News archive March 2012 - Koos van den Hout

Archive by year: 1999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017 | 2018 | 2019

2012-03-29 (#) 7 years ago
Interesting: Paul Vixie describes his work on the replacement DNS servers for the takedown of the DNS Changer network. An interesting read, and nice to see someone who has been active in DNS on the Internet 'forever' still doing good stuff.

Via Taking down DNSChanger: A first person account - Slashdot.

Tags: , ,
2012-03-28 (#) 7 years ago
@SilentUK no problem here, but don't expect lots of money from google ads
2012-03-28 (#) 7 years ago
With World IPv6 Launch Day coming up more and more places should be supporting IPv6. This time it is a "launch" and it should not be switched off the next day which should severely increase the urgency of fixing IPv6-related bugs.

Related news items:

Tags: ,
2012-03-27 (#) 7 years ago
DAB+ logo Nadat de eerste DAB+ content in Nederland beschikbaar gekomen is direct het nieuws dat de gebruikers van de toekomstige regionale DAB radio kavels kiezen voor samenwerking in de uitrol en de DAB+ standaard: Commerciële en publieke stations werken samen in DAB+ - Radio.NL.
Toekomstige gebruikers van de regionale T-DAB kavels hebben onlangs een samenwerkingsovereenkomst gesloten om te komen tot de uitrol van het digitale radionetwerk (DAB+) in heel Nederland.
Dus ik verwacht de komende jaren meer en meer DAB+ radio content. Waarbij eigenlijk het toekomstige 11C ensemble (landelijke commerciële zenders) niet al te lang meer op zich zou moeten laten wachten.

Tags: , ,
2012-03-26 (#) 7 years ago
A to the point and not telling it nicey-nicey article: Yo mamma so stupid she gonna become an SEO consultant - Tom Morris. The main point being: Wikipedia has actual content which people want to visit. Something which the SEO insultants have a hard time understanding or accepting. As one person involved in the Wikimedia foundation writes at Oh those silly SEO folks - Philippe Beaudette:
Wikipedia content returns because of a couple of factors:

Hold on… this one's hard… There's a lot of content. Almost 4,000,000 articles on the English site alone. Yeah, statistically speaking, we’re gonna dominate.

It's generally high quality content. Argue if you want, but when's the last time (Wikipedians, you don't count for this one) that you saw … personally… incorrect information on a Wikipedia article? It happens, sure, but the community is pretty good at organically fixing it.
Although I am quite aware of articles that need fixing where I don't take on that task personally because I don't have the inspiration for the right words or I foresee Wikipedia administrators undoing my work.

As I commented:
I would like the "SEO consultants" to first find a way to discourage trackback spamming / link spamming / wiki spamming and other abuses that cost me actual work, then thinking about delivering actual high-quality content.

Dear SEO spammers whining about Wikipedia's Google ranking: we actively don't care. by David Gerard

Tags: , , ,
2012-03-26 (#) 7 years ago
In the weekend I had some more time to play with rtl-sdr, the cheap software defined radio using rtl2832u based receivers. I tested with coupling rtl-sdr and gnuradio companion using a fifo, so I can do experiments 'realtime' and not with (huge) capturefiles. This works, which enabled me to listen to FM radio. I'm still looking what the minimum and maximum frequencies of the Fitipower FC0013 tuner are, but my guess is that the range might also be near 64 to 1700 MHz.

The good news is also that there are the first signs of a gnuradio block for this receiver on the site above, which means I can use it directly in gnuradio and retune it on the fly.

Tags: , ,
2012-03-25 (#) 7 years ago
And in other DAB news: transmitters have been allocated for a new multiplex in north-east France, but it is unknown at the moment what the plans are.

Block 10D, transmitters at Bar le Duc, Forbach, Longwy, Metz, Nancy, Sarrebourg et Verdun.

Changes found via checking: Bundesnetzagentur Senderdaten Rundfunk which besides all German transmitters also lists every transmitter for frequencies which are coordinated with Germany. I wish I could download similar files for the Netherlands.

Tags: ,
2012-03-24 (#) 7 years ago
According to A topic about MTVNL on radioforum (Dutch) MTVNL should be running the -3FM- service in DAB+ at the moment. This evening in a scan I find nothing at all. I expect either 11A (Hilversum) or 12B (Utrecht, in a previous test stronger than 12C..). DAB+ logo

Update 2012-03-25: The next afternoon I get MTVNL again with a running -3FM- service. And (very weak) both the DR Deutschland mux and the VRT DAB mux. Interesting propagation at the moment.

But when I had time to do a full scan MTVNL did not show up on the Noxon DAB stick at all and was very very weak on the pure one mini. My best guess: MTVNL is busy with testing and configuring. And I don't have a .dat file where -3FM- is a DAB+ service yet.

In the evening I get almost full signal on MTVNL again according to the Pure one mini, but with -3FM- giving minimal bits of audio here and there. Interesting testing going on at MTVNL! And I noticed during the scan the radio finds 3, 6, 15 services (the receiver doesn't show which channel it is scanning, but I guess with a linear scan means 3 MTVNL at 11A, 3 MTVNL at 12B and 9 Publieke omroep at 12C), but after the scan the MTVNL services only show once. I guess the radio detects certain identifying numbers being exactly the same and choosing the stronger version.

Update 2012-03-26:
-3FM- service in DAB+
Details of the -3FM- service on MTVNL: it's a DAB+ service now. I used Muxx Inspector to get service details.
Finally, the service running and time to do the scan with the Noxon software and check the results. Yes, it's the first DAB+ service in the Netherlands! The -3FM- service now runs smoothly, no interruptions in audio and quite a strong signal. I also noted services Visualradio and NL3 BIFS aren't available at the moment.

Tags: , ,
2012-03-20 (#) 7 years ago
The Noxon DAB USB stick I got as a cheap DAB/DAB+ experimenting device has hidden powers. A big part of the 'cheap' is because this device leaves all of the work to software. If I understand the discussions about the Noxon correctly, there are drivers to receive dvb-t signals with the same stick. Most development for the linux driver seems to be on the dvb-t side too.

I came across a webpage which puts this all in a new light: The whole device turns out to be a wideband tuner and an analog to digital convertor. Software has to do the rest. And now someone has written that software. Some clever thinking and discussion started by Antti Palosaari turned into rtl-sdr, a software defined radio using the RTL2832U chip. Together with my other thoughts about software defined radio where I thought about receiving and decoding D-STAR ham radio signals with for example a funcube dongle this means I already have a software defined radio. Time to capture some I/Q data and learn about gnuradio. The rtl-sdr software has already been used to receive Tetra signals (frequencies UHF 380 MHz .. 476 MHz) and GMR signals (satellite phone, L-band 1600 MHz). So I guess 70cm D-STAR should not be a problem.

Update 2012-03-21:
Spectrum of 3M broadcast band
Simple FFT (spectrum analysis) of data coming from the NOXON dab usb stick. Works in the VHF FM broadcast band, I can see various signals and verify their frequencies. With stronger stations I can use the wideband FM decoder in gnuradio and get audio. Click for full screen capture from gnuradio FFT.
Played with this, and I managed to receive an FM radio station and decode the stereo audio from it using the grc (gnuradio companion) rtl2832 to fm scripts mentioned here. Hearing a bit of radio received and decoded by hardware which absolutely wasn't sold to me with that capability is fun. Everything gnuradio is all new to me so most of the time I have no idea what I'm looking at and the noise in the Noxon stick is causing issues as usual.

Update 2012-03-22: Played some more, and added the plot. And I heard audio from some of the stronger stations. But I still have serious noise issues, even when moving the usb stick away from the computer with a long usb extension cable. As you can see in the plot there is not much difference between the noise level and a strong local station. The wideband FM receiver module available in gnuradio companion couldn't even decode the signal at 93.8 MHz (Slam!FM Noordbrabant) in the captured data.

Tags: , , , ,
2012-03-19 (#) 7 years ago
At work I started on a filesystem migration on a large raid-array. Large enough to use GPT partition tables, which was new to me. So I had to find out how to get GRUB2 running on a GPT disk, preferably without doing test-reboots before the real change. All this on a Ubuntu 11.10 system.

I read about GPT booting with grub2 at Sysresccd-Partitioning-EN-The-new-GPT-disk-layout - SystemRescueCd and Booting from GPT which shows that (re-)installing grub2 to a GPT disk is still quite simple:
grub-install /dev/sdg
But I want to check the new setup without multiple reboots (the system is in heavy use). I came across Boot Info Script which shows a lot of detail about the boot setup, including what I wanted to know:
 => Grub2 (v1.99) is installed in the MBR of /dev/sdg and looks at sector 34
    of the same hard drive for core.img. core.img is at this location and
    looks in partition 2 for ??.
Now If I make sure all the right UUID values are in /boot/grub/load.cfg, /boot/grub/grub.cfg and /etc/fstab, the new disk should boot fine.

Update: No it didn't, I got an error about the UUID in load.cfg, but I could continue grub2 with manual commands. I reran grub-install which strangely enough removed load.cfg completely. But afterwards the raid-array booted nicely.

Tags: , ,
2012-03-19 (#) 7 years ago
RT @sourceforge: @khoos http://t.co/a7UKXB4U
2012-03-19 (#) 7 years ago
Dear @sourceforge some people still want to get files using wget or lynx. Stop obstructing this.
2012-03-17 (#) 7 years ago
@pndc it gets worse when they use the caller-id to answer with 'Hi .., will you be having a ... pizza?'
2012-03-16 (As the NSA has already logged that I read this article, I might just as well share that fact with the...) 7 years ago
Google+Koos van den Hout : As the NSA has already logged that I read this article, I might just as well share that fact with the rest of the world.

An interesting article about the new data-vacuuming capabilities of the NSA. Laws don't matter, privacy doesn't matter, the NSA just doesn't want to get surprised again and spares no (US taxpayer) money in making sure.

The result? As described in the article: The former NSA official held his thumb and forefinger close together: “We are that far from a turnkey totalitarian state.”
2012-03-15 (#) 7 years ago
@Wilboard ;-)) let toch op je updates onder linux (ook plugins). Ook daar zouden dit soort aanvallen zich op kunnen richten.
2012-03-15 (#) 7 years ago
@Wilboard maar lees vooral http://t.co/UgN1KpzR
2012-03-15 (#) 7 years ago
@Wilboard wat ik lees is dat het iets dusdanig hardnekkigs is dat de veilige oplossing is systeem herinstalleren EN mbr herinitialiseren
2012-03-14 Obfuscated javascript in HTML mail virus attempts 7 years ago
For amusement I peeked into the HTML code in one of those Your Page is loading... mails. This one had as Subject: Fwd: Scan from a Hewlett-Packard ScanJet 673022.

The source code is obfuscated javascript. But with hints from Advanced obfuscated JavaScript analysis - ISC dairy I learned about spidermonkey which is available under Ubuntu 8.04 LTS (not under 10.04). With the js javascript shell and a few modifications to the script, changing eval to print I was able to find out where the code wanted to go next: http://dhjikjsdhfkksjud.ru:8080/images/aublbzdni.php. That name resolves to a lot of addresses:
$ host dhjikjsdhfkksjud.ru
dhjikjsdhfkksjud.ru has address 118.97.9.60
dhjikjsdhfkksjud.ru has address 125.19.103.198
dhjikjsdhfkksjud.ru has address 190.81.107.70
dhjikjsdhfkksjud.ru has address 200.169.13.84
dhjikjsdhfkksjud.ru has address 210.109.108.210
dhjikjsdhfkksjud.ru has address 211.44.250.173
dhjikjsdhfkksjud.ru has address 219.94.194.138
dhjikjsdhfkksjud.ru has address 62.85.27.129
dhjikjsdhfkksjud.ru has address 89.218.55.51
dhjikjsdhfkksjud.ru has address 95.156.232.102
dhjikjsdhfkksjud.ru has address 111.93.161.226
On the first try to fetch the above url I got something which looked a lot like http://www.google.nl/. But retrying this with a user-agent looking more like a recent MSIE gave me quite different html/javascript code (4057 bytes md5sum 2ebb9a7dfb9b10ffdd49d9b3f0a8c2df sha256 330c1362ac968da1e3c653a18d01c6464f1c40a717174659fcb6538b553bffea), Antivirus scan for 2ebb9a7dfb9b10ffdd49d9b3f0a8c2df The readable parts try to fetch:
  • As embedded shockwave flash movie: http://dhjikjsdhfkksjud.ru:8080/images/brcweqgshnxqh.swf (macromedia flash, 7790 bytes, md5sum 289a35c701f0d709dcd5e260478c26b6 sha256 b946c4a81e0b3458f8e74d93057fed084a4658d3a19f795761a4ae2c23a5b6d1), Antivirus scan for 289a35c701f0d709dcd5e260478c26b6
  • As an iframe: http://dhjikjsdhfkksjud.ru:8080/images/kobzfoivdpdzilx.php a PDF file with builtin javascript (13199 bytes, md5sum 5ed4daefc479824d64ec5daf48564b22 sha256 d9a6ffb89860c970bcd6f91ad74ff6ac44e94a51ba1850d7be5a518a4574955f) Antivirus scan for 5ed4daefc479824d64ec5daf48564b22
  • As a java applet: http://dhjikjsdhfkksjud.ru:8080/images/ftgvcoylgmdz.jar (13028 bytes, md5sum aefa842a18a8d19bb661107ba6e77699 sha256 4aa50efb99114bf4215e44f91d1aa5d818aa974b8a8cca2657454c2833b0a0a9) Antivirus scan for aefa842a18a8d19bb661107ba6e77699
  • As a java applet: http://dhjikjsdhfkksjud.ru:8080/images/jvkzcvdryzar.jar (13361 bytes, md5sum 68358f8f1fd6c01d7e29e445ca646623, sha256 dab184aeea5b8155155c0ebf55450b5cfd168bf59b744e447f7760fe1ba419c7) Antivirus scan for 68358f8f1fd6c01d7e29e445ca646623
As the virustotal links show these are all known attacks.

The rest of the html file is more obfuscated javascript. Searching for one of the md5sums finds me Fwd: Scan from a Xerox W. Pro #0099345 dropping Bugat - spamalysis where someone already did the same as I did.

Update 2012-03-15: Next day, Subject: Fwd: Scan from a Hewlett-Packard ScanJet #4101 and the next domain: dhjikjsdhfkksjud.ru. Again lots of IPs and really short ttl:
;; ANSWER SECTION:
dhjikjsdhfkksjud.ru.    60      IN      A       210.109.108.210
dhjikjsdhfkksjud.ru.    60      IN      A       211.44.250.173
dhjikjsdhfkksjud.ru.    60      IN      A       219.94.194.138
dhjikjsdhfkksjud.ru.    60      IN      A       62.85.27.129
dhjikjsdhfkksjud.ru.    60      IN      A       78.83.233.242
dhjikjsdhfkksjud.ru.    60      IN      A       78.107.82.98
dhjikjsdhfkksjud.ru.    60      IN      A       83.238.208.55
dhjikjsdhfkksjud.ru.    60      IN      A       89.218.55.51
dhjikjsdhfkksjud.ru.    60      IN      A       95.156.232.102
dhjikjsdhfkksjud.ru.    60      IN      A       111.93.161.226
dhjikjsdhfkksjud.ru.    60      IN      A       118.97.9.60
dhjikjsdhfkksjud.ru.    60      IN      A       125.19.103.198
dhjikjsdhfkksjud.ru.    60      IN      A       173.203.51.174
dhjikjsdhfkksjud.ru.    60      IN      A       173.203.211.157
dhjikjsdhfkksjud.ru.    60      IN      A       190.81.107.70
dhjikjsdhfkksjud.ru.    60      IN      A       194.85.97.121
dhjikjsdhfkksjud.ru.    60      IN      A       200.169.13.84
dhjikjsdhfkksjud.ru.    60      IN      A       202.149.85.37
dhjikjsdhfkksjud.ru.    60      IN      A       209.114.47.158
dhjikjsdhfkksjud.ru.    60      IN      A       210.56.23.100
dhjikjsdhfkksjud.ru.    60      IN      A       210.56.24.226

Tags: , ,
2012-03-14 (#) 7 years ago
RT @DNS_BORAT: Please to note Nintendo have no DS. #dnssec
2012-03-12 (#) 7 years ago
RT @twitjeb: Daylight Saving Time: Because time zones just weren't complicated enough.
2012-03-12 (A nice addition for the imported google+ posts) 7 years ago
Google+Koos van den Hout : A nice addition for the imported google+ posts
2012-03-11 (#) 7 years ago
Triggered by I killed the Internet - tnl.net I decided to have a look at the option of getting my own google+ postings and showing the results here on my pages just like I do for twitter. As you can see it is quite possible. Within the Google apis you can request google+ api access and get an access key. The Google+ api gives structured access to all information in JSON format. A bit of perl, with LWP::UserAgent and JSON later and I parse the google+ available data and put the needed information in a postgresql table which the homepage scripts can read from. It can use some improvement, such as showing attachments (links, pictures, shared posts) but this is a start.

This may look like "the wrong way around" from the viewpoint of the article, letting google+ have my data and pointing to it but at least google+ lets me liberate it and present it in the way I like, and will point back.

I wonder if I can do the same with LinkedIn. I got a bit annoyed that the 'amazon reading list' app on LinkedIn won't allow me to link directly to reviews on The Virtual Bookcase.

Tags: ,
2012-03-11 (""" You’re just a user? Awesome. Just start demanding the internet remain open. You came out (or at ...) 7 years ago
Google+Koos van den Hout : The article made me look up the options in google+ to fetch my own data. So http://idefix.net/ is still the place for everything "me" and social networks are an addition. The google+ api allows a lot of access to your data, with structure (+1's, shares, comments) fully available in JSON format. A bit of perl later and part of the data is available to the scripts behind my homepage.
2012-03-09 (#) 7 years ago
@BadAstronomer looks like the wrong week to quit sniffing glue
2012-03-09 (#) 7 years ago
One victim of the budget cuts at Radio Netherlands Worldwide (Radio Nederland Wereldomroep): Media Network blog will close 24 March 2012. Media Network blog is something I follow the last few years. I'll miss it.

Tags: , ,
2012-03-08 (#) 7 years ago
As mentioned at Ziggo begint met QAM256 - Digitale Kabeltelevisie (Dutch) my cable provider is switching to QAM256 modulation which allows for 8 bits per symbol, from QAM64 which allows for 6 bits. I noticed it today when checking the information for discovery channel. The signal strength is about 55% but the error rate is 0%, so reception is fine. This should give more services at some point in the future, but my best guess those will cost extra money too.

Update 2012-03-13: It's interesting how Ziggo can do this in production (I call it "in production" when a number of running services is only available in QAM256) with tech news sites only picking this up days later. And still calling it a test. Although they probably don't use the extra bandwidth so they can switch back.

Tags: , ,
2012-03-08 (#) 7 years ago
RT @higgis: Everything that is wrong with advertising in one handy photo http://t.co/JZB9OADf
2012-03-04 (#) 7 years ago
Remember the finger protocol? Once that was the way to publish information about yourself on the Internet before the whole worldwideweb thing and the concept of a 'homepage' started. But, finger gave/gives out too much information in the default settings, such as where you are logged in from (local terminal or network connection, complete with remote host name). I wanted to re-enable finger on my server at home, but did not want to 'leak' out this information. And I liked the concept of the 'people' command, which makes a list of users on multiple systems based on rwho data. But 'people' as a finger daemon likes to call the normal finger command when a name is given via the finger protocol, so finger user@host1@host2 would be forwarded, which is not what I like. The solution now is that I use cfingerd which does not give out information about sessions, hostnames and idle times. And cfingerd is in control, but calls people to create a list of logged-in users. End result: see for yourself, finger @koos.idefix.net. Or finger koos@koos.idefix.net. Temporarily not availabe via IPv6 because cfingerd gives a weird error when accessed via IPv6.

For those places where finger isn't even installed, the user-listing looks like:
koos@greenblatt:~$ people -H
User      Name                            Machine(s)
--------- ------------------------------- -------------------------------
koos      Koos van den Hout               greenblatt

A bit of history: Adam Curry once managed to cause severe load on a finger server by announcing the "Cyber-Sleaze report" available via finger curryco@panix.com. Within 4 days panix asked him to stop publishing information this way because of unprecedented traffic on the finger service. Source: Cyber Sleaze - Adam Curry - alt.internet.services. Adam started mtv.com and published information like this via finger, gopher and later the world wide web.

Tags: , ,
2012-03-03 (#) 7 years ago
Wat krijg je als een "gratis" advies op een website alleen verkrijgbaar is als je een e-mail adres opgeeft? Juist, spam. Naar adressen die er helemaal niets mee te maken hebben. Dus krijg ik net een mail Uw energieoverzicht van Consumind.nl met als mooie aanhef:
Beste heer boevenzijnjullie,

Zojuist hebt u de website Consumind bezocht. Waarvoor onze dank.
Degene die het advies vroeg was duidelijk niet van plan om zijn gegevens achter te laten, dus wordt er maar een derde mee lastiggevallen.

Tags: ,
2012-03-03 (#) 7 years ago
@bicyclemark it's "interesting" to read about the history of Monsanto. This explains some strong opinions from the US about milk.
2012-03-02 (#) 7 years ago
Interesting reading on computer voting lack of security: Election hacked, drunken robot elected to school board - The Register. Professor Alex Halderman from the University of Michigan, with help of bright students, broke into the voting system to be tested and compromised the voting process completely. The published paper Attacking the Washington, D.C. Internet Voting System - Scott Wolchok, Eric Wustrow, Dawn Isabel, and J. Alex Halderman (PDF) describes how very thoroughly the complete voting infrastructure was compromised and what levels of access the attackers had and could have. I was amused by the webcams mentioned which allowed the attackers to find out at what times the systems were monitored actively and whether the administrators were aware of any break-ins happening.

The question remains: did Bender win the election for head of the school board?

Found via ArjenKamphuis: drunken robot elected to school board bit.ly/xPqaiW electronic voting remains dangerously broken bit.ly/wNYLGd #evoting

Tags: ,
2012-03-01 (#) 7 years ago
Even gdm has the option to allow sessions via XDMCP over the network, but it is (rightfully) disabled by default. I used Xnest to debug an issue with gdm. The configuration (at least this bit) is in /etc/gdm/custom.conf :
[xdmcp]
Enable=true
And now I can debug some gdm settings with
$ Xnest :1 -query thompson
And see the results in an X session in an X session.

And I debugged the problem: the minimal uid needed to get an account listed in the gdm greeter is taken from /etc/login.defs. The documentation for gdm lists the MinimalUID option but this gdm (version 2.30.2.is.2.30.0-0ubuntu5.2 from ubuntu 10.04.4 LTS) ignores that option.

Tags: , ,


, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers pgp key statistics for 0x5BA9368BE6F334E4 Koos van den Hout
RSS
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated by $Id: morenews.cgi,v 1.45 2019/04/02 09:26:15 koos Exp $ in 0.023040 seconds.