would also be a good target for this as well. What about helping to prosecute spouses that do not pay their alimony or child support?

None of these are bad uses but what is the person who had this access was not impartial and had a chip on his or her shoulder. This would be a great way to do the same thing in a directed manner. Trying to dig up dirt on an ex-boyfriend. Getting hints on what your political opponent is doing and find ways to undermine them – part of the problem is that people are flawed.

Sometimes this access to the data is referred to as a back door. Basically, a hidden way to monitor or access data in a given system. It seems to be that it should really be referred to as the front door. To enable this functionality, you are giving either a key for that particular user or for all users of that particular system to the government. Would you trust that some government official, policeman or other political appointee had access to all your data? Would you trust them to have the key to your house or apartment?

No encryption would provide effective access

Well, at least if this power would be given over it would be effective? It would be probably 98% effective or perhaps even more emails or social media accounts. The problem is the smartest “bad people” would be able to cover their tracks pretty effectively.

  • Private mode browsing to reduce browsing history
  • Using docker or virtual machines to reduce browsing history
  • Old fashioned couriers for transferring messages or materials
  • Dead drops for transmitting information in an unseen manner
  • Book ciphers to make the data uniquely encrypted
  • Spam encoding another interesting way to pass messages around in plain sight
  • Embedded in pictures yet another way of hiding or transferring messages
  • Foldering, messages saved in draft folder
  • Use messaging services that have not been compromised

The ability for law enforcement to have access to the contents of a smart phone is not useless but it is more useful for prosecuting people who have already done bad things. Depending on the crime, the criminal is no longer alive to have justice meted out to him.

Presumably, just having access to the SIM card in the smart phone would allow the investigators a trail of people or phones that they can follow. This information would (currently) provides a digital footprint to where the phone went.

What could it hurt to provide this “back door”?

People are basically honest and hard working so we have little to fear. Many people have access to other types of high security materials. Well, that may be the case but people are also basically lazy and have a tendency to do the least possible work to get the most possible income.

Not only that but this provides a very juicy target for people with bad intentions. Look at the problems that occurred due to incompetence, laziness or bad luck.

It is truely difficult to ensure that personal data is kept secure even with no back door as these companies can attest to.

The benefit of providing such a “secret back door” is questionable while the damage would be immeasurable if this access made its way into the wrong hands. This “leak” wouldn’t have to be sabotage or ill will, it could be carelessness by someone who had legitimate access.

After all, if the NSA cannot manage to keep their secret tools and methods secret what are the odds that a group that is controlled by politicians will fare any better?

Posted in security, Soapbox | Comments Off on More like postcards than like letters

Man in the middle, then and now

When the internet started, a long long time ago, things were a bit more trusting. This isn’t all that surprising as the internet actually started as ARPANET which was a research network created with funding from the US department of defense.

The network of networks experiment, that later became the internet, was in its infancy and the level of trust was actually relatively high. In the intervening years we still see from time to time references about some technology along with the inevitable quote that this bit of technology springs from a more trusting time.

One important example of this is the DNS service. This service is the address book of the internet and an important piece of infrastructure. Why isn’t that service more secure? Well that is because of the origins of the internet.

It was this level of trust that has caused more than one security problem over the last 40 or so years. I cannot find the actual researcher who first came up with the theoretical possibility of the man-in-the-middle attack.

It isn’t really that complicated to understand. In a man in the middle attack, someone secretly relays and possibly alters your communications with another party.

Over the years this process has become so simple that you can use this technique to view what your victim is viewing with just a 5 minute tutorial on youtube.

The problem was known fairly early on and nobody really wanted to other people to view what they were doing so came the introduction of HTTPS.

It is still possible to see where people are going but with this new level of encryption it is not possible to see what exactly is being communicated. It is necessary that the web site has a signed certificate to verify its authenticity. Thus is it possible to verify that you are communicating directly with the person or site that you think you are. This is a good solution unless somebody comes up with a way to circumvent this.

Uh oh

Anything that can be done can be worked around. If you install another certificate for the man in the middle it would allow that person or organization to decrypt the users HTTPS traffic, examine it and then encrypt it again with this certificate. This would completely undo the security of using HTTPS. If this were in place it would no longer be possible to trust a web page or email had not been altered or read.

Nobody in their right mind would volunteer to be part of such a technical solution. Would they?

Small time experiment

Such a solution would work if there were a “small” coordinated effort from the local ISP’s forwarding all traffic to a central point.

This situation is no longer a piece of fiction due to the actions of the Kazakhstan government. Just a few days ago, July 17 2019, came a change that required the local ISP’s to install the government certificate and the government has begun to intercept all HTTPS traffic.


It is undoubtedly an experiment that is being closely monitored by other governments around the world. It is not too far of a leap to governments or security apparatus petitioning their local politicians that such efforts are necessary due to terrorism concerns. It is unclear if such a change would cause an uproar but there have been a lot of other changes that have been done in the name of security.


  • Patriot act and domestic spying
  • Dept of Homeland security
  • Military Tibunals and Guantanamo bay


  • Liquids ban
  • TSA locks
  • Millimeter wave full body scanners
  • Removing shoes and belts
  • Terrorist watchlist
  • Extra scanning of phones, tablet and laptops


  • Increased surveillance via CCTV

This is not an extensive list but even so some of these changes have even been analyzed and the results have not proven that these security results to be effective.


We can only hope that full-time surveillance of the internet will be too expensive and opposed by democratic thinkers.

Posted in security | Comments Off on Man in the middle, then and now

86 year old defends herself with bacon

In 2016 a 86 year old defended herself WITH BACON! All i thought was i would have loved to be there just imagine in a supermarket in Altrincham, UK it was posted by the greater Manchester police Facebook page so it was in front of the shopping mall the older lady deposited a large amount of money before she went in. While she was shopping an unknown female grabbed her trolley and demanded the money. The woman took a pack of bacon and whacked the other lady over the head. The offender then retreated and made off from the supermarket. A lot of people liked the story also righting stuff like: One person wrote: “Sounds like a Hambush to me…” or the post i found the best was “Well done lady, that’ll teach her not to assume old people are easy targets. Hope you’re not too stressed about it”.

Also if i should wright about something just say it.

All of this information is from https://www.telegraph.co.uk/news/2016/07/20/86-year-old-woman-uses-bacon-to-fight-off-thief/

Posted in programming | Comments Off on 86 year old defends herself with bacon

Failed CCTV

CCTV means closed circuit television. At my mothers work her car was scratched hugely. So the next time I was at my mothers work I noticed that there were security cameras around the building. So yesterday my mothers friends bike was stolen so I asked “what is with the security cameras?” And it turns out they don´t record anything that happened. So why didn´t they stop it so it also turns out they don´t even watch it.

Posted in security | Comments Off on Failed CCTV

Making lightsabers for lego characters

It was the exciting part of the movie when my son came into the living-room asking where the screwdriver was.  The tool box is pretty organised so I hardly looked up from my movie.  Yet a few minutes it really sunk in

I need to work on my cell phone, where is the screwdriver set”

I wandered into the kitchen to see what exactly he was up to.  It was a shock to see that the back of his phone was off and most of the screws were already taken out – he is nothing if not industrious.

I don’t think I even raised my voice when I asked what in the heck he was doing.  Just a quick bit of background.  I am about the farthest thing from a certified technician of cell phones and neither is my 13 year old son.

The problem

Well, if you have an audio headset plugged into your phone and it falls the wrong way part of the audio jack will break off in the device.  This has the negative problem with the music going to the output jack or in this case nowhere, but it has the other side effect of having all other music, noise, notifications and alarms going nowhere too.

After I caught my breath I thought about my boy’s approach.  It actually didn’t sound all that different from what I might try but I thought I would take a quick peek on youtube.  I needed to know how much is involved with the dissassembly of a smart phone.


Yup, between the many tiny flat cables and prying with various tools that I didn’t have it looked to be a nightmare.

The solution

Well, if youtube can scare your pants off then perhaps it can also give you some good ideas.  I am slightly paraphrasing but the solution is to stick a stick with glue into the audio jack plugin.

This was the best sounding option of the various choices.  The idea was to put a bit of glue inside the ink tube of a bic pen and push that hard into the audio plugin.

The instructions are easy it just requires you get the amount of super glue right.  I didn’t think that I had the right amount so I stood the phone up so the glue would run down towards the stuck audio plug.

Just leave this in the phone until it dries.  I waited until the next morning to ensure that it was either really attached (or really destroyed).  Super glue doesn’t specifically create a strong bond with the metal but I suspect it was attaching itself to the plastic core.

The results

Of course it worked.  Not because I am a certified technician.  If it didn’t work I probably wouldn’t be publishing this latest exploit – nobody wants to advertise personal failures.

Now the phone once again works, and my lego toy “Steve” has his own lightsaber.


However, everything else being equal I would not want to be building toy light saber’s in this way on my day off.


My Youtube solution


A bit more theory about the problem

Posted in DIY | Comments Off on Making lightsabers for lego characters

CMOS scheeMOS, clean up after yourself

I have had a problem with my home computer for some time.  It doesn’t quite boot right.  That is to say, when you turn it on, it actually doesn’t start windows or anything.  I have done some investigations and found out that when the computer is booting up it encounters a POST request of 36 and then it stops.  The workaround for this problem was to turn it off, and then after about 10-15 seconds turn it back on.


Yet, as this has bothered me for some time and eventually I did do a bit of research.  The answer that most people seemed to agree on was that the CMOS needed to be reset. I guess must have been living under a lucky star as with all of my computers I have never actually had this problem.  I have seen the battery go bad, problems with hard disks, windows patches mess things up, but never had this exact problem.

Perhaps I should set the stage.  My personal computer is fairly old as I have had it for six or seven years.  It was assembled with some assistance from my friend out of the following main parts.

Gigabyte FX v4.0 eXtreme
AMD 8350
blue ray dvd
8 GB

The machine had Windows 7 installed but it also had a dual boot for Linux Mint.  I didn’t want a hodgepodge of boot screens so I installed rEFInd as a unifying boot manager.  One boot manager to allow me to easily and graphically decide which operating system.

Resetting the CMOS won’t really be removing any of the files or changing the flle system but I keep putting this off this “small fix”.  That nagging little part of my brain that probably knows better but just last weekend I decided to cross that item off my list.  The process took about 15 minutes if you include moving the computer, cleaning out the dust bunnies, and replacing one of my fans.

The computer booted into windows on the very first try – one problem down.  This would have been good news except the boot manager should be the one getting booted.  It only took me a minute to discover that my boot manager was now gone.  That is to say, it was no longer considered to be a boot device by the motherboard.  Just the drives and the windows boot manager were the only possibilities.  It must have taken me 10 minutes to remember that last time I was fooling around with a linux tool to install rEFInd as an option to the listed among the boot devices.

$ sudo efibootmgr
BootCurrent: 0000
Timeout: 4 seconds
BootOrder: 0001,0000,0006,0005,0004,0003
Boot0000* rEFInd
Boot0001* Windows Boot Manager
Boot0003* Hard Drive
Boot0004* CD/DVD Drive
Boot0005* USB
Boot0006* UEFI: Built-in EFI Shell

Google did help me to find that this tool was probably efibootmgr but what was the exact syntax.  I booted up with a boot DVD and mounted the UEFI boot partition but I must have had a typo as it was showing me the old 8.3 files with two versions of rEFInd.


That didn’t seem right. I suspected that at that time I was fooling with a new version and simply failed to delete the old files.  Reboot, mount the boot partition correctly and then take a closer look.

The file system is correctly mounted but I am not sure why I have both the 32 and 64 bit versions in my refind directory.  Type first, think later. I take a look some other examples of how to add back my boot manager but now I have quite a few different combinations ahead of me.

efibootmgr -c -d /dev/sda -L refind -l fs0:\EFI\refind\refind_x64.efi
efibootmgr -c -d /dev/sda -L refind -l fs0:\EFI\refind\refind_ia32.efi
efibootmgr -c -d /dev/sda -L refind -l \EFI\refind\refind_x64.efi
efibootmgr -c -d /dev/sda -L refind -l \EFI\refind\refind_ia32.efi

Each time I try one of these options I have to reboot everything.  If this doesn’t work then I need to delete that boot manager entry.

efibootmgr -Bb 0000

The only problem is that my entry is not 0000 but 0001.  Copy, fix, run, reboot, copy, fix, run, reboot, ….

I imagine it was fate that had me delete entry 0000 not 0001.  I am not happy that Linux wasn’t working but now I am less happy that the windows boot process has been deleted.

Can I possibly stay cool long enough to fix this?  Maybe.  I have gone through all the possibilities in my list but I have had no success.

I could have tried to install a newer version of Linux but that both feels like cheating but also may be delaying the problem another 30 minutes. I decided to go back to the source and take a look at the excellent page by Rod Smith. .  I was actually a victim of Microsoft and their backslashes, well that and my apparent inability to delete the old unused configurations and files.

After using a few more slashes everything comes up roses.

efibootmgr -c -l \\EFI\\refind\\refind_x64.efi -L rEFInd

This time I need to not only make some notes, but I also need to save them someplace really safe for next time.  Who knows next time it might be an upgrade or replacing a disk after a crash.

Posted in Setup From Scratch | Comments Off on CMOS scheeMOS, clean up after yourself

The art of invisibility

Indeed this book does discuss all the technology that you could use in an attempt to become invisible as far as internet tracking is concerned. The book goes even further if you wanted to disappear. It explains all of the technological actions you need to keep in mind as well as how to achieve them.

Truly becoming invisible will be extremely difficult for most people due to the constant vigilance and separation between your “invisible profile” and physical life.

This is not to say that this book doesn’t offer some good reminders of best practice (ie never share your passwords) as well as other hints and technologies that you can use to enhance your privacy (ie proxies, metadata on cell phone pictures) Not only that I managed to learn one very specific obscure bit of US law.

First a bit of esoteric bit of US law.

Did you know you could be arrested for possession
of a short tail lobster?

The answer is yes, it is illegal to be in possession of a short-tailed lobster no matter how you received it. I am not worried that I will somehow end up acquiring such an “illegal” lobster but in this book, I did learn about one very scary bit of related US tech law.

Public Company and Accounting Reform and Investor Protection Act
more commonly called Sarbanes Oxley Act of 2002

Khairullozhon Matanov, a friend of the Boston bombers, was arrested because he cleared his browser history. I am not suggesting that any acts of terrorism or support of terrorism should be condoned but just like an episode of “Law and Order” it is a bit scary where some laws may be only marginally relevant are used in another context entirely to convict people.

What is most important to take away from this is that under US law it is possible to be convicted of clearing your browser history.

The best way to not be convicted of deleting your browser cache might be to start up your browser in private browsing mode. This way there is nothing in your cache that would need to be deleted.

This is a fascinating book that contains a lot of technical details but also talks a bit about the techniques used when others are trying to obtain your personal information.  It is a good read and helps to remind to keep security and privacy in mind at all times.

Posted in Soapbox | Comments Off on The art of invisibility

5G and the USA dictating technology choices

I cannot remember how we got to discussing about technology and the new 5G standard.  My buddy Otto was a bit surprised at how adamant the US government with their demand that all of its allies must not purchase Huawei 5G technologies.

His statement was that this might be an example of US imperialism.  I tried to dismiss all of this but I did remember over the last few years the occasional news article describing how the USA’s department of defense or other three letter acronym warned about Trojans. Did this already happen to Amazon and Apple?

Later in the day my other office friend, Christian, informed me about the mechanical keyboard that he bought. Christian actually loves mechanical keyboards and so that wasn’t the surprising part.  The keyboard was essentially purchased online and delivered directly from China to his house.  Both the quality and the cost of this keyboard was amazing and in that sense he was very happy.

It was only a few minutes later that he let the other shoe drop.  This keyboard actually included a cloud driver.  The drivers name sounds a bit odd but if you think about it what exactly would a keyboard need a cloud driver for unless it needed to communicate with the cloud.  That is exactly what was happening.

What was happening was not the more serious concern that all of your key presses are being sent to some server in China, what was actually being sent was a count of how many key presses were done on each key.  This might not be so important if you are updating a long boring report on weather patterns during the dust bowl but perhaps more important if you are entering your domain password (and then simply read your emails).

Manufacturing in the 21st century makes it almost impossible to know and test the origin of each and every component in a electronic device.  Adding an extra chip to a circuit board may be more obvious but adding new logic into an existing micro-controller would make such a spy device virtually undetectable.

Did any malicious hardware changes actually happen in the past?  Does Huawei have any extra special additions in their hardware aimed at learning intelligence? It is impossible to say for certain but expectations and  privacy and laws are different in China as are the rules for monitoring people.  This can be seen by the inhabitants being spied on by their city.  Not only that but allegedly the US knows this is completely possible considering that they have done similar things in the past.

I don’t know if Christian actually installed this cloud driver when he purchased the keyboard but I can understand how you would feel to learn about such a betrayal after using something for a few years.

Posted in Soapbox | Tagged , , | Comments Off on 5G and the USA dictating technology choices