Author Archives: Tim H

About Tim H

I am a Large Fluffy Chicken called Bob.

ASB Bank and TOR

Sometime in early December I thought I’d have a play with TOR.  I ran it up on micro and played with it for a few days.  I thought I’d “help the TOR world” by running an exit node, seeing as we have more bandwidth allocated to us than we use.

After a few days though I figured hell, I probably wasn’t doing much to help, so I turned it off and forgot about it.

Fast forward to a few weeks later:  Suddenly my wife can’t get to a website she needs to access.  Do some digging, turns out that it works from other IP’s, just not our home IP.  Our home IP is static, so I can’t just reboot and get a new one.  I email the people running the website and to my surprise, they’re very helpful.  They investigate and tell me that due to my IP having been a TOR node, it’s been blacklisted.  Their network gear auto-updates a blacklist every few weeks, so if we’re not longer a TOR node we should be removed.

No worries, I put a bypass in place in our home router, using OpenVPN.  Annoying, but it works.  A couple of weeks later they email me to tell me that it’s all sorted now. I remove the bypass and their site still works. Thanks!

Then ASB FastNet stops working. Both the website and their Mobile App (which accesses MobileAPI.asbbank.co.nz, a different IP than the Browser site.)  Argh!

I can’t get a single communication out of them as to why it doesn’t work, but trying to connection to FastNet classic gives me:
micro:~> curl -vv -I https://fnc.asbbank.co.nz
* About to connect() to fnc.asbbank.co.nz port 443 (#0)
* Trying 210.55.180.58...
* Connection refused
* couldn't connect to host
* Closing connection #0
curl: (7) couldn't connect to host

Which is quite annoying.  So I have an OpenVPN bypass in place for it as well.  The problem is my OpenVPN bypass is quite flakey, mostly due to the way I’ve setup OpenVPN.  It doesn’t reconnect properly when the tunnel drops, which it does every now and then on the end of a consumer grade Internet Service.

Can I get hold of anyone at ASB to help me?  Tell me why the IP’s blacklisted?  Nope.  I’ve emailed, prodded.  Very frustrating.  Please, someone at ASB in the Network Team get in contact.  Tell me what I can do to get removed/get this fixed.

Thanks,

Tim

Update: ASB use BrightCloud’s IP Reputation service.  Once I filed a request with Brightcloud and they verified we weren’t a TOR exit node anymore, they updated the status of our IP address and we can once again access ASB directly.  Thanks ASB for getting back to me after I made a lot of noise…

Moved to WordPress

I moved my blog from BlogFile to WordPress.  I couldn’t do everything I wanted in BlogFile, neat as it is.  So WordPress it is…  Drupal would have been overkill.  Wordpress probably is.

If you got here from a “blog.php” link well, all the old content is here, but you might have to search for it sorry!

All the content is crap anyway…

grsecurity RBAC system

A few notes I wrote down about enabling the (very intense) grsecuriy RBAC system on micro.

  1. If you have role_allow_ip defined and you try and “do something” from an IP not in that allowed list – you’ll end up in the default role.  That can be hard to figure out at first, you know you have a role setup for the user, but you’re not ending up in it.  That’s why.
  2. A subject in a less specific policy with an “i” will override a more specific subject.i.e.This “/” subject:subject / o {    /bin        rxi}will win over this:subject /bin/bash o {}/bin/bash will use the polices from the first subject, not the second.
  3. To be able to unlink (delete!) a file, you need both d and the w subject flags.  d alone isn’t enough.
  4. Be VERY careful with the C subject flag.  It will kill everything with the same IP address, silently.  Your MYSQL server might be dead and you won’t know it.
  5. Shared Libraries (.so) need the rx flag, x alone isn’t enough.
    subject /bin/bash {    

    /     
    /lib            rx
    }
  6. The -V flag to gradm -E will give some useful information!

Building MPD

micro:~/mpd-0.18.7> make distclean ; ./configure --disable-dependency-tracking --enable-libmpdclient --enable-alsa --enable-bzip2 --enable-curl --enable-ao --enable-ffmpeg --enable-flac --enable-httpd-output --enable-id3 --disable-ipv6 --enable-lame-encoder --enable-lsr --enable-mad --enable-mikmod --enable-mms --enable-modplug --enable-mpg123 --enable-pipe-output --enable-recorder-output --enable-shout --enable-vorbis --enable-vorbis-encoder --enable-zzip --prefix=/usr/local/mpd ; make

Viber = Android Battery Issue

I figured out what was totally fscked my phone. Making contacts unusable, the CPU was ticking over all the time stealing battery.

FUCKING VIBER.

I’d ticked “Sync Viber with Contacts” or some bullshit. Unticked that, lo and behold, battery life is awesome. I can get up at 6am and go to bed at 9pm with still 30%.

It used to die around 6pm before, flat. Now it still has 40%

Fuck you, Viber!

Chicken Costumes

From: Tim Harman [mailto:tim@muppetz.com]
Sent: Sunday, 10 August 2014 9:37 p.m.
To: Info
Subject: Winning Wheel Question

Hello There!

I have a question which I am hoping you can answer for me.

Tonight my wife and I were discussing what is/isn’t allowed when it comes to being
on the “Winning Wheel” segment. The conversation arose because I expressed my
desire to wear a large chicken costume and do nothing but cluck through the whole
segment, if we were so lucky as to win a spot on the segment.

My wife, being the smarter of the two of us, said that there’s no way she’d let me
wear a chicken costume and/or cluck, and that NZ Lotto almost certainly wouldn’t
allow someone to dress up as a chicken anyway.

So my question is: What are “the rules” around the Winning Wheel segment?
Can a contestant wear a large chicken suit if they so desire?

Many Thanks,

Tim Harman
———————————————————————————–
Hi Tim,

Thank you for your enquiry.

While we have guidelines we follow during filming to ensure the integrity of our
products, we remain flexible as each winner’s story is very different.

There is no current ruling on wearing chicken suits.

Thanks for taking the time to write to us and good luck with your tickets.

Best regards,
<name removed>
Corporate Communications Advisor

PO Box 8929, Symonds Street, Auckland 1150
73 Remuera Road, Remuera, Auckland 1050, New Zealand

lottonz.co.nz

Dell XPS m1330 with Windows 8.1 – DPC Latency Issues

Finally upgraded my ageing XPS m1330 from Windows XP (32 Bit), which of course worked perfectly, to Windows 8.1 (64 Bit), which of course initially didn’t.

The major problem that I encountered was major latency when playing audio. The DPC latency would cause the music to stutter and jerk and basically be unlistenable. A major pain in the arse for someone who likes to listen to streaming audio while they work.

After doing a bit of reading and research, I thought it was the NVIDIA driver that was causing the problem, PowerMizer was flagged as being the culprit. But adding the “correct” flags to the registry didn’t fix the problem, music was still impossible to listen to and the DPC Latency tool showed me major spikes.

Some more testing and research lead me to find the Intel Wifi card I have, a Intel PRO Wireless 3945ABG as the cause of the problems. The issue was there is no later driver for it, indeed Intel haven’t officially released any driver for it, but Windows 8.1 seems to have a driver built in.

The fix was to download the Windows Vista x64 driver from <a href=”http://ftp.dell.com/FOLDER95945M/2/Intel_multi-device_A06_R171132.exe”>here</a> and to force Windows 8.1 to install it as the driver. Which takes a few options because it’s an older version of the driver than the one Windows 8.1 comes with.

But once the “new” old driver was installed, all DPC latency issues dissappeared. Music can be listened to without stuttering and jerking.

I’ve still got three items in Device Manger under “Other devices” all called “Data Interface” that don’t have a driver, but I expect that’s something to do with the 3G Modem this laptop has installed (the official Dell one)

Tim