Hacks

xrayspx's picture

This week in Rad Helicopter News

Music: 

Kenny Loggins - Danger Zone

Witness the power of this fully operational Lattice of Convenience.

As some people know, I've become relatively intense when it comes to hoarding archiving media of all kinds, and recently that means '70s and '80s TV shows, cleaning out all the box sets I can find from Goodwill and antique stores and ripping them. For some time Natalie and I have been toying with the idea of taking a day from a random '80s TV Guide and watching that day in TV shows.

In the last few weeks, we've also started to listen to Ken Reid's excellent TV Guidance Councillor podcast, and have decided there's no time like the present. And in fact, driven by Reid's format, we decided to do a whole week. We pretty much pre-planned the whole week, though in some cases I wasn't able to get the exact episode of a show, so we had to make due with something else from the series. We also decided to stick to the 3 major networks, since that's all either of us knew, living in the sticks and all.

We started with Saturday, January 7, 1984, with TJ Hooker, The Love Boat with Charo, and Fantasy Island with Vic Tayback, Katherine Helmand and Richard Hatch. Natalie decided she likes TJ Hooker, and so we'll hunt down more of those even though I killed the show because I tend to immediately ID "The Guy". Whoops. We just chose a Charo episode of Love Boat because I couldn't get the one from the day, and Charo is delightful at all times. We need more Charo.

On Sunday, we stuck largely with sitcoms, since we've seen things like the Knight Rider episode from that day. So it was Ripley's Believe it or Not, Alice, One Day at a time, and the Jeffersons. Ripley's and Alice were both harder to find than I would have thought. We had to settle for like the second episode of Alice, and just any Ripley's I could find.

Monday was a mix, starting with That's Incredible, then Newhart and Emerald Point N.A.S. Emerald Point /should/ have been an awesome show. Within the first 3 minutes you've got: MacGyver O'Neill. Crashing an F-14. Into a Cuban. How can that fail? By making it a soap opera, that's how.

Tuesday NBC took it all. A-Team, Riptide, Remington Steele. Natalie does like a good crime-fighting buddy-show, so there really wasn't any contest. I couldn't get excited about a late-season Three's Company or Happy Days.

Wednesday got us to hit ABC for The Fall Guy, then back to default NBC for a Very Special Facts of Life, Night Court and St. Elsewhere. As I remember, all Facts of Life were very special.

Thursday night was another NBC sweep. Gimme a Break!, Family Ties, Cheers, Buffalo Bill and Hill Street Blues.

Friday, ABC rounded it out with Benson and Blue Thunder, which we kind of loved. It was our second 'Copter-Based show after Riptide, and had me yelling at the TV most of the time.

We opted for Episode 1 of Blue Thunder, since the schedule had us watching Ep 2, and figured we'd start at the top. A maniac with a pre-Vietnam era light observation aircraft was flying over We-Can't-Call-This-LA shooting down police helicopters and even strafing the funeral of one of the pilots he killed. Obviously the answer to this isn't "send up two fighter jets immediately after the first incident to knock him out", it's "Regular LAPD cops need a stealth helicopter with a goddamn gatling gun mounted on it to fly silently around and light up bad guys". There was some confusion over organizational affiliation, since everything points to these guys being regular cops (right up to the annoyed Captain yelling "CHHHHEeeeneyyyyy!"), except Butkis or Bubba Smith were all "Freeze, Federal Agents". On the other hand, who cares, all I know is Darryl Gates would have given his right eye for one of these things in 1992.

So far, likes and dislikes:

As I mentioned, Natalie loves her some buddy-shows and dumb action and so she definitely wants more TJ Hooker, Hardcastle and McCormick and Remington Steele. Natalie also remembered how much she liked The Jeffersons and Newhart, though she was kind of "meh" on One Day at a Time. For that one, we watched both the "current" episode, and the first episode of the series, since this was the last season, and wasn't really "representative' in my mind. I think I'd get more Alice if we can. For as popular a show as it was, it seems pretty hard to find. Similarly, Benson and Webster, long running show, stupidly hard to get.

On the other hand though, Emerald Point Naval Air Station. Wow. Just. Jeez. I think Richard Dean Anderson had to do MacGyver and Stargate SG-1 just as penance for the existence of this show. I can't say for sure that the debt has been fully repaid.

Ripley's Believe it or Not and That's Incredible are kind of hard to find, and that's a shame, since we live in The Future and so it was fun to go look up the people on those shows for a "Where are they Now" running commentary between us.

This kid had a pretty decent career at one point.

This week of TV really does show how much we just wanted to be entertained in the '80s, versus everything having to be Real and Gritty as it is now. Sure there was Hill Street Blues, but there was also Magnum, Riptide and Hardcastle and McCormick. We weren't weighed down with SVU type bummers every week. I saw an analyst who chalks this up to Vietnam. In the same way that Magnum, coming back from Vietnam didn't want to process it, and chose instead to live as a large child for a little while, so the US chose to amuse ourselves with dumb escapism.

I can't say I disagree with that theory, since I'm basically doing just that right now. I'll take my Cylons toaster-headed and shelve the HD Edward James Olmos version until happier times.

Tags:
xrayspx's picture

Stereo Slide Viewer Hack Proof of Concept

Music: 

Peaches - The Inch

Wherein there's some history, and a major pet project.

xrayspx's picture

My Life Is Going To Suck Without Net Neutrality

Music: 

There are so many things I do which are likely to suffer with Net Neutrality's loss.

I run my own mail, web and cloud sharing services on a VPS that I maintain. Owncloud syncs all my devices, I use IMAP and webmail. I also run lots of "consumer" stuff for myself. I own 2500 CDs which I've ripped and share for my own personal use. I have playlists. I can connect with DAAP from my phone, and listen to my own CD collection, music I have paid for, Spotify style. I know people are saying "Spotify will work just fine", but what if I don't want to use Spotify?

This is all encrypted, personal connections. Nothing illegal is happening here. I'm not filesharing or streaming Torrents or any other grey-area services. It's just all my personal stuff, owned and manually copied myself, sharing to myself. No one gets ripped off here.

I can plug my Amazon Fire stick or Raspberry Pi into any TV and use Kodi to stream my own MP3s or movies, etc. I can use it to watch Amazon Prime or Netflix as well. Kodi also has a wealth of plugins to watch content from sources such as the PBS website. We all can watch Nova, or Julia Child, or even Antiques Roadshow over the Internet, for free, legally. This may all suffer when backbone providers and local ISPs can both decide which packets have priority over other traffic. PBS could be QOS'd out of the budgets of millions.

(Note *)I don't own a Nest or any other IOT garbage, but I have toyed with the idea of building my own, running on infrastructure I build. I don't want Google to know what temperature my house is right now. And I don't want some mass hack of 500 Million Nest users or idiot IOT Lightbulbs to let some Romanian turn my furnace off in the middle of February either.

So yeah, losing Net Neutrality could effectively disable all of this. Small hosts like me could be QoS'd off of the Internet entirely, unless we pay extra /at both ends/. Pay my hosting provider to pay their backbone providers to QoS my address at a decent speed. Then pay my consumer ISP to QoS my traffic so I can reach "The Good Internet", like they have do in Portugal.

This is going to cut my lifeline to my own data, hosted by me on my own machines. Am I going to have to pay an additional "Get Decent Internet Access Beyond Google, Spotify, Facebook and Twitter" fee to the Hampton Inn just so we don't get QoS'd away from our own stuff? It's bad enough that the individual hotel can effectively do this already today, but the hotels are at least limited by the fact that they're in competition with each other and if they have ridiculously shitty Internet that you can't check your mail over, well people would notice that. Backbone providers pretty much have no such direct consumer accountability. No one's going to say "well, fuck that I'm not going to route over AT&T anymore", they might say "Hilton has shitty Internet, I'm going to Marriott".

Some of the most demoralizing part of this is that the rule-makers just don't get it. I already know they don't care, but former FCC Chair Michael Powell's statement, which boils down to "You can still use Facebook, (Amazon) Alexa, Google and Instagram, just like you can now" is missing the point either deliberately or purposefully. That most "consumers" will be fine isn't the point. The point is that everyone be equal, and all traffic be routed equally.

* The risk to my information is proportional to the value an attacker places on the information. Could a state actor target my email server and read my mail? Yeah, the Equation Group or Fancy Bear or some Eastern European ID theft ring could probably exploit some flaw in whatever software serves my VPS, or flat out order the ISP to give them access to my stuff, but why? What does the NSA gain by ransacking my mail server? Not much. How about criminal attackers? However they /would/ expose 1.5 Billion Yahoo accounts all at once, and have that entire corpus of mail to search against, plus passwords they could use to try and attack everyone's bank account all at once.

xrayspx's picture

1980s Nightmare Fuel

Music: 

A couple of our friends recently got two 1980s Jill dolls from Goodwill. The dolls spoke and moved, and were controlled by a proprietary multi-track cassette tape. The tape had the audio for the "conversation", and another track that controlled the movement.

The dolls they got didn't have tapes, but they were able to find one online. Here's the result. I strongly recommend using closed captioning on the first one.

Talking about a slumber party, remember to bring /your/ PJs too:

Man this is creepy:
...I just knew you would, we always have such a fun time at parties.

Wait! Cathy says she's going to wear some really wild pajamas (?). By the way, don't forget to bring /your/ PJs. And a teddy bear. We can't have a slumber party without a teddy bear. And bring a jhgfdlhg too. Cathy's not here yet, but I think we should go ahead and change into our pajamas anyhow. Afterall, this is a slumber party, not that we're actually going to sleep or anything. In fact, I think we should try and stay up all night long.

Was it Suzy or Steven?

Here's the commercial from back in the day, which I don't remember even a little:

I definitely wouldn't be able to sleep knowing that doll was in my house. I do wonder how hard it would be to rip out the proprietary tape and replace it with like an Arduino that feeds the audio tracks from WAV files or something. It looks like it has to seek the tape though because it reacts differently if you give a correct or incorrect answer, so that might be the nail in that idea.

Dave should have the tape drives running in tip-top shape soon enough, though I like the creepiness of these pre-tuneup runs more.

xrayspx's picture

Kitchen Designs

Music: 

Van Halen - Panama

As anyone who reads Natalie's site, or who has been around either of us for more than five minutes in the last six months will know, we've been in the middle of a kitchen renovation for...way, way too long now. Since I did the actual layout design (twice) Natalie asked that I write up how that process went and how we progressed from the original layout, through to what we've got now.

The original kitchen layout was less than ideal in many key ways. It was basically a galley kitchen which acted as a footpath from a hallway at one end where there was an external door, a restroom, and our living room through to the dining room and the main part of the house (office, library, bedrooms). This split the workflow of the kitchen between the "sink side" where the doors were and the "stove side". In amongst that were afterthoughts like "oh hey someone should put a fridge here" or "who wants a laundromat?". It wasn't great.

One of the biggest problems was that these two opposing doors weren't lined up. The dining room side door was a good 30" from the wall, which gave enough space for the countertop, even though the end of the counter did intrude into the door trim an inch or so. The other door however was maybe 20" or so from the wall, meaning that if you ran countertop right to the end of the room, you'd be intruding 5" or so into the door opening.

This is illustrated in this rough sketch of the beginning state and a couple of photos:

Since my imagination is limited, I originally planned our new layout based on the layout as we had it here. This means that to get to the (newly finished) breakfast and laundry area one would go out that hallway-side door, then out what used to be the exterior door into what used to be the porch to eat breakfast or wash clothes.

Thus the new design ended up looking like this, around three walls, with the left-hand side wall still being entirely blank, since there was a fridge and doorway there. We figured we'd put posters there like we had in the past:

Sink Side (top of the above image):

Dining Room Side:

"Stove Side":

You get a sense for how conventional my thinking was, to the point of comically over-engineering to try and shoehorn as much crap as we could in the same space. The awkward doorway was rather elegantly handled by the fact that that tall-ass broom closet (21" wide full-height cabinet in the diagram) is only 15" deep, so it would give nearly two feet between the door and where that lazy susan, with its 45 degree angled door would "guide" you into the room, helpfully saving the reproductive organs of any guy who staggers through that door without really looking.

But what a mess. Take the refrigerator. We knew that any fridge we bought in the Shiny New Future was going to be much wider than the 29.5" GE Home Depot special we had, so I had to plan for that with spacers that could be removed, or custom cabinetry that could be ripped out when we bought a new one. And all the cramming in of bookshelf space wherever we could fit it. And that half-height cabinet above the fridge slammed all the way to the ceiling, ugh. It was just forced.

At some point around the fourth or fifth sink we decided on, I could no longer shoehorn it into this design. We were wavering between a fully integrated Elkay with a built in steel backsplash and countertop, and the one we ultimately got, which is a more conventional, but still huge (FIFTY FOUR INCHES FUCK YEAH!) drop-in with left and right side drainboards. This simply blew my model all to hell. I spent a few days in Omnigraffle screwing around to make space for that full-countertop monster. At a basic level the problem was that the full steel countertop sink had to line up directly to the edge of a Youngstown cabinet on both sides, since it couldn't really overhang them. Everything under that sink would then need to be custom carpentry.

I had to find a third way. So I completely changed my outlook. That doorway is annoying me and is going to cause me to lose a testicle? GET RID OF THE DOORWAY. We're taking the thing down to studs anyway. Put the fridge there, where it will be convenient and out of the way. Let's make a huge (45 inch) entryway from that breakfast area, which will also let light flood in from the massive window out there.

So what we ended up with is a far superior layout both for foot traffic flow, and for kitchen workflow. We changed the layout from a "Galley" style kitchen to a more traditional 3-sided model with entrances to the breakfast area on one side and the dining room on the other. It adds a slight zig-zag to get to the living room & restroom, but it's really, really minimal.

That plan looks more like this, with the walls in the same order, starting at what used to be the sink area.

Here's the top-down:

Dining-room facing:

Sink wall:

As you can see, we /did/ save the front of that sink:

Stove wall:

As you can see from the photos, our contractor and his subs have done a phenomenal job of executing this design. It's exactly as we envisioned it from day one, and we couldn't be happier with their work. Stay tuned for the "Complete" complete photos which I'm sure will be coming shortly on Natalie's site.

Throughout this process Natalie and I have had slightly different goals. She wants the Ultimate Vintage Kitchen, which, I think we can all agree on, has been achieved. I wanted to see how close I could get to having a professional quality and ergonomically correct and functional space. I think we've ultimately achieved that as well with an industrial quality sink and faucet fixture, but which fit perfectly into the retro aesthetic we wanted. It just took a mental break on my part to force the pieces together.

If anyone needs them, I'll update when I've posted the set of Omnigraffle stencils I whacked up to fit all this stuff together. They are proportionally correct to each other, and there are some in the stencils which didn't ultimately make it into the room, since they are "cabinets we own", but we just couldn't jam any more crap in there :-) If anyone can figure out a good way to represent these crazy corner cabinets and lazy susans in 2D I would very much appreciate your input. It's not like I live with a goddamn graphic designer or anything.

xrayspx's picture

Simple location aware ssh tunneling for Chrome (Mac)

Music: 

Hall and Oates - Private Eyes (Seriously, it just came on randomly)
and really, just as I finished formatting the stupid script, Big Brother from Humanwine was playing.

This is both a nice toy to have in a Big Brother Is Watching sense, and a glaring example of why one should never log in and use a Mac (or any other system obviously) as an Administrator. Just have a Regular Guy account, and escalate to Administrator/Root when needed. For example, this tool could be inserted by a script to cause all your browsing traffic to route through a proxy server of an attackers choosing. If you're not running as an Administrator, you can't write the file without escalating. (Example of the risk, though it wouldn't help here, since there is LCE to root...goddammit Apple...)

I had a use case recently where I wanted to have multiple copies of Chromium start in different profiles and with different proxy settings. I'm getting to the point at which I don't think that's really feasible, in that any new instance will assume the proxy settings of any already running instance.

BUT, I did get some cool location aware-ish proxying set up. Since one use case involves laptops, I'd like to see it use a local proxy when I'm home, and a remote proxy when I'm not at home (hosted VPS for instance).

I'm using ssh to set up a SOCKS5 proxy, and push all traffic including DNS through the tunnel, ssh'ing to different hosts based on different local system IPs. I have it checking en0 and en1 and if their IPs match my home subnet, it ssh's to a local system, if they are anything else, it will run against a publicly hosted system to which I can ssh.

Next step is to clean up after itself, so when you run Chromium (or Chrome), it will detect IPs, ssh to the appropriate host, and connect using that tunnel. When Chromium closes, it cleans up the SSH session so it's not just hanging around.

To use - Have a local and remote host you can ssh to using keys, and which allow you to forward. On the Mac, navigate to /Applications/Chromium.app/Contents/MacOS/. Rename Chromium to Chromium-bin. Drop this script in, chmod appropriately, and name it Chromium. Now when the Chromium app is run, it runs our script to set up proxies and launch the browser:


#! /bin/bash

ip0=`ifconfig en0 | grep -v inet6 | grep inet | awk '{print $2}' | awk -F "." '{print $1"."$2"."$3}'`
ip1=`ifconfig en1 | grep -v inet6 | grep inet | awk '{print $2}' | awk -F "." '{print $1"."$2"."$3}'`

if [ -z "$ip0"  ]
  then
   if [ "$ip1" = "192.168.30" ]
     then
       ssh -C2qTnN -D 8181 username@192.168.30.241 &

       proxypid=`jobs -p`
       /Applications/Chromium.app/Contents/MacOS/Chromium-bin --proxy-server="socks5://127.0.0.1:8181" --host-resolver-rules="MAP * ~NOTFOUND, EXCLUDE 127.0.0.1" --profile-directory=Tunnl 2>&1 /dev/null

       kill $proxypid

      else

        ssh -C2qTnN -D 8181 username@publichost.com &

        proxypid=`jobs -p`
        /Applications/Chromium.app/Contents/MacOS/Chromium-bin --proxy-server="socks5://127.0.0.1:8181" --host-resolver-rules="MAP * ~NOTFOUND, EXCLUDE 127.0.0.1" --profile-directory=Tunnl 2>&1 /dev/null

        kill $proxypid

      fi

  elif [ "$ip0" = "192.168.30" ]
    then
      ssh -C2qTnN -D 8181 username@192.168.30.241 &

      proxypid=`jobs -p`
      /Applications/Chromium.app/Contents/MacOS/Chromium-bin --proxy-server="socks5://127.0.0.1:8181" --host-resolver-rules="MAP * ~NOTFOUND, EXCLUDE 127.0.0.1" --profile-directory=Tunnl 2>&1 /dev/null

      kill $proxypid

  else

      ssh -C2qTnN -D 8181 username@publichost.com &

      proxypid=`jobs -p`
      /Applications/Chromium.app/Contents/MacOS/Chromium-bin --proxy-server="socks5://127.0.0.1:8181" --host-resolver-rules="MAP * ~NOTFOUND, EXCLUDE 127.0.0.1" --profile-directory=Tunnl 2>&1 /dev/null

      kill $proxypid

fi

xrayspx's picture

TV Cabinet

Music: 

Curtis Mayfield - Superfly

Last winter we had some of our barn renovated into a new living room. Natalie has gone crazy with the retro look in here, and we just put in the second-to-last piece, a good looking spot for the TV (I'm still nagging her to just drop the hammer on an Eames lounge...).

We had been looking for a while for a '60s hi-fi console, but she found them too big, and they're really not deep enough to fit things like computers and large receivers. My requirements were 18" for the PC to fit comfortably, for instance. At one point I told her to give up on those, and just look for dressers that matched the depth requirement, here's what she found, for $55:

For reasons that aren't entirely clear to me, I decided that Step One was to rip the pressed board back off. We still have it, and it should honestly probably go back on with appropriate holes drilled. I really don't remember what I was thinking.

Anyway, we shimmed the drawer holes so things would fit flat without taking out the drawer track. The goal was to do as little damage to this thing as possible, just in the case we want to use it as a dresser, or re-sell it or whatever later. None of those things are going to happen. Here's that interim state:

And a wider view of how it fits in the room:

To cover the holes I had suggested some cool amp grille cloth fabric, but we actually had some pretty good stuff on-hand. It also has the advantage of not having a really tight pattern, so if it's stretched more in parts, you can't tell. The grilles are then held on by cabinet magnets. So the extent of the modification of the dresser is 12 screws to hold the metal plates the magnets stick to:

Done:

I may take some black cloth and add it to the inside, just to block 100% of the LED light when all the room-lights are off, but with the lights on, you can't see anything.

xrayspx's picture

Name your vulns better

Music: 

George Clinton - Yank My Doodle

Drupalgeddon is silly, but at least it gets the point across that something is wrong and you must go fix it right now. Heartbleed, Shellshock, POODLE... not so much. At least we all had a heads-up that "some horrible SSLv3 attack" was coming even if no one knew specifics.

We've had enough this year already. Who wants a do-over on 2014?

xrayspx's picture

GoFlex Headaches

Music: 

click-click-click-bzzzzzzzzzzzz-WHACK

A couple of weeks ago the drive in my GoFlex home finally died. It had had some filesystem corruption earlier this year, so I pretty much knew it was coming. I replaced the drive, and started making rash decisions. All the stupid factory junk software is disabled, but the big change was that I formatted New Drive with EXT3, since they were using NTFS (on Linux) for some unholy reason that I will probably never understand.

Well, now the drive seems not to sleep, and the drive LED blinks continuously. It doesn't vary at all, so I'm not convinced it's activity related, but there's also no LSOF on the machine, so I'm a tiny bit blind. I think a lot of the issue with Old Drive was that I was writing syslog to it from all my local hardware, which prevented it from ever spinning down. I'd like to prevent that with New Drive by sending all my shit to a Raspberry Pi instead (Raspberry Pi runs extremely well off the USB port from the GoFlex, and it also does a great job of running Privoxy).

I'm looking at ps and netstat -pnat output, and don't see anything which should necessarily be slamming the drive. Meanwhile, I need to go find an ARM lsof binary I can drop on this thing.

xrayspx's picture

Samsung Galaxy S4 Benchmarks?

Music: 

I just bought two new Samsung Galaxy S4's and was initially pretty happy with the ability for full device encryption. Since it requires a 6 character alphanumeric password which also must become your unlock-pin, I'm less excited, since "unlocking your phone while driving" effectively becomes "texting while driving" and I don't wanna die.

My main question was how encrypting the device would impact utilization. I tried and failed to find benchmarks for this, so I decided to do my own. The only directory that I can write into, without rooting, seems to be /sdcard/, there is no sdcard in the device, so this is on-board memory. After running my tests, I question whether this folder actually gets encrypted.

Tags:

Pages

Subscribe to RSS - Hacks