Tuesday, December 25, 2007

Happy Holidays

Merry Christmas y'all! (Yeah, I'm from that part of the country.)

I'm thankful that I still have both sets of parents, a number of siblings, my wife, my kids, and a number of friends and still-welcome strays (shouts to the Garage Troll) who've passed through our lives in the past year. Here's hoping that you have good fortune and quiet lives in the coming year.

Sunday, December 23, 2007

Home down for maintenance

I'm offline for a couple days, rebuilding my home system with a commercial version. If that doesn't work well, I'll temporarily switch to Ubuntu. Primary need is a real-time kernel and ability to compile Zaptel.

Saturday, December 22, 2007


Of course! We buy our son a laptop, with 1GB of memory, for Christmas/moving out and industry announces that it's increasing the standard to 4GB. Augh!!


Friday, December 21, 2007

VOIP Users' Conference

Joined the VOIP Users' Conference Call this morning. The was the first chance I've had to join in since I discovered it a few weeks ago. A lot of polite people. Thanks for putting up with me guys.

For those that aren't familiar with the VUCC, it's a Talkshoe-based conference call held every Friday at noon (EST). I've added the badge for it to the left.

Shmoocon count-down


Courtesy of: the Flash Countdown Timer

Thursday, December 20, 2007


I'd guess that what amounts to the Port-Sec (PSec? Portsmouth-Sec) dinner occurred tonight. Those of us that attend (or teach) the series of network security classes (instigated by Rob) at the local college get together twice a year to eat German food and enjoy each other's conversation. Because we're all geeks (Erika, if you deny it, we'll just call you geek-by-association), the conversation tends to center around computers, networks, and security. Thus my claim to the Port-Sec monicker.

The cool thing about this is that we've been holding these dinners for much longer than the whole Bean-Sec/Chi-Sec thing has been going on. This evening's dinner was much more enjoyable because it was a much smaller group. We didn't invite many of the first-year students so the group was able to eat at one large table and we were all able to hear each other (a first!).

The only drawback to the entire evening was the food. Since "Mama" at the Biergarden (in Portsmouth) doesn't "drive" the kitchen any more, the quality of the food has slipped to the point where it's recognizeable that it's German food cooked by someone who's not familiar with it. Authentic German food (that is, good food) has a taste that is based not only on its ingredients, but also how the pans are handled, how the stove is operated, and how the prep surfaces are cleaned. All that I can say is that the Biergarden in Portsmouth, VA is now in dire need of a good German cook. If they don't get one, they risk losing a good-sized chunk of their clientelle. (For anyone that has a German grandmother, here's a hint: I didn't have seconds, not even of the spaetzle.)

For those that didn't attend tonight, you missed a good time (food not withstanding). Hopefully you'll be able to attend in the Spring.

Tuesday, December 18, 2007

Mozilla phone

One of the things that has always annoyed me concerning those really nice VoIP interfaces for Outlook was that most of them are limited to Outlook. Because I normally use a number of operating systems, many of them non-Windows, my ears tend to perk up when something like AbbeyPhone comes along.

It appears to be a SIP-based plugin for Firefox and Thunderbird, capable of running on Windows, Mac, and Linux. It also isn't tied to any one service provider like so many other VoIP tools nowadays.

Sooo... It looks like I'll be playing with it in the near future, seeing how well it works with Linux. I'll keep you posted.

Sunday, December 16, 2007

Asterisk and TalkShoe

If you want to connect to a TalkShoe conference via Asterisk, I've worked out a number of ways you can authenticate to TalkShoe from the dial plan. Notes are in the wiki.

Wednesday, December 12, 2007

Request for public comments?

The older I get, the more I realize that the things you say/write will either have unintended side-effects or will show up in some very interesting places. And, as such, you should be very careful in your choice of words (I was) when someone asks your opinion (even in forums like public Requests for Comment (RFCs)). Hopefully, this blog doesn't count because you receive my opinion without asking for it.

A friend's recent vanity search, which turned up some unexpected responses, prompted me to do one of my own (it's been awhile). The short version of this story is that I may not yet have visited Congress, but my words have. Yikes!

Okay, it was a RFC dealing with constraints on how a specific organization should make its data publicly available. Nothing major but what happens to your words, after they leave your head, can be quite interesting.

ACM update

Had a bit of time to play with the code and added another conference room to the manager and the ability to push calls between the two. The code needs to be cleaned up a bit but you can get an idea of what it does with the below pic. My wife says it's an ugly interface but I'm not one to argue; we both agreed that I have no sense of style/aesthetics about 15 years back.

Sunday, December 9, 2007


Cool! The SciFi Channel is running a number of the Firefly episodes on the 14th!

Saturday, December 8, 2007

System updates

I admit it. I do horrendous things to my Linux systems, often breaking them, sometimes so horribly that the only way to repair them is to reinstall. Such is the case this week. My Mandriva 2007 has suffered a number of "upgrades" and "tweakes" over the past year, so much so that certain services were getting to be a bit unstable.

As I'd been planning to experiment with the Jackd Audio Distro (JAD) and Ubuntu Studio, I downloaded and installed them first. In short, there are a number of tools in those distros that I'd like to have running. However, JAD is FC6-based and Unbuntu Studio is a version or two behind. In other words, there are a number of "known" issues that more recent distros have fixed and that I'm not willing to live with.

For me, the remaining choices were FC8 and Mandriva 2008. I've been hearing good things about FC8 and decided to try that first. Sadly, it's still a bit short in detecting hardware, specifically my stock (built-in) NVidia 6xxx video card. It still has the invisible mouse issue and still requires that the NVidia drivers be installed manually, including a number of prerequisites that the beginning user would find near-impossible to install.

So it's back to Mandriva. It detects the video card properly at install and autoloads the kernel modules for it. The Easy Urpmi service is also available which covers for a number of missing packages in the "free" Mandriva distro.

The one shortcoming in Mandriva that I have to work around is a number of odd RPM dependencies, due to the number of RPM authors who maybe didn't do as much due diligence as they should. My work-around: use Easy Urpmi for installing languages and their dependencies. Everything else, build from scratch. For some of the more cutting-edge stuff (e.g., stuff still in development), you have to build from source anyways.

So here I am blogging, while texlive-texmf (a _really_ big bundle) installs via Easy Urpmi and miscellaneous OCaml libraries are compiling from source. This should take most of the morning.....

Friday, December 7, 2007

Music-on-hold Alternatives

One of the difficulties in using Asterisk is that danged reliance on mpg123 to play MP3's and/or streams. In other words, mpg123 is used to transcode "on the fly". The drawback is that this tool doesn't always work as expected. Audio can, and will, drop out without notice and come back minutes later, also without warning.

In response to an exceedingly bad week of trying to get mpg123 to tolerate some high-end netcasts, I've decided to document alternatives to mpg123.

Thursday, December 6, 2007

With friends like these

Hmmm.. I'm the 10,000th visitor to Digg in 2007? (Yay!) Why don't I feel safe clicking on that link? (Somebody should check on where they're getting their ads from!)

Sunday, December 2, 2007

Tuesday, November 27, 2007

ACM update

I'm having a lot of fun with the Asterisk Manager Interface (AMI). Where I previously relied on .call scripts to start stream the conversation in the conference room, I now have a button on the conf. mgr. interface (pic below).
The Kick and Mute/Unmute buttons are kinda obvious. The "Muzak" button starts playing music into the conference room. The stream button starts streaming the conference room to a local Icecast server. The "trick" behind these last two buttons is the "Originate" function call in the AMI.
Next up: being able to edit the caller's name and their topic (can you guess where I'm going with this?) and being able to push callers back and forth between queues and conference rooms. Maybe a bridge between conference rooms?

Sunday, November 25, 2007

I R one!

As of 2 p.m. today, I've recert'd GSEC and have picked up GCIH. I'm also quite brain dead and a bit computer-adverse at the moment. What a way to spend a Sunday afternoon!

Saturday, November 24, 2007

Further experimentation

Sparks lent a hand in testing out the setup (screen capture below). That's an inbound Icecast stream (muted so we could talk), an outbound Icecast stream (for podcasting), two cell phones and two Skype clients. There was a little bit of echo but I think that was cross-over due to the proximity of the handsets.
It's surprising to see that IPKall and FWD allows more than one concurrent inbound call. I'll need to do a bit more research to figure out what the limits are, both remote and on my system (what with all the other daemons that are running).

Note that I've updated the mute/unmute code.
Thanks for the assist, Sparks!

Disclaimers for "Asterisk Conference Manager"

Before anyone uses the code for ACM, let me spit out a few disclaimers:
  • The code is GPL'd by the original author. The usual terms apply.
  • The original author's disclaimers, and those for the Asterisk Manager Interface (AMI), where the security of this program primarily relies on your ability to limit access to it, still exist.
  • The program is written in PHP and AJAX (or what passes for it). I suck at PHP and AJAX. Keep in mind that the program is little more than a page scraper for the AMI. What this means is that the code is likely to be very version-dependant. (I'm running Asterisk 1.4.x.) It works but you can't hold any of the coders responsible for maintaining it. Any changes/updates to the underlying platform will likely break ACM's functions.
  • Running this service keeps an open connection on your web server. Firefox and/or IE are likely to be poor choices for browser interfaces for this program. Both are memory hogs and eat up a chunk of memory. I run a lot of crap on the same machine as this one. Heavy use of the underlying web server, with Firefox, does generate audio artifacts. Your mileage will vary.

In any case, please let me know if you find it useful or want to suggest changes.

Asterisk Conference Manager

I've been playing with Asterisk for awhile now. In hooking it to Icecast and Liquidsoap, I needed to come up with some sort of management system for the conference calls.
Meetme Manager really didn't fit the bill. I liked the available controls but hated that you had to click on something to update the page. This meant either a local GUI or an Ajax-driven web interface.
Luckily, John at Asterikast had played with an Ajax (I think it's Ajax) interface which maintains a connection to the Asterisk Management Interface (AMI). The drawback to John's script is that it hasn't seen an update since he posted the code last March. I did like the baseline code though, so I've made a few changes.
The major revisions are in the output.php file. There seemed to be a lot of code to perform just a few functions. I've heavily edited that so that it now recognizes local connections and miscellaneous SIP connections that didn't meet the original filter constraints.
John's original code only allowed for kicking users. I've added mute/unmute controls. Currently, it's been demonstrated to handle local internal connections (.call connections for MOH), SIP calls from the local network, and IAX2 calls via IPKall and FWD (Yeah, I call Washington State to connect to my own machine in Virginia Beach. What the heck, it doesn't cost extra...).
The new code is here. I plan on adding color coding for muted/unmuted callers and to experiment with much more of the AMI features.
For giggles, here's a screenshot. That's my son dialed in via a SIP hardware phone, me dialed in via SkypeOut (via IPKall and FWD), while .call scripts pull in a Liquidsoap-generated stream from Icecast and push the resulting conference stream back to the same Icecast server.

Monday, November 19, 2007

Coming up for air

Apologies for the dearth of posts. I'm in the middle of a certification marathon, facing a number of self-imposed deadlines. I've finished re-cert'ing GSEC and have two more to go by the 1st of the month. (Note to self: celebrate having started this blog prior to obtaining the cert in the first place.)

Hopefully, I should have everything done this coming weekend.

Sunday, November 18, 2007


The sample dialplan code on VoIP-Info.org for authenticating using voicemail passwords has a bug in it. In the perl section, line 122,7 should read:

exten => *122,7,GotoIf($["${result}" = "0"]?20:30)

Note the one less left-bracket ("[") before ${result}.

Saturday, November 17, 2007


I've put the notes for the piTivo installation in the wiki. For those that don't know what piTivo does, it allows you to push content back onto your TiVo, all without having to hack the dang thing.

Monday, November 12, 2007

Not a small problem.

This is really not good. If you want an idea of how bad it is, try visiting the NIST Vendor list and picking out all of the Microsoft products. Then remember that Microsoft tends to re-use code as much as possible, making the possibility that the problem exists in XP and Vista very likely. Then go back and pick out all of the products which employ Microsoft's libraries.

While this sort of paper doesn't cause problems directly, it is the sort of thing that others build upon, often ending with "nice" additions to security toolkits. I wonder how long it'll be before NIST responds....

Update: the paper is here if you don't want to wade through Slashdot.

Saturday, November 10, 2007

Shmoocon attendance

Someone did a nose count and figured out that there's at least 30 people from the Virginia Beach area going to Shmoocon (and there's two more sessions of ticket sales to go). I guess we'll be the big ugly mob in the lobby bar at 2 a.m. (heh)

Telmnstr is campaigning for a Hack or Halo project. Any thoughts? I've got a collection of junk box kruft that I'm willing to donate as parts or prizes.

Tuesday, November 6, 2007

Cell phone jamming

Before you take it upon yourself to jam someone else's phone calls, just because you can only hear one half of the conversation, please consider the following:
  • What's your justification?
  • Are you jealous that you're not part of the conversation?
  • Don't like that the girl likes to say "like", like way too much?
  • Before you get into the "invasion of your space" argument, answer the question: "Where am I?" I'm willing to bet that you're in a public place and your personal space doesn't involve a cone of silence.
  • Do you come from one of those broken homes where "silence at the dinner table" was a rule? If so, then I'm sad for you. I come from an active family that the earliest we'd see each other as a group was dinner time. Aside from a few spats when we were younger, it was a time for communication.
  • Are you that much of a control freak?

When you press that button realize:

  • You're breaking a Federal law each time you push that button, risking fines up to $11,000 ($10,000 for jamming, the rest for possession and use of contraband)
  • You're also risking a civil suit from anyone who's conversation you interrupted (think doctor's talking to emergency room). Jammers are rarely directional, especially the cheap ones. A thirty foot range means sixty feet by sixty feet (i.e., everyone in the restaurant, and then some).

Yeah, there are a few places where cell phone use can be seen as inappropriate, such as church, a movie theater, or class. However, let me point out that it is not you, with your butt in the chair, that has the right to enforce any such rule. It is the responsibility of the paster/priest, theater owner, or instructor to make and enforce the rule. Anything that you do, including saying "Hang up that phone!" is beyond your jurisdication and may be construed as a form of assault (look that one up). It falls under "The management reserves the right to refuse service..."

You want silence, go sit somewhere where the business owner prohibits the use of cell phones (it's his jurisdiction, not yours). If it's a public place, you're S.O.L.

You cell phone users. If it's a place where quiet is the norm, it's okay to answer your phone, just take the conversation outside as soon as possible. It's the polite thing to do and it'll help keep the etiquette nazis off of the rest of our backs.

Me? I'm using another entirely legal device. If you use a jammer in plain view, I'm taking a picture and hoping it's good enough to convict you. If you're yelling into the phone in a place where quiet is the rule, I'll take a series of pictures (hey, you're acting strange in public), choose the best one, and submit it to the Craption Contest.

Monday, November 5, 2007


Remember that diagram that I made of my home network, about a week ago? Scratch that. I've added a few more lines to it. In cleaning out some of the kruft that has backed up in my Bloglines subscriptions, I came across a PVR Wire post about pyTivo. (I can't post the link to the original article 'cause it isn't there anymore. Bloglines remembered it though.)

In any case, pyTivo allows me to push media from my computer (vidcasts, podcasts, SageTV recordings, etc.) back through the TiVo.

The bad news is that the program actually has to load the media onto the TiVo. The good news is that you can start playing it a few seconds after the transfer starts (good for large vids!).

I did have to monkey with the config file just a bit. I had to enable the beacon and change it to the broadcast address for my network (vice Note: the Cheetah Namemapper warning supposedly can be safely ignored.

In any case, I can now watch vidcasts on my TV without having to use the funky podcast client built into the TiVo interface. Even though I can play music through there, I don't have a decent sound system connected to that TV so I probably won't use that one much. Also, lets not forget the ability to pull files off of the TiVo with the web interface (backups!).

Got mine

Got my ticket for Shmoocon. Not a whole lot posted about it yet, except for discussion of ticket sales. The Shmoocon Roommates mailing list appears to still be alive (though inactive).

Saturday, November 3, 2007

A web interface for LiquidSoap

I'm writing a web front-end to Liquidsoap, a scripting language that easily builds and transmits audio streams (live or from files) to Icecast and Shoutcast servers or to local hardware. The script is basically a juke box for the various network-enabled audio devices in my house. I'm keeping development notes (and the code) in the wiki for anyone that wants to follow along.

Wednesday, October 31, 2007

Shmoo Tickets

Heads up! First round of tickets sales: 1 Nov Hopefully, they aren't using the same scheme as last year (it does look like it though).

Sunday, October 28, 2007

Geekin' Hard!

Some geeks like showing off their geek pr0n. Some like showing off network diagrams of their home setup. Me, I like function diagrams. Below is a depiction of what I've been playing with in the past year.
At some point, I've tested each part. Most of it is still connected and available on demand (from inside the network). About the only part that I've disabled is the IDJC piece (it generated too many audio "artifacts").
The parts in red are record functions. The piece in green is Asterisk passing CallerID info to SageTV. The rectangles are hardware. The circles are not.
Pieces that play MP3 files from the library:
  • Asterisk
  • Icecast
  • IDJC
  • Liquidsoap
  • SageTV
  • Slimserver
Pieces that accept input from Icecast/Shoutcast streams:
  • Asterisk
  • Cidero
  • Icecast (via relay)
  • Liquidsoap
  • MediaMVP
  • MPD
  • Slimserver
Pieces that output Icecast/Shoutcast streams:
  • Asterisk
  • Icecast
  • IDJC
  • Liquidsoap
  • MPD
  • Slimserver
Web interfaces include:
  • Asterisk
  • Icecast
  • Liquidsoap
  • MPD
  • SageTV
  • Slimserver
  • TiVO
Asterisk, Icecast, Liquidsoap, and Slimserver are the audio powerhouses here, being able to both accept and generate network streams. Because they have inputs and outputs which are accepted "standards", they can be connected in just about any manner.
For video, my favorite is SageTV. It records scheduled and timed video, has a "hackable" web interface, allows all sorts of plugins for additional features, and can stream to hardware and software clients in the local network. It generates RSS feeds for recent recordings and the upcoming recording schedule. For those that aren't familiar with SageTV, think MythTV with a lot more polish and a lot less set-up work.
Note: this is all Linux-based but there are Windows versions of just about all of the programs. The amazing part is that I rarely see my dual core system get below 95% idle.
Wishlist (things I want to experiment with in the next year): X-10 interface, home automation, some sort of podcatcher, IAX to a friend's Asterisk box, a hardware-based phone, motion detection with cameras, hosting and/or recording a live conference call, amateur radio.

Disclaimer: I do nothing illegal with this set up, though the capability is definitely there. Diagram courtesy of GraphViz's dot program.

Saturday, October 27, 2007


The wiki is down for a bit while the powers that be update the backend software/hardware.

Wednesday, October 24, 2007

Asterisk to Icecast

I've got the Asterisk-to-Icecast interface up and running! ([insert dance of joy here]) Notes (in the wiki) to follow shortly.

Saturday, October 20, 2007

Adding Custom Searches to SageTV

I've put my notes for adding custom searches to SageTV in the wiki. I've also posted a link to a copy of my menu_items.js there.

Thursday, October 18, 2007

Missing the old days?

Wow! I'd forgotten just how horrible pre-Internet technology was...

If you know of anyone pining for the old days, especially if they're obnoxiously spouting off how cool Fidonet was and such, you can point them (telnet) to bbs.hak5.org. There, the Hak5 bunch has set up a BBS so that people can be reminded just how spare the interface was.

A few things missing from the experience:

  • the text should be printing at 300 baud (about the speed that the average fourth-grader can keep up with)
  • the connection should drop out periodically (think of it as beind randomly logged off against your will)
  • the text files need more Ctrl-G's

I do miss those Ctrl-G's.

The devil's in the details

For the benefit of anyone in Rob's class that's attempting to recreate what was done on the big display tonight --> when you're grabbing/compiling/running kmod-ptrace.c on the target machine, pay close attention to the details:
  • use gcc, not make or cc
  • when you run the program what is displayed?
  • can you do anything (hint: type ls or whoami)
  • if you hit Ctrl-C and run "ls -l", what do you see?
  • re-run the program and try to answer these questions again

Note: success may be specific to the version of the OS being run on the target machine. Your mileage will vary depending on a number of things (hint: the classroom lab is a controlled environment (i.e., each target is exactly the same)).

Enjoy! But you should probably get your homework done first. You may spend more time than you should getting the exploits to work in your home labs. If you're frustrated, please note that Rob usually isn't adverse to you coming in when there isn't a class in the lab. Just check in with one of the techs in the fishbowl.

Tuesday, October 16, 2007

Kernel upgrades and HTPCs

Note(s) to self: upgrading the kernel on a home theater PC is not a good idea unless you really need a new feature. Swapping out kernels will break IVTV and, by extension, whatever sits on top of it. If you're building production machines, it's a good idea to stick with whatever you're currently using and save kernel upgrades for the next model.

Hak5 bumpers

Note to all: if you're going to use any of the Hak5 bumpers, it may be worth the time to edit the ID3 tags if you're doing anything like using them in a playlist.

Friday, October 12, 2007

LiquidSoap web interface

I think I have the telnet interface to LiquidSoap figured out and have a simple web interface to it coded up. I'll post the code once I've got it cleaned up and add a few more functions to it.

Wednesday, October 10, 2007

What's next?

From the give-me-$5-for-the-song-playing-in-your-head department...

There's a case in the UK where a car repair business is being sued for copyright infringement because their mechanics are playing music loud enough that it can be overheard by others. Silly, no?

Even sillier, it's not the employees of the business that are being sued for the actual sharing of the music (by turning their radios on). Rather, it is the business being sued for facilitating that sharing. (Never mind that broadcast radio has already paid for the broadcasted content and that it is able to be heard by anyone with enough skill to operate a tuning dial or button.) Or will the employees be sued at a later date, once it can be determined whose radio played what song when?

What's next? Having to pay a service fee for riding the elevator because muzak was playing while you rode? Of course, the elevator company would have to record the number of riders and the distance (in floors) that each rider traveled.

NSLU2 Icecast Server

I've got an Icecast server set up on a Linksys NSLU2 server so I can experiment with various audio tools without annoying the Hak5Radio bunch. I've stuck the notes for "installing OpenWRT on the NSLU2" and "Icecast on the NSLU2" in the wiki.

Monday, October 8, 2007

Configuration silliness

It's warnings such as these that cause an odd sense of panic when you're attempting to compile a mixer at 2 a.m.


Sunday, October 7, 2007

NSLU2 Audio Redo?

I moved the NSLU2 back next to the computer because it wasn't seeing much use in the bedroom. It also lets me continue to crash the desktop without having to worry about losing the audio stream. I'm currently working on a demo to show off LiquidSoap (yeah, I tend to fixate on new tools) to the local users' group.

Problem is that I'll need to use the current NSLU2 (with the audio interface) and another with Icecast running on it. I running the risk of more people (at the meeting) being fascinated with the NSLU2's than the LS scripts I'm trying to show off. (Notes will be in the wiki shortly.)

Wednesday, October 3, 2007

Liquidsoap update

I'm starting to think that LiquidSoap is to audio as Perl is to text. I had a bit of fun annoying the extremely early morning listeners on Hak5Radio with misc. Creative Commons music, while reading up on some of the syntax. In addition to being able to stream to Ice/Shout/Peercast servers, it can also stream directly to your hardware (i.e., your soundcard).

I can attest that chaining Sky.FM-->SlimServer-->LiquidSoap-as-a-player works very nicely. Even the metadata being passed across from Sky.FM is handled properly, and neither processor got below 95% idle on the dual core, even with all of the other crap I run on the box (SageTV, fetchmail, etc.). That's saying a lot as it appears that both Slimserver and (possibly) LiquidSoap are doing a bit of transcoding on the fly. The one drawback to this so far is SlimServer's built-in delay (5 or so seconds). I'll need to read up on that.

It's obvious that simulcasting (rebroadcasting/redirecting) a stream is going to be simple. I need to play with the mixing features now (think "periodic jingles" mixed into an open conference call). If I can come up with an interface to Asterisk, you can consider me as having thrown IDJC in the round file.

Oh! If anyone's interested (and for my own notes), the syntax is

liquidsoap 'out(input.http(""))'


I've had a "really horrible experience" in getting IDJC up and running. No matter what I've tried to do, anything that I stream contains a quantity of very annoying sound artifacts (at one point, it could have been a helicopter outside of my window).

In attempting to troubleshoot IDJC, I discovered a new streaming tool called "LiquidSoap". To quote the website, it is basically a "general purpose audio streaming tool, designed as a script language, which allows you to build complex webradios".

While the toolset is still considered to be in development, I was able to get streams going via a local radio site (okay, hak5radio) in 30 minutes of installation/reading, vice the 2 months of on and off frustration with IDJC.

In reading some of the docs, there's quite a few interesting features: on-the-fly transcoding/normalization, misc. scheduling features, drop-on-live-input, an IRC bot interface (with input!), and even a (in-development) touchsreen interface. Definitely something for the home theater enthusiast that likes to tweak his/her own stuff!

Monday, October 1, 2007


Self-referentialism (similar to existentialism): the depressing condition within Internet-based research where you repeatedly (only?) find your own work. Following is a semi-example where 9 people on the Del.icio.us have noted the same article about LiquidSoap. The "just posted" indicator is an indication of my having saved the link. The picture indicates that I then Googled for the term and was brought back to Del.icio.us. (Arg!!)

(heh) Cutting edge does have its drawbacks...

Sunday, September 30, 2007

ZoneMinder update

Dave and I managed to get a version of ZoneMinder up and running by grabbing a copy of the Blue Cherry Live CD from the BlueCherry.net web site and trying a number of different cameras. We discovered that one of the obstacles that we were facing involved the hardware (an older Dell box) that we were using as a platform. We ran into everything from not enough memory to realizing that the USB ports were only version 1.x. Dave had a very nice USB2 camera going, with the Live CD, going on his laptop. We ended up installing the Live CD (it's Ubuntu-based) to cure some of the memory issues.

Wednesday, September 26, 2007


Bad security quote of the day goes to Dale Peterson: "... and there are no zero-days in these security products."

Uh, yeah... While I concur that wireless is being used inappropriately in some areas (see my comment on his page), that statement didn't help Dale's argument much. (heh)

Getting the customer to speak

Tate Hansen, over on Clearnet Security has a post about getting the customer to provide input as part of a penetration test. It surprised me for two reasons: 1) I didn't know that it wasn't done and 2) it's so obvious an issue.

I'm not saying that I don't believe that the condition exists. People (and therefore organizations) tend to take the path of least resistance, so if the penetration testers don't ask, the customer is not going to offer up the information.

My surprise is that the question just doesn't come up. It may be because I'm the type to take a packet sniffer to a CTF contest. (Yeah, one of those that thinks that CTF is a spectator sport.)(I have Don M. at ODU and S-14 (hiya Pete!) to thank for that "bad habit".) To me, the "What did you see?" question is just so obvious that it's a "must ask".

I can also see how organizations fall into the practice of not participating in their own penetration testing. It may have something to do with that other form of security testing called the vulnerability scan. It's usually performed more often and requires no input from the customer, except during the remediation phase, and that is usually an internal process (e.g., the CIO may have some "'splaining to do" to the CIO).

The Hansen/Ranum/McGraw reference to the "badness-o-meter" is a good one. If your pen-testers have anything other than "we don't know" at the top end of the scale, the data they're providing about your level of security may be suspect. Pen-testing is an inverted business-model. The best you can hope for is: "We don't know. We failed." A few things to keep in mind:

  • This doesn't mean that someone else doesn't already know
  • It also doesn't mean that they won't know tomorrow or the day after
  • To quote a semi-cliche: "Security is a process, not an end state." (Dr. M. E. Kabay, 1998)
  • By extension, a pen-test is a snapshot of that process, not of an end state

Sunday, September 23, 2007

Security by fashion statement

Squidly1 pointed out a Dark Reading article (about the under-estimation of the "insider threat" threat) in IRC and (surprise!) it irked me.

My initial thought was "somebody is selling something". Upon reading the article (follow it to the daily blog to see the link), I discovered that I wasn't wrong. The reason for the articles existence was to make you overly paranoid about your users and get you to buy something to counteract the threat. If that purchase just happened to be the product mentioned in the article, so much the better!

My second thought was that this was another in a long line of "security by fashion statement" (bowel) movements. Think about it. We have a number of firms where "analysts" (those that aren't practitioners but are somehow (mysteriously) more knowledgeable) declare that one security method is "auld schoole" and there are much better, more modern, methods of performing such and such a function.

It's quite annoying. In the past five years, we've been told:

  • IDS's are dead, IPSs are better (thank you Gartner)
  • Anomaly detection is better than IDS/IPS
  • the firewall is dead
  • the perimeter is dead
  • SSL are the best VPN's
  • stateful inspection is better than application proxies
  • deep packet inspection is better than application proxies
  • application proxies are better than stateful inspection, packet filters, and deep packet inspection (What? You missed the resurrection of proxies by Gartner?)

And now you need to be so paranoid that your users' every key stroke needs to be monitored and analyzed for intent (yeah, that works well), to the degree that you must come up with "termination plans"? Oh and, by the way, we just happen to have this nice product that'll automate this process and make your life much easier.

A much better approach would be to have a realistic security policy and to use the tools you already have, especially the one behind your eyeballs. Most "insider threat" incidents are considered corporate embarrassments not because the incident occurred but rather because they weren't detected until after the fact. The majority of insider abuse is readily apparent, either in the virtual world (in log files) or out in the real world (people tend to talk about what so-and-so is getting away with).

Attempting to totally automate the process, in either the virtual or real worlds, is just a way of abstracting yourself further away from the problem. Network monitoring and management of people have at least one thing in common, they "automate" poorly in that an automated process can only handle "known" issues. Unique issues can always crash automated processes. (It's why we have web-based time sheets but still have entire HR departments.)

You want to properly deal with the "insider threat"? It's easy. Show "trust" in your users. It's okay to "verify" but a certain degree of monitoring but it has to be at a level that your users are comfortable with.

Also, use the tools that you already have. Automated log file reduction is fine, but you still need human review of the remaining entries.

The firewall, the IDS, and security boundaries are still valuable. So's enforceable policies, deep packet inspection, stateful firewalls, and anomaly analysis. They each have their place in your toolset.

Companies such as Gartner like to bank on the fact that you've forgotten that none of these technologies are mutually exclusive. While "layered defenses" may be an offensive term to some, the existence of multiple protections which co-support an overall security policy is still a good idea. Just don't take the human factor out of it.

I've got news for you: If you run a totalitarian environment (AKA micro-manged, micro-monitored), every single one of your users will be evil and you'll end up wondering why your organization has such a high turn-over rate.

Save your cash. Also, keep in mind that the less flexible a system is (the degree of tolerance it has), the more brittle it is and the more spectacular the failure will be when it does go. This goes for machine systems as well as for people.

Thursday, September 20, 2007

FC7, an NVidia 6340 LE, and a SyncMaster 940BW

For the better part of this year, I've stuck with the commercial version of Mandriva 2007 because it was one of the few distros that automatically recognizes my video card and monitor. For those that know me, this is an extremely long time for me to stick with one distro.

Not any more. I've needed to install Fedora for a few toolsets that I've wanted to play with and finally had the time (I took a day off) to install Fedora and figure out how to get the video configured properly (usually it'd come up with bars on the side and no mouse cursor).

Fixing both of those problems was pretty straight forward. The mouse involved turning off the hardware driven cursor. The video involved trashing the Fedora drivers and grabbing the binary off of NVidia's site and letting it compile new modules.

I've stuck my notes in the wiki.

Sunday, September 16, 2007


Thanks to Mubix, I've added WHOIS.sc, CentralOps.net, ServerSniff.net, and Maltego (formerly Evolution) to the network forensics wiki page. The last three are intriguing in that they provide a number of other functions. I'm especially interested in Maltego as it supposedly does some basic relationship linking and has both a GUI and a web interface.

Saturday, September 15, 2007

Shmoocon CFP is open

Step 1: Announce date of con (done)
Step 2: Annouce CFP (in progress)
Step 3: Devise ticket sales scheme that (hopefully) won't anger the natives (TBD)

Wednesday, September 12, 2007

Memory limitations

Note to self: Zoneminder cannot display video on top of the Beryl/Emerald window manager. There's not enough video memory to support both.

Monday, September 10, 2007


I forgot to copy .config before compiling! Aaauuugh!

Shmoocon CFP

For those not watching for it, the Shmoocon Call For Papers is now open.

Need to choose

I'm also having to decide (shortly) on a topic for this semester's term paper. As I blogged previously, Rob has encouraged me to work on one of the IPv6 vulnerabilities. I've tried to counter with an analysis of FastFlux. Both look interesting.

The IPv6 work would be more directely related to the "Attacks" class. Rob suggested it knowing that I'm one of the few students with IPv6 at home.

I'm interested in the FastFlux problem but I'm wary of where it might lead (remember, the problem is based on problems within the domain registration infrastructure). Then, too, it may also run into one of any number of dead ends as there is a massive bureaucracy between ICANN and the hosting providers, with the registrars in the middle). Without the ability to subpoena a number of people, investigation is limited to what you can extract via the local terminal window. Corruption at the hosting provider or registrar makes it that much more difficult.

I'm a bit discouraged but not yet put off by that. Initial investigation of two FastFlux domains shows a massive number of systems attached to the Storm Worm (amazing since, for most of those boxes, someone had to click on "Click here" to get infected).

In any case, I've got to choose soon. Rob's deadline is coming up fast.


I'm offline for a bit, while working on getting one or more Zoneminder boxes up and running. Getting a system up and running, with the MythTV plugin, is an exercise in taking two steps backward for every three forward (i.e., the distance from point A to point B is the same but you travel 5x the distance to get there).

So far the install has included:

  • installing the system from scratch
  • turning off/removing unneeded services/software
  • setting up access to the PLF repositories
  • adding needed RPMs
  • configuring the new services
  • building the kernel from source (no install, just need the syms for compiling other stuff)
  • All this before even compiling pvrusb2, MythTV and Zoneminder. Luckily, most of the above could be done by sitting down at the console every 20 minutes or so. It is a bit tedious though. Makes me think that I should have tried one of the Zoneminder LiveCD's first. (I didn't because there's a number of things I want to do that probably aren't in the LiveCD.)

    Thursday, September 6, 2007

    Where's stupid?

    If I asked you to point out the IP addresses of one hundred stupid people, could you do it? (Doug, you're not allowed to answer.)

    How about a thousand?

    Ten thousand?

    Seven hundred fifty thousand?

    It's actually very easy to do. Remember Gnutella? Google does. Sheesh! And you thought the RIAA had to do something sneaky to get it's target IP addresses.

    Hint: If you must view those links, I recommend clicking on the "Cached" link as most of those entries are offline at the moment.

    Wednesday, September 5, 2007

    Request for help

    If any reader is an expert with Alsa, I could use a hand. I'm having a nightmare of a time getting Alsa to work with multiple input/output options. The current set up involves a built-in sound card, a Logitech USB headset, and IDJC (which requires jackd). That means at least three outputs and three inputs (not counting any other software-based sources/loads). I can get IDJC to work with either the sound card or the headset, but not both.

    Any help (or pointers to documents other than the ALSA wiki) would be greatly appreciated.

    Sunday, September 2, 2007

    New(er) Asterisk Book

    Dave, of The Asterisk Blog, has pointed out that Asterisk: The Future of Telephony, 2nd Edition has hit the streets. I highly recommend the book, in either edition.

    Shmoocon '08

    Heads up folks! Shmoocon '08, Wardman Park Marriot, 15-17 Feb. This year does not bode well for conference facility sharing (remember, 2008 is an election year and they stated at the last conference that all but three weekends were booked for 2008).

    Saturday, September 1, 2007

    Porn Glossary?

    Yikes! More developments in why I get weird browser referral entries: seems that SpraakService (a Norwegian version of Babelfish) has my glossary listed as "The Free Encyclopedia: Glossary of Porn" (hit ctrl-F and search for "joat"). The intent of the glossary is to support the wiki and to provide non-dangerous links to definitions for use at my job (I no longer work there though).

    I learned about all this via the installation of Google analytics. It adds a number of behind-the-scenes accounting features that have confirmed a number of suspicions about visitors to the site and has pointed out a few other new data bits (such as SpraakService).

    Looks like the wiki may have picked something up in the translation... (heh)

    The end of a long week

    Wow. I survived yet another really long week. The week started with me sitting in the emergency room, last Saturday night. It was my son's semi-annual pilgrimage to get treated for asthma/pneumonia. The SANS class started Sunday morning and I've been in sleep deficit ever since (I managed to annoy the instructor by standing in the back of the room a lot and making a large number of trips out of the room to recycle the massive amounts of coffee that I was drinking).

    In any case, the CTF was today. I captured two of the team flags. We didn't take first (or even second) but we had a very good time as we were doing it (translation: the rules didn't prohibit adding content to the web pages). To whomever it was that left the ptrace-kmod exploit laying around in one of the user accounts, thank you. I was able to repair the bug in the source code and use it.

    In any case, my son is fine (if you don't count him being a 200 pound assinine eating machine when he's on steroids) and I have roughly three months to recert GSEC and six months to do my GCIH.

    I also picked up quite a few topics for research during the SANS class (tracking FastFlux, tracking browser header alteration by spamware, etc.). I'll need them as I decided to crash Rob's Attacks class since we couldn't get enough participants for the Continuing Case Studies in Forensics. Maybe next year?

    Thanks to the others in the fourth row/left side of Ed Skoudis's class this year. I enjoyed the class/exercise.

    Tuesday, August 28, 2007

    When USB ain't

    There was an (non)incident at SANS Virginia Beach yesterday that irks me more and more as I continue to think about it. It involves manufacturers "adapting" industry standards (and, no, it's not the old embrace and extend rant). Each student in the wireless class was issued a set of survey "gear" which included a USB-based GPS interface.

    One student had a high-end laptop with a number of USB ports on the side and back surfaces. Upon plugging the USB GPS into the side port, he noticed that the LED was quite dim (where other students' LEDs were bright). Thinking that he might have a bad GPS (they're available online for about $35.00), he borrowed the next student's GPS. Upon plugging it in, it too showed a dim LED.

    End result: two fried GPS's. Cause: Turns out the manufacturer modified the power spec for the side port, to allow for USB DVD drives.

    I won't say who the MFR (feel free to use both definitions of that acronym) is, but you can bet that their entire line of products won't be on my list of prospective buys when it comes time to buy a new laptop. I shouldn't need to worry about my laser mouse burning a hole through the desk (and my leg). MFR's: stick to the dang specs! If you're going to modify a connector's spec, modify the connector too!

    Sunday, August 26, 2007

    SANS Va. Bch.

    If anyone's attending SANS Va. Bch. (this week), give a yell. A few of us from the area are also attending.

    How high?

    Get a bunch of geeks together, 2/3's of which are licensed hams, all of which are experimenting with 802.11, and invariably the question comes up, "What would we need to do to stand up a wifi connection between our houses?" For once, I provided amazement by figuring out how high the antenna towers would have to be using only a web browser.

    The trick is determining exactly where your two end points are. For most U.S. cities, this is easy:

    1. Go to Maporama.com and enter your address in the "MAPS" box in the upper left, then click on the little orange arrow on the bottom right of the box
    2. Maporama may present a list of possible sites. If so, find yours and click on it.
    3. The lat/long for your site will be in the "INFORMATIONS" box under the map. Write that down.
    4. Repeat the above step for your other end point.
    5. Put your lats and longs into a lat/long distance calculator to get the distance
    6. Divide your distance in half and use a Fresnel zone calculator like the one at RadioLAN. (Hint: the Fresnel zone is largest at the mid-point.)(Don't forget to use 2400 MHz!)
    7. Divide the results by 2 to get the minimum height of your antennas.
    8. Keep in mind that this assumes no obstructions between the two antennas and that both antennas are the same height. If the obstruction is nearer one of the antennas and/or the antennas are different height, the math is a bit more complicated.

      The above does make for a good off-the-cuff W.A.G. though.

    Saturday, August 25, 2007

    You can't do that!

    More in the ongoing silliness that is part of the SCO trials... Is SCO really telling Novell that you can't drop the charge against us?

    Amazing. If Novell were a police officer and SCO a suspicious looking character whom Novell stopped near an alley, I think that SCO would be subject to a sobriety test after stating something like that.

    You can't make this stuff up.

    Thursday, August 23, 2007

    Unintended consequences?

    Lawmakers are currently working on a bill called the "Truth in Caller ID Act of 2007". I have issues with it in that:
    • it is vaguely worded. "Inaccurate" and "misleading" are undefined, meaning they are left up to interpretation, both by law enforcement and the legal system (meaning that it will be up to case law to determine the definition).
    • the wording of the law allows for a non-judicial entity to interpret the law
    • the law does not define who is allowed (or how) to monitor the Caller ID "system" (Remember, it is a loosely worded protocol agreed upon by a collection of "peered" communications companies)(Does the fact that I own/manage/use a number of Asterisk boxes make me a communications entity? An infrastructure owner? Am I POTS (see below)?)
    • it strikes me as being worded like a statute (no need to prove intent) (but hey, I am not a lawyer so...)
    • it is intended to protect an insecure protocol (with poor implementations) that was never intended to be employed as a legal form of identity
    • Caller ID is not a universal service
    • There's no definition of "POTS". POTS stopped being 100% analog lines and hardware switches decades ago.
    • the wording of the law protects only a specific industry (POTS)

    It is this last issue that caused the title of this post. Given the move away from POTS to IP-based services (POTS has been losing ground to special purpose (usually smaller) carriers for years. Vaguely worded laws get enforced in all manner of ways unintended by their authors. I think that this law may just push various user communities (industries in particular) away from POTS. (i.e., Caller ID will be whatever the company wants internally.

    Organizations like autonomy in controlling what they have, especially internal infrastructures. I don't see this as improving organizations' relationships with "the phone company". Think about it. Anyone receiving a phone call from any one of 400,000+ phones internal to Microsoft (as an example) will probably only see "Microsoft" in the Caller ID, even though the capability is there to show "S. Jobs" (or whomever).

    [Yeah, I know he doesn't work there.]

    Hmmm... This may create a niche industry for Caller ID interfaces (internal call recipients see one thing, external another).

    Monday, August 20, 2007

    Congratulations Matt and Michelle!

    Congratulations Matt and Michelle! For those that didn't attend, their wedding was this past Saturday. For those that did attend, I believe the pictures will be developed some time after their return from Vegas, so you have about a week to come up with "alternate" stories. (heh)

    Matt/Michelle: I wish you many happy years to come!

    Wednesday, August 15, 2007

    Spook Country

    Almost forgot: Spook Country came out last week. For those that don't recognize the title, it's yet another good William Gibson book.

    I've been attempting to read it only in dribs and drabs, putting off any heavy reading until I'm on a 12-hour trip coming up in the near future.

    Sunday, August 12, 2007

    Vista's Firewall

    I guess the paradigm "advanced" is actually a relative term, at least when it's applied to the firewall included in MS Vista. This SANS paper points out a number of short-comings at the same time proposing that it may eventually "provide the perfect solution".

    Oh come on! It's just a packet filter, and a poor one at that! They've tied Layer 4 to Layer 7 (specific applications have specific ports) but somehow skipped everything in between (protocol matching, state tracking, etc.). Where's the ability to add functionality (modules) as needed? How about some decent logging facilities?

    While I do see the need to keep it simple (the majority of users can't configure a firewall, much less a WWVB-controlled clock), I disagree with the authors in that this is an absolutely royal piece of dung. This has less functionality than one of the pre-1.0 versions of ipchains (hint: a decade ago).

    The majority of third party firewalls have much more capabilities. Unfortunately, only those companies who pay tribute to the OS maker are allowed to run their firewalls on Vista. "Advanced" is a relative term in this case because MS gets to filter its competitors.

    And before I get accused of MS bashing again, the technology is not what is at issue here. This is "innovation" (i.e., salesmanship) from the marketing department (i.e., putting lipstick on the domestic Sus and expecting someone to kiss it). Anyone want to call "shennanigans"?


    For Edwin, here's a list of AP firmware replacements.

    Saturday, August 11, 2007

    WRT54GL and Kamikazi

    Yesterday was definitely NOT "my day". I ended up: chasing escaped dogs (not mine), blowing out the porch light, splitting the crotch in a pair of dress pants, stepped in dog poop, and arriving at work to find that the A/C had quit. To top it off, a coworker and I managed to semi-brick a pair of WRT54GLs late yesterday by trying to install OpenWRT Kamikazi on them. (Hey, nobody reads ALL of the docs!) (For those that don't know, Kamikazi doesn't work on the GLs yet.)

    In any case, after a number of failed attempts to reflash the APs, we gave up and went home. This morning, reading deep within the docs, I discovered the following method for pushing WhiteRussian RC6 on top of Kamikazi:

    1. Grab openwrt-brcm-2.4-squashfs.trx from the OpenWRT site. It is a generic firmware for just about any Broadcom chip set-based AP.
    2. Assuming that you have a Linux box, put that file in the root directory of your web server. I also changed the name of the file to openwrt.trx (for simplicity.
    3. Boot the AP into failsafe mode (Press either the front or back reset buttons after the DMZ LED lights up. Hold it in until the DMZ light starts flashing.)
    4. Telnet to (your box has to be within the 192.168.1.x IP range). Note: it may do nothing for a moment. This is because the AP is attempting to perform a DNS lookup, for which there is none. Just let it be. The DNS query will time out and the command prompt will show up.
    5. Run the following command: "wget -O - | mtd -e linux -r write - linux" (without the quotes and use the IP for your box). Again, it will stall while the AP attempts to do a DNS lookup. Let it be, it will start moving again. Once the file is fully downloaded, DON'T DO ANYTHING!!. The AP will write the firmware to memory and then reboot itself. It'll be safe to use once the power light stops flashing and the DMZ light goes out.
    6. Point a browser at to be sure it's working. Click on Status (or one of the other options). It should prompt you to enter a new password for root.
    7. Click on the "System" link at the top to take you to the System Settings page. Change boot_wait to "Enabled". Click "Save Changes". Click "Apply Changes". (You may want to SSH or Telnet into the box to verify that the boot_wait is enabled (Use "nvram show|grep boot").
    8. Not to jinx things, but it may be a good idea to re-reflash the firmware with a dedicated version of OpenWRT, using the TFTP method.

    After that, it's up to you. Visit the OpenWRT Wiki for ideas.

    Thanks to whoever it was that added the trick to the OpenWRT's Installing - OpenWrt page. Jon Dowland, maybe?

    Put on your hard hats!

    Psst! Hey! Wanna watch a company implode overnight? Of course, various journalists have different views of what the loss means to SCO: certain journalists make it appear as a small loss, others are closer to the mark. I think in the coming months we'll see a company ripped to shreds by customers, investors, and lawyers (probably not in that order though).

    I wonder if any criminal cases will arise from this. Civil cases most definitely.

    Update: the first link above (to Groklaw) is offline at the moment, probably due to a massive number of people trying to read about the decision.

    Wednesday, August 8, 2007

    Asterisk Users Conference Call

    Found the following in Bloglines this morning: the Asterisk Users Conference Call, a weekly conference call (Talkshoe feed included) for Asterisk users. I won't be able to participate much due to the time of day that it's held, but I'm definitely going to check out the archives.

    Monday, August 6, 2007

    Prime Time Tonight

    For those using my URL hack (for SageTV) to display what's on TV for specific channels, here's a new twist: If you add "starthr=20" somewhere after "EpgGrid?" you get to see tonight's primetime listing... I've added the notes to the "Customizing the SageTV web interface menubar" wiki page.

    Saturday, August 4, 2007

    Startup script for SageTV

    I finally got around to building a proper startup script for SageTV and dropped a copy in the wiki. Please keep in mind that this works on my Mandriva-based setup. Your mileage may vary. Mangia!

    Friday, August 3, 2007

    San Diego

    Apologies for the lack of posting. I was in San Diego for a conference and neither hotel had useable wireless. I did manage to introduce a coworker to Frys Electronics and, for myself, picked up a couple more 54GLs and some really crappy VoIP boxes to play with. More about them later.

    Saturday, July 28, 2007

    Slimserver/MPD boot sequence

    Note to self: Make sure Slimserver is up and streaming before you turn on MPD. Otherwise, MPD cannot chooses a bit rate that is likely not to match the stream's rate (results in Alvin & The Chipmunks-type voices).

    Wednesday, July 25, 2007

    (IN)Secure Magazine

    Heads up! Issue 12 is out.


    Next up on my experimental list is the Internet DJ Console. Contrary to some complaints about the software, IDJC compiled just fine. (Okay, I did have to go hunting for a Python package or two.)

    I've got a couple ways of experimenting with it. One with an internal Shoutcast server, streaming to the nodes in the house. The second one involves taking advantage of an open spot on the Hak5Radio server (if those guys will tolerate it). I've been told to try a mixture of Southern Baptist Gospel and Leonard Cohen. (JK! Just checking if you guys are awake.)

    Monday, July 23, 2007

    Spook Country

    Reminder to self: There's only a handful of days left before William Gibson's latest book, Spook Country is released.

    Sunday, July 22, 2007

    Magic quotes and MediaWiki

    I went to upgrade the wiki so that I could play with some of the newer extensions. Problem was, the old trick of adding "set_magic_quotes_runtime(0);" to the index file wasn't working.

    However, thanks to this page (sorry, I don't read Russian), I have the new work-around.For those interested, add the following as the second line in index.php: "ini_set('magic_quotes_runtime',0);". You may need to add it to the index.php in the config directory too.

    If this helps, please pass it on.

    Saturday, July 14, 2007

    Captive portal notes

    As an experiment, I decided to try eating my own dog food by following the notes that I made for building a WiFiDog-based captive portal. They were mostly accurate but somehow I left out the part about loading OpenSSL. That has since been rectified.

    Wednesday, July 11, 2007

    Telent and SMTP

    LonerVamp pointed out a post about the technique for testing/sending email with telnet which has been well-known (at least amongst *nix admins) for decades. I'm surprised that the topic is considered news at all as it's quite old. In any case, if you're a mail or NOC admin, it's a "need-to-know".

    One thing not mentioned is that this technique can be employed to create a whole lot of evil. While outward facing SMTP servers are normally protected against this kind of abuse, internal Exchange servers usually aren't. More than one security manager that I've worked for has received periodic beat-your-admins messages from the Easter Bunny and Santa Claus. (Disclaimer: I rec'd permission to do this beforehand!)


    I'm just a bit ADD this morning. In reading Bloglines, I saw Jason Scott's post about backtracking referrers for vanity, which led to my "borrowing" his techniques for vanity RSS feeds, which led me to Average Admins (thanks guys!), who I've also added to my Bloglines subscriptions. The site is geek-centric but looks interesting.

    Sunday, July 8, 2007

    Linksys WRT54G Ultimate Hacking

    After a month of having the back order of my pre-order being reordered, I finally have my copy of the book. The bad news is, I read through it in two days (still can't type well). The good news is that, even though it rehashes a lot of the basics, it contains enough "nuggets" of new (to me) material to make the purchase worthwhile.

    WiFiDog and Squid

    One of the shortcomings of WiFiDog is that it employs its own limited syntax to manage iptables rules on the fly. If you want to add transparent proxying (via Squid), on the same system, it's quite difficult to get the proper table entry to load after auto-starting WiFiDog. The proper table entry is:

        iptables -t nat -I WiFiDog_WIFI2Internet -i eth0 -m mark --mark 0x2 -p tcp --dport 80 -j REDIRECT --to-port 3128

    I got quite frustrated in trying to script the table entry, post startup. So much so, that I attacked the source code and figured out the following, slightly buggy, patch:

        iptables_do_command("-t nat -I WiFiDog_WIFI2Internet -i eth0 -m mark --mark 0x2 -p tcp --dport 80 -j REDIRECT --to-port 3128");

    When you're building WiFiDog, after you've run the autogen script and before you run make, add the above to wifidog/src/fw_iptables.c, after the last line containing "TABLE_WIFIDOG_WIFI_TO_INTERNET". After running "make" and "make install", all you have to do is turn on transparency in your Squid box.

    I said "slightly buggy" because, by itself, it prevents admin logins. I managed a work-around by adding a high-port listener to Apache (I was pressed for time). When I'm able to access the system again, I think that the fix would be to add another line, just before the one just added, that prevents redirection of traffic to the auth server.

    I'll keep you posted. I'm annoyed enough that I'm looking at tweaking the source code.

    Friday, July 6, 2007

    Hey brother! Got some spouse points you can spare?

    If anyone's been watching the RSS feed for the wiki (there's actually 8 subscribers in Bloglines)(thanks!), you'd notice a ton of edits to the wiki. I've put in much work on the captive portal pages and, last night, added KNut configuration. I had to. It was a matter of personal safety!

    I arrived home from work yesterday, to a house that had been without power for a little over an hour, to a wife with blood in her eye. Seems that when the power went out, a number of devices started complaining about lack of power: the burglar alarm, the smoke alarm, and a small unobstrusive UPS that I had snuck in during a long-running moratorium on hardware purchases.

    "Make it stop." was all she said.

    After the power came back, I quickly configured Nut (Mandriva had detected it during the install and had loaded it) and installed KNutClient. The bad news is that the beeper is hardwired (it won't turn off). The good news is that I now have another set of metrics to play with.

    Now I just need to figure out how to explain that there's no feature to silence the beeper without losing the UPS entirely.

    Hmmm... Maybe an upgrade to a better UPS might be possible?

    Wednesday, July 4, 2007

    WiFi Portal

    Put in a ton of work on the captive portal today. After roughly two weeks, I finally have all of the dependencies (save one optional package) for WiFiDog installed and at least partially documented. Ongoing notes are in the wiki.

    Monday, July 2, 2007

    Injured list

    My apologies for any weird spellings and typos in the wiki and here. An elbow injury triggered an episode of arthritis in the joint (some swelling, a little pain, mostly inflexibility) which has since devolved into a nasty bout of carpal tunnel. I have a project due for presentation in ten days so I'm having to type a lot with just my left hand.

    It makes for slow going, enough so that I'm relying on spell checkers to catch my mistakes. If you've ever tried to do this, it can create some very silly sentences.

    Please, if you see any weird spelling/grammar, point it out.

    Monday, June 25, 2007

    Cidero XP

    Chet prompted me to try out installing Cidero on the XP platform. It's a bit involved but not very different from the Linux install. Here's my notes:
    • Downloaded CideroApps_windows_1_5_3.exe (the first one on the list)
    • Tried to run it. Got prompted to install a suitable JRE.
    • Went to Sun and downloaded the "Java Runtime Environment (JRE) 6u1" (online install version)
    • Installed the JRE ("Typical Setup")
    • Ran the install tool for Cidero (used default settings)
    • cd'd into C:\Program Files\Cidero\db\radiodb\AllStations\
    • Copied AmpedOut to SlimServer
    • Right-clicked on SlimServer and chose "Open with" and Notepad
    • In the dc:creator and dc:title lines, changed "Amped Out" to "Slimserver"
    • Changed the dc:description content to "Joat's Slimserver"
    • Changed the URL in the dc:relation line to
    • Changed "x-scpls" to "mpeg" in the first res line
    • Changed the bitrate from 16384 to 8192. 16384 is for playing 128kb streams, 8192 is for 64kb streams. Most of the podcasts I listen to are 64kb. You can add additional res lines for different bit rates but it might be a good idea to identify them with different names (you'll probably need separate playlists on the Slimserver also)
    • Changed "http://www.ampedout.net/ampedout-128k.pls" to "" in the first res line
    • Delete the second res line
    • Saved the file and exited Notepad
    • Started RadioServerProxy from the Start menu
    • Started MediaController from the Start menu
    • Under Media Servers in the "Cider UPnP A/V Controller" Window, click on CiderRadio
    • Under CiderRadio, click on the little toggle next to AllStations
    • Under AllStations, click on the toggle next to SlimServer
    • Click on "Slimserver - MPEG/64k" (this will add it to the right-hand window)
    • Assuming that your DSM-320 is turned on, it should show up in the "Media Renderers" window as "My Media Player" (if you didn't change the default setting on the DSM-320). Single click on that to bring up the player window.
    • Back in the "Cidero UPnP A/V Controller" Window, under the Music Tab (right hand side), single click on the Slimserver entry to highlight it
    • Click on the "Add Tracks to Play Queue" button. This should add Slimserver to the playlist in the "My Media Player" window
    • Click on the Play button in the "My Media Player" window. You should see the timer start counting.
    • Make sure your Slimserver is running. Point a browser at (or whatever the IP address is where you installed the Slimserver software.
    • There should be an IP address in the upper right-hand corner of the browser. Make sure that it's the IP for the system where you installed Cidero.
    • Choose a music source in Slimserver and add it to the MusicPlayer playlist by clicking on the little play button next to your selection.
    • Click on "Play" under "Music Player".
    • If the counter in the Cidero "My Music Player" window is incrementing and you don't hear any sound, wait a minute or so. There will be a 5-10 second delay between hitting play and hearing sound. If the no-sound situation persists, make sure that something is in the Slimserver playlist and that the IP address for the computer where you installed Cidero is installed.
    • Don't forget to bring up the Slimserver web interface, select your computer's IP in the upper right window, add music/podcasts to the playlist (bottom right) and click "Play" under "Music Player"
    • Go see if you hear any music coming out of whatever the DSM-320 is hooked to.

    I'll do a short video on this (like IronGeek) if anyone's interested.

    Sunday, June 24, 2007

    MS Surface spoof

    The MS Surface ad has always irked me. Yeah, it's innovation (in the marketing sense: they're selling it first) but it's not invention. The technology has been around for a couple years (and MS didn't own it, invent it, or until lately, support it). Maybe that's why I find the following video funny?

    Another thought: this is an interface for non-geeks. I mean, how many times can you reach for objects, in a manner such as those in the video, before your shoulder gives out?

    Face it. Power geeks work/play by moving as little as possible. Sometimes by twitching.

    Logitech USB Headset

    I've added notes to the wiki for getting a Logitech USB Headset to play audio (by default) under ALSA.

    Thursday, June 21, 2007

    New Wireless Distance Record

    While some may argue that it doesn't qualify because it looks like it used amplifiers, it is still an impressive achievement, given the line-of-sight limitations of 802.11. 237 miles, where both ends are on the ground, is not an easy thing to do.

    PDF-based slide set is embedded in the Wired article.

    Saturday, June 16, 2007

    SlimServer + Cidero == DSM-320 Streaming

    In playing with a really old DSM-320 that I've repeatedly neglected to throw out, I figured out how to stream my own media to it without having to run Windows and D-Link's MediaServer:
    1. Install the Java Runtime Environment.
    2. Download Cidero and install it as per site directions.
    3. cd into the db/radiodb/AllStations/ folder.
    4. Choose one of the files and copy it to SlimServer.xml.
    5. Edit SlimServer.xml. The "res" line is the only important one. It should read something along the lines of
    6. Delete any other "res" lines.
    7. Check the file permissions. Make sure that SlimServer has the same owner and permissions as the other xml files in the same directory.
    8. If Cidero is already running, kill it. (Stopping and starting from the main menu does not work. Kill the binary.)
    9. Fire up SlimServer.
    10. Start Cidero and find the SlimServer entry (you probably should customize the other data in SlimServer.xml to make it easier to find)(or delete some/most of those other radio stations).
    11. Use Cidero to tell the DSM-320 to start playing the stream (you have to choose the feed, select the renderer, add the feed to the renderer's play queue, highlight the line in the renderer's playlist, and hit the renderer's play button).
    12. Go check your DSM-320. It should be playing whatever's being passed through the SlimServer.

    Notes in the wiki shortly.

    Wednesday, June 13, 2007

    Where's are the bugs?

    I had a thought this afternoon that's been bugging the heck out of me: just where are all of the bugs in Safari coming from? The OS X version doesn't have them. Could it be that the bugs are in the underlying libraries? If so, are those libraries property of MS? If so, have most of the patches to IE been work-arounds, installed in the browser, to mask the bugs in the libraries?

    Are we sure who's at fault here? I'm not.

    Tuesday, June 12, 2007

    Slimserver + MuSE + Shoutcast

    One of the shortcomings with Slimserver (I was wrong in an earlier post) is that Slimserver doesn't work well with a high number of listeners. The audio gets very choppy. However, it's not a problem for me as I don't tend to run more than one client at any given time.

    In thinking about running a client for either end of the house (small sound system in the bedroom, bigger sound system in the den), I needed to test if two could be easily slaved to the Slimserver.

    Following the Streaming from Slimserver to Icecast howto from the Slim Devices web site, I was able to stream from LastFM to the Slimserver to MuSE to Shoutcast to the two clients, one running mpd, the other running vlc. (Read the howto for the description of why MuSE is needed.)

    Keeping in mind that all of this software was running on a moderately powerful dual core system, I have the following statement (recommendation?): the configuration is "doable". However, I don't recommend it for the less-than-heavy geeks as it's definitely a finicky setup (it's not low maintenance).

    Most of the issues I experienced (segfaults and just-not-working situations) centered on MuSE. Does anyone know of a workable substitute for MuSE (the Multiple Streaming Engine, not the publishing environment or the midi sequencer)?

    Sunday, June 10, 2007

    NSLU2, MPD, SlimServer

    I've organized and added more to the notes for the NSLU2/MPD/SlimServer page in the wiki. I've also added a list of the changes that I made to my version of MPD::Client.

    Thursday, June 7, 2007


    A friend convinced me to try out Jaiku. I don't really grok it yet but I managed to snag joat.jaiku.com so it ain't all bad (I usually end up fighting 3 or 4 other joats for handles). In any case, if you're interested in aggregating feeds from the blog, wiki, and Del.icio.us, use this feed from Jaiku.

    Next step: figure out how to export SageTV feeds into Jaiku.

    Tuesday, June 5, 2007

    Skype Asterisk Update IV

    Well, after a month of tinkering with the Chan_Skype software, I've decided to discontinue working with it due to a number of issues: non-locatable timeout, lockups of the VM when a call comes in from Skype, and overall annoyance with having to run a dedicated VM just to support the functionality.

    If anyone can recommend a better Skype-to-Asterisk bridge method, please let me know. In the mean time, I will experiment with whatever I can find and will post my notes here.

    Wednesday, May 30, 2007

    SageTV Favorites

    The trick I came up with to quickly list your most used channels can also be adapated so that you can search for near-future listings of your favorite shows. You may need to perform a couple sample searches (hint: "Heroes" is not that unique of a name) to optimize your search strings. Here's a screenshot of mine:

    Tuesday, May 29, 2007

    Skype Asterisk Update III

    One of the problems with running the Skype-to-Asterisk bridge (chan_skype) in a VM is that the bridge stops working after a period of inactivity. It's been driving me bonkers for a week now as I've researched Skype, chan_skype, and Asterisk heavily, looking for the timeout. Then, on the way home, it hits me: the instance of Skype is actually running on top of VNC.

    The short version: tenative (I haven't proven it yet) kudos to Bruce Nepple for this post which discusses setting VNC's timeout option. Hopefully this will fix it.

    Saturday, May 26, 2007

    Editing the Sage menu

    In the wiki, where I describe how to customize the SageTV web interface menu bar, I'm not kidding when I say that you have to hit the refresh button. From the browser's point of view, the menu bar is a unique entity (separate from the rest of the content) and isn't handled in the same manner. Short of clearing all stored content from your browser, using the refresh button is the only means of updating the menu bar.

    Hopefully this will head off any further questions...

    Friday, May 25, 2007

    MPD interface

    Since I'm running MPD on the NSLU2, it can be a pain to open a terminal, fire up ncmpc, and adjust the volume or tell MPD to connect to something other than the SlimServer. Because of this, I adapted Thomas Morgan's PHP-based Client:Mpd.
    It works okay without modification (be sure to edit the "host" entry in both index.php and playlist.php) but I found the text-only interface to be a bit too spread out. So, I replaced the text in his links with graphics, reordered them, changed the link colors, and added a meta refresh to index.php.
    The end result is a bit cheesy (I need to find a decent set of graphics to "skin" this with) but it's functional:

    Skype and Asterisk Update II

    I've still not been able to get useable DTMF tones from SkyeIn to the Asterisk box. I'm reading claims that the problem is within Chan_Skype but I'm not so sure about that as the DTMF generator within the Skype client works just fine.

    Tuesday, May 22, 2007

    Skype and Asterisk Update I

    From various experiments, this past weekend:
    • the keypad within the Skype client produces DMTF which can control/respond to Asterisk
    • calls via SkypeIn do not
    • voice applications running on Unbuntu-based VMs tend to steadily degrade over time (but probably can be fixed)
    • the personal version of Chan_Skype is designed so that it only works with one license per machine (i.e., if you want multiple channels, you have to buy the business license which costs 5x more per channel)
    • the Chan_Skype people need to work on their versions (currently limited to outdated versions of Ubuntu and Fedora)

    In short, I like the product but really hate its shortcomings.

    Monday, May 14, 2007

    Skype and Asterisk

    It's amazing what a little extra free time allows [(heh) I'm not having to write content for class as it's summer vacation!]. In any case, I can now say that it is possible to hook Skype to Asterisk. No thanks to the worst documentation that I've seen, this side of the millenium, I now have a demo Skype-to-Asterisk bridge running. Next on the agenda, find out if DTMF works well enough to control Asterisk, move it to a production machine, and post my notes.

    For now, let me say that there are a number of drawbacks which some may be able to live with, some not. For a $20 license, I don't consider it to be too bad of a product.

    Sunday, May 13, 2007

    Busy week

    I missed blogging all this week because I was in the mud, wrestling with chan_skype, trying to get it to work in an Ubuntu VM. It's a real pain to get compiled and installed. Hopefully I'll have it up and working shortly.
    Shouts to the Sploitcast crew who let me sit in on a conference call. The call actually went for 4+ hours today and I think that wlc already has it edited back to about an hour. Whether my comments survived or not remains to be seen. It was fun experimenting with TalkShoe and Skype though.
    To tell the truth, I mostly lurked in the call. I was actually working on getting a NSLU2 reflashed. Below is a screenshot of the final product (NSLU2 runing MPD which is listening to various streams, including the SlimServer on my desktop).

    Monday, May 7, 2007


    A really good video (pointed out by Dan Miessler):

    Life's little lessons

    [*sigh*] No matter how old you are, there's always something to learn. Today's lesson: just how greedy a company can be. Specifically, American Express. I needed to buy a $19 piece of software. Since I'm nervous about putting any information on the Internet, I wandered up to the local Walgreens to buy a pre-paid charge card. The smallest they had was $25. I bought it and paid the $3+ activation fee. (Total cost: $28.95)

    I then attempted to use the card online, at a site that uses PayPal to process customer purchases. My card was denied. In calling AmEx to find out why, I learned the following: the card is only good at sales entities which are direct customers of AmEx. They won't process "third party transactions" such as PayPal. When I asked for my money back, they offered me $15. ($28.95 minus the $3.95 processing fee, minus the $10 refund fee.)

    I've decided to keep the card. I'll find somewhere that accepts it (mebbe Starbucks?). However, I'm going to put about $3.95 worth of effort (this post should amount to that) into letting other people know about my experience with AmEx's Gift Card service. I should probably note here that neither their site nor the TOS document that came with the gift card talks about refusing to work with third party services (specifically PayPal). The closest the TOS comes to that is disavowing responsibility if the Merchant declines the card. (In this case, AmEx declined the transaction, not the merchant.)

    Bite me, AmEx.

    Saturday, May 5, 2007

    Semester end

    Whew! That semester went quickly! Thanks to all who liked the course. If you need anything off of the class wiki, please grab it now. Because this site is now hosted at the end of a much smaller pipe than it was at the start of the semester, I'm going to consolidate the class wiki into the joatWiki. The class wiki will be around for a couple weeks but I can't make any guarantees after that.

    Monday, April 30, 2007


    On a semi-related-to-yesterday's-post note, comes news that "podcast safe" music might not actually be all that safe. Whether or not there's any truth in in the scare, it seems that the RIAA has a legal trick that allows them to collect fees for any music, even if the songwriter, the performers and the distributor all sign documents that allow for free distribution of the song and/or performance. What we're talking about here is a statutory license. In reading the Copyright Law, I'm not so sure that the RIAA can legally perform such an action (remember, I am not a lawyer). I don't think that the law specifically considers situations involving Creative Commons licenses.

    This may be one of those situations where a judge needs to get involved to correct the difference between the letter and the intent of the law. If the RIAA does go forward with this (and damages the podcasting community), I hope that the judge allows for damages and legal fees.

    DVD Archiving

    I've admitted previously that I'm somewhat of a tech law groupy. The recent court case involving Kaleidesape and the DVD Copy Control Association will likely have repurcussions across a number of other cases. In short, the Judge stated (links here) that it's not illegal for someone who owns a DVD to change it's media. My read on it (and I'm probably wrong) is that someone forgot to include the definition of "authorized use" in the license agreement.

    If so, expect this hole to be closed in the near future.

    Saturday, April 28, 2007


    [*sigh*] Spammers have discovered the comment function in the wiki (I'm receiving anonymous test posts). Hopefully they've discovered that there's no autopost capability.

    Friday, April 27, 2007


    (heh) We can get Billy to take his medicine if we all work together. You hold his arms. You hold his legs. You sit on his chest. You pinch his nose shut and I'll drop the pills in when he gasps for air.

    Q: Who's Billy? A: You.

    Having lived a number of years, the "if we all work together" is one of those phrases that sets alarms off in the back of my head. The hidden meanings usually include: you're expected follow the speaker's "vision", the willing are expected to force the unwilling, and you're also expected to sacrifice something yourself. Keep in mind that the sister phrase to "if we all work together" is "if you're not part of the solution, you're part of the problem".

    The speaker's effort is one that goes counter to market forces. What he's asking is to force a single version of DRM upon a market that doesn't want it. Ignoring the fact that there is in-fighting over whose DRM should be used (driven by $$), this attempt is doomed to failure as you can only annoy your customers so much before they find new ways of entertaining themselves.

    The entertainment industry is in a spot where they should be beating up pirates and "playing nice" with their legitimate customers, rather than beating up everyone. That spot? How about: that piece of entertainment in your hand is considered a license to view/listen an intellectual work (i.e., it's virtual) only until you attempt to view/listen to it via an "alternate" format (e.g., CD vs. MP3). Then, it's considered a physical product in that you have to buy the entertainment again if you expect to access it via that different format. It's becomes confusing in that, should the plastic become scratched, the industry won't replace it (i.e., the virtual license is subject to physical damage).

    Is it any surprise that both sets of the music industry's customers (those that make the music and those that buy it) are experimenting with alternate methods to connect with each other. The incentive for doing so is that the music makers can get paid more for their work and the listeners get more work for what they pay?

    Markets are slippery things. You can only squeeze one so hard before it squirts sideways and takes on a different form. Personally, the only commercial music I've heard in years (other than the occasional live BNL concert) was either part of a television commercial (I don't watch much) or came out of my car radio on the way to work (when there weren't enough podcasts to get through the week).

    With apologies for the rambling...

    Wednesday, April 25, 2007


    You can thank DMiessler for the ROT26 silliness at the bottom of this page. I've added him to my list of people with entirely too much spare time. (Hint: hover your mouse over the graphic.)

    Monday, April 23, 2007


    I'm seeing a lot of press about how Silverlight runs on Windows, OS X and, yes, Linux. However, in going to the MS site, I can only find the Windows and OS X versions. There's a lot of "Q: What about Linux? A: We'll support it if there's enough demand for it"-type info but no binaries.

    I think that what we're seeing is yet another case of the media parroting without verifying.

    Sunday, April 22, 2007

    School Wiki going down

    For anyone whose been using the wiki for the wireless security class, I'm planning to incorporate the data from it into the main wiki and delete the school wiki. There's not much unique data so it shouldn't cause too much pain.


    Many thanks to Jon Schlueter, whose been wading through parts of the wiki, fixing my errors, adding content and suggesting links to still more.

    Jon, good luck with the thesis!

    Saturday, April 21, 2007

    Asterisk AGI

    Perl is giving me absolute fits in Asterisk's AGI (or rather, the AGI is giving me fits). Argh!!

    SageTV Menus

    (heh) Figured out how to edit the menu bar in the web server for SageTV. I've added the howto to the wiki. (Hint: look at EpgChannel)

    Thursday, April 19, 2007


    In doing spring cleaning, I came across my DLink DSM-320 again. Compared with the flexability provided by SageTV and MediaMVP, the DSM-320 sucked royally when I last used it. At first I wanted to offer it up as a trade for another MVP box. In doing the research for providing docs to go with it, I found an interesting looking piece of software called Cidero. Maybe I'll have a reason to keep the box.

    Anyone ever worked with it?

    Saturday, April 14, 2007


    Quite a few people have talked about how nice the AppleTV. Even Leo Laporte has commented on just how quiet the box is. I've been able to play with one for short bit and have two complaints:
    • It's more or less locked to iTunes (bleh!)
    • It runs hot, almost too hot to touch.

    I'm not saying that I don't like it, just that it needs improvement (which some have already undertaken). While it is probably a good choice for first-time non-geeks, I'm going to stick with SageTV and my MediaMVP boxes.

    Friday, April 13, 2007

    HaloScan Weirdness

    It took me a little time to figure out what was going on with the comments for the blog. The only difference between the code for the blog and the wiki was basically the site name and one target tag (I wanted comments for the blog to pop up in their own tab in Firefox).

    After troubleshooting for a couple nights, I gave up and set the target= tag back to what Haloscan suggests. Danged if that didn't fix it. It's going back to "annoying popup" status (it doesn't open a new pane in Firefox anymore, like I'd originally had it). Such is the risk when you rely on other people's code updates I guess...

    Anyways, back to your irregularly scheduled blathering...

    Class notes

    I've got some notes from last night's class, dealing with compiling Kismet2 (on top of a Backtrack2 live cd) and wireshark-inject, that I'll move from the class wiki to the main wiki and beef up with some screen shots.

    Give me a few days.

    Tuesday, April 10, 2007

    Shooting of the messenger(s)?

    Just when you thought the SCO v. IBM case couldn't get any weirder, it does. Methinks that someone at the SCO table has a vintage copy of the Illuminati card game. That or they're a distant relative of Steve Jackson.

    In doing the tiny bit of research for this post, I noticed that there's another expansion module out for the card game. I loved playing the game on Saturday mornings (yeah, when I was single), though I never owned a copy. I think I may thank Steve by tracking down copies of the game+expansions and buying them.

    Oh! Anyone want to start a pool on when SCO pulls the next weird thing? You don't have to name a specific event, the majority just has to agree that the event/incident is weird, strange, or amounts to conspiracy theory.

    Wednesday, April 4, 2007

    Bloglines subs

    Using the previously described Bloglines trick of finding ShmooCon related commentary, I've picked up a ton of new blog subscriptions. There's some interesting ones in there. If you care to take a look at what I subscribe to, go here.

    I'm now way over my self-imposed limit of 300 subscriptions. I'll be weeding out the list in the coming weeks. Enjoy!