Top Latest Append

pterjan's diary


2012-11-26

  Initial impression on the FitBit Aria scale

I bought a FitBit Aria half price on Amazon last week and activated it today.

The process is quite simple but managed to upset me (and also NetworkManager was not very helpful and I had to kill it once so that it accepts to reconnect after losing the connection, after killing the applet once so that clicking has any effect...)

First, you create an account and start the web wizard. Then you conect to the AriaXXXX WiFi network and continue the wizard.

It will detect the available WiFi networks and the page will fetch the results in js:

GET /scale/ssid_info.js HTTP/1.1
0166
{
     "networks": [
{          "ssid": "BTWiFi-with-FON", "sig": 2, "pw": 0 },
{          "ssid": "BTWiFi", "sig": 2, "pw": 0 },
{          "ssid": "FOO12345", "sig": 1, "pw": 52 },
    ],
     "error_code" : 0,
     "error_msg" :  ''
}
0

Server has an interesting description in HTTP header: Server: $ProjectRevision: 4.2.2.12 $, I don't which version control system uses $ProjectRevision keyword.

After you have selected one and entered the password, you reach the part which upset me:

GET /scale/setup?custom_password=MyPassword&ssid=FOO12345

It has sent my WiFi password using unencryped HTTP connection over unencrypted WiFi to my neigbours and people passing by!


2012-05-22

  Photo Pizza

I have spent few days in Berlin recently and found a nice small pizza restaurant which was very good.

So, after Il Campionissimo in Paris and Franco Manca in London, I recommend you 'A Magica in Berlin :)

It is small and you will probably need to share you table with strangers but it was delicious!

While I'm on the topic I'll shamelessly advertise my Berlin photos.

Auswärtiges Amt
Ernst TälmannP1000178Friedrichswerdersche KircheP1000259P1000258

Today's TSUKKOMI(Total: 5) [Add a TSUKKOMI]

Before...

  Chris Kühl [You should also try Pizza Nostra[1]. It's actually only a few blocks from the above mentioned Zia Maria, so you can ki..]

  ao2 [Ah if you are a great fan of Pizza consider a visit to the city of Naples, Italy, where the Pizza was invented. I can..]

  abral [There are a lot of great pizzerias in Naples, like http://www.accademiadellapizza.it/en/, http://damichele.net/?lang=e..]


2012-01-10

  MageiaGNOME Gtk client for HP TopTools P1218A card

From December 19 to December 28 zarb.org main server was down. This server host(s|ed) many things including this blog, Mageia website, PLF, ... The reason why it took so long is that the server is in the south of France, kindly hosted by Lost Oasis and we have no one nearby to physically access it, and in this case we had lost our main raid array.

This server (kindly donated by HP almost 10 years ago) has a remote administration card (P1218A) but it is not really usable for anything except rebooting the machine. The remote console more or less works with some of the java versions from sun, but most of the time it only displays the top third of the screen, until next refresh when it goes black, and misses many keystrokes. This made it unsuitable for accessing the RAID BIOS and finding the problem.

After about a week, for some unknown reason (I could have done it many times over the last 10 years), I thought of looking at the communications between the applet and the management card. Everything was clear text and very simple. The next days I wrote a ruby-gtk client for the card, accessed the BIOS, found that the 4 disks had been marked has failed without errors and were correctly syncronized, and put them back online.

Login
The first (and longest) part was to find how to login and get the session cookie. The exchange looks like:
GET /cgi/challenge HTTP/1.1
<?xml version='1.0'?><?RMCXML version='1.0'?><RMCLOGIN><CHALLENGE>DJRhNVfOWfuB8fS/6PFazg==</CHALLENGE><RC>0x0</RC></RMCLOGIN>
GET /cgi/login?user=FOO&hash=UtPRDzFS36s0jJBgTmtS4JDR HTTP/1.1

Challenge was obviously 16 bytes of data base64 encoded. Response was called hash and was 18 bytes whatever the password is. Given that it was written more than 10 years ago, I supposed it would be md5, even if it only gives 16 bytes.

I then wrote a small ruby application trying various combinations (md5(challenge + password), md5(xor(callenge,password)), xor(challenge,md5(password)), ...) and found that md5(xor(challenge,md5(password))) was giving me the correct first 16 bytes.

I then used an online CRC calculator to find that the remaining 2 bytes are "CRC-CCITT (XModem)".

Console
The other big part was the remote console.

Getting the current screen content is quite easy, it's a GET on /cgi/scrtxtdump (with an optional force=1 parameter).

In my initial tests there was 0x10 between each character so I just filtered them out. I found later that it actually gives attributes for the character (bold, color, ...) and now support the ones I have seen so far.

Sending a keypress is quite easy too, it's a POST to /cgi/bin with data being <RMCSEQ><REQ CMD="keybsend"><KEYS>space separated scancodes</KEYS></REQ></RMCSEQ>.

IMG_1683

The result

The code is now online, still very ugly, but hopefuly helpful :)

BIOS before I handle colors


2011-06-01

  MageiaMandriva Mageia 1 is out!

Almost 9 months ago, Mageia was forked out of Mandriva by many former Mandriva employees and contributors. At that time it did not exist yet, everything had to be done, but we are now happy to announce that it's ready!

IMG_3008

The first technical work was to get a build system, and the result is pretty nice. With only 2 build hosts it is faster and more reliable than Mandriva's one, while reusing most of the code. The various improvements could have been done at Mandriva but having to deploy a new one (with less resources) is a good time to simplify the architecture and the code.

Then the massive work: importing rpm packages, fixing them as quite a few did not build, and cleaning them. The result is 7389 source packages (Mandriva has 12390, Fedora has 10283) and mageia 2 will probably have much more as only packages needed/requested by packagers and early testers were included.

More than the number of packages, the interesting data is that they all got built recently, and there are 0 broken dependencies or orphan binary packages! For comparaison Mandriva currently has 4059 src.rpm older than 6 months, 1065 binary packages without matching source, 4756 binary packages with broken dependencies.

Of course this could have bben done inside Mandriva again, but when you see a list of 4756 problems, and spend a week-end fixing 100, the list still look the same size. If you only have a few to fix then you can spend an hour fixing everything! Growing from a sane base is much better and easier than trying to cleanup the huge mess.

Given the amount of work to get everything in place, don't expect much bleeding edge stuff in version 1. No GNOME3, no switch to systemd, ... the goal was to have all the infrastructure and teams setup, and have a strong basis for a great version 2, and I think the result is quite nice!

All the teams did a great job, and thanks to everyone Mageia 1 is now out!

It is available as DVD, LiveCD or dual-arch CD as Mandriva used to be. Enjoy!

Today's TSUKKOMI(Total: 5) [Add a TSUKKOMI]

Before...

  Pascal [Olav, I expect GNOME3 to start arriving in a few weeks, systemd probably too. For rpm I don't know, no decision has be..]

  ReinoutS [Running it right now, the only problem I'm having is with the login screen sometimes not coming up after user logout. ..]

  Chmouel [congratulations on your first release guys!]


2011-04-17

  TV Licensing

I received today a scary leaflet titled "It's a criminal offence to watch or record TV without a TV Licence" because I don't have a TV licence (I did not have a TV for about 10 years and don't watch TV on any other device). It says that my address was given to Enforcement Division for investigation. I can get £1,000 fine, they will present evidence if I end up in court, they catch 1000 evaders everyday (which really seem high...)

But then they give me a solution: "End this investigation by buying a TV licence. You can buy it immediately on our website."

Then in small characters they list discounts and say that I can inform them I do not watch live TV, and they may confirm it with a visit.

I felt like if I was facing a mafia trying to scare me enough to make me pay...

It seems to be nothing new, and to quote Wikipedia TV Licensing is managed as a sales operation and its officers are motivated by commission payments. In 2005, a TV Licensing officer was found guilty of false accounting and perverting the course of justice after he deliberately forged the confessions of four people to obtain commission payments.

Today's TSUKKOMI(Total: 31) [Add a TSUKKOMI]

Before...

  Freddie [This form of harassment from TV licensing is nothing new. Now, I have no problem with the concept of a TV license, or..]

  Anne Wilson [My daughter actually had a visit from an enforcing officer, to inspect her house. She had neither time nor need for a..]

  Rudd-O [Jon: TV licensing comes with an IMPLICIT threat of violence if you don't pay. What do you think happens to you if yo..]


2011-04-11

  MageiaGNOME News from the last few months

First, I got Internet at home few weeks ago, 6 months after moving here. I expect my online presence to get back to a reasonable level :)

Meuh

Over the last few months I helped Mageia sysadmin team and did some packaging (but really not much). I am currently working on deploying youri-check on check.mageia.org.

I played with NFC on my Nexus S but did not find anything interesting, my Navigo is not seen but people report their as seen, so maybe this is because mine is a three years old Integrale. My oyster card is seen but I cannot access any data: they upgraded to MIFARE DESFire since last year, and it offers real security. Andate Tour card from Porto is a simple MIFARE UltraLight so I can read everything but I would need to go back there to get useful info to decode it, the only surprising thing is that it does not seem write protected...

I also wrote last week a patch for android to set timezone and allowed wifi channels based on mobile country code for many more countries, if it is accepted it will allow people to see networks on channel 12 and 13 in many countries.

On other news, I will be in Paris for a week at the end of the month but will miss Solutions Linux this year. I will however attend Desktop Summit in Berlin in August.

Ah, and I also adopted a GNOME hacker in February, you should do the same Become a Friend of GNOME


2011-02-02

  GNOME Will I be prevented to close my laptop lid with GNOME 3?

I tried to comment on Richard's post but for some reason my comment is still awaiting moderation 1h later while 4 new ones have been posted so I'll comment here too.

Choosing if we want suspend on lid close is not about working around kernel bugs. I have had suspend working for maybe 10 years but have always disabled that.

I want to be able to decide when my laptop should suspend or not. Everyday I move my laptop, for example to go to a meeting, and want to be able to close the lid for transport for a few minutes without disconnecting from IRC/losing my ssh/...

I also sometimes close the lid at night to keep it running in my bedroom until something finishes, which I did not think about first, but a comment from Janne reminded me, so I am not the only one doing it.

When I want to suspend, I use the function key. I don't plan disconnecting the lid switch (which I am happy to have turning off the screen) to please "the UI designers for GNOME 3.0".

Today's TSUKKOMI(Total: 20) [Add a TSUKKOMI]

Before...

  Sven Neumann [Acked-by: Sven Neumann]

  liam [@Ben Nice idea. Are you volunteering to maintain that extra code?]

  goebbe [Good UI-design for setting consist of: - good defaults (means many users never want to change the settings) - possibi..]


2010-12-15

  The worst of twitter

I had a look this morning at a trend on twitter, #femalesneedto and couldn't find a word to describe how I felt...

Some sample posts over a few minutes:

  • #femalesneedto start giving more fellacios and demanding less cunnilinguses
  • #femalesneedto put makeup on everyday just like the kardashians. It's a good look!!! Those girls always be hawt!!
  • #FemalesNeedTo Realize That All Niggas Not The Same and Stop Fuckin With These Lame Niggas.
  • #femalesneedto to stop kissing other females.
  • #femalesneedto give it up more. Come on, is the occasional blow job so much to ask??? Take one for the team every now and again.
  • #femalesneedto think about how to make their man happy
  • #FemalesNeedTo shut the fck up && listen sumtime. believe it or not, u dont always have the most relevant shit to say
  • #FemalesNeedTo need to realize they're not the only one. Theres more out there. #PlentyOfFishInTheSea
  • #femalesneedto learn how to shut the fuck up
  • #femalesneedto stop saying "I can't, I'm a virgin, its gonna be painful"

Today's TSUKKOMI(Total: 28) [Add a TSUKKOMI]

Before...

  creative ideas  [I really enjoy the blog post.Much thanks again. Really Great. <a href="http://zakupki.gov.ru/forum/user/profile/752..]

  cara menguruskan badan  [Say, you got a nice blog.Much thanks again. Will read on... <a href="http://dietkalori.blogspot.com/">shake herbali..]

  Hot Friv Games  [Play the <a href="http://hotfrivgames.com/">Friv games</a>. Most popular action games, strategy, games, car games, puz..]


2010-12-14

  IPv6 IPv6 availability status

Google is now publishing simple statistics on IPv6 access of its users. This is the percentage of users that are able to successfully connect via IPv6, measured by adding a js trying to connect to a dual stacked host to a random part of search results.

Good news is that the number of people with native IPv6 connectivity doubled since last year. Bad news is that it increased from 0.1% to 0.2%.

Today's TSUKKOMI(Total: 7) [Add a TSUKKOMI]

Before...

  hermes shop rostock [hermes handtaschen deutschland pterjan's diary(2010-12-14) hermes shop rostock http://nutanvidyalaya.org/hermes-handb..]

  mbt shoes singapore [mbt shoes jambo pterjan's diary(2010-12-14) mbt shoes singapore http://kvkraichur.com/mbt-shoes-outlet/discount-mbt-b..]

  mbt shoes clearance australia [mbt shoe sale uk pterjan's diary(2010-12-14) mbt shoes clearance australia http://shettysmultiplex.com/mbt-shoes-sale..]


2010-12-01

  Photo Working for Microsoft

I received a Flickr message from microsoft_contact tonight telling me that I have published some photos under the BY Creative Commons license and "That is why, for its new website, MICROSOFT will offer free downloads of your photos on the following French site www.personnalisez-votre-pc.com to be used as screen savers."

They insist that they will mention my name and put a link to my flickr page and to the licence, and that if I do not object within 15 days it means I am in agreement with these terms.

I fail to see how I could object given that they do more than the license require, but that's nice from them to ask!

I found one here which is BY-SA, not BY. I don't know if they used more.

That warmed me up while being trapped in Dublin by the snow.

IMG_20101130_101723

Today's TSUKKOMI(Total: 6) [Add a TSUKKOMI]

Before...

  cheapest jordans [This internet webpage is definitely a walk-through for all of the information you wanted about this and didn't know wh..]

  cheapest jordans [Oh my goodness! an wonderful article dude. Thank you Nevertheless I'm experiencing issue with ur rss . Don't know why ..]

  jordan 13 [I'd need to check with you here. Which isn't something I generally do! I delight in reading a post that may make many ..]


2004|06|07|08|09|11|
2005|01|02|05|06|07|08|09|10|11|12|
2006|01|02|03|06|08|10|11|12|
2007|01|02|03|04|05|06|07|08|09|10|11|12|
2008|01|03|04|05|06|07|08|09|10|11|12|
2009|01|02|03|04|05|06|07|08|09|10|11|12|
2010|01|02|03|04|05|06|07|08|09|10|12|
2011|02|04|06|
2012|01|05|11|
2013|01|02|04|06|
2014|02|
2015|06|
2017|05|07|12|