Saturday, December 2, 2017

What was I reading in November 2017

2017-11-03

- Court reinstates SCO's misappropriation claim against IBM in long-running lawsuit - Here's what I don't get: How does SCO have standing if they didn't own the code? This has passed through rediculous and has reached the realm of really annoying.

2017-11-09

- Give old electronics new life with Linux and Raspberry Pi - On my "to do" list. One thing missing all along is a decent non-commercial IR interface (at one point, I used Global Cache equipment).
- 7 deadly sins of documentation
- What is the TensorFlow machine intelligence platform?

2017-11-10

- Cheap Tricks: The Low Cost of Internet Harassment
- Niagara Falls - Dewatered American Falls 1969

2017-11-18

- Becoming Your Own ISP Just for Fun
- kren1/tosheets - Send your stdin to google sheets. I think Dave S. might like this.
- Introducing security alerts on GitHub
- How I use Vim
- Schneier: It's Time to Regulate IoT to Improve Cyber-Security - I disagree. Education should be tried first. Legislation usually causes the price of the product to increase.
- Rural Americans can't check email or use credit cards because of slow Internet officials say - Odd. My mom still can't get Internet (other than satellite or driving into town).
- Concise electronics for geeks
- Introducing container-diff a tool for quickly comparing container images
- Skype faces fine after refusing to allow eavesdropping
- SmallData Blog Building a voice assistant to control music
- A Guide to Natural Language Processing

2017-11-19

- Judge Finds Stupid Patent Web Story is Protected Speech
- Introduction to Computer Organization

2017-11-21

- Hitler Quote Controversy In the BSD Community
- Google's Public NTP
- CVE-2017-16544: A Busybox autocompletion vulnerability
- 200 universities just launched 600 free online courses. Here's the full list.
- The Supreme Court Wanders into the Patent Troll Fight

2017-11-26

- Using a logbook to improve your programming
- Glowstone - Open source Minecraft server.
- 1300 Free Online Courses from Top Universities

2017-11-27

- Free Data Ebook Archive
- NLKNguyen/awesome-language-engineering
- The Beginning of the End for Copper
- The Citizens of Detriot Are Building Their Own Internet
- ondevice ssh just like ssh but for devices without public IP
- A Year in Computer Vision

2017-11-28

- Munich Switching From Linux to Windows 10
- Review: Certified Ethical Hacker CEH Course - Hacking Tutorials

Above was generated by a homegrown bolt-on script for Wallabag, which is a free utility for capturing web content so that it can be read later.

Friday, November 24, 2017

Adding TCP service checking to Node-Red

The following C program can be used with Node-Red to provide service indicators in a dashboard. Basically, it accepts two arguments: the IP address and the port number of the target system/service. It then attempts to connect to that IP and port and returns either the word "on" or the word "off". When run with Node-Reds timer and exec modules, it provides a dashboard status for each of the targeted services.

Save the following to "portcheck.c" and compile it by running "gcc -o portcheck portcheck.c"

  // Tim Kramer - 18 Nov 2017

  // adapted from Silver Moon's code at:
  // www.binarytides.com/tcp-connect-port-scanner-c-code-linux-sockets/

  // Purpose of this is to work with Node-Red in checking on services.
  // This determines if a specific port on a specific machine is open
  // and returns "on" if a port is open, or "off" if port is closed.

  // This will exit without two arguments
  // Syntax:  portcheck IP_ADDR PORT

  // Possible issue: takes a few seconds to timeout if target machine 
  // is offline

  #include <stdio.h>
  #include <sys/socket.h>
  #include <errno.h>
  #include <netdb.h>
  #include <string.h>
  #include <stdlib.h>

  int main(int argc, char **argv){

     //###############################################//
     // check if there are two arguments, exit if not //
     //###############################################//

     if(argc!=3) {
        printf("usage: portcheck IP PORT\n");
        exit(1);
     }

     //##################################//
     // declare variables and structures //
     //##################################//

     struct hostent *host;
     int err, i, sock;
     struct sockaddr_in sa;

     //######################//
     // set up the sa struct //
     //######################//

     strncpy((char*)&sa, "", sizeof sa);
     sa.sin_family = AF_INET;

     //######################################//
     // add the IP and port to the sa struct //
     //######################################//

     sa.sin_addr.s_addr = inet_addr(argv[1]);  
     sa.sin_port=htons(atoi(argv[2]));

     //#######################//
     // check the IP and port //
     //#######################//

     sock = socket(AF_INET, SOCK_STREAM, 0);
     if(socket < 0){
        exit(1);    
     }
     err = connect(sock, (struct sockaddr*)&sa, sizeof sa);

     //######################################################//
     // return "on" if port is open, "off" if port is closed //
     //######################################################//

     if (err < 0){
        printf("off");
     } else {
        printf("on");
     }

     close(sock);
     fflush(stdout);
     return 0;
  }

Thursday, November 9, 2017

Why MQTT use has increased, and why I'm hating on a certain ZWave IP owner

I ran across the this post during my daily perusal of tech news. It's both interesting and a bit limited, in that it only looks at protocol use and doesn't dig into why.

I believe that the "why" for the increased MQTT/MQTTS use is: hobbyists and developers. Tools like HomeAssistant and Node-Red have experienced a large growth in the home automation area. Both tools can use locally implemented protocols (Zigbee, ZWave, etc.) but tend to focus on use of MQTT for over-the-netwrok communications. Although they've been around for about 5 years, prices for Linux-based automation hubs, like Samsung's Artik boards, have decreased recently (mostly due to increases competition[1]). Couple this with free (for hobbyist) Internet-based MQTT(S) servers (list here) and it's easy to see why use of the protocol has expanded.

That's not to say that everything is sunshine and roses. Example: I have some reservations about Samsung's Artik series boards, it's mostly due to third party licensing for the Z-Wave interface. To explain, the Artik 5 board can be acquired for less than $100 and has interfaces for Wi-Fi, Bluetooth, Zigbee, and a few other not-so-popular wireless protocols. While the board does have a ZWave chipset, its use requires a separate purchase of firmware and a license from the intellectual property owner of the ZWave technology. The bad news is that said third party requires that you purchase a $1500 development kit, just to acquire the firmware. This greed effectively kills[2] just about every hobbyist-driven ZWave project and will likely create a market for alternative protocols and solutions.

In defense of the Artik 5 board, it's a nice piece of kit. Simply put, it's an ARM board that comes with the Fedora 22 distro[3] pre-installed. It has multiple antennas for the supported wireless technologies[4] and also has the ability to interface with Arduino boards. Of serious value is the USB-based serial interface (separate from the power supply connector) which allows for operating system access[5] without having the network configured.

For now, I'm stuck with working around the no-ZWave limitation by using getting automation software on the Artik 5 to talk to the same software running on a Raspberry Pi, which hosts a HUSBZB-1 dongle[6]. To tie in the opening of this post, such is achieved via use of Node-Red, using MQTT and/or MQTTS for over-the-network comms (rule of thumb: develop with MQTT, put into productions with MQTTS).

For anyone that wants to experiment with Samsung's offerings, I'd recommend the Artik 7 or 10 series boards. They come with a USB host interface (which the Artik 5 lacks) that allows for use of ZWave via the addition of a HUSBZB-1 or Anteon dongle. I'm also taking a look at using USB2IP, but such requires cross-compiling because the Artik 5 doesn't have enough storage to support installation of the tool chain needed to compile the code. In any case, it's not much of a shortcoming for me as I only have 3 ZWave outlets and 2 Zigbee bulbs. Moving off of ZWave, should I ever do it[7], will not be a major financial hit. I'll just continue experimenting with the other protocols.

Notes:

[1] Manufacturers have no one to blame but themselves. Being first out of the gate doesn't justify exorbitant pricing. That just leads to having your lunch eaten in the time it takes for an engineer to design a similar product (these days, it's down to weeks).
[2] I learned about the licensing problem after I'd received the Artik 5 board for my birthday.
[3] I've managed to update the board to both Fedora 24 and the current Fedora 25. I've also managed to run Ubuntu 16.04 LTS from the SD card. (Note: the Artik 5 board does not support installation of Ubuntu, though the Artik 7 and 10 does.)
[4] It also has an antenna jack for ZWave, should you ever get around to adding it.
[5] On Linux, the easiest method for accessing the serial interface amounts to: screen /dev/ttyUSB0 115200
[6] Both Node-Red and HomeAssistant also work with the ZWave interface provided by the RaZberry daughterboard.
[7] I originally used the SmartThing's hub, with a MQTT interface to control those but I didn't like the need to have Internet connectivity to control the lights. We live in an older (Internet-wise) neighborhood and connectivity can best be described as "intermittent during damp weather".

Friday, November 3, 2017

What was I reading in October 2017?

2017-10-01

- ntpd won't save you from one particular rogue bit

2017-10-05

- How SSH became port 22

2017-10-07

- alvarcarto/url-to-pdf-api - I need to experiment with this as I've been wanting an internal PrintFriendly-like service.
- WaveNet launches in the Google Assistant DeepMind - Another item on my list to try.
- An Update on Firefox Containers - ... and another...
- AWK for Multimedia - ... and another.

2017-10-15

- Steve Wozniak announces tech education platform Woz U
- Exploding Git Repositories - Discussion of an issue similar to zip bombs.

2017-10-19

- Falling through the KRACKs
- Dive into Deep Learning with 15 free online courses
- Practical public key cryptography
- Screen capture in Google Chrome - A possible partner for the url-to-pdf tool above?
- URG - A discussion of TCP.
- Everything You Wanted To Know About Blockchains - Part 1
- Vim After 15 Years
- Using cgroups to limit I/O

2017-10-21

- Researchers find that LastPass 2FA can become 1FA
- ssh_scan: A SSH configuration and policy scanner for Linux and UNIX server

2017-10-23

- An ode to pack: gzip’s forgotten decompressor
- Getting the Most out of Sqlite3 with Python
- Do you have the Learners Syndrome? - Uhm... I admit nothing, because I do get use out of what I learn. (Okay, maybe not the Japanese language lessons, but...)
- Unix is my IDE

2017-10-25

- The Uncanny Resurrection of Dungeons & Dragons
- SSH Escape Sequences (aka How to Kill Dead SSH Sessions) - Just when you think you know a tool... Guess it pays to reread man pages now and then.
- Remember that $86 million license plate scanner I replicated? I caught someone with it.
- Newfound Wormhole Allows Information to Escape Black Holes

2017-10-26

- Speech Recognition Is Not Solved - I'm not liking the author's argument because speech recognition only needs to be "good enough". Much of what he wants borders on AI (e.g., recognition of context).
- learnbyexample/Command-line-text-processing - Notes on processing text with awk.

2017-10-28

- SNMP Authentication Bypass Cripples Numerous Devices
- OpenSSH Removes SSHv1 Support

2017-10-29

- Secretary problem
- Outlawry Supervillians and Modern Law
- Replace your exploit-ridden firmware with a Linux kernel
- 10 charts that show why sleep is so important

2017-10-30

- Understanding deep learning requires re-thinking generalization
- Stop Feeling Like an Imposter

Above was generated by a homegrown bolt-on script for Wallabag, which is a free utility for capturing web content so that it can be read later.

Sunday, October 1, 2017

What was I reading in September 2017?

2017-09-03

- Perl as PID 1 under Docker - How to shut down gracefully
- The real prerequisite for machine learning isn't math, it's data analysis
- The Ultimate List of Youtube Programming Channels - Sometimes you need more than CS50 (Yeah! I said it. Whatchya gonna do about it?)
- A.I. Bias Doesn't Mean What Journalists Say it Means
- The Mathematics of Machine Learning
- Lu Ban's Axe and Working with Your Chinese Suppliers
- Mastering Bayes
- Comcast sues Vermont to avoid building 550 miles of new cable lines

2017-09-04

- Learning Python without Library Overload

2017-09-06

- Is systemd's hand-rolled Desktop-Bus-over-SSH tunnel a security worry?

2017-09-14

- Understanding Crypto Regulations - Multicoin Capital
- What every software engineer should know about search

2017-09-16

- Patching is hard; so what?
- Deprecated Linux networking commands and their replacements - Anyone else frustrated with the terms "legacy" and "deprecated"?
- Programmer's guide to the Computer Networking galaxy

2017-09-17

- 2017 NSA Codebreaker Challenge
- NSA Launches 'Codebreaker Challenge' For Students: Stopping an Infrastructure Attack - Slashdot
- We've failed: Pirate black open access is trumping green and gold and we must change our approach
- Equifax Releases Details on Cybersecurity Incident, Announces Personnel Changes

2017-09-21

- Introducing Keybase Teams
- Equifax Breach: Setting the Record Straight
- Learn from your attackers - SSH HoneyPot
- The Mysterious Origins of the Phrase 'Liar, Liar, Pants on Fire'
- A Brain Built From Atomic Switches Can Learn
- DuckDuckGo: The Solopreneur That Is Beating Google at Its Game
- Welcome to the World of Software Defined Radio

2017-09-23

- Engineers have found a way to 3D print super strong aluminum
- The moon blew up without warning and for no apparent reason

2017-09-27

- Huge Ethereum Mixer

2017-09-30

- Pipe Logic
- We seem to be getting stupider and population ageing may be why - Before you get into lengthy discussions about how old people's brains are slowing down, this also implies that you younguns just aren't holding up your end of the stick. :P
- Search online courses from edX, Coursera, Udacity, and more
- The Princess Bride Turns 30: Rob Reiner, Robin Wright, and Billy Crystal Dish About Making the Cult Classic - 30 years? Inconceivable! (Someone had to say it.)
- Amazon Increases Production Spending for 2018, Developing Three New Sci-Fi Series
- Why You Shouldn't Slog Through Books
- The Inside Story of Equifax's Massive Data Breach
- Crypto Classics: Wiener's RSA Attack

Above was generated by a homegrown bolt-on script for Wallabag, which is a free utility for capturing web content so that it can be read later.

Sunday, September 3, 2017

What was I reading in August 2017?

Below is a bit lite due to August being an extremely busy month for me (changing employment, attending training, etc.). Will be playing catch-up in the next few weeks...

2017-08-01

- LinkedIn: It's illegal to scrape our website without permission - Yet another "who owns your data?" argument.
- 100x faster, 10x cheaper: 3D metal printing is about to go mainstream - But how long until I can afford one of these printers?
- No Facebook Did Not Panic and Shut Down an AI Program That Was Getting Dangerously Smart
- Hacking Voting Machines at DEF CON 25
- Elixir School - More training!
- Are You A Teenager Who Reads News Online? According to the Justice Department You May Be a Criminal
- Shor, I'll do it

2017-08-04

- Introducing the Keybase filesystem

2017-08-06

- What is Nuitka - Hint: Python compiler
- Detecting Chrome Headless
- Geo for Bootstrap - a Timeless Theme - Warning! Extended exposure to this web site's theme is known to damage eyesight!
- Feynman on Fermat's Last Theorem
- Jordan B Peterson's answer to What is more beneficial in all aspects of life; a high EQ or IQ?
- Amazing Tensorflow Github Projects
- yrutschle/sslh - Another protocol multiplexer

2017-08-08

- Let 'localhost' be localhost.
- Podcasting patent is totally dead, appeals court rules
- Dijkstra was right, recursion should not be difficult
- Porting Chrome Extension to Firefox Shing's Blog - Still on my 'to do' list.
- The Frame Problem Stanford Encyclopedia of Philosophy

2017-08-09

- Typing with pleasure
- Mongoose OS - reduce IoT firmware development time up to 90
- 78rpm Records Digitized by George Blood L.P. : Free Audio : Download & Streaming : Internet Archive

2017-08-20

- How can I help test Docker for RPi?
- Security Keys (hardware)
- Raspbian Stretch has arrived for Raspberry Pi

2017-08-25

- Free Online Computer Science Courses - Yet more training!
- How to make your first steps in Open Source contributing
- How to write your own compiler
- What happened to memberships? - Google Express Help
- A Human-Friendly API Service for Crypto Currency Information
- Learn how to write a hash table in C
- Tackling Technical Writing

2017-08-28

- Making your own custom USB cables
- The Chrome team is currently experimenting with a setting to mute/unmute a web site

2017-08-31

- OCaml for the impatient
- Python Data Science Handbook
- An Argument For Why Windows Will Go Open Source
- An attempt to make computer machines run better
- Whitepaper: The Black Art of Wireless Post-Exploitation - Bypassing Port-Based Access Controls Using Indirect Wireless Pivots

Above was generated by a homegrown bolt-on script for Wallabag, which is a free utility for capturing web content so that it can be read later.

Tuesday, August 1, 2017

What was I reading in July 2017?

2017-07-03

- Drones may soon have to identify themselves electronically while in flight
- 2FA using a postcard!
- Fake news: you ain t seen nothing yet - Remind me again why I visit this web site? It's Aug 1st and I'm locked out because I've "reached my limit". New candidate for the HN News filter, I guess.

2017-07-04

- alexanderepstein/Bash-Snippets
- Eastlink customer's 20-year-old email account shut down over unusual address - I'm skeptical but will withhold comment until the address is used elsewhere.

2017-07-06

- Chicago To Make Future Plans a Graduation Requirement - Can hear it now: "I would have graduated if not for that meddling bureaucrat." (Points for a Scooby Do reference?)
- Putin Signs Law to Remove Pirate Proxies From Search Engines
- A rift in the NTP world - (*sigh*) The whole lot needs to be sent to bed without their dinner.
- Florence Nightingale Saved Far More People With Her Grasp Of Numbers Than Of Nursing

2017-07-07

- Monte Carlo theory methods and examples - Note: Be very careful with your use cases! (My apologies to my coworker who used the Monte Hall gambit as an example but I did enjoy that.)
- OpenBSD Will Get Unique Kernels on Each Reboot. Do You Hear That Linux Windows?
- Running Any Linux Browser in (almost) Headless Mode - On my "to do" list. (This has "trouble" written all over it.)

2017-07-08

- Elon Musk's big battery brings reality crashing into a post-truth world
- Where Machine Learning meets rule-based verification
- Introducing HumbleNet: a cross-platform networking library that works in the browser

2017-07-11

- Qubes OS
- Slaying the 'math monster': It's not about numbers it's about learning how to think.

2017-07-12

- Contempt Culture - The Particular Finest
- Elliptic Curve Cryptography Tutorial

2017-07-19

- Machine Learning Crash Course: Part 4
- Machine Learning Crash Course: Part 1 ML B
- Machine Learning Crash Course: Part 2 ML B
- Machine Learning Crash Course: Part 3 ML B
- learnbyexample/Command-line-text-processing

2017-07-20

- The future of deep learning

2017-07-21

- Cosette: An Automated SQL Solver
- On Password Managers
- The rise of Python for Embedded Systems
- Kaisa Matom ki Dreams of Primes
- How Checkers Was Solved
- NIST Randomness Beacon
- Introducing Bluetooth Mesh Networking - I've been working with Z-Wave and Zigbee technologies for the past month. Mesh Bluetooth is something that I'd like to see, if only for having another option for automation.

2017-07-22

- Movidius launches a $79 deep-learning USB stick - Trying hard to come up with a use case so I can justify buying a handful!
- Browser Abuse Syndrome - This is how your lunch gets eaten. #stuck_in_the_90s

2017-07-24

- To become a data scientist focus on coding
- Alternatives to a Degree to Prove Yourself in Deep Learning
- The clever electronic inks rewriting our energy future
- A Practical Guide to Tree Based Learning Algorithms

2017-07-25

- NTLM Hash Leaks: Microsoft's Ancient Design Flaw

2017-07-26

- TeachCraft - (Minecraft plus Python)
- Voice Synthesis for in-the-Wild Speakers via a Phonological Loop
- How to: Create a Z-Wave Smart Home hub using a Raspberry Pi
- MS Paint is here to stay
- Microsoft Paint Was Never Going to Die But It Made for Good Headlines

2017-07-29

- Tracing a packet journey using Linux tracepoints perf and eBPF
- One of the fathers of modern computing used this 6-step process to solve any problem

2017-07-30

- The Worst Internet in America - I'm thinking that their source for data is the comms companies 'cause the data appears to be COMPLETE AND UTTER BS! My mom lives in an Appalachian area with a single line strung into the one side of the valley. Because she and most everyone else doesn't live near it, they don't have Internet. Hint: on cell phone maps, it's a blank spot.
- Millennials are the ones keeping libraries alive
- Going down the rabbit hole with go-fuzz
- Robot cracks open safe live on Def Con's stage
- Breaking open the MtGox case part 1
- Waze for Android Auto is Here - I've already installed it. Now I remember why I used to say "Don't cross the Waze Lady!" (heh)

Above was generated by a homegrown bolt-on script for Wallabag, which is a free utility for capturing web content so that it can be read later.