Nosbig.net

Lately, I have been spending some quality time again with my TC1000 from Compaq.  I purchased mine last year, along with two friends of mine.  We all have taken different approaches to making the tablets work well.

I have been using the tablet off and on since then, with most of the functionality available while logged in, but there have been a few rough edges.  With a tablet PC, how do I log into the tablet while it is undocked from the keyboard?  I have used a great on-screen keyboard/handwriting recognition tool called Cellwriter.  It requires a little training, but the tool is very accurate after training.  There are two instances where a user needs to enter a password, when logging in and when unlocking the screensaver.

• Login: I use Gnome, so GDM is the login manager I prefer on this tablet.  Changing the configuration was fairly wasy.  The configuration file, in Debian, is /etc/gdm/Init/Default.  I found that a single line, added above the final “exit 0″ line, was enough to add the keyboard: “cellwriter –keyboard-only –window-x 170 –window-y 568 &” and restart X by logging out.

• Screensaver: The screensaver was slightly more difficult, requiring two steps to configure within gconf-editor:

1. Enable the embedded_keyboard_enabled key in /apps/gnome-screensaver.
2. Edit the embeddes_keyboard_command to include: /usr/bin/cellwriter –keyboard-only –xid

I could have chosen one of a number of alternative keyboards, but Cellwriter works so well and looks so clean compared to the other tools I had tried.  There are two issues that I have been dealing with with little success…

First, the –keyboard-only flag is in both locations to run the keyboard without regards to the written input.  I expected to need that during login, as GDM has idea who is logging on until after they have logged on and GDM is no longer needed.  However, I did try to use it normally with the screensaver login, and I could not get gnome-screensaver to accept my known-good password while using the handwriting portion of the application.  While I would like to be able to write my password, your entire password remains on the screen in the input box until you accept the input.  So, I will try to get at working sometime, but it probably better that i have to type my password, keeping it hidden from view.

Second, each of the applications would randomly spam one of the input buttons as I was typing on the screen.  This forces me to have to simply hit the enter key and start again.  At some point, I will have to try using the native fpit driver within Xorg.  I might already be, now that I have upgraded my system to the post-Lenny testing version of Debian (Squeeze).  I haven’t otherwise updated the system’s overall configuration in several months.

So, hopefully, I can start getting even more utility out of this again, without the encumberance of this keyboard.  As much as I would like to try one of the new netbooks, like the Acer Aspire Once or the HP Mini 1000, the lack of a touch screen makes those devices a less-attractive form-factor that this handy piece of gear.

Yesterday afternoon, my girlfriend discovered a particularly large volume of voicemails on her phone, after having cleaned out her mail box just 36 hours prior.  She listened to several blank voicemails, as well as one from someone who wanted us to return their call…

I began investigating by looking into the metadata for the voicemails which were left; all were from unusual phone numbers outside of our area code.  My next trip was to the CDR records and my provider’s call history.  These sources showed that over 1000 phone calls were attempted to be connected through our phone system to various communities around the country.  Two patterns emerged while looking at the details of the calls:

• The calls were being generated in a non-sequential pattern; clearly an unscrupulous telemarketer was war-dialing to South Carolina, Michigan, and Virginia.
• All of the outbound calls were originating with my girlfriend’s CallerID.

So, I knew what was going on, but I had yet to determine to how this incident occured.  Further digging revealed that the Linksys ATA being used internally was lagging significantly and intermittently.  It was a moment of epiphany; I understood where the problem was, and I could take action to address it.

Several years ago, I installed an Asterisk server to provide home phone service with a company that provided an IAX trunk.  At the time, all we were using softphones to make and receive calls.  Over time, I upgraded to a Cisco 7940 for myself and an analog cordless phone on a Linksys ATA for my girlfriend.  At the time I installed the ATA, I had not used a significant amount of security of the SIP peer registration, as the network was firewalled from the Internet.

Fast forward to 5 months ago…  I obtained a business phone service through a major provider using SIP.  Due to their configuration, I was required to open the SIP and RTP ports to the general Internet and forward them to my Asterisk server.

Now, we return to the present time.  Several days ago, this telemarketer scanned my router, found open SIP ports, and began to issue a brute-force attack against my Asterisk server.  The telemarketer scanned every possible 3 and 4 digit peer name, was able to find the Linksys ATA’s peer name, and was quickly able to brute-force the password.  With this information, the telemarketer was able to register as that peer and make calls outbound, according to the dialplan configured for my girlfriend.  My Cisco’s peer was not impersonated, but it would not be likely to be responsible for outbound calling due to the unique dialplan I am using.

With the understandng of what has happened, I could work to correct and block the means by which this telemarketer was using my phone system and service:

1. I unloaded chan_iax.so to remove the possibility of additional phone calls being made.
2. I then enabled a moderate amount of security, particularly a random password for each of my SIP devices.
3. Next, I modified my firewall configuration to drop all packets through my router which contained the IP address from which the attack came.
4. I then re-enabled the IAX phone service by reloading the chan_iax.so module.

After the initial security containment, I turned my focus to handling the inbound phone calls being returned based upon the messages left with the various victims around the country.  I recorded an announcement indicating what had happened and that the compromise was taken care of.  Finally, I crafted the dialplan to play this announcement to every caller not from a local phone number.

Overall, this breach was not as extensive as it could have been, but it does illustrate that security must be vigilantly monitored and maintained.  My complacency in the security of my network ultimately led to this incident.  Fortunately, it does not seem to have led to any major financial loss to any party, including myself.

I was listening to a video from Chris Pirillo, and I am really getting frustrated with certain perceptions which have perpetuated in regards to Linux…

I agree with Chris that competition for Windows is a good thing…  Particular because Windows market share is eroded in the process.  I work in an IT shop every day where the architecture of Windows and its 20-year legacy cause endless issues with clients.  Much of the problem revolves around third-party applications being written to an old or incomplete specification.  But I digress…

The following items are misconceptions which, like bad email hoaxes, never seem to go away:

1. Kernel Compilation: Please do not believe that you have to compile your own kernel.  For nearly every distribution out there, the kernel probably supports 99% of the hardware in any given system.  The more high-profile a component is, the higher chance it will be supported.  If you choose to purchase (for example) a cheap $30 widget that is found in the clearance bin in your local electronics store, you might have some problems.  While there may be a Windows driver, it might be hard to find a replacement driver if you lose the CD it came with.  For SATA controllers, CPU’s, webcams, digital cameras, printers, and more, the Linux kernel provides the drivers.  Also, the folks at various distributions work very hard to package the kernel to interact nicely with the rest of the system.  As an example to the hardware argument, I will discuss my laptop.  I purchased a Lenovo z61m (Intel Core 2 Duo, 1GB RAM, SATA HDD, Intel video and wireless, Fingerprint reader, etc).  Without recompiling my kernel, I have used all of the internal system components as well as a bluetooth adapter (Kensington), digital camera (Sony T1), webcam (Logitech STX), a Nintendo Wii Remote, Wireless presenter remote, external mouse and keyboard.  The only piece of hardware which does not work completely is the memory card reader.  The SD portion works, but the xD portion (which I do not use) has no driver available for this device.
2. Linux Installation: Again, Ubuntu has been a shining example as to how easy a Linux distribution is to install.  Fedora, SuSE, and Debian are not that far behind.  In fact, modern Linux distributions are better than Windows during the installation at finding drivers for hardware.  I have had more hardware missing drivers with a freshly-restored system (from the restore partition) of an HP or Gateway laptop than from any of the last ten or so Linux installations.  To me, the lack of proper hardware support (at least for the network adapters, to enable the retrieval of additional drivers) is rather disturbing.  As an aside, the old argument stands in many ways.  The overwhelming majority of computer users already have a system administrator to manage or install the operating system (company IT, “that kid who knows computers”, groups like Geek Squad, etc.).  While I appreciate the desire for an easier install, I also would mention that Windows users have learned as much about their operating system as Linux users have about theirs (from a systems administration perspective).
3. Linux Support: The age-old question of how to get support for Linux…  First of all, see above.  Most people (regardless of operating system) seek advice from someone “smarter with computers” than they are.  For those folks who appreciate the technology and have learned more than the basics, what do you do when you have a problem?  That’s right, you turn to Google, discussion forums, and the user community.  Guess what?  Linux has many of the same support structures.  Countless how-to sites, forums, chat rooms, blogs, and e-mail mailing lists (all indexed by your favorite search engine) provide an insight into the solutions to a given problem.  In addition, Linux can often add a layer of community support which Windows users have seemed to have left behind, the User Group.  Across the globe, thousands of Linux user groups meet (weekly, monthly, or annually) to discuss new technologies, new software, the community itself, and supporting each other.  One item that tends to put some people off, however, is the attitude of some communities to new users.  All most of those communities ask is to invest something in your own problem.  Often, new users will enter a support forum and ask, “How do I get “foo” to work?”  While that question isn’t a bad one, it reveals to the community that this person has not even run a single Google search to have an idea where to start.  If the same user were to ask, “How do I get ‘foo’ to work?  I have seen that I have to look at my syslog, but I’m new at this and don’t know where to start,” the response will often be warmer.  Of course, if someone would insist on some hand-holding and cannot afford to spend some time learning, then they should pay a support provider (Red Hat, Canonical, Novell, or a member of a local LUG) to provide that assistance.
4. Application Compatibility: This one has got to stop… now.  Let’s examine Windows.  Should someone need an application which is native to Windows, you just grab it and install it.  What if you want to run Linux/UNIX software on the machine?  or Macintosh?  Cygwin is a product which provides much of the support to run Linux/UNIX command-line and graphical applications on Windows.  It is free and open-source and maintained by Red Hat.  Or one would find cross-platform support.  Some of our favorite tools in the community on Windows are cross platform.  Firefox, Pidgin, Gimp, and OpenOffice.org come to mind.  Of course, all of these will work on Windows and Mac, in addition to Linux.  To compare, the same tactic can be applied to running Windows applications on Linux using Wine.  Of course, the ultimate solution for the best compatibility is to run the tool in its native operating system.  With the advent of free virtualization software, anyone can run the operating system of their choice as a virtual machine.

With all that being said, I believe open-source software (with Linux having lead the charge) has won and will continue to push aside proprietary software.  We see (or more importantly don’t see) Linux in all sorts of places.  Early usages of Linux in a commercial environment (e.g. TiVo) provided a catalyst by which Linux began to be used elsewhere.  From web servers to routers to search engines, Linux is everywhere we go today.  With the quirks of the Windows operating system, its no wonder that people are flocking to OS X.  Never mind that users are trading one proprietary software company for a proprietary system company…  Ultimately, the open nature of the software I choose to use everyday enables a better life for myself and those around me, and I couldn’t imagine living with the shackles of Microsoft restraining me from making the technology do what I wish.

Here it is, the long-awaited episode 3 of the Linux Enthusiasts’ Netcast!

 

 LEN: Linux Enthusiasts' Netcast, Episode 003 Redux [29:15m]: Play Now | Play in Popup | Download

This episode includes the following products, websites, OSS projects, and organizations:

• Ohio LinuxFest: The premiere fall Linux event for Ohio, the Midwest, and beyond
• LPI: World’s most well-known vendor neutral certification and advocacy organization
• Don Corbett: Linux training and consulting
• ZenOSS: Open Source Configuration Management and Discovery
• MythTV: Overall DVR, home entertainment system
• Jon “maddog” Hall: Executive Director, Linux Foundation
• Drew Curtis, Fark: Founder, Fark.com
• Microsoft and Yahoo deal: CNet news.com
• Zimbra: Open-source Exchange alternative, mail server and collaboration suite
• Office Open XML Format Wars: Groklaw.com
• Microsoft ISO Vote Tampering: Computerworld.com
• Wordpress 2.5.1 Release: Blog-ish Content Management System
• iRiver Clix gen2: iRiver America product page
• iRiver Clix gen2: Amazon.com bundle
• Amarok: KDE’s media player
• RhythmBox: Gnome’s default media player
• gPodder: Awesome light-weight podcatching client
• NCOLUG: the North Central Ohio Linux Users’ Group

As usual, I want to hear from you! Send your feedback to:

len@nosbig.net or leave feedback on our voicemail box at (206) 350-8405.

Podcast theme music provided by Mark Blasco, www.podcastthemes.com.

Over the last few weeks, I have been enjoying the insightful, funny, and inspiring moments from the Technology, Entertainment, and Design conference (TED), an exclusive event for just 1,000 people every year. The presenters are given very specific time constraints, something like 18 minutes.

Two of the most enjoyable talks I have seen so far have been from two very different scientists with two very different interests.

Jill Taylor, a neuroanatomist from Boston, talks about what it is like to have a stroke, from personal experience.

Cliff Stoll is most famous for catching some international espionage agents through computer forensics and network security, but he really enjoys physics, astronomy, and education.

It’s been a while since the event, but I thought I would recommend an event for anyone who enjoys pop culture, classical music, or video games.  Video Games Live came to Columbus back in April.  While I won’t go into a lot of detail about the structure of the show, I will say it was a blast.

For a soundtrack fan like myself, the concert had a great blend of music from the old classics like medleys of the music from the Mario and Zelda series to contemporary classics such as Halo and World of Warcraft.

This show was a bit unique, for me.  First of all, the amazing pianist Martin Leung performed live at the show.  Using the 3-story pipe organ in Mershon Auditorium, he played a suite of music from Castlevania.  For some recorded bits before he began touring with VGL, check out what is available on Google Video.  Notice that he is playing blindfolded to start with.

I would like to go back to the show.  It’s nearest touring to my area is in Fort Wayne in February.

Of course, this isn’t the only concert of its kind.  Other video game concerts have run the world over, but VGL is the biggest domestic concert series.  One of it’s brethren is Distant Worlds: Final Fantasy. While VGL spends time in all sorts of genres of music and games, Distant Worlds is focused specifically on the Final Fantasy series of games. The next concert is in Stockholm Sweden in December.  In the US, the show is coming to Chicago in March.

Both concerts really appeal to me, and I would love to go to both.  We’ll see.  I would need to take a half a day off of work, at least, to get to VGL in Ft. Wayne.  It is on a Friday night, while Distant Worlds is on a Saturday.

What is your favorite soundtrack?  Video game?  Movie?  Would anyone else reading this consider attending a VGL concert?

Welcome to the premiere episode of the Linux Enthusiasts’ Netcast.

 

 Linux Enthusiasts' Netcast -- Episode 001: Play Now | Play in Popup | Download

Episode 001:

• AsteriskNOW Download: http://www.asterisknow.org
• Installing Flash: Abode/Macromedia Plugin Download Page
• Installing Java: Java Download Page

Please send all feedback or any questions to len@nosbig.net or call (206) 337-0830.

Well, the absence from this blog has not been without good cause. For the last few months at MCPR, we saw quite a bit interesting happenings, resulting in our being locked out. While this is normally a bad thing, it has been of great benefit to me.

After the closing of MCPR, a group of us entered negotiations with MT Business Technologies, a company whose services are in great demand in the area. After a few short days, we have come to an amicable opportunity. As of today, I have begun working at the company. While I can’t give a lot of detail, for confidentiality reasons, I will say that I am starting by helping the Sales Support staff with their workload, learning to write specifications, scope of work, and other related documents, in MT’s preferred fashion.

I hope to expand into new territories and help the company become even more profitable than it already has become, and I look forward to many years of opportunity to exercise my current and growing skillset.

I have been wanting to start a podcast for a very long time, inspired by what Leo Laporte does with TWiT and with what my parents did educating people. So, I spent some time thinking about a focus for the show and decided to start a podcast for people who are wishing to learn more about Linux. The Linux Enthusiasts’ Podcast recorded its first rehearsal podcast today (yes, on April Fool’s Day) to get a feel for the amount of material to need to fill 30-60 minutes.

For the most part, I would like to spend the time answering anyone’s Linux questions. But I thought I would include some weekly news, and I want to include two applications per week, one graphical and one text-based.

To get help with any conundrums, email len@nosbig.net. I want to hear from people before and during the podcast. I will probably post the rehearsal after I edit it down a little. There were a few spots where my ADD got the best of me and I repeated myself or I had to pause a moment to collect my thoughts. I thought I had prepared sufficiently for this episode, but clearly not.

Over the course of the last few months, I have come across a few projects that I have not taken the opportunity to work on, and I really should. The following projects are on my short list of things to do:

• Obtaining and reflashing a Linksys WRT54G router, either the GL or GS.
• Playing with and/or hacking a LaFonera wireless access point
• Building my power lockout device for my ham radio
• Building a PC for my car with wireless capability for a media center
• Building a decent amateur radio station, including packet station
• Building a podcast station
• Upgrade my radio license to General Class

At some point in the future, I want to do some kind of podcast. But before I would commit to that, I need to find a topic that I can regularly update and contribute. Part of the issue of the lack of updates is the company for which I work. MCPR has me doing some very interesting things, but they are marketable ideas that I have to keep quiet. The only project that I can talk about is our Asterisk dabblings. We are offering the ability to connect analog or IP phones to the system and connect to about any outbound media out there, including SIP trunks.

But much beyond that, I don’t have the ability to talk about the details of what I do at work with the world at large, between protecting our clients’ privacy and not wanting to give any competitors any ideas about our strategy.