Halt and Catch Fire premier

Last night I watched the first episode of Halt and Catch Fire on AMC.  I wanted to love it, was tempted to hate it, and in the end opted for neither one.

For those of you who don’t know me, I lived through the period in question, and in the same industry…  although not working for TI, or a fictitious Texas OS vendor, or even directly in the PC end of things.  Still, those were some pretty exciting times.  I was fixing mainframes for a living, but lived and breathed microcomputers every day.  When micros first came on the scene (we didn’t call them “PCs” until well into the 80s), it was like the Wild West, in all the good ways.  There was opportunity around every corner.  I would be hard pressed to count the number of companies making computers in the pre-IBM days; some very cool things were being done by a lot of gifted and smart people.  I remember one in particular, a machine made by Ohio Scientific that had multiple processors (6800, 6502 and Z-80 if I remember right) and could boot different operating systems depending on your mood.

Anyway, the first bit of bad news came during the opening scene — a typed-text description of the “HALT AND CATCH FIRE” machine instruction.  It’s a simple concept, easy to explain and even a little humorous.  And they got it completely wrong.  Stupidly wrong, in fact.  I felt like a doctor watching Gray’s Anatomy or a cop watching Blue Bloods.  Sigh…

It got a little better from there, but there was some really stupid technical nonsense thrown in for no good reason.  Something real and believable would have been just as dramatic, or maybe even better.  You can’t cut a soda can in half with a pencil soldering iron  – and why would you need to to fix a Speak & Spell?  I especially loved the scene where he’s tediously de-soldering connections on the back of the circuit board — then triumphantly extracts the chip FROM ITS SOCKET.  And then of course there is the biggest non sequitur: ALL of the IBM Personal Computer’s schematics as well as the complete assembler listings for the BIOS were readily available from IBM, in the IBM Model 5150 Personal Computer maintenance manuals that anyone could buy.

So building a clone of the IBM PC was really pretty trivial from an engineering standpoint, and other manufacturers jumped in early and often.  Most tried to build better machines that ran their own version of MS-DOS, and most used the same bus so that expansion cards were interchangeable.  It took a while for the tyranny of the marketplace to grind everyone into making exact clones of the IBM machine, other than some speed improvements and of course much lower prices.

The list of ridiculously stupid technical gaffes is pretty impressive.  The scene where they start reading out the BIOS?  Well, first off, there were no white LEDs in 1983.  You could have any color of LED you wanted as long as it was red, green or yellow.  And binary 1101 is a hexidecimal D, not B.  PC motherboards don’t arc and spark, and if one did it would be dead, dead, dead.  His oscilloscope was displaying a stupidly Hollywood-ized pattern, and why would they need to use one  anyway?  Could they not read the pinout from a common EPROM data sheet?  He’d just finished explaining how all the parts were off the shelf common stuff.  And why would such a hotshot engineer not rig up an interface to his TRS-80 to read out the BIOS chip?  For that matter…  why not just type in a few lines of BASIC program to read out the BIOS and save it to disk, print it or display it on screen?

From a technical standpoint the show is senselessly over-dramatized in ways that really spoil a lot of the “geek appeal”.  If you know much at all about the technical matter at hand you’ll spend half your time shaking your head and saying, “Wha??  No…”  They did, however, seem to do a fairly decent job of catching the general tone of the period, and the story line (other than the glaring issue of the whole made-up BIOS thing) has potential.  I just wish they’d have hired an actual technical consultant, or listened to him if they did hire one.


Updating the anti-SIP attack script

The anti-SIP attack script has been doing a great job, but I did note a few shortcomings I wanted to fix.  For one thing, I was noticing a few “clusters” of networks that justified (to me) blocking larger networks.  No one outside the US has any reason to connect to my server, for example.  I can block entire /8 networks…  but doing so manually was cluttering up the iptables rule sets.

I modified the script to store a little more information in the text file, so i can go through it manually from time to time and make changes.  It’s easy to run the file through sort -n and see if it’s time to block a /16 or /8 network.

/bin/grep "No matching peer found" /var/log/asterisk/messages|cut -d "'" -f 4 | \
   cut -d "." -f 1-3 |sort -n |/usr/bin/uniq >> \
for d in `cat /root/anti-sip-attack.tmp`
  if [ `/sbin/iptables -L -n | grep -c $d` = "0" ]; then
    /sbin/iptables -I INPUT -s $d.0/24 -j DROP
    echo $d.0/24 >> /root/anti-sip-attack.txt
rm /root/anti-sip-attack.tmp

Exploring Mars

Last night I took Lauren (my grand-daughter) to the National Geographic Exploring Mars presentation at the Holand Center.  Kobie Boykins was the speaker; Kobie is originally from Omaha and manages the engineering team that designed and built all of the moving parts of the Mars roving science lab Curiosity.  Pretty awesome evening!  Lauren and I both enjoyed it.  Many thanks to Lisa Van Stratten for providing the tickets.  After the presentation Lauren got to meet Kobie and had her picture taken holding one of the wheels used for testing a couple of the earlier Mars rovers.


Squelching SIP attacks

Since I run an Asterisk server, it seems every third-world slime crawler wants to see if they can get free phone calls.  So far none have succeeded, but if you let a million monkeys keep pounding on keyboards, eventually they’ll guess something right.

Unfortunately Asterisk doesn’t have any facility for doing anything with SIP attacks other than logging them.  I finally got tired of seeing thousands of connection attempts from various places and blocking them individually, so I came up with a script to add the offending IP addresses to my iptables filter.  When an invalid connection attempt comes in, I block their entire /24 net just for good measure.

/bin/grep "No matching peer found" /var/log/asterisk/messages|cut -d "'" -f 4 | \\
  cut -d "." -f 1-3 |sort -n |/usr/bin/uniq >> /root/anti-sip-attack.tmp
for d in `cat /root/anti-sip-attack.tmp`; do
  c=`grep -c $d /root/anti-sip-attack.lst`
  if [ "$c" = "0" ]; then
    /sbin/iptables -I INPUT -s $d.0/24 -j DROP 
    echo $d >> /root/anti-sip-attack.lst
rm /root/anti-sip-attack.tmp

This script gets run from cron every few minutes…  so far it’s worked quite well.  The next step is to tee the Asterisk log file and do it in real time, so they only get one shot and they’re blocked.  As it is now they have up to five minutes to try to brute-force their way in.

Neato vacuum update

My only complaint is that we only have one.

Rosie, our Neato robotic vacuum, has been doing a great job of keeping the floors vacuumed in the rooms where she runs.  I still haven’t done anything to the living room to keep her from getting hung up on the coffee table, but I’ve turned her loose in there once or twice anyway.  Once I used the magnetic strip to keep her out from under it, the other time I flipped it (the table) on its side.

The family room and upstairs, though, are now getting vacuumed a couple times a week.  I am always amazed at the amount of crud that comes out of the carpet even when it seems clean.  I’ve only had to intervene a couple of times when something got left on the floor (like a blanket) and sucked up, or once when the bot got hung up on a lamp base.  Overall — well worth the money.  I empty the dust bin after each run and occasionally vacuum off the paper filter; I just replaced it for the first time.  It came with 4 spares, and it looks like they only cost 3-4 bucks each.  Not bad if it means having your carpet vacuumed regularly.

Experiments in media servers

For the past week or two I’ve been doing some work toward some distributed media (audio, video, etc) for various parts of the house. What I’d like to do, ideally, is be able to watch HD TV on any TV in the house without the added monthly expense and hassle of a digital cable receiver from Cox. I’d also like to be able to record the shows we regularly watch, play them back from anywhere in the house, stream music wherever we want it, that sort of thing.

So far Windows Media Center seems to be a really good fit for the DVR portion of the job… unfortunately, it would also require a fairly expensive box be attached to each TV.  It would also mean two remotes per TV, or a universal – and good luck getting one to actually work.  I suppose I could build some Windows boxes fairly cheaply, but we’re still talking about $150-plus per instance, and that’s assuming I re-use any old hardware I have around such as hard drives.

After some reading, including some stuff I quite frankly didn’t really believe, I bought a Raspberry Pi with a wifi adapter to play around with.  Now, admittedly I’m a little late to the Pi community, but it’s really a pretty slick little board.  The Raspberry Pi is a tiny Linux system running on an ARM processor with half a gig of memory, and using an SD card for storage.  There are a couple of Pi-specific XBMC distributions, and they worked great for music and movies.  It was pretty impressive to see a sub-$50 computer the size of a pack of Camel Lights streaming HD video over a wifi link, without a hiccup.  Unfortunately, XBMC doesn’t have native ability to handle a cable tuner like the HD Homerun.

I ordered an HD Homerun Prime-CC and picked up a CableCARD from Cox.  The monthly rental on the CableCARD is not unreasonable at $1.99, although I do think it simply sucks that they are encrypting pretty much everythign other than the local broadcast channels.  They certainly earned their two bucks over the past few days; since Friday of last week I’ve dealt with five or six Cox support people on the phone, and two on-site service calls trying to get the CableCARD setup working.  It seems that all of the problems we encountered were in the initial setup and (mis)configuration of the hardware from the Cox network end.  Once I got a tech who knew how to get a CC set up, it went pretty well… until they shut off our cable receiver, then managed to un-pair the CC again when I called about the receiver. Once we got that straightened out, though, things started really coming together.

Once the HD Homerun and CableCARD are working, you need a PVR (Personal Video Recorder) back-end to feed video to the Pi or anything else running XBMC.  I’m running Windows Media Center on a Win7 machine, with ServerWMC installed.  ServerWMC is a free program that allows remote XBMC systems to connect to WMC and pull video and program guide information.  So the setup here is [Cox cable] –> [HD Homerun Prime with CableCARD] –> [E4200 Wifi router (via gig-Ethernet)] –/(wifi)/–> [Raspberry Pi / OpenELEC XBMC] –> [Insignia 28″ LED TV].  If I were ambitious I’d make a Visio diagram, but I’m lazy…  and no one reads this crap anyway.

As of today I have streaming music, HD video and live TV thorough this system.  I haven’t tried playing back recorded TV, but that may  require transcoding…  I’m not sure if ServerWMC will stream recorded TV files or not, but if not they’re in a format the Pi can’t play, so they’ll need to be converted to something it can play.

Possibly the coolest part?  I was not expecting this, but the Pi has a CEC adapter built in.  CEC lets you control XBMC from the TV remote.  The TV sends remote button signals through the HDMI interface to the Pi, so only one remote is needed — no IR receiver on the Pi, no need for a universal remote.  Too cool.  That doesn’t even work on the little Windows EEEBox in the other room – I’d need to add an external CEC adapter for that.

I can see using Raspberry Pis for other things as well.  Having an inexpensive Linux machine, powered by a common cell phone charger and equipped with wifi, wherever you happen to need it — pretty nice.  I’m thinking one of them with the add-on dedicated camera (5Mpixel, 720p video) that I could set in a window to catch whoever has been letting their dog crap in the side yard would be nice.  A video doorbell seems like a fun project.  And one of them will make a nice backup for the Asterisk server.

Roku: meh.

I spent some time playing around with a new Roku 3 over the past week or two.  From a hardware standpoint, it’s a pretty cool little box.  Wifi, HDMI, remote with accelerometers, all kinds of coolness.  Unfortunately, its use as a streaming media player is limited at best, at least for what I wanted.

If all you need is a player for Netflix/Hulu Plus/Amazon and similar paid services, it’s fine.  If you’re the type who loves video game blogs, old movies no one has ever heard of and similar stuff, I guess it would be grand. In general, though, the free content that’s available is worth exactly what it costs (if you don’t count the cost of the Roku), and I’m not looking for more places to send money every month.

My intent was to use it to play movies, recorded TV and live TV streamed from a MythTV backend.  The success rate ranged from great to zero, depending on what I was trying to do.  The Roku would have me transcoding every single video recording I have (no thanks, really).  The Plex and MythTV frontends I found were pretty buggy.  The “Brightscript” language used to build content channels is not something trivial to pick up, and I’m really not looking for a second career as a programmer.  I finally decided that if I do build a whole-house TV/movie/music/DVR system, I’ll probably have to use little dedicated boxes running either XBMC or Mythtv, and talking to a dedicated MythTV backend.

Fortunately, Roku has a pretty good return policy.  This one’s going back.  It doesn’t seem to be a bad little box for what it does, it just doesn’t do what I need.

Thanks, Microsoft! (really!)

So today I looked at some new laptops.  For various reasons I won’t go into, I really need to set up a new (well, another) Windows machine.  Wine (the Linux program that lets you run Windows software) has made a lot of headway over the past few years, but some apps that I depend on just don’t act right.  So, we stopped in at Best Buy to see what was up.

What’s up is Windows 8.  For some reason, the stupidity in Redmond has reached a level where they can no longer distinguish the difference between a cell phone and a laptop or desktop computer.  Hint, guys — what works great on Droid phone doesn’t make sense on a laptop.  It’s cute, and I’m sure they’re selling a shitload of new laptops with Windows 8, but I’m baffled at how anyone could actually use one for anything productive.

So, really, guys — thanks.  You saved me from wasting $750 or so on a new machine.  Instead I’ll re-purpose a desktop I have here and load it with Win7, for which I think I may still have a spare OEM license.  Or something.  All I know is, Apple should be sending you guys flowers and candy.  Windows 8 is enough to make even OSX look good.


Weirdness, and good timing

Yesterday morning, for reasons we haven’t been able to figure out, both my wifi router and what has to have been the most disappointing phone base unit ever created suddenly and simultaneously went to that big recycle bin in the sky.  Our Internet connectivity went away as I was trying to send out a meeting invitation for work, and when I went down to reboot the router I saw the phone base was dark too.  After ruling out any common power issues and verifying that the two wall warts were indeed working, I had to conclude that both boxes were dead.  How very odd.  The only common thing between them is that there was a direct Ethernet connection, but nothing else on the network took a hit.  The Gigaset box had a phone line plugged into it, but that phone line passes through the A400 VOIP card in the server — neither of which were damaged.

Anyway.  I happened to have a spare non-IP base for the phones, so I connected that and had phone service back an hour or so after the loss.  The wifi router, though, was another matter.  In a very strange twist of timing, my new E4200 Linksys was on the UPS delivery truck – all I had to do was wait for it.

I’m not completely thrilled with the E4200V2.  Its performance seems to be excellent, and the signal strength reported by my cell phone and the Roku are substantially higher.  I wish to hell it ran DD-WRT; I really missed some of that firmware’s troubleshooting and logging capability.  I doubt I’ll return it, though.  Swapping out the router is disruptive enough, and while DD-WRT is great, I was mostly using it to overcome some real deficiencies in the old hardware.  It’s not a perfect solution, but the price was attractive and it will do.

What I learned from this is that I need better disaster plans, and need to test them more thoroughly.  I had a backup of the router configuration — but it’s a binary file.  Of course it’s completely useless on a different router, and I didn’t have all of the port forwarding and other rules written down anywhere.  My Asterisk backup plan failed miserably, I have to fix that.  I really need a seamless, fault tolerant VOIP setup with failover that actually works.  I’ve got some work to do on that stuff to avoid the headaches the next time something unexpectedly goes TU.


It pays to shop around…

I need to upgrade the wifi router in the house.  The old Linksys WRT54G has been working for years, but it just can’t handle HD video streams.  So, I went shopping for a new Linksys E4200 V2, which is supposed to be the baddest, fastest one out there.  Dual band, 900 MBPS and all that.

Best Buy has the E4500, but I don’t want that one — it requires a constant connection to Cisco.  WTF?  Newegg was the same, only the E4500.  No thanks.  So I looked on eBay and Amazon.  It seems that they go for $125 and up new, and around $80 or so on up used.  I’m not in the mood to screw with someone else’s used router, so I was looking only at new and factory-refurbed.

Then I find the Linksys on line store…  factory refurb, 30 day warranty, $79.99 with free shipping.   Sold.  Anyone want a nice, current generation WRT54G already loaded with DD-WRT?  I have one for sale cheap.  🙂