Thursday, 7 November 2013

VLAN's on linux

A quick search for VLAN setup on Linux brings up a few old docs which suggest the use of the 'vconfig' utility. But these days one can use the very versatile 'ip' command as explained here. For example one can create a VLAN interface on the eth0 hardware interface with VLAN ID 2 like this:
sudo ip link add link eth0 name eth0.2 type vlan id 2
One can assign an address to the interface like a normal interface:
sudo ip addr add 192.168.2.2/24 dev eth0.2
And to delete the address:
sudo ip link del dev vlan0  type vlan id 2
To show list full details of the interfaces (including VLAN id):
ip -d link

Tuesday, 5 November 2013

iOS7 uses IPv6 privacy address extensions

I got a curious warning from Google about a 'Suspicious sign in prevented' which turned out to be a connection over IPv6 from my iPhone to Gmail. I'm aware that I've been using IPv6 for a while now - it's been in iOS since iOS4 I think - so either Google has recently started warning people about changing IPv6 logins, or iOS7 has updated their implementation to include IPv6 privacy extensions (Specified in RFC4941). Either way it seems iOS7 is definitely using IPv6 privacy addressing (and possibly older versions of iOS also) which means that the IPv6 address of your iPhone/iPad will change over time and will not reflect the underlying Ethernet hardware MAC address (as it does for the basic stateless autoconfiguration).

It seems that privacy addressing is becoming the default as a number of OSes have adopted them (Linux, OSX, Windows) a while ago. Overall I think it's a good thing as I'm not sure I want my device to potentially be tracked by its hardware address (which is largely contained in a normal autoconfigured IPv6 address).

Tuesday, 22 October 2013

Compressing videos quickly

I was compressing some videos today using the venerable ffmpeg and noticed things going rather slowly. Then I spotted that the H.264 library libx264 was saying: "using cpu capabilities: none!" - Ah that might explain it...

I'm on a Mac OSX machine using a version of libx264 from MacPorts. It turns out that the default install does not enable any CPU optimisations. So I just needed to rebuild it with asm variant to enable it's assembly code based optimisations:
sudo port -u install x264 +asm
I reran ffmpeg and libx264 logged that it was using a whole string of it's CPU specific optimisations and running a whole lot faster!

If you're on Linux/Windows/Raspberry-Pi you're probably running the same problem. This is because the people who ship software need to compile it in a way that runs on most machines - which means it's not going be tailored to run best on your particular machine. So the helpful folks at ffmpeg have put together a compilation guide on how to do it yourself.

Thursday, 19 September 2013

iPhone Call blocking available on iOS 7

Following my previous post on how to block callers on iOS6. With iOS7 it is now finally built into the system - you just go to Settings->Phone->Blocked and add whoever you [don't] like! You can also add to the Blocked list from Settings->Messages->Blocked or Settings->Facetime->Blocked. Note: Once you've blocked them they won't be able to Call, Message, or Facetime you.

Monday, 16 September 2013

Scam: Amazon complimentary £50.00 Gift Card

I looked at my inbox today and saw what initially looked like a very generous offer from Amazon - too good I thought... But the email looked pretty genuine - the to and from addresses were good (though full email headers revealed a potentially dubious return address), the graphics and wording seemed pretty good. The only odd thing was that they used a tinyurl.com redirection, which is something they don't normally do. Plus unfortunately tinyurl.com don't make it easy to find out where their links actually take you without clicking on them. So I clicked on it and it brought up a very good version of  Amazon's login page. The URL looked curious as it wasn't your normal 'http' scheme, it was a 'data' one (e.g. data:text/html;base64,PCFET0NUWVB...) which I'd not see much. What they have done is encode the entire page in the URL using 'base64' encoding. Looking at the links on the page they all seem genuine on the surface but they have added their own subverted javascript which would steal your login and password if you attempted to login. You can decode the base64 encoding to check, either by viewing source on your browser or just to make sure by copying the whole URL and running:
base64 -D -i amazon-scam.url -o amazon-scam.html
Fortunately a few people have twigged that it's a scam and there's a discussion on Amazon's help pages

So basically if something looks too good to be true - it usually is!

Wednesday, 11 September 2013

Disappearing log plots and lines

I was doing some plotting using iPython --pylab which uses the handy matplotlib to draw things. The stuff I was plotting was a bit all over the place so I thought I'd switch to log mode using pyplot.yscale() (though you can also use axes().set_yscale()):
yscale('log')
Suddenly a few of my lines just went missing - What was the problem here ?

Basically it comes down to the fact that some lines/points were at zero which is problem for a logarithmic representation as the log of zero is -infinity (-∞). Of course iPython has a work around which is to use their symlog axes scale, which combines log and linear scales using a threshold linthreshy at which they change:
yscale('symlog',linthreshy=1)
You can also have a problem with negative values and log plots as the log of a negative number cannot be represented in normal (real) numbers (use need complex numbers for that). But you can get around that in iPython using the symlog as well - as explained here.
Note: All these commands work for the x axes as well - just change the 'y' for an 'x'.

Thursday, 20 June 2013

Accessing the contents of a Time Capsule disk

So I took my (1st Gen) Time Capsule apart and switched the old 500GB drive for a 3TB drive - which worked in principle. I was impressed that the old thing could handle a 3TB drive ok. The problem that I increasing encountered was that Apple's File Sharing (AFP) server kept crashing - which basically meant my Time Machine stopped working and I had to go and manually switch it on and off every day.

To fix this issue I took the disk out of the Time Capsule and put it into an externally powered USB 3TB capable enclosure so that Time Capsule finally worked reliably again (and no longer crashed). The reason this worked was because the crashing was down to overloading of the power supply (which led to the crashes) in the Time Capsule itself - by moving the disk outside meant that the power to main board of the Time Capsule was now more stable, plus it wasn't getting over heated (which is another problem that besets such small embedded systems).

But along the way when I took the hard drive out of the Time Capsule and tried to look at it on my computer I only found two rather oddly named partitions - APswap APconfig. After searching on the net it seemed there should have been a third partition named Data but it was not showing up?! I was very puzzled as it showed up when inside my Time Capsule. After a lot of faffing about I finally discovered that problem was down to a hardware issue - all the harddrive enclosures I had tried with my drive were not actually capable of reading a 3TB drive - though they were all happy reading a 2TB drive (but quite few enclosures can only read 1Tb or less - so check this if you're having this issue). So I finally managed to find a 3TB capable enclosure and it reads the disk fine and mounts the Data partition (and may be used for external connection of the disk to my Time Capsule so it works as I explained above).

I did also try to mount the disk from Linux but the default filesystem used by the Time Capsule is Apple's HFS+ with journaling enabled used to be not so straightforward to mount. It seems that Linux now mounts hfsplus disks with journaling switched on without a problem (though I'm not clear whether what happens to the jornaling?). On older versions it's also possible to force mount the drive using Linux's hfsplus filesystem driver. It seems that under Lion it's no longer possible to switch off journaling on HFS+ using Disk Utility which is a pain - though I understand that it can be switched off using the diskutil command.

One final thing I tried was set up a Linux box as Time Machine capable network drive. One thing I learned along the way was that Linux's HFS support (i.e. Apple formatted disks) is not rock solid and it would crash when running the backups so I had to change the disk format of my backup drive to use Linux's ext3 filesystem instead (then I could use the ext2/3 fuse filesystem to mount it on OSX). This basically seemed to work on one of my machines, but unfortunately it seemed less reliable on another (It lead to this error message every so often: "Time Machine completed a verification of your backups. To improve reliability, Time Machine must create a new backup for you." - which makes it useless) so I've gone back to using the old Time Capsule with an USB external disk (having removed the internal one which means it no longer crashes).
[updated:9sept13]

Wednesday, 29 May 2013

Freeing up 'Other' space on the iPhone

Recently I'd noticed my iPhone was getting full without me adding anything much to it. In iTunes I noticed that it was half full 'Other' stuff - WTF?! I realise with a few hundred apps I was pushing things a bit but not that far. I looked around and found this article on cleaning up the 'Other' stuff on an iPhone - I tried its suggestions to no end. But it led me to exploring my phone further...

I noticed that the 'Voice memos' section was loaded up with duplicated audio files some of which were quite large. There's clearly a bug somewhere leading to this (I'd seen this kind of duplication bug in iTunes for music tracks before but it seems to be fixed now - but not so for Voice memos).

So the way to get rid of them and clear out the 'Other' category is to use the iExplorer (or similar - Ubuntu etc can mount an iPhone so you can see these things) software and navigate to Media/Recordings and delete all the duplicates recordings. The problem is that it seems the bug persists... so to really clear it up you need to make sure you've got copies of the memos you want (they should be in iTunes but make sure before the next step - if they're not then use iExplorer to export them out or failing that obtain them from a backup with a backup explorer - iExplorer crashed when I tried to export them). Now delete ALL the memos from Media/Recordings using iExplorer. Then go to your phone and tap on the Voice Memo's app and then tap on the bottom right button to ensure that they're all gone (if necessary you may need to quit the app and restart it). This should sort out the Voice Memos database for future use, and also seems to put iTunes straight.

Now sync with iTunes and you should see most  of that 'Other' space reclaimed (some is legitimately used by certain apps for internal storage) and available once again...

Thursday, 7 March 2013

O2's TU Go app - NOT Secure

I was impressed by O2's TU Go app - it provides for using of your O2 number (for calls and SMS) on different devices (iOS: iPad, iPhone, Android, and Win7) - over WiFi or GSM. It's nice to be able to use Wifi only devices or Wifi only locations to make and receive calls.

However if one reads the fine print of their terms and conditions (item 13) it says that calls over WiFi are NOT secured. I was a bit concerned so I dug further... I ran TU Go and captured the packet stream and sure enough, whilst the signalling protocol is secured using TLS, the audio stream is just using plain old G.711 on RTP which I could playback quite nicely using Wireshark.

So only use TU Go on your secured home network or over a VPN unless you're not concerned about people listening in.

I should also point out that the average SIP/VoIP phone is actually worse as it not only leaves the audio in the clear but also the signalling.

On the other hand Skype and Facetime encrypt the majority of the traffic.

Tuesday, 26 February 2013

Call blocking on iPhone (iOS 6)

[Update 19sept13]: If you're on iOS7 - see my new post on built-in call blocking for iOS7.

It is possible to do reasonable job of blocking/blacklisting calls on your iPhone without any additional apps (or jailbreak) with iOS 6 by using the new 'Do Not Disturb' feature in the iPhone Settings app.

The way it works is to create a list of people you would like to receive calls from, and so anyone not on that list will be sent straight to voicemail - effectively blocked. The simplest way is to add all the people you want to receive calls from to your favourites (Alternatively you can use 'groups' created in your address book but you can only create groups using another app or on your desktop). Then you open the Settings app and go to: 'Settings -> Notifications -> Do Not Disturb -> Allow Calls From'
and then tick  'Favourites'. If you want to make sure you don't receive repeated calls from any blocked person you also need to turn off the 'Repeated Calls' switch in 'Settings -> Notifications -> Do Not Disturb'. Then you go back to the main menu of the Settings app and turn on the 'Do Not Disturb' switch.

Your phone will now ignore all calls that are not from your favourites, the only other issue is that other alerts will get silenced so it's not a perfect solution but it probably works till most problem callers lose interest. It would be handy if Apple would make call blocking easier.

If you've jailbroken (e.g. using evasi0n) your phone then you can pay for an app that does a better job of just blacklisting calls called iBlacklist (which you can get from Cydia).

Thursday, 14 February 2013

Lovefilm instant: lost the plot

So I started watching a film on my tablet last night from Lovefilm instant. Tonight I decided to watch more of it... Incredibly it was no longer available for viewing (only for DVD rental)??! I think I'll be unsubscribing. The selection of films/TV is not impressive either. But not being able to watch a film from yesterday is just losing the plot. Netflix maybe the answer…?

Wednesday, 13 February 2013

Airport update 7.6.3: IPv6 OK

I just loaded up the Airport/Time capsule update 7.6.3 and everything works fine so far: my IPv6 tunnel is working fine (contrary to some other articles out there..). We'll see if it brings stability enhancements to the Apple networking...lets hope so....

I had some issues with my Hurricane Electric dynDNS setup (Very useful if you have a dynamic address for your ADSL) in conjunction with my IPv6 tunnel, but I fixed the problem by removing the dynDNS entry from the ipv6 tunnel Advanced settings and reinstating it. It may also have been down to making sure Ping (ICMP) was unblocked for the he.net servers.


Tuesday, 29 January 2013

Using bluetooth audio in Linux

I just spent a while trying to find out how to get my laptop to play audio to a Bluetooth Headset. It seems a lot of the info out there is out of date. Here are some instructions that work with bluez version 4.9X on Ubuntu 12.04.

Firstly make sure you've got the following packages e.g.:
% sudo apt-get install bluez alsa-utils

To do it you need to make sure all the bluetooth kernel modules are loaded - the following command should show the bluetooth modules if they're loaded e.g.:
% lsmod | grep blue
bluetooth 158479  23 bnep,rfcomm,btusb

Then you can check the bluetooth adapter is operational by showing its address info e.g.:
$ hciconfig
hci0:    Type: BR/EDR  Bus: USB
    BD Address: 00:02:7e:16:0D:0a  ACL MTU: 384:8  SCO MTU: 64:8
    UP RUNNING PSCAN ISCAN 
    RX bytes:58444 acl:314 sco:0 events:6846 errors:0
    TX bytes:4821276 acl:17765 sco:0 commands:152 errors:0

Next you need to switch on your headset and put it into discovery mode (e.g. push and hold the power button or something). Then you get your laptop to scan for it e.g.:
% hcitool scan
Scanning ...
    00:0B:E4:9A:15:E4    Nokia BH-214

Then you need to pair with this device as follows - It will ask you for the PIN code for your device (e.g. 0000 or 1111 or something) and then it will add it to the list on your machine (you'll need to replace the bluetooth interface 'hci#' with your one in this part e.g. hci0) e.g.:
% sudo bluez-simple-agent hci# 00:0B:E4:9A:15:E4
RequestPinCode (/org/bluez/9261/hci0/dev_00_0B_E4_9A_15_E4)
Enter PIN Code: 0000
Release
New device (/org/bluez/9261/hci0/dev_00_0B_E4_9A_15_E4)

Now you need to set up the device for use by ALSA sound system - create a file called ~/.asoundrc containing the following (you'll need to replace the bluetooth address with your one in this part) e.g.:
pcm.bluetooth {
   type bluetooth
   device 00:0B:E4:9A:15:E4
}

Finally you can now play audio to your headset:
aplay -D bluetooth myaudio.wav

Or you can select the bluetooth audio device in other audio apps.