Category: computers

CF Card Hole in Netgate alix2d13 Enclosure

Published January 28, 2011

This morning when a beta version of pfSense on my PC Engines alix2d13-based firewall crashed I decided to make it easier to swap the CompactFlash card from which the OS runs. While physical access to the card is not normally required to upgrade the OS, there have been a few cases recently where I had to remove the card and image it. After the third time of removing 12 fasteners just to remove the card I decided to follow pfSense developer Jim-P’s example cut a hole in my firewall’s enclosure.

After marking the CF card location in the case and stripping it, only three cuts with a small cut-off wheel were needed to make the long cuts, then the remaining bits of metal were easy to bend out of the way with a flat-blade screwdriver. A bit of quick smoothing and deburring work with small files resulted in a nice, smooth hole through which the CF card easily fits. While the card remains not hot swappable, it’ll be much easier to remove the card should I need to access the card from another machine. Since the card sits a bit inside the face of the enclosure I had to add a tape flag to make it easy to remove. Pushing it back in is a little awkward as well, but as this won’t be done much it shouldn’t be a problem.

Here’s a few photos taken tonight while cutting the hole in the case:

· After marking the enclosure was clamped to some very dense foam for cutting with a cutoff wheel.
· More cuts made with the cutoff wheel. After this point the metal was gently bent away and the hole was filed.
· Looking at the Netgate enclosure from inside showing the nice alignment with the CF card slot.
· Front view of the Netgate enclosure with a CF card hole cut in it.
· The CF card fits very nicely in the hole.
· View from inside showing how well the CF card fits.
· Because the CF card will not hang out of the slot tape was added to facilitate extraction.
· CF card placed in the alix2d13 board via the hole in the Netgate enclosure.

Now to wait for the next build to come out and reimage my CF card. This build should contain three ftp helper changes that should resolve the issue I had this morning. Hopefully a problem that I had with disappearing certificate authorities is also fixed.

TED 5000-G Webserver is a Deal-Breaker

Published January 19, 2011

Last week I received a TED 5000-G from Energy, Inc., one of their The Energy Detective products. This home power monitoring device sits in one’s electrical panel and logs energy consumption, calculates cost, and displays all this info in near-real time via some web-based software called Footprints. This software runs off of the Gateway piece of the system, and a live demonstration of it can be seen here.

Unfortunately, this software has one fatal flaw in that it in normal use in my network it responds to HTTP requests with HTTP/1.1 414 Request-URI Too Long. After not very much digging I found that this happens every time the HTTP request to the Gateway includes a cookie. When your browser has a cookie for a website any websites that are visited that are on subdomains of where the cookie was set will also be sent the cookie. Therefore, cookies set by my site (https://nuxx.net) also get set when visiting the Gateway’s internal address on my network (http://ted.home.nuxx.net) and thus the device doesn’t work.

Specifically, here’s Firefox on my main machine accessing the Gateway immediately after clearing cookies. Text in red is the request from my browser, and text in blue is the response from the Gateway redirecting my browser to Footprints.html. This is normal, expected behavior:

GET / HTTP/1.1
Host: ted.home.nuxx.net
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

HTTP/1.1 200 OK
Connection: close
Content-Type: text/html
Expires:0
pragma:no-cache

<meta http-equiv="refresh" content="0;url=Footprints.html">

After this I visited nuxx.net where some simple Google Analytics tracking cookies were set and tried to access the gateway again. Note that the only difference is cookies being sent, and the 414 response:

GET / HTTP/1.1
Host: ted.home.nuxx.net
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __utma=23010084.1066362494.1295494794.1295494794.1295494794.1; __utmb=23010084.1.10.1295494794; __utmc=23010084; __utmz=23010084.1295494795.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

HTTP/1.1 414 Request-URI Too Long
Connection: close

414 Request-URI Too Long: Buffer overflow detected

This problem makes the device unusable for me. There are two discussions about this issue in TED’s support forums about this issue (#1, #1 PNG Mirror, #2, #2 PNG Mirror) which indicate that there is only 100 bytes available to service the request and that the developers may be adding another 20 bytes.

As a workaround it’s proposed that the Gateway instead be accessed by only its hostname (without the domain name, eg: http://ted) or IP address (eg: http://192.168.0.17), which ensures that no cookies are sent because it’s unlikely that any would have ever been set for those addresses. I feel these workarounds are a stopgap at best and seriously fail if one ever wishes to access the TED data from the public internet or on a well-managed, convenient network. After all, we have DNS so that (potentially changing) IPs don’t need to be remembered and/or discovered, and FQDNs because hierarchal naming is good. It would be possible to use a proxy sitting in front of the Gateway to remove cookies and make the requests more acceptable to the firmware, but I’m not particularly interested running another server just to work around this device’s shortcomings.

Since a variety of cookies could end up being sent by a modern browser I don’t think that the developer’s proposed solution of adding 20 bytes to the buffer will not solve the problem. While I’ve got a limited knowledge of embedded development, I’d think that the developers should instead should simply discard the cookie when reading it into the buffer. After all, the cookie is plaintext in the frame, begins with Cookie:, is terminated with a standard \r\n, and just comes across from the Ethernet controller as serial data. I can’t see why it couldn’t be parsed out if it’s too large to stuff into a buffer. Then again, I suppose this issue could also be caused by clients that have a particularly long User-Agent, really long hostnames, or any other number of other things which could expand the size of the request.

(Thinking about this further, I also believe that only the GET / HTTP/1.1 is the URI which is the same length in both cases. Perhaps the Gateway should really be returning a 413 Request Entity Too Large if it feels the length of the request itself is too long?)

Today I called for an RMA for my TED 5000-G, and after receiving it called back to speak with tech support. I mentioned this issue to the person with whom I spoke, and unfortunately I don’t think he quite understood the problem and instead seemed to be offering to try upgrading the firmware to resolve it. He also stated that he doesn’t have access to firmware changelogs so he can’t tell me if the issue is fixed in a future or beta release, or even if it will be fixed. When I send the device back I’ll be including this letter explaining why I’m returning it. Save for this hugely annoying issue the device seemed to work rather well, so if Energy, Inc. can resolve the problem I’d love to keep it. However, something that doesn’t function with modern browsers and network setups isn’t worth $199.95.

(Mirrored forum discussions were captured at 23:09 EST on 19-Jan-2011. Software versions as reported in Footprints are as follows: Gateway Version 1.0.400, Daughterboard Version 1.0.48, Footprints Version 1.0.222, MTU Version 1.0.0. All information above is only representative of these versions.)

7 Comments

Angry Birds Without Ads Coming In 2011

Published January 19, 2011

A month ago I posted about my frustrations with video ads in Angry Birds on Android and how there was no pay option. At the same time I emailed Rovio to inform them of my frustration with the video ads and asked when a for-pay version of their software may be available. A couple days ago I received the following response from Rovio informing me that an option to pay and opt out of ads will become available later this year:

Hello Steve,

and thanksd for contacting us.

Sorry hear you decided to uninstall the game.

A payment option to opt out of the ads will be introduced worldwide this year.

Best Regards,

Oona Hilkamo
Angry Birds Community Champ
Rovio Mobile Ltd.

I’m anxiously looking forward to this because I do enjoy playing Angry Birds, but I simply do not want to support the software’s authors by viewing commercials.

1 Comment

Roomba is Not So Smart

Published January 5, 2011

Upon arriving home today I found this. Danielle’s Roomba had driven away from next to its dock, leaving telltale tire marks the whole way, and died. Before leaving for work I set the Roomba up with a virtual wall so that it’d run in a small part of my living room and the kitchen, all of which is within sight of the dock and no more than 20′ long. Once again the Roomba died before it found its way back to the dock.

I’m starting to think the battery is going dead. Thus far it hadn’t docked successfully except for the few times that I placed it in front of the dock and commanded it to charge itself.

Old Computers: Recycled

Published December 29, 2010

With today’s trip to Best Buy to take advantage of their recycling program I have completely done away with all my old computers, cases, and monitors. While I was able to give some away, most of it was dropped off at Best Buy where they (in Michigan) accept up to seven hard drive-less items per day (including CRTs) at zero cost.

Despite not having used some of this equipment in over ten years (such as the Dell Dimension XPS P90 pictured above, the first computer that I ever bought for myself) I can’t help but feel like I’ve given up something important. These are (were?) tools that I’d spent tens of thousands of hours building, using, and maintaining. Still, it’s just old stuff, and getting rid of it is for the best. I was not using this equipment and now instead of being clutter it’s being disposed of properly. Also, it’s probably best for me to dispose of this stuff now instead of in a few years when electronics recycling might not be so accessible or affordable.

1 Comment

Video Ads in Angry Birds on Android

Published December 17, 2010

Angry Birds (Rovio’s Site), the extremely popular (and quite fun) physics / artillery / puzzle game, is only available in ad-supported format on Android. Initially I didn’t mind this, as the ads started out as simple banners taking up a small portion of the top of the screen. Within the past few days (perhaps after an update?) there are now video ads present in the game. One plays on game launch and then another will play every few levels.

While the video ads can be skipped I find the idea of them terribly irritating. They play sound even if the game itself has been muted and eat up bandwidth. I’d much rather pay for the game than have to see this crap in order to play, so I’ve uninstalled it.

UPDATE: Rovio has responded to the note that I send about this, and apparantly starting some time in 2001 it will be possible to pay to circumvent the ads in Angry Birds.

6 Comments

Google Talk Doesn’t Like application/x-javascript-config for PAC Files

Published December 16, 2010

Google Talk sending a FIN,ACK in the middle of downloading a PAC file.

After a bunch of frustration I found an interesting quirk in how Google Talk uses Proxy Autoconfiguration (PAC) files (Additional Documentation). There are two MIME types which can be set for PAC files when serving them, application/x-javascript-config and application/x-ns-proxy-autoconfig, and both work with most browsers, but only the latter works properly with Google Talk.

It turns out that if the MIME type is application/x-javascript-config for the PAC file and the browser does not look directly to the PAC file itself, Google Talk will fail to connect. Looking deeper at it in a network capture (partially pictured above) I’d see the client closing the connection before it was done downloading the PAC file and thus the client would never receive a complete PAC file. Inspecting the TCP stream via Wireshark would show the data simply ending part-way through the PAC file. This resulted in a mysterious failure to connect with no useful error returned from Google Talk. If I simply changed the MIME type back to application/x-ns-proxy-autoconfig for .pac files and restarted Apache, Google Talk would then download the whole PAC file and login fine.

In both of these cases I am serving a typical PAC file off of Apache using RewriteRule ^/$ /internet.pac [R] to ensure that all requests to http://server.local/ go to http://server.local/internet.pac via an HTTP 302. Using a DirectoryIndex directive specifying internet.pac as the index file for the site also resulted in the same issue. In both cases the client was configured to look to http://server.local/ for a PAC file.

Complicating things further I found that if instead of relying on a RewriteRule or DirectoryIndex I instead pointed the config directly to the PAC file itself (in this case http://server.local/internet.pac) then the problem would not occur; Google Talk would download the entire PAC file (confirmed in a network capture) and sign in successfully regardless of MIME type.

For purposes of this testing I used the latest released version of Google Talk, 1.0.0.104, running on Windows 7. Google Talk was also set to Detect proxy automatically which reads the system’s proxy settings. In this case it is the PAC file setting is defined in either Internet Explorer or Control Panel under (Internet Options → Connections → LAN Settings → Use automatic configuration script).

2 Comments

Free: Computer Stuff

Published December 11, 2010

Here’s some free computer stuff for whoever would like to have it and save it from the landfill or whatever the ‘recyclers’ end up doing with it. The cases also contain lots of useful steel if you’re in need of some epoxy coated (or painted) flat sheet metal.

Stuff is as follows and (to the best of my knowledge) all works fine. Computers are without hard drives, but otherwise (generally) include RAM, etc. I’ve probably got enough spare other parts to get you running as well:

· 2x 17″ CRT Monitors
· 2x enterprise-class switches (1x 10mbit, 1x 100mbit)
· 2x Pizza Box Gateway Computers (Excellent Firewalls)
· 2x PATA drive enclosures. Supports hot swap if your controller does.
· 1x Compaq Deskpro EN (Good Firewall)
· 1x AMD Athlon Computer (Don’t remember specs, decent gaming computer from ~5 years ago.)
· 1x Dell Dimension XPS P90 (real vintage 5V Pentium CPU!)
· 4x ATX Cases (InWin full tower, InWin mid tower, quality generic, Doggy)
· 1x Former Gaming Computer (O/C’d Celeron, metal flake blue case, etc.)

This is all available for pickup at my house in Shelby Township, or I’ll meet you at a local trail or whatnot if you know exactly what you want. Contact me either here via PM here, via email at c0nsumer@nuxx.net, Google Talk at steve.vigneau@gmail.com, or AIM at Iamc0nsumer.

A New iMac‽‽‽

Published December 10, 2010

This past weekend I took my iMac back into the Apple Store to try and get the now-blemished (after another repair) display resolved. Per usual a part was ordered, and on Thursday morning I took the machine in to have the display replaced. Last night when checking on the repair status I noticed that the machine was ready, so I called Apple to see if I could pick it up. Extremely unexpectedly, the person who took my call explained that the data transfer was almost complete and that I should be able to pick it up in the morning. I found this very bizarre, as a data transfer is normally only done when upgrading a machine or replacing the hard disk.

It turns out that something went wrong during the repair and instead of having me wait on another part I was going to be given a new / replacement iMac and the data transfer was to get everything moved over. Talking to the tech when I picked up the machine it sounds as if someone “plugged something in wrong” or somehow made the logic board (motherboard in Apple-speak) fail and instead of waiting for yet another part to arrive Apple instead opted to just give me a new machine. This includes a receipt exchanging my machine for the new one, AppleCare transfer, and all.

The machine returned to me is the Mid 2010 model which has some nice upgrades over my original one (Late 2009), as shown here. Specifically, it has a slightly faster processor (2.96GHz Intel i7-870 vs. 2.80GHz Intel i7-860) and better video (ATI Radeon HD 5750 w/1GB RAM vs. ATI Radeon HD 4850 w/ 512MB RAM) and a comparable hard drive (Western Digital WDC WD1001FALS-40Y6A0 vs. Seagate ST31000528ASQ).

The nicest upgrade was the way the RAM ended up being reconfigured. When I took my Late 2009 27″ iMac in it was fitted with 4x 2GB 1066MHz PC3-8500 SO-DIMMs; two OEM Apple parts and two purchased from Crucial. When returned to me the new / Mid 2010 machine had 2x Apple 4GB 1333MHz PC3-10667 SO-DIMMs. This swap was necessitated by the newer machine’s faster RAM requirements, and it’s really nice to see that Apple replaced things in this way. Before this I had no free slots, which meant that going above 8GB of RAM would have required me to throw out two existing modules. Now there are two free slots, so whenever the next upgrade comes around I won’t have to toss out any parts.

This worked out pretty well, as the new machine has a just-fine display that came wrapped up just like new. There’s a slight small bit of what appears to be plastic on the inside of the glass in the lower right corner, but it’s so small that I don’t really notice it and can probably remove it with a slight puff of air; nothing to complain about at all. There was also a small black smudge on the front bezel, but this came off with a bit of alcohol.

While this whole experience was a bit frustrating overall, I’m content that it worked out this way. I received a newer machine, it appears to work fine, and my inconvenience was offset by a minor, but nice upgrade. And to think it all started with nothing more than a bad optical drive…

(As part of the upgrade I also received the disc set that goes with the machine, and this includes an iLife 11 install disc. This will be quite handy.)

Update on October 21, 2014: When at the Apple store attempting to get the GPU in this iMac fixed for free, I found out what happened to my original 2009 iMac: the LVDS connector on the logic board was damaged. Apple must have then opted to replace the entire machine.

2 Comments

Apple Magic Trackpad and MiddleClick

Published December 3, 2010

Unlike the Magic Mouse (which hurt my hand within minutes of beginning to use it), Apple’s Magic Trackpad is a rather nice cursor input device. It’s identical to the touchpad in Apple’s newer MacBook Pro family, where multi-touch is used in conjunction with an entire touchpad that clicks, eliminating the need for both buttons and tap clicking. I personally cannot stand tap clicking on touchpads, so I will normally disable it and either have one hand on the button and the other on the pad (when I need to work quickly) or lift my finger to move it to the pad to click. With this device one can simply use multi-finger gestures for scrolling and app switching while clicking the entire pad with one (or more) fingers.

As the Magic Trackpad ships, Apple has support for scrolling, primary and secondary clicking (left and right), application switching, and Exposé activation. What Apple (stupidly) did not include is any method of sending a tertiary (middle) click which is the de-facto method for opening links in new tabs in all modern web browsers. Without this one has to either hold Command (⌘) and click (a two-handed affair) or secondary/right click and select open in new tab (slow). Both of these make quickly reading web pages difficult.

Thankfully a guy by the name of Clement Beffa wrote a MiddleClick, a utility which makes three-finger taps (or clicks), an input not captured by Apple’s software, send a middle click. The version (currently) on the main page (MD5 checksum e7a7e1b5f5e55cb5ffac6d091f03f8c9) is slightly broken and the 3 Finger Click option in the menu doesn’t work. However, this version (MD5 checksum 1b02e356684c40bbbb21cf83f70c52ca) does work properly and I’ve been using it to three-finger click for a few hours now. This makes basic web browsing and reading pages a one-handed affair

The only complaint that I now have about the Magic Trackpad is that the pivot for clicking is near the top of the pad, which makes clicking the pad near the top more difficult than when it is pressed near the bottom. This isn’t terrible, though, as clicking the pad near the bottom does not feel abnormal and is what I (currently) find myself doing naturally.

For the time being I’ve unplugged my mouse, and I’m quickly finding the Magic Trackpad to be quite comfortable to use. It’ll take another week or three before I’m sure that I’m comfortable with it, but for now things seem to be going quite well. I’ll need to go back the a classic mouse when using EAGLE for PCB CAD, but that’s a special case because quickly using it requires the one to do things such as hold one mouse button while clicking another.

7 Comments