DrayTek Vigor130: Warnung vor “ALL”-Firmware

Aus eigener Erfahrung kann ich nur dringend vor der Installation der “ALL”-Firmware-Varianten beim DrayTek Vigor130 warnen, insbesondere wenn zwischen der installierten Version und der zu installierenden Version einige Builds liegen.

Die “ALL”-Variante behält die aktuellen Einstellungen bei, die “RST”-Variante setzt das Modem/den Router auf die Werkseinstellungen zurück. Das klingt schlimmer als es ist, denn wenn man vorher die Einstellungen über das Web-Interface herunter lädt/sichert, kann man diese nach erfolgreichem Upgrade wieder hoch laden/restaurieren.

Wie auch immer, ich hatte Version 3.7.8.3_m7 installiert und wollte auf 3.7.9.3_m7 upgraden, und zwar unter Verwendung der “ALL”-Variante. Beim Upgrade ist nichts schief gelaufen (jedenfalls nicht offensichtlich), trotzdem erhielt ich hinterher folgende Popup-Warnung im Browser:

screen-shot-2016-11-10-at-09-02-12Ich versuchte dann die selbe Firmwareversion erneut zu installieren, aber die Fehlermeldung erschien wieder. Außerdem wurde unten in der linken “Menüleiste” folgende Meldung angezeigt:

screen-shot-2016-11-10-at-10-54-23Ich versuchte also, die “RST”-(Reset)-Variante zu flashen — mit dem selben (Miss-) Erfolg. :-(

Bei einem Telefonat mit der wie immer sehr freundlichen und kompetenten DrayTek-Hotline wurde mir dann empfohlen, die TFTP-Notfall-Wiederherstellung zu nutzen, was ich dann auch tat.

Dazu muss man zunächst das Modem direkt per Netzwerkkabel mit einem Windows-PC/Laptop verbinden, welchen man manuell/statisch auf die IP-Adresse 192.168.1.2 setzt. Dann das Modem ausschalten,  den Resetknopf an der Rückseite mit einem Kuli gedrückt halten, und dann das Modem wieder einschalten. Den Resetknopf für ca. fünf Sekunden gedrückt halten, dann startet der TFTP-Server im Modem.

Nun mit dem Firmware-Update-Tool, welches man bei DrayTek herunter laden kann, die Firmwaredatei an das Modem (unter der default-Adresse 192.168.1.1) schicken. Das ganze sollte übrigens auch mit einem Linux- oder macOS-Rechner funktionieren, es reicht ein normaler TFTP-Client.

Fertig!

Nach dem Reboot dann noch über das Webinterface die Konfiguration wieder restaurieren, und alles ist wieder gut.

Der ganze Vorgang hat insgesamt nur etwa zehn Minuten gedauert.

Synology refuses to admit annoying “Cloud Sync” Bug

Since about half a year I’m struggling with a very annoying bug in Synology’s “Cloud Sync” package I’m running on my expensive Synology DiskStation DS415+ NAS. It is still present as of today’s DSM 6.0.2-8451 Update 2.

I would like to backup my photos to my Amazon Drive/CloudDrive. As an Amazon Prime customer I can store an unlimited number of images, and only images — other files, like *.xmp sidecar files, will count against my general 5 GB limit.

The problem is that Synology’s Cloud Sync will upload the sidecar files, even though I explicitly only select “Images” to be backed up (and *.xmp is not part of Images, as I will show you!). Continue reading Synology refuses to admit annoying “Cloud Sync” Bug

Update U-Boot on TP-Link TL-WDR4300

A couple of days ago while I was working from home my trusted TP-Link TL-WDR4300 seemed to have died suddenly (just a couple of days after the two year warranty had expired!) — at least this was the result of my initial investigations.

The symptom I had is that suddenly my internet connection seemed to be down — which was surprising enough, as since I upgraded to VDSL2 vectoring my line was rock-solid, and it normally dropped only once a month or even once every couple of months. When I tried to find out what happened I noticed that my router was inaccessible, I couldn’t even ping it. I thought it had crashed, so I power-cycled it to reboot it, but it didn’t come up…

So my conclusion was that it had died.

I quickly reconfigured a Linksys WRT1200AC which I bought a couple of months ago as a spare device, meant to replace the current router “one day”, and put it into operation…

Today I spent some time investigating what actually happened. I wanted to use the serial console of my rev. 1.7 device (the PCB is rev. 1.3), but found that there was no connector in place for the UART, just the holes in the PCB.

dav

So I quickly soldered in the pins, and connected the router to a laptop.

sdr

To my surprise the router booted without any issue at all. I played around with it until I was sure that there was absolutely no problem — I thought the file system in the flash memory might have been corrupted, but everything was ok.

So now that I had opened the device and connected a laptop to the serial console, I thought it would be a good occasion to update the U-Boot boot loader to a modified one by “pepe2k” that adds a lot of very useful features.

I used the instructions pepe2k provided on Github, specifically the part where he describes how to install via TFTP from the serial console. The “biggest challenge” was to find where to download the actual boot loader binary. Finally I found it here.

Bitlocker: How to require Startup PIN

A lot of people use Bitlocker for full-disk encryption of their hard drives. For extra security you might want to be prompted for a PIN when you unlock your hard drive, because allowing attackers to boot your system without authentication might open up extra attack vectors. Setting a PIN can be easily accomplised if you know how… :-)

The below instructions are exact for Windows 10, but they are very similar in Windows 7, too.

Launch the Local Group Policy Editor by typing gpedit.msc into your Windows search, then when it has been found right-click on it and select Run as administrator from the pop-up menu. Then maneuver to the following path in the left “folder” pane:

Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Bitlocker Drive Encryption > Operating System Drives.

This is what it looks like if you did it correctly:

Bitlocker_Group_PolicyThen double-click on the setting Require additional authentication at startup, and you see the following dialog:

Bitlocker_PINNow change option Configure TPM startup PIN to read:

Require startup PIN with TPM

Then reboot. Now you can right-click on your system drive and select Set Bitlocker PIN or Change Bitlocker PIN (I forgot to take a screenshot of this last step, so I’m not 100% how exactly this looked like, but it should be obvious) from the pop-up menu.

You’re done. Wasn’t that easy?

Please leave a message if this was helpful.

Attention changing BIOS Settings with Bitlocker

The Problem

If your laptop has been set up to use Bitlocker, by your company or yourself, you should be very cautious when playing with your BIOS settings.

Bitlocker considers BIOS settings changes a potential security breach, as somebody could e. g. change boot order to boot from an external media to try to fiddle with the boot mechanism set up on your hard drive or SSD. This is why when you change something in the BIOS or just boot from an external drive, such as a thumb stick, Bitlocker will prompt you for your recovery code.

The Solution

To prevent this you just have to disable the so-called “protector” for your boot drive. Only then should you change BIOS settings or boot from a drive other than your normal boot drive.

You do so using the manage-bde tool which is part of Windows:

manage-bde –protectors –disable <Drive>

Don’t forget to re-enable the protector after you’re done:

manage-bde –protectors –enable <Drive>

If this helped, I’d appreciate a comment from you here on my blog.

My VerizonWireless prepay experience

We just returned from a one month vacation trip to Florida. In order to be able to use the internet when on the go, and also to be able to make and receive phone calls we decided to use a prepay card from VerizonWireless (VZW), as they seem to have the best 4G (LTE) coverage. The SIM is normally $45 for a month, including unlimited texts and calls and 1 GB of data, but we got it from Walmart for about $37, plus we received a free one-time bonus of 1 GB data when we activated the SIM via phone.

Our customer experience was pretty bad, and I want to share with you what kind of problems we had so that you can avoid those if possible.

The phone I intended to use was an iPhone 6 Plus. This cell phone is among the cell phones that have the most LTE bands available in the world, and I explicitly checked to make sure that VZW’s bands are covered. But when I tried to use the phone it couldn’t attach to the network. I got in touch with VZW, and it turned out that they only let phones use their network (with their own VZW prepay SIMs, that is!) that have been sold by or for VZW. But after talking to them for a while and letting them know about my disappointment (because in Europe this doesn’t seem to be common) they agreed to make an exception and have my iPhone authorized to use the network.

Even after four days (they said it should take 48 hours max), more than 3.5 hours talking to or chatting with their support, and even changing the SIM in a nearby VZW store, my iPhone still didn’t work, so I looked into other options. It turned out that you can buy simply 4G cell phones here real dirt cheap, so I bought a Motorola Moto E (2nd Gen) for less than $50. This phone immediately worked with the SIM I had.

I logged onto their MyVerizon prepay Desktop Home page to check and update some settings. This portal was another really bad experience, something which you really cannot ask your customers to use. The issues I encountered were the following:

  • After I had entered my address here in Florida (we lived in the house of relatives), there was trailing characters in the street address which I didn’t enter, and which I could not remove by any means.
  • Furthermore I couldn’t change my device from the original iPhone 6 Plus to the new Motorola Moto E — all changes (including IMEI which was verified to be “valid” and “known” to VZW) seemed to the accepted, and change of device was confirmed, but when I went into the main menu and back to “Device” the iPhone was still listed.
  • In addition I couldn’t change my Voice Mail PIN, probably the reason why voice mail was not available for my SIM during the whole month of our stay.

As an alternative to the bad web portal I installed the “My Verizon Mobile” Android app, but that was disappointing, too. There was absolutely no way to tell the app not to ask for the password again — a bad thing as I normally use “strong” passwords which I cannot easily remember, so how to use the app when on the go?! More issues encountered were

  • “Usage” details permanently give me “An error occurred while processing your request;”
  • in “My Features” I couldn’t activate the “Block Premium Messaging” option (even though changing the switch produced a confirmation that said the change was successful); every time I return to this menu item the setting is back to allow premium messaging;
  • in “Settings” > “Contact Info” I couldn’t make any changes, as the app declared my email address invalid (as it contains a “+” in the so-called “local-part,” which is the part left of the “@”). That was of course nonsense, as RFC-2822 allows such email addresses, I constantly receive mail on such addresses and VZW’s web portal allowed it as “valid;”
  • changing my Voice Mail Password (PIN) was also impossible in the Android app. I always got an error message saying “We are sorry, but we are not able to process your request at this time. Please try again later.”

What I must admit, though, their staff were always very friendly and tried to help — but what can you do if your IT systems let you down?!

The main reason I write this blog post is to let people from Europe know about the limitations they might encounter when trying to use their own phone with a local prepay SIM. But I also want to let VZW know my frustration with their bad self-service tools. This is not how you treat your valuable customers!!!

Hacking the Genexis FiberTwist-P2410

In my previous article I described the key components the Genexis FiberTwist-P2410 is comprised of. One of these components is the serial console connector, and its presence was so tempting that I simply had to play with it…

Layout of Serial Console Connector
Layout of Serial Console Connector

So I connected a UART-to-USB converter and watched the console output while the device boots… Communications parameters were easy to guess: 115,200 bps, 8N1, no handshake (neither HW, nor SW)… Continue reading Hacking the Genexis FiberTwist-P2410

Genexis FiberTwist-P2410 dissected

By chance I got an early hands-on on a fiber network terminator (NT)/broadband gateway (such a device will soon be installed for my FTTH line provided by “Deutsche Glasfaser.”) I don’t know how it happened, but it suddenly fell apart, so I had a brief look under the hood… :-D

IMG_0673
Genexis FiberTwist-P2410 inside view

The SoC is a Lantiq PXB 4369 EL V2.1 (GRX300), which is a Gigabit Ethernet Router/Gateway SoC with int. 2×2 WiFi. There aren’t any antennas, though, and it seems you can’t add any either. The device is from the GRX 300 series, which is a “CPE Network Processor with integrated WiFi.”

A Russian web site states that its actually the GRX369 series, and that the SoC is clocked with 600 MHz. (Update: The CPU is a MIPS 34Kc V5.6 clocked at 600 MHz, 397.82 BogoMIPS.)

The device can be simply twisted on the wall junction box which is the provider’s fiber hand-over point (“fiber management unit,” FMU.)

On the WAN side we have a Mentech FGE20-N9C-35S as the optical transceiver module (2×5 form factor) for single-mode fiber in passive optical networks (PON). Optical wavelength division multiplexing (WDM) is used so a single fiber can be used for both downstream and upstream data. The maximum data rate this transceiver can handle is 1.25 Gbit/s (which suggests we’re talking EPON, 802.3ah-2004 here…). The reach without intermediate amplification is 20 km(!). Wavelengths of 1,310 nm (upstream)/1,490 nm (downstream) are used.

For LAN connectivity the gateway has 4 Gigabit Ethernet ports, driven by two FPE LG48204DH 2-port LAN transformer modules in a DIP-48 package.

The transceiver is a Marvell 88E1512-NNp2 out of the “Alaska” series, 10/100/1000 BASE-T single-port PHY (so it seems that all fiber/Ethernet ports are on the same switch), supporting Energy Efficient Ethernet (EEE) and Advanced Virtual Cable Tester functionality.

Update: The switch seems to be a Lantiq VRX318 (or compatible).

Firmware is stored in a Elite Semiconductor (ESMT) F59L1G81LA-25T single-level serial (SPI) NAND flash chip in a TSOP48 package. It operates with 3.3V at a clock of 25 ns and has a flash density of 1 Gbit and a bus width of 8 bits. The total memory size is 128 MByte.

RAM is provided by a Winbond W971GG6SB-25 chip, which is a DDR2-800 (5-5-5) SDRAM chip with a size of 128 MByte, operating at transfer rates of 800 Mbit/s per pin with a power supply of 1.8 V. (Update: The RAM is actually clocked at 300 MHz.)

It seems that the broadband gateway is equipped with a serial-console connector.

Here’s another photo that shows where the key components are located:

Genexis FiberTwist-P2410 with key components
Genexis FiberTwist-P2410 with key components

Please let me know if this in any way helps you, or you can contribute to this post.

uhttpd with a certificate chain

To secure access to my router I wanted to use SSL encryption to access LuCi, so I obtained a certificate issued by a well-known CA. The server certificate was not issued directly off the CA, but there was a certificate chain in between.

Using a certificate chain with OpenWrt’s uhttpd is really easy, although as of today this is not yet even documented to be possible on the OpenWrt web site.

I’m using uhttpd_2015-11-08 from a trunk build (r48648) of “Designated Driver”, and certificate chains can be used here without problems.

I didn’t even have to convert from PEM to DER, I just concatenated the server cert and intermediate certs into a single file:

cat /root/server.crt /root/1_root_bundle_1.crt /root/1_root_bundle_2.crt >uhttpd.crt

Hope this helps. If it does please leave a message, thank you.

Brother MFC-7840w “Internet Fax” über DUS.net

Seit einigen Tagen habe ich einen “IP-only”-Telefonanschluss, so dass ich nicht mehr wie bisher mit meinem Brother MFC-7840w-Multifunktionsgerät über einen a/b-Terminaladapter an einem ISDN-Anschluss faxen kann.

Beim Suchen nach Alternativen stieß ich auf dieses Wiki im IP-Phone-Forum, welches mir sehr weiter geholfen hat.

Zunächst musste ich ein Firmware-Update für mein Faxgerät flashen, was die benötigte Internet-Fax-Funktionalität  (T.37-Protokoll) implementiert.

Weiterhin musste ein Anbieter gefunden werden, der dieses Protokoll unterstützt. DUS.net, welches auch im obigen Wiki erwähnt wird, war mir ohnehin schon bekannt, weil ich auf der Suche nach einem guten SIP-Provider bin. Also wollte ich gerne DUS.net als Fax-Provider nutzen, jedoch gibt es da ein prinzipielles Problem:

Um das Dus.net mail2fax Gateway anzusprechen, müssen Zugangsdaten > 50 Zeichen im Betreff-Feld übertragen werden. Die Brother-Firmware (4.0) speichert aber nur 41 Zeichen ab.

Meine Lösung sieht nun so aus: Continue reading Brother MFC-7840w “Internet Fax” über DUS.net

Just another WordPress weblog