News archive September 2012 - Koos van den Hout

Archive by year: 1999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 | 2021 | 2022 | 2023

2012-09-29 (#)
TDK AD C46 cassette, photo licensed under creative commons, original author Koos van den Hout
TDK AD C46 cassette, photo licensed under creative commons, original author Koos van den Hout
Found while digitizing audio cassettes: a TDK AD C46 cassette.

Tags: ,
2012-09-29 (#)
@Wilboard nog geen examendatum, ik schrijf me daar pas voor in als ik het gevoel heb dat ik het examen redelijk zeker haal
2012-09-29 (#)
@Wilboard de zelfstudie schiet niet hard op (druk druk..).. maar ik laat het je zeker weten als ik examen ga doen (en als het lukt ;))
2012-09-28 (#)
I found IPvFox, a firefox extension which lists all servers involved in a page and their IPv6/IPv4 addresses. The use-case is seeing how much of those use IPv6, but it's also interesting to see how many hosts are involved in a webpage. With images, frames, scripts which can all come from different places some pages have interesting dependencies. From a few sites which I tried the one which had the most servers involved turned out to be CBC North with 23 servers. With a few dual-stack servers, including a trackingserver for visual revenue, a company measuring web traffic for media companies, who seem to be interested in IPv6 traffic measurements.

Update: There is one detail.. as stated on the webpage:
IPvFox provides a panel listing the hosts from which the current page and its resources were loaded.
So this is interesting in an environment with outside IPv4 and IPv6 connections. When I use a proxy which can be connected via IPv6 the display gets very boring: the address of the host from which the resource was loaded is always the IPv6 address of the proxy.

Tags: , , ,
2012-09-27 (#)
RT @xlerb: Gangnam Style is basically the Korean Macarena, right?
2012-09-25 (#)
@JanBredenbeek zones > 255 were (are!) allowed according to what I can see at first glance in FTS 0001. But I haven't dug very deep.
2012-09-25 (#)
Fidonet has more potential addresses than IPv4 .. I'll take #ipv6 anyway
2012-09-25 (#)
In a usenet discussion mentioning fidonet adresses and the fact that ipv6 addresses are that much bigger I had to look in the original Fidonet technical standard 001 how big zone / net / node (and point) addresses could be. Those are all 2-byte unsigned numbers, which gives us:
  • Potential fidonet node addresses: 65536*65536*65536 = 281474976710656
  • Potential fidonet point addresses: 65536*65536*65536*65536 = 18446744073709551616
To compare:
  • Potential IPv4 addresses: 256*256*256*256 = 4294967296
  • Potential IPv6 addresses: 2^128 = 340282366920938463463374607431768211456
So Fidonet was by design bigger than IPv4. And I'll keep promoting IPv6!

I'm skipping all kinds of 'overhead' and 'reserved' addresses.

Tags: , , ,
2012-09-25 (#)
In discussing storage today we got asked how many I/O operations per second (IOPS) we see. An interesting question, but how do you measure this. One google search later the answer is easy: iostat as explained at Measuring Disk Usage In Linux (%iowait vs IOPS). First answer from iostat is average since boot, answers after that (given interval and count) are for the measured interval. A sample from the home server greenblatt:
koos@greenblatt:~$ iostat 60 2
Linux 2.6.24-31-server (greenblatt)     09/25/2012

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           3.37    0.01    1.95    0.49    0.00   94.19

Device:            tps   Blk_read/s   Blk_wrtn/s   Blk_read   Blk_wrtn
sda               9.01        87.69       113.18 1181728477 1525265504
sdb               0.96       122.82        98.99 1655093714 1334086098
sdc               0.28         2.29        34.46   30809884  464336050
dm-0              0.52        39.04         1.27  526178078   17057856
dm-1             14.35        84.95        98.70 1144861524 1330106690

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           0.78    0.00    2.86    0.22    0.00   96.14

Device:            tps   Blk_read/s   Blk_wrtn/s   Blk_read   Blk_wrtn
sda               7.87        16.40        98.93        984       5936
sdb               0.00         0.00         0.00          0          0
sdc               0.00         0.00         0.00          0          0
dm-0              0.00         0.00         0.00          0          0
dm-1              0.00         0.00         0.00          0          0
To resolve the dm- names, list the device files in /dev/mapper:
koos@greenblatt:~$ ls -l /dev/mapper
total 0
crw-rw---- 1 root root  10, 63 2012-04-22 20:58 control
brw-rw---- 1 root disk 254,  0 2012-09-23 12:41 vgsw-camera
brw-rw---- 1 root disk 254,  1 2012-09-25 16:22 vgsw-scratch
Which shows that dm-0 is the /dev/mapper/vgsw-camera filesystem.

This will help us get an idea how many iops systems have in our setup.

Tags: , ,
2012-09-23 (#)
Meer onveiligheid met 'slimme meters', maar dan echt uit de categorie 'privacy gevoelige data delen met iedereen die ervoor wil betalen': Smart meter data shared far and wide - The Age Australia (engelstalig).
DETAILED information about electricity customers' power usage, which gives insights into when a house is occupied, is being shared with third parties including mail houses, debt collectors, data processing analysts and government agencies.
Ik moest even opzoeken wat de term 'mail house' kan betekenen maar dat is denk ik wat we hier een 'marketing bedrijf' noemen, die dus graag zoveel mogelijk gegevens van mensen verzamelen om ze in passende marketing campagnes lastig te vallen.

Dit is wel heel absurd delen van data. En voorzover ik begrijp is de enige manier om achter je eigen gegevens te komen hiermee instemmen. Want je eigen meetgegevens moeten natuurlijk eerst naar een bedrijf wat ze nog net niet publiek post (maar als iemand daarvoor wil betalen..) voordat je ze zelf weer kan opvragen.

Ik blijf erbij: de uitgang voor meetgegevens van 'slimme meters' zit aan de verkeerde kant. Als ik iets wil met deze gegevens wil ik ze aan de binnenkant zelf uitlezen, verwerken, visualiseren en er conclusies uit trekken. Andere statistieken die ik thuis verzamel waar uit af te leiden valt of er mensen thuis zijn kunnen vanwege mijn keuze voor privacy ook niet door derden opgevraagd worden.

Via Australian Smart Meter Data Shared Far and Wide - Slashdot your rights online

Tags: , ,
2012-09-21 (#)
@theaterkassa lees (5 mei 2012) en (7 september 2012)
2012-09-20 (#)
RT @fanf: - Amazing Week 2012: blog about something great that we take for granted, between 15 and 21 October.
2012-09-20 (#)
@scottamcintyre courier tries to relive his youth by ringing the bell and running away?
2012-09-19 (#)
RT @ICTUU: Let op! Er zijn nog steeds phishing-mails in omloop. Klik niet op de link in het e-mailbericht
2012-09-18 (#)
Something is not consistent here:
koos@greenblatt:~$ rpcinfo -p
rpcinfo: is unknown host
koos@greenblatt:~$ rpcinfo -p ip6-loopback
   program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper
The difference is that ip6-localhost comes from the hosts file and comes from dns. All IPv4 addresses work fine. Seen both in Ubuntu 8.04 and 10.04.

And for added confusion:
koos@greenblatt:~$ rpcinfo -p ::1
rpcinfo: ::1 is unknown host
Running with strace reveals that rpcinfo -p ip6-loopback still does:
connect(3, {sa_family=AF_INET, sin_port=htons(111), sin_addr=inet_addr("")}, 16) = 0
Looks like there is a special rule in rpcinfo for this case.

Tags: , ,
2012-09-18 (#)
@8poot ai.. dat wordt lastig twitteren bij de volgende watersnood!
2012-09-18 (#)
More rearranging of deckchairs.. start implementing #ipv6
2012-09-18 (#)
Yet more rearranging the deckchairs on the Titanic: The UK has an entire IPv4 /8 that it isn't using even leading to a petition: The DWP should sell its block of 16777216 IP addresses - HM Government e-petitions.

Just because something isn't routable and isn't subnetted doesn't mean it is not in use. Two comments on the original article put matters in a different light:
The 51.* addresses are in fact heavily used by DWP, but only internally. The best bit is this: for security reasons, there is a policy that in any communication, the leading octet of all such IP addresses must be redacted. Not like it's a matter of public record or anything.

I did once toy with the idea of printing out the XKCD map of the IP4 address space, write "you are here" on it and pin it to the wall near DWP data networks teams, but I didn't think it would go down well.
And someone else isn't interested in more rearranging of deckchairs either:
It doesn't matter, save your energy for converting to v6

There are few dregs like this around that though not visible on the internet are used - many large ISP have hijacked the unadvertised spaces for use behind their own NATs. You can't see them doing this but if you use the space on the internet you'll have problems with their customers.

If these spaces were recycled you'd spend many months trying to get them clean for use and then they'd be used up in a few weeks, we'd still be out of space and we'd have yet more to go back and convert to v6. People have been dragging their feet on v6 migration for eyars, they only have themselves to blame when they are stuck by v4 running out

tldr: It's allocated, it's not available, nothing to see here, move along.
Start implementing IPv6, put your effort in network protocols with a future.

Update 2012-09-21: Official documentation: the block is used fine, via NOT squatting on £1bn unused IPv4 addresses.

Tags: , ,
2012-09-17 (#)
The latest debian iso images support both USB and CD booting, the image can both be burned to cd and copied to a USB key, simply as
# cat debian.iso > /dev/disk/by-path/..usb..; sync
I was wondering how that was done, and found Further adventures in EFI booting - mjg59 which mentions Hybrid cd-rom/harddisk mode in isolinux and a simple explanation at How the Hybrid ISO/IMG works.

It's an interesting trick. And with isohybrid it's easy to implement.

Tags: , ,
2012-09-15 (#)
Het landelijke netwerk van slimme meters: veiligheid lijkt vooral gestoeld op onderling vertrouwen - Jaap-Henk Hoepman. Een interresant stuk over de veiligheid van de 'slimme meter'. Waarbij de beveiliging vooral lijkt te zijn om de electriciteitsproducenten en electriciteitstransporteurs tegen mogelijk frauderende klanten te beschermen, maar vooral niet om de klanten te beschermen tegen frauderende bedrijven of ongewenst uitlezen door andere partijen.

Ik ben nogsteeds voor een slimme meter die aan de binnenkant mij alle details geeft die ik wil zodat ik zelf mijn energiegebruik in de gaten kan houden en naar de electriciteitsleverancier net voldoende informatie geeft zodat deze een rekening kan sturen. De electriciteitsleverancier wil natuurlijk graag met de directe meetwaarden capaciteitsplanning doen. En dat laatste is natuurlijk waar de schoen tussen mijn privacy en de gewenste nauwkeurigheid voor capaciteitsplanning gaat wringen. Maar nu ik lees dat de eerste concentratie van gegevens bij de kasten in de straat is zie ik een prima oplossing: meet daar het instantane gebruik van de alle aangesloten huishoudens tezamen en gebruik dat voor het direct meten van het gebruik en plannen van capaciteit. De instantane gegevens per huishouden zijn dan veilig in die huishoudens en kunnen daarbuiten niet misbruikt worden, en precies op het laatste punt in het distributienetwerk kan gemeten worden hoeveel energie er afgenomen wordt. De energieleverancier heeft dan voldoende informatie om nauwkeurig productie capaciteitsplanning te doen en benodigde transportcapaciteit te weten en gegevens wat ik wanneer gebruik kunnen niet misbruikt worden.

Tags: , ,
2012-09-14 (#)
RIPE NCC Begins to Allocate IPv4 Address Space From the Last /8

IPv4 addresses aren't "finished" at RIPE yet, but allocation is now according to quite strict rules: IPv4 Address Allocation and Assignment Policies for the RIPE NCC Service Region.

Tags: , ,
2012-09-14 (Interesting development: remote control of HF #hamradio equipment via IP networks. I foresee a future...)
Google+Koos van den Hout : Interesting development: remote control of HF #hamradio equipment via IP networks.

I foresee a future in which radio clubs have remote-controllable rigs which their members can access from home via Internet after reserving 'radio time'. The radio club can have the equipment in a location which allows for HF antennas and has enough uplink Internet speed and the amateur can use these even from the living room at home, given enough network speed. With HF antennas not always easy to setup in residential areas this could be a solution.

Current developments like websdr at show that Internet can be a help for remote use of receiving equipment.

I expected developments like rtl-sdr at which has a component which allows the receiver to be on a different computer connected via IP to make it possible for radio amateur clubs to make receiving equipment remotely available, but I didn't expect remote controlled transceivers this soon.

There is one snag: according to the rules (at least in the Netherlands) generally amateur radio transmissions can only be done when the amateur is physically present at the transmitter correction is in full control of the transmitter, so it can work when the software switches the transmitter off when communications with the remote control is lost.

For those who are wondering: I am quite interested in amateur radio and studying for a novice amateur license.
2012-09-13 (#)
Wardriving results 1 June 2012 - 13 September 2012: 1513 new networks with GPS locations at WiGLE. Some of those are from leaving the wardrivebox at home in the attic which still finds new networks when left running for days. Others are from trips including walking trips.

Tags: ,
2012-09-13 (#)
Niet weer die stemcomputers, die willen we niet om goeie redenen wacht maar even op de uitslag
2012-09-13 (#)
De discussie over stemcomputers barst weer los, met als dieptepunt een kort stukje in de verkiezingsavond televisie met dat het niet gebruiken van stemcomputers komt door Rop Gonggrijp en de actiegroep wij vertrouwen stemcomputers niet. Die toonden inderdaad aan dat stemcomputers niet te vertrouwen zijn, en na gedegen onderzoek is daaruit volgend het besluit genomen door de overheid om stemcomputers af te schaffen. Ondanks zwaar lobbywerk van de makers van de stemcomputers. Maar dat was vast een veel te genuanceerd verhaal waar geen tijd voor was tussen het vertellen dat er nog maar weinig uitslagen beschikbaar waren.

Het besluit om niet met stemcomputers te werken is volkomen terecht, volgens mij. Er is in de tijd van de stemcomputers een incident gebeurt waarbij vermoedelijk de bediener van de stemcomputer veel voorkeursstemmen op zichzelf heeft verzameld: Raadslid verdacht van stembusfraude - Volkskrant 2007/03/28 en alleen al het feit dat het artikel uitspraken van de officier van justitie bevat als:
Hij heeft waarschijnlijk in een aantal clusters op zichzelf gestemd
geeft aan hoe onmogelijk het was om de uitslag achteraf te controleren.

Toch komt die roep om de stemcomputer weer terug, zoals eerder opgemerkt:

Mijn mening: Democratie is geen mediaspektakel en dus moeten we rustig geduld hebben tot alle stemmen geteld zijn. Nee, dan kun je geen avond vullen met mooie animaties en multitouch schermen. Maar dan heb je een werkende en controleerbare democratie. Daar hebben we meer aan dan aan een avond 'nieuws'.

Tags: , ,
2012-09-11 (#)
Interesting article on the recent godaddy downtime: GoDaddy Outage: RFC for Dummies - /dev/random. According to the article some of the simplest rules for redundancy in DNS aren't followed for godaddy hosted domains. Some of the comments do suggest there is a strong anycast infrastructure behind these servers so it might be that all eggs are in one basket but that the basket is indeed very strong.

Update: According to a statement on 11 September by the godaddy ceo on the outage routing table corruption was the cause:
The service outage was due to a series of internal network events that corrupted router data tables. Once the issues were identified, we took corrective actions to restore services for our customers and We have implemented measures to prevent this from occurring again.

Tags: ,
2012-09-10 (#)
I thought the saying 'mysql is a filesystem with an sql interface' was a bit over the top, but it is exactly right, when you have a separate filesystem for /var/lib/mysql it gets its own lost+found, and the visible result in the mysql client ...
mysql> show databases;
| Database            |
| information_schema  |
| #mysql50#lost+found |
| mysql               |
| test                |
4 rows in set (0.00 sec)

Tags: ,
2012-09-08 (#)
@fanf Newer project Gutenberg link for that book: includes kindle/plucker/epub formats
2012-09-07 (#)
More work in zabbix: we got alerts a few times for load averages > 5. But on a 48-core system in use by people doing calculations that isn't a very useful trigger. My solution is to start monitoring the number of CPUs (a very boring number normally), and create a new trigger
This makes a lot more sense: a load of more than 3 times the number of cores is an issue, both on a 1-core (virtual) machine and on a 48-core calculating monster. On some of those calculation servers a load of less than 10 means some model crashed and a scientist will be trying to restart it.

And we can now set a trigger on any change in the number of cores. That would be interesting.

Tags: , , ,
2012-09-07 (#)
You are here: #puttingthingsinperspective
2012-09-07 (#)
Another beautiful timelapse compilation... watch it in HD + fullscreen.

Purely Pacific Northwest from John Eklund on Vimeo.

This must have cost a lot of cold nights out. And some of those timelapses will have been really difficult to get the exposure time right for balanced amounts of light.

I got around to browsing the rest of the videos by John Eklund and his website and it's all awesome stuff.

Tags: , ,
2012-09-07 (#)
Weer spam van de nationale theaterkassa. Ze zijn wel hardnekkig.
2012-09-07 (#)
Ook na eerdere pogingen tot uitschrijven krijg ik vandaag weer spam van de nationale theaterkassa op precies hetzelfde adres wat toen echt uitgeschreven was.

Ondertussen is het abuse formulier van argeweb ook een pracht stukje juridische ellende. Mijn vertaling (na eerdere ellende op dat punt) van de verklaring onderaan is "als we uw naam en adres doorgeven aan de spammer en die gaat u stalken, is dat niet ons probleem". Dus ook argeweb wil het blijkbaar niet makkelijker maken om van spammers af te komen.

Zoals gebruikelijk, weer naar

En de meldingen van spamcop: bounces (9 sent : 6 bounces)
Using for statistical tracking. bounces (84 sent : 43 bounces)
Using for statistical tracking.
Reports disabled for
Using for statistical tracking. bounces (9 sent : 6 bounces)
Using for statistical tracking.
Blijkbaar scoort argeweb daar ook niet zo goed...

Tags: , ,
2012-09-06 (#)
Sophos the security company went warbiking in central London and found very high numbers of wireless networks, with parts still without any security or with bad wireless security. All explained with a nice youtube video which presents the results in a format even your neighbour who still relies on WEP can understand.

The Sophos warbiking project.

Found via Warbiking: WiFi hacken op de fiets - although I would avoid using the term 'hacking' for purely passive measurements.

Tags: , , ,
2012-09-05 (#)
I want to do some network measurements. Measuring throughput over tcp or udp is easy: use iperf. Although the iperf server process in daemon mode was using 100% cpu for each(!) measurement somehow, so the load on the machine tested ran up to more than 50.

But I am also interested in tcp setup time. It took a bit longer to find something which does that. Searching gave me measure tcp connection setup time: time-gai-connect which was developed to measure differences in IPv4 and IPv6 tcp connection setup times. Interesting answers:
$ ./
2a00:1450:400c:c05::63                   19.62209 ms                           19.78207 ms                           20.66183 ms                           19.69004 ms                           20.01190 ms                            20.47896 ms                           21.71206 ms
And this one is really strange to me... on the machine which runs both the IPv4 address and IPv6 address for
$ ./
2001:980:14ca:42::18                      0.35095 ms                             0.18501 ms
Yes, the IPv6 tcp connect setup takes longer with IPv6 on this local connection.

I added code to measure resolving time when testing it on my laptop, which now shows shorter times for IPv6 than IPv4, one wireless hop away from the same system.

$ ./
Resolving                                 3.20196 ms
2001:980:14ca:42::18                      0.96989 ms                             1.49107 ms
Measuring this gives more new questions than answers... it seems remote destinations are faster for IPv6 than for IPv4. Example from the same laptop:
$ ./
Resolving                                34.10101 ms
2001:888:0:18::80                        15.76281 ms                             15.84506 ms
And from the system running
$ ./
Resolving                                 2.60282 ms
2001:888:0:18::80                        14.32490 ms                             15.16104 ms

But anyway, iperf and time-gai-connect will give me the answers I want to measure.

Tags: , , ,
2012-09-05 (#)
@Skud static, unless the TV has a squelch circuit (anything modern) which can come up with anything
2012-09-04 (#)
RT @Milkshake: IP-adressen in Europa nagenoeg op. Bij de oranje lijn is het over en uit: Werkt IPv6 al bij jou? #IPv6
2012-09-04 (#)
Science fiction awards ceremony blocked by robots #ohtheirony #brokethefirstlaw
2012-09-04 (#)
What's your calendar like for $farfuturedate? Sort of a grid with square boxes
2012-09-03 (#)
Grandparents like to see lots of pictures of their grandson. And some things (like walking) are easier to see in video. So I made some video with my phone and found it is saved in .3gp format. Something Nokia-specific and I want all grandparents (using windows and ubuntu linux) have full access to the video. So, mencoder to the rescue. The audio codec isn't recognized at all, but the video can be played with mplayer, and converted to other formats. So I convert it to mp4, with options:
$ mencoder Video000.3gp -o video000.mp4 -oac lavc -ovc lavc -lavcopts vcodec=mpeg4:autoaspect=1 -fps 12
The frames per second option is needed to get things right. The resulting video of this test conversion is this video of usb sticks with leds being filled with data in parallel, result of copying data to lots of usb sticks at work in 2009.

Tags: ,
2012-09-02 (#)
RT @2600: We're very saddened to learn of the passing of our good friend and phone phreak extraordinaire Billsf in Amsterdam.

IPv6 check

Running test...
, reachable as PGP encrypted e-mail preferred. PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers

Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated by $Id: morenews.cgi,v 1.55 2022/12/12 15:34:31 koos Exp $ in 0.071976 seconds.