Categories
Computers English Storage Uncategorized WTF

Synology refuses to admit annoying “Cloud Sync” Bug

Since about half a year I’m struggling with a very annoying bug in Synology’s “Cloud Sync” package I’m running on my expensive Synology DiskStation DS415+ NAS. It is still present as of today’s DSM 6.0.2-8451 Update 2.

I would like to backup my photos to my Amazon Drive/CloudDrive. As an Amazon Prime customer I can store an unlimited number of images, and only images — other files, like *.xmp sidecar files, will count against my general 5 GB limit.

The problem is that Synology’s Cloud Sync will upload the sidecar files, even though I explicitly only select “Images” to be backed up (and *.xmp is not part of Images, as I will show you!).

Categories
Communications English Routers

Update U-Boot on TP-Link TL-WDR4300

A couple of days ago while I was working from home my trusted TP-Link TL-WDR4300 seemed to have died suddenly (just a couple of days after the two year warranty had expired!) — at least this was the result of my initial investigations.

The symptom I had is that suddenly my internet connection seemed to be down — which was surprising enough, as since I upgraded to VDSL2 vectoring my line was rock-solid, and it normally dropped only once a month or even once every couple of months. When I tried to find out what happened I noticed that my router was inaccessible, I couldn’t even ping it. I thought it had crashed, so I power-cycled it to reboot it, but it didn’t come up…

So my conclusion was that it had died.

I quickly reconfigured a Linksys WRT1200AC which I bought a couple of months ago as a spare device, meant to replace the current router “one day”, and put it into operation…

Today I spent some time investigating what actually happened. I wanted to use the serial console of my rev. 1.7 device (the PCB is rev. 1.3), but found that there was no connector in place for the UART, just the holes in the PCB.

dav

So I quickly soldered in the pins, and connected the router to a laptop.

sdr

To my surprise the router booted without any issue at all. I played around with it until I was sure that there was absolutely no problem — I thought the file system in the flash memory might have been corrupted, but everything was ok.

So now that I had opened the device and connected a laptop to the serial console, I thought it would be a good occasion to update the U-Boot boot loader to a modified one by “pepe2k” that adds a lot of very useful features.

I used the instructions pepe2k provided on Github, specifically the part where he describes how to install via TFTP from the serial console. The “biggest challenge” was to find where to download the actual boot loader binary. Finally I found it here.

Categories
Cell Phones Communications English

My VerizonWireless prepay experience

We just returned from a one month vacation trip to Florida. In order to be able to use the internet when on the go, and also to be able to make and receive phone calls we decided to use a prepay card from VerizonWireless (VZW), as they seem to have the best 4G (LTE) coverage. The SIM is normally $45 for a month, including unlimited texts and calls and 1 GB of data, but we got it from Walmart for about $37, plus we received a free one-time bonus of 1 GB data when we activated the SIM via phone.

Our customer experience was pretty bad, and I want to share with you what kind of problems we had so that you can avoid those if possible.

The phone I intended to use was an iPhone 6 Plus. This cell phone is among the cell phones that have the most LTE bands available in the world, and I explicitly checked to make sure that VZW’s bands are covered. But when I tried to use the phone it couldn’t attach to the network. I got in touch with VZW, and it turned out that they only let phones use their network (with their own VZW prepay SIMs, that is!) that have been sold by or for VZW. But after talking to them for a while and letting them know about my disappointment (because in Europe this doesn’t seem to be common) they agreed to make an exception and have my iPhone authorized to use the network.

Even after four days (they said it should take 48 hours max), more than 3.5 hours talking to or chatting with their support, and even changing the SIM in a nearby VZW store, my iPhone still didn’t work, so I looked into other options. It turned out that you can buy simply 4G cell phones here real dirt cheap, so I bought a Motorola Moto E (2nd Gen) for less than $50. This phone immediately worked with the SIM I had.

I logged onto their MyVerizon prepay Desktop Home page to check and update some settings. This portal was another really bad experience, something which you really cannot ask your customers to use. The issues I encountered were the following:

  • After I had entered my address here in Florida (we lived in the house of relatives), there was trailing characters in the street address which I didn’t enter, and which I could not remove by any means.
  • Furthermore I couldn’t change my device from the original iPhone 6 Plus to the new Motorola Moto E — all changes (including IMEI which was verified to be “valid” and “known” to VZW) seemed to the accepted, and change of device was confirmed, but when I went into the main menu and back to “Device” the iPhone was still listed.
  • In addition I couldn’t change my Voice Mail PIN, probably the reason why voice mail was not available for my SIM during the whole month of our stay.

As an alternative to the bad web portal I installed the “My Verizon Mobile” Android app, but that was disappointing, too. There was absolutely no way to tell the app not to ask for the password again — a bad thing as I normally use “strong” passwords which I cannot easily remember, so how to use the app when on the go?! More issues encountered were

  • “Usage” details permanently give me “An error occurred while processing your request;”
  • in “My Features” I couldn’t activate the “Block Premium Messaging” option (even though changing the switch produced a confirmation that said the change was successful); every time I return to this menu item the setting is back to allow premium messaging;
  • in “Settings” > “Contact Info” I couldn’t make any changes, as the app declared my email address invalid (as it contains a “+” in the so-called “local-part,” which is the part left of the “@”). That was of course nonsense, as RFC-2822 allows such email addresses, I constantly receive mail on such addresses and VZW’s web portal allowed it as “valid;”
  • changing my Voice Mail Password (PIN) was also impossible in the Android app. I always got an error message saying “We are sorry, but we are not able to process your request at this time. Please try again later.”

What I must admit, though, their staff were always very friendly and tried to help — but what can you do if your IT systems let you down?!

The main reason I write this blog post is to let people from Europe know about the limitations they might encounter when trying to use their own phone with a local prepay SIM. But I also want to let VZW know my frustration with their bad self-service tools. This is not how you treat your valuable customers!!!

Categories
Communications English

Hacking the Genexis FiberTwist-P2410

In my previous article I described the key components the Genexis FiberTwist-P2410 is comprised of. One of these components is the serial console connector, and its presence was so tempting that I simply had to play with it…

Layout of Serial Console Connector
Layout of Serial Console Connector

So I connected a UART-to-USB converter and watched the console output while the device boots… Communications parameters were easy to guess: 115,200 bps, 8N1, no handshake (neither HW, nor SW)…

Categories
Communications English Networking Routers

uhttpd with a certificate chain

To secure access to my router I wanted to use SSL encryption to access LuCi, so I obtained a certificate issued by a well-known CA. The server certificate was not issued directly off the CA, but there was a certificate chain in between.

Using a certificate chain with OpenWrt’s uhttpd is really easy, although as of today this is not yet even documented to be possible on the OpenWrt web site.

I’m using uhttpd_2015-11-08 from a trunk build (r48648) of “Designated Driver”, and certificate chains can be used here without problems.

I didn’t even have to convert from PEM to DER, I just concatenated the server cert and intermediate certs into a single file:

cat /root/server.crt /root/1_root_bundle_1.crt /root/1_root_bundle_2.crt >uhttpd.crt

Hope this helps. If it does please leave a message, thank you.

Categories
Communications English Networking Routers

Monitor DrayTek Vigor 130 Line Status

I recently got myself a new DSL modem, namely a DrayTek Vigor 130, as I switched from ADSL2 to VDSL2-Vectoring, so that I couldn’t use my Allnet ALL0333CJ Rev. C any longer.

As I monitor about everything (just kidding) with Nagios, I certainly wanted to implement a check of the modem’s line status.

Here’s what I came up with:

# ARG1: community
define command{
        command_name    snmp_modem_status
        command_line    /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o SNMPv2-SMI::transmission.94.1.1.3.1.6.4 -P 2c -r "53 48 4F 57 54 49 4D 45"
        }
define host {
        host_name       dslmodem
        address         192.168.0.1
        use             generic-host-internal
        parents         gw
}

Nagios is running on my intranet server. The next hop when seen from Nagios is my Internet gateway (host “gw”, my router), and from there the next hop is the DSL modem (host “dslmodem.”)

Hope this helps someone… If it does please leave a quick message here in this blog, thanks…

Categories
English Networking Security WTF

Avira can’t get their DNS Setup right

Since many months I’m seeing the following issue with Avira‘s DNS setup, and I’m thinking it’s extremely embarassing for a company working in IT Security not to even get the basics right… 🙁

This is what I’m seeing:

named[2597]: DNS format error from 89.146.248.46#53 resolving dl4.pro.antivir.de/AAAA for client 127.0.0.1#52127: Name avira-update.net (SOA) not subdomain of zone antivir.de -- invalid response

So what does that mean?

Let’s have a look at which nameservers Avira are using anyway:

$ dig -t ns antivir.de

;; ANSWER SECTION:
antivir.de.        3600    IN    NS    ns13.avira-ns.net.
antivir.de.        3600    IN    NS    ns10.avira-ns.de.
antivir.de.        3600    IN    NS    ns9.avira-ns.net.
antivir.de.        3600    IN    NS    ns12.avira-ns.de.
antivir.de.        3600    IN    NS    ns14.avira-ns.de.

;; ADDITIONAL SECTION:
ns10.avira-ns.de.    86400    IN    A    80.190.154.111
ns12.avira-ns.de.    86400    IN    A    89.146.248.46
ns14.avira-ns.de.    86400    IN    A    74.208.254.45

Ok, so 89.146.248.46 in the error message quoted above is indeed one of the nameservers for domain antivir.de.

So let’s look up the IPv6 address record (AAAA) for dl4.pro.antivir.de on the given nameserver:
$ dig @89.146.248.46 -t AAAA dl4.pro.antivir.de

;; AUTHORITY SECTION:
avira-update.net. 3600 IN SOA ns1.avira-ns.net. domains.avira.com. 2015010301 10800 3600 2419200 3600

WTF?!

Why are they returning a domain name that is not a subdomain of the original domain?! That’s an error.

And it’s especially embarassing as this is the update URL for Avira’s AntiVir product. Again remember we’re talking about a security firm here!

Categories
Cell Phones English

How to install Android 5.0.1 on HTC Desire S

By chance I came across a thread on xda-developers that explains how to install CyanogenMod 12 (cm12) on an HTC Desire S (codename “Saga”). Being a newbie in “hacking” and rooting Android phones I had to read, investigate, and try a lot.

To spare you this effort I’m trying to summarize the steps required below:

  1. Unlock bootloader: To be able to flash a custom bootloader you first need to unlock the bootloader, which is easy since HTC makes this officially available via their web site.
  2. Flash recovery image: I used Team Win Recovery Project 2.8 (or short TWRP 2.8) which I downloaded from a link on this site.
  3. Flash cm12 and Google Apps: Download the latest cm12 image (on 2014-12-05 it was cm-12-20141204-UNOFFICIAL-saga.zip) from this page. Download Google Apps from this page. Put both ZIP files on the micro-SD card.
  4. Reboot to your recovery image by keeping “volume down” key depressed and then switching on the phone. Keep volume key depressed until TWRP splash screen appears. Perform a factory reset. Flash the two ZIP files, add cm12 first, then add Google Apps.
  5. Extract boot.img from cm-12-20141204-UNOFFICIAL-saga.zip and flash that with fastboot. Flash it using these instructions.
  6. Reboot your phone. CyanogenMod splash screen should appear after a while. Your first boot will probably take very long (I think for me it was about 15-20 min). Be patient!

After carefully following all the above instructions I now have the following on my HTC Desire S:

  • Boot rom HBOOT-2.02.0002 in mode S-ON
    bootloader
  • Radio/modem/baseband firmware RADIO-3831.19.00.110 (20.76.30.0835U_3831.19.00.110)
  • TWRP v2.8.0.0
  • Android 5.0.1 in the CyanogenMod flavor, version 12-20141204-UNOFFICIAL-saga. Kernel version is 3.0.101.
    cm-splash
  • Google Apps referred to from this page.

Thanks to everyone on xda-developers for their excellent work and support!

You might encounter the following issues which can be fixed as specified:

  • Touch screen not working properly: You have kind of a “mouse pointer” which you can drag around with your finger on the screen. To “click” something you have to double-tap on the mouse pointer. Fixing this can be accomplished by following this procedure.
  • The home softkey doesn’t work. Fix it by following these steps.

I had success with the following (not meant to be complete, just a couple of things which I consider important or surprising):

  • Sending audio to my Plantronics Blackwire C720 Bluetooth headset works properly, using Google Play Music. This was obviously using the “Media Audio” Bluetooth profile.
  • Skype via the above headset works perfectly well. Sound quality is crystal-clear.
  • Hand-over of a voice call to the above Bluetooth handset and back works perfectly well — maybe even better than on my S4… 🙂
  • Paired my Samsung Galaxy S4 with the HTC Desire S. Successfully sent a contact as VCF file from the S4 to the Desire S. But then process com.android.media crashed.
  • Connect phone to Windows 7 via USB, using MTP protocol. Write speeds to micro-SD card seemed normal.

The following limitations still exist (or at least these are the ones I noticed so far):

  • Phone is somehow regarded as a tablet by the Android OS.
  • Front camera not working. I thought I had seen it working once, but maybe I’m confused. Anyway, as of now the front camera seems not to be detected/functioning. The back camera is working well with the camera app from the minimal Google Apps package as well as from the official Google Camera you can download from Google Play. Skype and Google Hangouts also work well, apart from the front cam.
  • I replaced some of the apps in the apps dock with apps I installed from Google Play. Some of these apps will disappear after a reboot. When I noticed this and wanted to put them back by opening the apps drawer I observed that Android was currently populating/updating the apps drawer with some still missing apps. But even after it had finished showing all installed apps in the app drawer the apps dock was still missing some apps. So I dragged them back from the drawer onto the dock. Again, after a reboot they will be gone again.
  • Speed of cellular data connections seems slow. Unfortunately I couldn’t verify whether the cellular network settings are ok, since every time I tried to enter one of the corresponding  Settings menu item the process com.android.phone would crash (with the effect that I had to re-enter my SIM PIN and also the screenlock PIN).
    Later I tried it again, and this time it didn’t crash. All the settings were fine, so I wonder whether there is a problem with regards to the modem firmware? (I would like to note that I don’t have a voice SIM in this mobile phone, but just a data-only SIM. Eventually the firmware tries to perform operations that work on voice SIMs and doesn’t properly handle situations where those operations cannot be carried out?!)
  • Update 2014-12-11: Connecting the charger when the phone is powered down will cause it to boot into the TWRP recovery system.
  • Trying to open menu item Wireless & Networks > Cellular networks > Carrier Settings might cause process com.android.media to stop.
  • Ringtone will be quiet on incoming calls.
  • Microphone will be muted (or not properly amplified) when the first outbound(!) call takes place (in non-speakerphone mode). After you have gone on speakerphone and back, the microphone will then be working.
  • Moving apps to the external SD card is unreliable. Often it doesn’t work without any indication as to why. If you then repeat it again it may actually work.
Categories
English Usability Web Browsers WTF

Firefox 29 “Sync” nightmare

The — as I later found out — completely revamped “Sync” feature in Firefox 29 caused me a lot of grief yesterday, and I wasted more than 3 hours due to it. :-(

The issue started after I had to set the system time back on one of my Macs which I hadn’t used for a couple of weeks, so the Firefox data on that machine was outdated and not in-sync with the other machines synced to the same Firefox Sync account. Not sure whether setting the date back was the root cause, but anyway… I suddenly noticed that I had old passwords on another machine, too. Obviously it had received them via Firefox “Sync” from said Mac.

So, what to do?

I first cleared the data stored in my Firefox Sync account by logging on to the old account management (https://account.services.mozilla.com/), to make sure that the outdated passwords do not propagate to more machines.

I then disassociated the machines that had already received the outdated passwords from Firefox Sync.

Afterwards I wanted to add the device back the same way I did when adding a new machine in the past. But it didn’t work as it used to work. No way I could display the sync code I needed to enter on the “master” machine. :-(

Categories
English Mac WTF

“MacX DVD Ripper Pro Halloween Edition” expires and lies to you

Halloween 2012 MacXDVD Software, Inc. gave away free copies of their “MacX DVD Ripper Pro” as a special “Halloween Edition”. This was a very generous gesture which I would like to explicitly recognize and thank them for.

When I recently wanted to reinstall that piece of software on my new MacBook Pro Retina and tried to enter the serial number I noticed that you can’t — the software said that it had expired. I was very disappointed. I didn’t remember that you had to activate the software before the end of the promotion. So I set back my system clock to November 2012, and presto, I could install the software again. 🙂

After I ripped a DVD I set back the date to the current date, only to notice later when I wanted to rip another DVD that the software had expired(!). It does not explicitly say so, but it “lies” to you as follows:

MacX DVD Ripper Pro Halloween Edition lying to you

This message appears regardless of which DVD is in the drive (even very old ones that were released well before “MacX DVD Ripper Pro” itself was released), and even if no DVD at all is in the drive. So it is obvious that the above is not the truth, but a lame excuse for not telling you the truth that the software was time-limited from the very beginning.

Mind you, I’m not complaining about the fact that the software is time-limited as such. Even a software that is free only for a year or something is still a nice gift. What I’m complaining about is that MacXDVD Software, Inc. is lying to me. Why did they not originally include the notice that this is a time-limited copy of the software only?

The solution to this problem of course is to again set back your system time. This is not very convenient, but if you only occassionally rip a DVD it should not be a big problem.