Sun, 24 Nov 2013
Listening In

I've never been happy with relying on a cheap ADSL router/modem for firewall security on my home network, but this is what I've been doing for a long time now. How secure is its firmware, does it get updates? Control and configuration is often poor.

Basically, a little "white" box running [1] who knows what.

[1] Usually some version of Linux, often old and perhaps with "patches". Security updates either non-existent or hard to find.

So I bought a cheap but much superior solution from LinITX: an Alix based device running the pfsense firewall.

This runs FreeBSD wrapped up in a very nice web-based GUI to manage a pretty sophisticated firewall/router. A little red box running a known quantity.

What this means in the first instance is I've had to familiarise myself with firewall rules and logs again, something I've not done for a long time (when I used to run one or two Linux firewalls). I've set the box up to be a perimeter device and also plugged in my WIFI as its optional interface. Staring at logs and trying to tweak rules to minimise logs, in some cases scratching my head over odd packets, or hard to hide logs ...

As a slightly paranoid system administrator, the easy availability of firewall logs and rules can keep me up a bit later than usual now.

Intersecting this interest was a report I saw about a test Channel 4 TV are doing just now called Data Baby. They are monitoring the information mobile phones are sending out, which turns out to be a lot, even when they're doing "nothing".

As the phone sat, apparently silent, contacts were in fact being made with 76 different servers around the world, in countries from the US to Europe to China and Singapore.

Mr Miller said: "the interesting thing is, and (it) might be surprising to a lot of people is, that (the) phone is always active. It always has an internet connection, and so the applications, if they choose to, can continue communicating after you've put it down."

My Nexus7 Android tablet sits in my kitchen and I sometimes use it for streaming radio (Tune In), Skype or browsing. It's idle for most of the time, but there is constant traffic to Google's servers, and even the BBC. I haven't captured the traffic to look at it in detail, no doubt it's all quite innocent and normal. But now we all carry these little networked multimedia computers in our pockets, do we need to have some assurance on what information it sends out? What is your phone doing? What permissions do you give an application when you install it?

Not only the phone. Recent reports detail how LG televisions might be logging information about files you are using and sending data back to the manufacturer. Spying basically. Not the sort of thing people would expect of a TV, but all of a piece when consumer electronics converge to be multimedia networked devices. Time to get the wire sniffer out ...


Sat, 09 Nov 2013
Kelvingrove, Glasgow

I visited Glasgow a couple of months ago, taking the short train over from Haymarket in Edinburgh to Queen Street. From there it was only a 30 minute walk up Argyle Street to the Kelvingrove museum.

If you visit galleries or museums, you'll probably start noticing how big and imposing the buildings sometimes are. They were often built in the 19th Century at the peak of the Victorian public building and engineering boom, and many are very impressive.

A big grand building, the Kelvingrove was built in a Spanish Baroque style according to wikipedia, opening in 1901. It's easy to see the baroque looking at it and the red sandstone (typical of many buildings in Glasgow) is quite striking.

The inside is pretty good as well.

This large central space has a huge pipe organ at one end, demonstrated at 1pm every day when an organist plays to the audience of staff and visitors. An impressive sound (Technical Specification). Bach would be a very fitting use for such an instrument.

Around the hall and spreading out to the other parts of the building on the ground and first floors are the museum's collection, everything from paintings and sculptures to all sorts of objects: dinosaurs, spitfires and even steam engine models. As you would expect, there's a good civic history here as well, especially of the International Exhibition in 1888.

A surprising discovery inside was a very famous Dali painting, Christ of Saint John of the Cross, housed inside its own chapel like room.

This is a very famous and beautiful painting. something people have very deep feeling about. Dali's well known for being a surrealist, and a bit of a clown sometimes, but paintings like this show just how great a classical painter he actually was. His technique is amazing.

As I was leaving the museum, I passed a big Lawn Bowling event. This was the Bowls Scotland 8 Nations Commonwealth Invitation Championship and as I walked by I caught some England versus New Zealand.


Tue, 05 Nov 2013
MicroServer Update

I own an HP ProLiant MicroServer, a great little box I bought a couple of years ago to act as my main file server/NAS machine. It's held up very well and it was very cheap because I got £100 cashback in a deal (and it was cheap already).

It's not a powerful computing machine by any stretch but a very decent server: I've put 8GB RAM in it and 4 2TB disks in RAID5. It's also very decently built by HP, with some care and attention you'd except on a bigger server. Hence the Proliant badge.

One reason I prefer it to my QNAP T419P is that it's got a display connector. The QNAP is serial only, so a bit more fiddly.

To maximise the available storage capacity, I installed Debian on an 8GB USB stick and use the 4 hard disks for the RAID only. Generally, this has been fine, but I have started noticing some fairly severe I/O latency hits recently and this has started causing more frequenet pain elsewhere. Combine this with some USB filesystem corruption a few weeks ago and I wanted to switch away from this configuration.

However, I also learned that the stock HP BIOS does not enable all the system features, including a "spare" SATA port on the motherboard, supposed to be used for a DVD or CDROM. Without another SATA port, it's impossible to add another drive for the OS.

Luckily, I came across a great web page by Joe Miner describing how to update the HP BIOS and enable these hidden features. The usual caveats apply: this is not an officially sanctioned "update" (in fact, it isn't adding anything, but "un-hiding" things. The version remains the same).

Having done the update, I now have an extra motherboard SATA port and have also made all the ports default to 3Gps. I've also stuck a spare 2.5" SATA hard drive in the empty CDROM space.

With this extra disk installed, I used debootstrap to install a new version of Debian on the disk and configured this new install, adding boot loader etc., while the "old" system was running. On Sunday morning I rebooted into the new system, fixed up a few missing bits and pieces and now have a brand new OS installed on a proper disk. So far, so good.


Sun, 03 Nov 2013
Comica Comiket

The 2013 Comica independent comic and art fair Comica Comiket took place at Central St Martins Art College behind Kings Cross and St Pancreas in London on Saturday. I was at Comica in 2011 in Bishopsgate and blogged about it.

As before, lots and lots of tables with individual artists or independent publishers displaying their wares: graphic novels, hardback or softback comics, small or large, colour and black and white, screen prints, postcards, buttons and many different bits and pieces. Quite fascinating walking around and seeing the sort of thing people create.

One table featured Zoom Rockman, a 13 year old artist and his "proper" comic called The Zoom. I bought a copy. Apparently, he's also "writing stuff for the Beano" , according to (I assume) his Mum, who was sat beside him. I don't generally buy "Beano" style stuff (honest) but made an exception here. Impressive for such a young man.

Like the last time, artists were invited to sit on stage and draw in public, with the work projected on a large screen so people could watch the process.

It's always quite inspiring strolling amongst so many artists and writers, stopping and talking about their work and how it's made. There's some fantastic stuff here and, as I noticed before, the print quality is often amazingly good: a lot of hardback and good paper.

Many small presses producing this quality work but I talked to one artist who described how he published his book via Amazon. This was new to me, possibly using Createspace. The comic book was called The Frumps and was a high-quality, colour paperback (again, not something I generally buy though).

An Italian artist thought that the independent scene in London was booming and special just now, perhaps because the UK never had much of a culture of comics for adults before, unlike France and Italy. Perhaps true, although there have been small press comics and books for decades here. Maybe the cost of producing has dropped so massively, due to computer production, printing technology and internet distribution. A lot of creative people with time on their hands.

I'll mark my diary for the next Comica show!