Blog - Wiki - Bugbook

(J)ack (O)f (A)ll (T)rades
Mostly Security, Some
Blogging, Misc. Admin,
and Bits of My Life.

2013 (32)
  - September (1)
  - August (1)
  - July (6)
  - June (10)
  - May (12)
  - April (2)
2012 (3)
  - November (1)
  - August (1)
  - April (1)
2011 (36)
  - November (3)
  - October (1)
  - September (5)
  - July (2)
  - June (4)
  - May (5)
  - April (4)
  - March (2)
  - February (4)
  - January (6)
2010 (70)
  - November (10)
  - October (7)
  - September (7)
  - August (11)
  - July (10)
  - June (2)
  - May (2)
  - April (7)
  - March (4)
  - February (5)
  - January (5)
2009 (59)
  - December (2)
  - November (7)
  - October (4)
  - September (6)
  - August (4)
  - July (5)
  - June (1)
  - May (6)
  - April (4)
  - March (6)
  - February (6)
  - January (8)
2008 (133)
  - December (9)
  - November (10)
  - October (7)
  - September (7)
  - August (10)
  - July (14)
  - June (6)
  - May (10)
  - April (9)
  - March (13)
  - February (19)
  - January (19)
2007 (194)
  - December (15)
  - November (14)
  - October (17)
  - September (18)
  - August (19)
  - July (14)
  - June (11)
  - May (11)
  - April (18)
  - March (9)
  - February (26)
  - January (22)
2006 (373)
  - December (23)
  - November (31)
  - October (21)
  - September (34)
  - August (34)
  - July (34)
  - June (34)
  - May (31)
  - April (33)
  - March (34)
  - February (28)
  - January (36)
2005 (532)
  - December (36)
  - November (39)
  - October (41)
  - September (35)
  - August (42)
  - July (51)
  - June (34)
  - May (45)
  - April (44)
  - March (51)
  - February (52)
  - January (62)
2004 (1107)
  - December (49)
  - November (82)
  - October (78)
  - September (117)
  - August (144)
  - July (142)
  - June (113)
  - May (54)
  - April (76)
  - March (82)
  - February (87)
  - January (83)
2003 (551)
  - December (53)
  - November (50)
  - October (60)
  - September (46)
  - August (55)
  - July (47)
  - June (49)
  - May (50)
  - April (54)
  - March (57)
  - February (28)
  - January (2)

Sun, 15 Sep 2013

Virginia Beach Hamfest 2013 15 Sep

I attended Virginia Beach Hamfest 2013 this weekend. Participation was a bit limited in that none of the major vendors attended. Notable this year was the absence of a MFJ vendor. I may need to switch to making my major purchases at FrostFest, vice the VB Hamfest.

The usual attendees were missing: Sparks (moved away), Tracy (moved away), and even Ethan and Matt. Was there something else going on elsewhere this weekend?

In any case, I was able to pick up a PowerGate and a RigRunner, both built by West Mountain Radio. I'm hoping that I can pick up the ISOpwr module at the next FrostFest. I'd planned on dropping this rig into the Invisible Car, but after the third rear-ender, coupled with the batteries crapping out, I decided to get rid of it. I'm hoping that I can get it into the non-hybrid Civic with not too much extra fuss.

After that, I only need a decent battery and a small Pelican case, and I should be ready for the next outage/exercise. Of course, there's the usual tweaking planned (a small generator, a more-capable radio, etc.).

Note: I "borrowed" the idea for this rig from Chris Hosman (KC4F), who built a number of semi-portable rigs for the Hampton ARES group. Given that I do most of my comms on the road (antennas tend to irritate wife and neighbors), it looked like something that I needed to build for myself.

joat: 01:19:15 16 Sep 2013

Mon, 05 Aug 2013

TWUUG's Super Summer Saturday Meeting 05 Aug

Attended the Tidewater Unix User Group's annual Saturday meeting (they normally are the 2nd Thursday of the month). Got rid of two of my books, picked up a new one as a door prize.

The talks were interesting, though turn-out was a bit thin (mostly the long-time members). I wasn't planning on attending as I had intended to show up at either the North side or South side Makerspace Open Houses (the South side ended up with 60+ visitor). A last minute call from a friend changed my plans.

There were three talks, in addition to the usual before-it-gets-underway discussion. The talks were on podcasting, fldigi (amateur radio) (thanks Tracy), and eBooks (thanks Matthew).

Caught up with Dave S. on a few things that we've been planning. Now that I have most of the RPi/Z-Wave project out of the way, I can refocus on the digital signage projects. Finally had the chance to ask Mark D. what he was using for his sign. He indicated that the back end is just a bash script and indicated that someone was rewriting it in Python. Have been thinking what his statement implies and need to catch up with Dave S. again.

In any case, I need to get the backdrop in the office cleaned up again and get the podcasting rig dusted off. We may have some work to do in the near future.

joat: 02:05:00 5 Aug 2013

Mon, 29 Jul 2013

Real-time meta data from Icecast using LiquidSoap (reprise) 29 Jul
I found a bug in my script. It pops up when there's an apostrophe or a paren in the song title. Below, I've modified the script slightly to fix this issue. Also, I've changed the external program call so that it uses notify-send to pop up the song title on my desktop.


def apply_metadata(m) =
   title = m["title"]
   #print("Now playing: #{title}")
   system("notify-send #{quote(title)}")

radio = input.http(

radio = on_metadata(apply_metadata,radio)

For those that can't see it, the changes are all in the line starting with "system".

joat: 00:15:25 29 Jul 2013

Mon, 22 Jul 2013

Please just STFU! 22 Jul

Maybe it's just me getting old but I miss the "good old days" of the Internet, where you could ask a question (or search) online and you'd get an answer or volunteers to help figure it out. Seeing as how I've been on the Internet in some or or other since the 80's (yeah, I'm an old fart), it's probably my age.

That being said, a long-running trend I've noticed is the tendency to respond to questions without actually answering them. Responses tend to fall into one of a stereotypical category. Example: while researching the implementation of dynamic DNS servers, I came across a mailing list thread that irked me a bit. The answers in the thread fell into one of a number of categories:

  • The nonspecific answer: set up a server and write a script.
  • The LMGTFY answer: search Google for it.
  • The fake offer of help: I'd help but I'm too busy.
  • The not answering the question answer: Responding to a response instead of the initial question (start a new thread, dammit!).
  • The "didn't understand the question" answer: Missed it by that much.
  • The cut and paste expert's answer: Someone attempting to make themselves knowledgeable via blatant plagarism.
  • The actual answer: It is usually: 1) the shortest response, 2) the last response, and 3) posted months or years after the initial question was asked.

Please! If you're not answering the question, you're just adding to the background noise. And, yeah, above is the reason that I vote down answers in ServerFault, StackOverflow, and SuperUser.

joat: 06:56:20 22 Jul 2013

Sat, 20 Jul 2013

Real-time meta data from Icecast using LiquidSoap 20 Jul
One of the annoying things about trying to pull metadata from Icecast is that it's a "pull". This is typically cron'd and can be as much as a minute "late". The following LiquidSoap script fixes this issue, allowing for a metadata "push".

The following listens to an Icecast stream and only extracts the metadata. It does not forward any audio. The below becomes valuable when you want to post "Now Playing" data to digital signage, IRC, or Jabber channels.


def apply_metadata(m) =
title = m["title"]
print("Now playing: #{title}")
# system("~/Desktop/mytest.bash '#{title}'")

radio = input.http(

radio = on_metadata(apply_metadata,radio)

Note that there's one line commented out in the above. It's there as an example, for when you want to pass the variable to an external script. About the only other line you'd need to change is the one containing "music.joat". Point that at your Icecast server.

Note: "output.dummy" is needed, to keep LiquidSoap from complaining that there's no output defined.

joat: 04:30:49 20 Jul 2013

Fri, 12 Jul 2013

Docbook admonitions 12 Jul

For the better part of a year, I've been attempting to get Docbook to produce admonition graphics (i.e., note, important, and warning). Having worked with Publican, I wanted a similar format without all of the baggage that comes with Publican.

Publican fans should make note that I'm using a home-grown web editor for my Docbook work. I save brain cells by not having to remember which switches to use when running xsltproc at the command line. Publican was a nightmare in getting it to work with a similar interface (ask if you want either).

In any case, I've switched from running Docbook 4.5 to 5.0. The "good":

  • The syntax is cleaned up a bit.
  • Admonition graphics now work.
  • One more thing off of my "to do" list!

The bad:

  • I had to rewrite a chunk of the web editor's code to get it to work with 5.0.
  • The syntax checker is more rigid than the previous version (see closing tag discussion below)

The really ugly:

  • Primarily, everything that I've written to date. The older version was tolerant of missing close tags if a more-senior opening tag was declared. This is no longer the case. It appears that all closing tags must be explicit.
  • Then there's my hand-drawn graphics. The same gene set that prevents anyone in my family from being able to carry a tune, appears to also prevent any of us from being able to draw anything attractive. I need to find a nice set of "note", "important", and "warning" icons that are Creative Commons licensed, so that I can start throwing my docs up online.

The only other thing left to do is to fix the syntax content and to tweak the features on the web editor. Notes in the wiki and tool plus docs online shortly.

joat: 14:32:00 12 Jul 2013

Sun, 07 Jul 2013

Scripted XChat tab renaming II 07 Jul
Following is a slight modification to the XChat tab renaming script from 21 May. One thing that I noticed was that, if I closed a channel before running the script, the script would change the name of the server to whatever channel was missing.

In the following, the context line grabs the context for the specific channel. If the channel doesn't exist, context is set to 0. The fix is just a simple check for the status of the context variable. If it's set to 0, it skips renaming the channel.


#following renames specific channels in XChat2

# "#" to "docs"

context=`dbus-send --dest=org.xchat.service --print-reply --type=method_call /org/xchat/Remote org.xchat.plugin.FindContext string:"bitlbee" string:"#" | tail -n1 | awk '{print $2}'`

if [ "$context" -ne 0 ]

dbus-send --dest=org.xchat.service --type=method_call /org/xchat/Remote org.xchat.plugin.SetContext uint32:$context

dbus-send --dest=org.xchat.service --type=method_call /org/xchat/Remote org.xchat.plugin.Command string:"settab docs"


# repeat the above, as needed, for any other channels

The above works with my set up and no longer impacts the server names in XChat.

joat: 04:11:04 7 Jul 2013

Sat, 06 Jul 2013

Visit to the 757 Makerspace 06 Jul
There's a new makerspace going up nearby. I finally had the time to visit it today. Although it's a bit further from home, it's still within an hour's drive from the house (through non-workday traffic).

With apologies to all concerned, I'm forced to compare it with the now-closed 757Labs hackerspace as that's the only other "space" I've ever visited.

  • The building is a bit older than the now-closed 757Labs, and it's much more industrial.
  • The location is in an industrial area. 757Labs was in a business area. I see this as an advantage as we can make more maker-type noises without worrying about upsetting the neighbors.
  • There's no hang-out facilities in the makerspace. This was an ongoing point of contention at 757Labs, between those there "to accomplish actual work" and those there to "network" (okay, to hang out on one of the couches).
  • Although there seems to be much the same equipment in both spaces, the makerspace has dedicated locations for them (i.e., a locked room for the equipment which requires special training (e.g., the laser cutter)). Maybe it's just that the makerspace isn't (yet?) overrun with people's in-progress projects.
  • There's a restaurant right across the street which has been described as having a "full menu". I'll hold my opinion until I've visited it.
  • There's just so much more space, though fewer chairs. Hopefully it'll force a focus on work (and cleaning up after yourself).
  • The dues appear to be around twice what 757Labs required.
  • Web site here. Facebook page here.
  • Oh, and parking! We won't talk about the parking issues experienced at 757Labs. Let's just say that, from the looks of it, the makerspace just has more.

I'm looking forward to being a member and getting some of my on-hold projects completed. First need is some cases for Raspberry Pi's with different daughterboards installed (e.g., PiFace, RazBerry).

joat: 02:09:02 6 Jul 2013

Mon, 01 Jul 2013

Fixed permanent links 01 Jul
I'm embarrassed. I'd started re-using the old Blosxom code from 2003, that I'd heavily modified over the years, to re-post this blog on The one thing that I didn't do was test the links in each of the stories. It was only when someone tried to link to one of my posts (sorry Wim), that anyone noticed they were all broken.

To make it short, I've regenerated the entire site and pushed it back onto If anyone sees any other bugs, please give a shout.

joat: 00:16:14 1 Jul 2013

Wed, 26 Jun 2013

Oh puhlease... 26 Jun
It's been awhile since I've discussed anything security related on this blog. This is mostly because I set that ball down every day at 4:30 and don't want to pick it back until 8:00 on the next workday.

However, this article on Slashdot has me spun up enough that I'm willing to gripe about it. I can see this being picked up by the mainstream media and yet another bout of fear-mongering making the rounds. Kibo help us if they rediscover that Wemo video.

As a business idea, this is really cool. The service vendor only needs to stand up one web server which accepts commands and sends them back into the user's network. Very little needs to be stored or processed on the web server, yet the vendor gets to pull in $8 or $9 from each "premium" customer. The consumer also hands over money for the hardware.

Those who use cloud based controls to manage electrical appliances, without strong authentication and strong encryption, are taking big risks (and, no, a username and password, encrypted by SSL may not meet those requirements). If you're going to manage environmental controls over the Internet, do it on your own server and require a non-split VPN to access them. Better yet, manage those controls via a network that is entirely isolated from external access.

The primary countermeasure for the mentioned direct attacks on the protocol or the devices is: maintain a baseball bat at each of the exits from your house. Z-wave and Zigbee are very low power, very low bandwidth communications protocols, meaning if there's a direct attack on your components, the attacker is probably within view of your front or back stoop. The technical term "mechanical agitation" comes to mind.

If you want to management your environmental controls and your appliances, avoid the public services. Instead stand up your own controller/gateway, and avoid putting it on the Internet. If you don't like the DIY approach, use one of the Mi Casa Verde products (or similar vendor's product). If you do like the DIY approach, build your own with a Raspberry Pi, a Razberry interface, and an XBee interface. Both approaches are cheaper than what you'll end up paying the public services and, if you're a coder, they're also more expandable/extendable.

joat: 23:45:32 26 Jun 2013

Search this blog

Use OpenDNS

Geekin' hard, so you don't have to...
... and driving my friends absolutely batty in the process!