Press "Enter" to skip to content

nuxx.net Posts

Final Kegerator Drip Tray Design

This past weekend I put the finishing touches on the tap portion Kegged Beer Cooler (Kegerator) by finishing off the drip tray. It was built using a 14″ wide stainless steel drywall mud tray that has been caulked with RTV silicone. I’d originally attempted to hang it using hard drive magnets, but as can be seen here this didn’t look as nice as I’d hoped, and the magnets sitting off of the wooden support blocks made it a bit unstable.

This past weekend I cut some new blocks out of oak (picture), stained and sealed them to match the collar, drilled holes in them so epoxy could penetrate nicely (picture), then epoxied 24 square (1/4″ x 1/4″ x 1/8″) neodymium magnets on the back of each (picture). These blocks were then epoxied to the metal tray, and they now hold the drip tray nicely under the taps. As expected the magnets are quite strong, so spaced evenly along the block the tray is held on with considerable force. I imagine I could fill it with liquid and it wouldn’t budge.

This isn’t a particularly fancy design, but at a total of ~$30 I’m quite happy with how it came out. It serves the need of collecting drips, is easy to remove for cleaning, and looks pretty good.

Leave a Comment

MMBA Forum Posts during 2012 Iceman Registration

The image above (click to embiggen) shows the one hour moving average statistics for posts (replies) and topics (new threads) on the MMBA Forum. This morning registration for Iceman opened on USA Cycling‘s website and as a result of the site collapsing under the load many people visited the forum to complain, commiserate, and generally discuss the situation. Most of the traffic seemed to be in this thread, although I don’t keep per-thread statistics beyond what’s already exposed to the end users.

Leave a Comment

Android Phone as BitLocker Recovery Key

I recently ran into an issue where I needed my BitLocker recovery key, but found that I’d left it at home. This locked me out of my machine for a few hours and was a bit of a hassle. It got me wondering if maybe I should instead keep said key on my phone instead, as it does a pretty good job serving as a USB mass storage device.

It turns out that this is not such a keen idea, as it doesn’t work out very well. On my Nexus One (and presumably other Android phones), when connected to a computer they prompt the user to switch the microSD storage over to USB Mass Storage. Once selected this takes a few seconds. Whenever the phone is disconnected from the USB host it automatically presents the card back to the phone, and only prompts the user once a host is detected.

With BitLocker, one becomes aware of needing this key when the boot is interrupted and the user is prompted to insert a USB mass storage device with the key present. The computer is then rebooted, finds the key, and continues to boot. With an Android device as the USB mass storage device this reboot resets the phone. I’ve found that it’s typically not possible to get the phone into mass storage mode between POST and OS load, particularly as the machines I’ve tried it on seem to reset USB after POST.

I think I’ll just have to stick with a USB flash drive for this.

Leave a Comment

Shattered Hard Drive Platter

To collect neodymium magnets for rebuilding the not-currently-great drip tray to kegerator / kegged beer cooler I started disassembling more old hard drives, attempting to salvage the magnets. When disassembling one drive I decided it’d be fun to bend the platter, but I (stupidly) didn’t pay attention to the platter material before doing so. The result? Tiny bits of broken glass and amazingly thin foil spraying all over the basement floor. Whoops.

At least it was easy to clean up.

I had little luck collecting useful magnets from the drives because some were too small, some drives only had one, and many of them shattered as I removed them. Instead I’ll just buy a bunch of tiny ones on eBay or Amazon and epoxy them on instead. It’ll be a lot easier.

1 Comment

iPod Battery Replaced

Roughly six years after buying my black fifth generation iPod I finally replaced the battery. After years of working well it was starting to fail, providing me with only a few hours of music listening while at work, way down from the original 10-15 that I was getting when it was new.

The replacement battery was part number BIPOD550MV30 from OWC, a very reliable online Apple reseller who has been around for years, and cost just over $20 shipped. While I could have purchased a cheaper battery via eBayI wanted to be sure to get one from a reliable place, so if I had problems with it there wouldn’t be an issue returning it.

The battery is now installed and charging, so hopefully by morning it’ll be full and ready to go.

Leave a Comment

Bundaberg and Underberg

Recommended to me late last year by my friend Joy is this, a mixture of Bundaberg Ginger Beer and Underberg herbal digestive bitters. Gently mixed together with a bit of ice, this is a wonderfully herby (sort of) soft drink. From a bit of reading I think this is a San Francisco thing, but I still enjoyed it on a warm (for February) day here in Michigan.

It amuses me that, despite being 44% ABV, Underberg is not sold as an alcoholic beverage at most stores. At Meijer it’s found in the import asile and not listed as age restricted when checking out, and at a local German market which isn’t licensed to sell alcohol it’s right next to the counter.

Then again, last time I bought some at the German market the teenage-ish girls behind the counter started laughing, exclaiming that they couldn’t believe I liked it. I suspect that the need to control it is rather limited, as apparently one of them noticed the alcohol content and bought some to drink before going out one evening. They told me that they hadn’t realized what it tastes like and couldn’t drink even one (1 oz.) bottle. Underberg is definitely not something that one ingests to become intoxicated.

Leave a Comment

Phenom Shuffle

A convenient trade took place recently, with me my swapping someone the white Specialzed Phenom from the trainer for a same-size one, but black with a red nose and wings. (He wanted the white one to match the all-white bike that he’s putting together.) Tonight I set it all up, taking the original Phenom with silver accents from the Titus and moved it over to the trainer and, as seen above, putting the new red-accented one on the Titus. I think it’ll match nicely with the other red bits on the bike such as the brake barrel adjusters, cassette, and cable housing.

This spring, once I put the trainer away (or maybe even a little before then), I’ll then take the silver-accented one and move it over to the El Mariachi. (This bike doesn’t have any red on it at all, and thus the red-accented saddle would have looked rather out of place.) I have a feeling I’ll be riding this bike quite a bit and I’d like it fitted with a saddle that agrees with bit more with my bits than the WTB Laser V that’s currently on it. The Laser V is a good saddle for a bike that I don’t ride for long periods of time, but extended periods of sitting on it tend to make things feel a bit… off.

Leave a Comment

MS12-006 and HTTP 408 Errors

I recently worked on an issue where a new Microsoft patch for a security bulletin, MS12-006, was correlated to a web-based application occasionally returning errors. Specifically, while using a web-based version of a reporting package off of a version of Sun (Oracle) Java Web Server the browser would occasionally return a Times New Roman-font “Request Timeout” message when users clicked report-generating links. The folks who support the server working on the issue initially had spent time uninstalling recent patches and found that removing KB2585542 (the patch for MS12-006 on Windows 7 clients) from the client machine would stop the issue from occurring. They then thought it might be a Windows client issue, which is where I got involved.

After some investigation it turns out that the problem was actually with the web server not handling split (fragmented) SSL/TLS records properly. The installation of the patch for MS12-006 causes IE to, in some cases, split SSL/TLS records into multiple requests. Since the server couldn’t appropriately handle these requests it thought the client closed the connection before sending a complete request and returned an 408 Request Timeout message.

This was illustrated by the HTTP logs on the server which show incomplete requests being returned 408 messages, similar to what follows. The bold line illustrates a request that correlates with the issue:

IP       | Username | Date                 | Request Header              | Status | Content | Length
---------+----------+----------------------+-----------------------------+--------+---------+--------

10.0.0.2 | -        | 17/Feb/2012:10:03:25 | "P"                         | 408    |         | 148

10.0.0.2 | -        | 17/Feb/2012:10:01:13 | "POST /TestApplet HTTP/1.1" | 200    |         | 13056

After the installation of the patch for MS12-006 there is a setting which allows this new feature to specifically be used only when called for (“optin mode”, the default), all the time (“enabled for all”), or never (“disabled for all”). Setting the option to “disabled for all” kept the issue from being reproduced, and when set to “enabled for all” it always occurred. (See the Registry Information section of 2643584 for more information on these options and how to set them.) By this I showed that it was this SSL/TLS feature causing the issue communicating with the server. Since this appeared to be an issue only with this particular server the team supporting it is now looking into potential solutions on that side.

While it may be tempting to simply disable this feature on clients, this would handicap one of the security enhancements brought along with the MS12-006 patch. Since this issue isn’t likely to be widespread (else lots of HTTPS sessions would be failing) I believe that the servers should be fixed to be compatible with the client’s standard behavior. Specifically, I believe the issue to actually be with the server not having an RFC2246-compliant TLS implementation and thus it should be fixed.

Hopefully this information will be useful to others who run into such an issue. It’s a bit opaque at first, since it looks to the users like the server is having a problem, but to server like the client is occasionally failing to send proper HTTP requests. Trying to troubleshoot this with Fiddler didn’t help either, because the HTTPS proxying would recreate the request, apparently no longer splitting the SSL/TLS record, which kept the error from appearing.

Here’s a few links which are helpful in understanding this issue, in order of usefulness:

· MS12-006: Vulnerability in SSL/TLS could allow information disclosure: January 10, 2012
· SSL/TLS Record Fragmentation Support – Microsoft blog article describing the issue in reverse, from a few years ago when SChannel didn’t support SSL/TLS Record Fragmentation.
· Microsoft Security Bulletin MS12-006 – Important, Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)
· HTTP Status Code 408 Documentation
· RFC2246 – See section 6.2.1.

1 Comment

Dirty Ears Beget Dirty Earplugs

Last night I put in some ear plugs, but because I hadn’t cleaned out my ears first all of the wax in my ears seemed to stick to the plugs, as seen above. (Click here to embiggen.) While I now have to toss out these earplugs, it does show that they do a pretty good job serving as an impromptu — though not immediate — ear cleaning solution.

1 Comment