Elegoo Display and Stolen Code

Standard

So I bought myself another one of the Elegoo 2.8″ touchscreen LCD modules recently, and decided to have a deeper dive into the code. I looked through the examples and I thought “This looks very similar to code from Adafruit.”

You can download the original “tutorial” files from Elegoo directly at https://www.elegoo.com/pages/arduino-kits-support-files if you’d like to take a look for yourself.

[Update #1 added at 22:12 below]

If you’re in a rush and just want a better way to do this, use the > give me the code < link.

Continue reading

New Extensions for Email Blocking

Standard

I’ve since added a new amount of file extensions that I would recommend that people running mail-servers also block.

Originally I only blocked a few attachments.

ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc]

However now I’ve added a few more based on suggestions from various sources including extensions that Microsoft recommends to block for users of their Exchange server.

ace|ad[dp]|ani|app|appcontent-ms|appref-ms|as[px]|aspx|ba[st]|cdxml|cer|chm|cmd|cnt|com|cpl|crt|csh|der|diagcab|docm|eml|exe|fxp|gadget|grp|hlp|hpj|ht[acm]|html|in[fsp]|its|jar|jnlp|js|jse?|ksh|lnk|ma[dfgmqrstuvw]|mcf|md[abetwz]|mht|mhtml|ms[chptu]|msh1|msh1xml|msh2|msh2xml|mshxml|msi|ops|osd|pcd|pif|pl|plg|prf|prg|printerexport|ps1|ps1.xml|ps1xml|ps2|ps2xml|psc[12]|psd1|psdm1|psdm1cdxml|pssc|pst|py|py[cowz]|pyzw|reg|sc[frt]|settingcontent-ms|sh[bs]|theme|tmp|udl|url|vb|vb[eps]|vs[stw]|vsmacros|webpnp|website|ws|ws[cfh]|wsb|xbap|xll|xlsm|xml|xn|xnk

It should be relatively easy to copy the above into a regular expression suitable for your mail environment. If you think there’s a way I can optimise this list, please let me know 🙂

Note, this list used to contain the following, but I managed to optimise the expressions and remove duplicates, so the original is as follows (for reference)

ace|ad[dp]|ani|app|asp|aspx|asx|ba[st]|cer|chm|cmd|cnt|com|cpl|crt|csh|der|docm|exe|eml|fxp|gadget|hlp|hpj|ht[ac]|in[fsp]|its|jar|js|jse?|ksh|lnk|mad|maf|mag|mam|maq|mar|mas|mat|mau|mav|maw|md[abetwz]|mht|mhtml|ms[ch]|msh1|msh1xml|msh2|msh2xml|mshxml|msi|msp|mst|ops|osd|pcd|pif|plg|prf|prg|ps1|ps1xml|ps2|ps2xml|psc1|psc2|pst|reg|scf|sc[rt]|sh[bs]|tmp|url|vb|vb[eps]|vsmacros|vss|vst|vsw|ws|ws[cfh]|xml|xlsm|py|py[cowz]|pyzw|ps1|ps1.xml|ps2|ps2xml|psc[12]|psd1|psdm1|cdxml|pssc|appref-ms|udl|wsb|cer|crt|der|jar|jnlp|appcontent-ms|settingcontent-ms|cnt|hpj|website|webpnp|mcf|printerexport|pl|theme|xbap|xll|xnk|msu|diagcab|grp|pst|ps1xml|ps2|ps2xml|psc[12]|psd1|psdm1cdxml|pssc|appref-ms|udl|wsb|xbap|xll|xn

Grandstream GXP1610 Reboot-o-matic

Standard

I wrote a nice little script to fix a problem I’ve been having with my work VOIP phone. It would lose connection but the screen wouldn’t let you know it had. I didn’t notice that it hadn’t been connected for *two* weeks until someone left a voicemail.

The phone did have a built in SSH interface, which had a reboot command, so I tried using ssh -i key admin@phone < commands.txt to feed it a bunch of commands. I had to pipe a text command to ssh because it doesn’t use a ‘real’ shell on the phone, just Grandstream’s proprietary command interface, which doesn’t accept commands directly when called from ssh.

This was okay, it restarted the phone but it would also reset the password back to ‘admin’. Not very secure really… So I looked for a way to reboot it using the web interface. I fired up Firefox’s network debugger and started to reverse engineer how commands were processed.

Continue reading

Setting Up Auto Mounting Encrypted Raid Disks

Standard

This is a little guide (currently under construction) for how I handle encrypted disks on Linux. This won’t be the ultimate ‘tin foil hat’ guide, as the attack vector this is intended to protect from is physical theft of the hardware, so that the data can’t be accessed from elsewhere. It obviously will not handle a targeted hacking attempt or the $5 wrench method, but I believe it gives security and convenience to a level appropriate for me.

xkcd 538: describing the $5 wrench method of breaking security.

The reason this started is because my physical health is deteriorating and getting up to enter a password at the console on every reboot is tiresome. Therefore I came up with a new way of handling encrypted drives to not only increase security but also make things a bit more convenient.

Continue reading

RAID Drive Replacement

Standard

On the 20th May, I noticed an email from mdadm (the Linux Raid Administrator) saying that a Degraded Array event was detected. It looked like two drives went down at the same time (SDC and SDD). Before I had done any diagnosis of the problem, I had ordered two replacement refurbished drives.

I went for refurbished because getting new ‘affordable’ drives that don’t use SMR technology (Shingled Magnetic Recording) is difficult. SMR allows more capacity in a smaller area, however they are a lot slower drives once you have filled the 25GB cache and in Network Attached Storage systems, they are not ideal. (Even WD Red NAS drives use SMR and don’t disclose that!)

So I went for some refurbished Seagate Barracuda 2TB drives. These were cheap and they used CMR 🙂

After a bit more diagnosing and a reboot, it looked like the SDC drive was okay but was just knocked offline because SDD corrupted the SATA bus. That made me feel a little safer, as I don’t like running systems with no margins for failure. I did a full set of diagnostics on SDC and reintroduced it into the array and it did a data check and came back online just fine.

I then had to wait a little while for my refurbished drives to arrive from Germany. They took a couple of days to arrive, which I didn’t think was too bad considering the world is kinda messed up right now.

Once the drives had arrived, I started doing my usual round of tests on new drives, to make sure they’ve survived shipping, make sure I’ve not been sold a lemon and also to make sure they’re going to give a decent level of service.

My testing involves using the SMART self test feature, recording those results, zeroing the drive, recording those results, then overwrite the drive 4 times with different patterns and compare that back. Once that’s done I record the results and compare again to make sure there’s no problems that testing has uncovered.

Next comes partitioning the drive. I just copied the partition layout of one of the existing disks and wrote the partition table to the disk. I then asked mdadm to add the new partitions into the RAID devices (md0, md1, md2, md3), and it started to rebuild the missing drive onto the new blank. You can see in the screenshot it is about 9.2% through recovery of the largest md device, md1.

From discovery to fix, this entire process took about 5 days. Actual user input was only about an hour, plus checking back and forth to make sure the drive was behaving.

Of course, RAID is not backup, but it’s great if your system can take two drives failing and still run fine. I have a backup system on a seperate drive and cloud backups. This is because in 2010, I typed an F instead of a G and wiped out the last 10 years.

Checking back through the logs, the problem was first reported on the 5th, but I didn’t see the email alert until the 25th, but at least it’s all fixed now. I didn’t need two drives, but it’s good to have a ‘cold’ spare in stock now 🙂

jcx’s Standard “New Drive” Procedure

Standard

Don’t forget: This advice is posted with my Standard Disclaimer. Please read that before proceeding.

Warning: Don’t follow this procedure on a drive that has data on it you want to keep. Following this procedure will make that data unrecoverable.

01. If the drive is not a new sealed retail drive, check SMART values are okay before testing. (smartctl -a /dev/sdX), save to compare later.

02. Run SMART short test (smartctl -t short /dev/sdX)

03. Run SMART conveyance test (if supported) smartctl -t conveyance /dev/sdX

04. Some drives will only update some SMART attributes if offline data collection is enabled. To make sure, turn offline testing every 4 hours with smartctl -o on and then start an offline test (smartctl -t offline /dev/sdX)

05. Verify drive passed all these tests (smartctl -l xselftest,selftest /dev/sdX). Create a second log file for comparison later.

06. Zero the drive with dd (dd if=/dev/zero of=/dev/sdX bs=4M status=progress).

[!] Keep an eye on the drive temperature (if supported) with smartctl -l scttemp the logged historical data will vary between manufacturers. [/!]

07. After ZEROing the drive, it will have reallocated any bad sectors from the factory. Compare the SMART values to the ones you took at the beginning, paying close attention to Pending and/or Reallocated Sectors.

08. Check the drive’s error log (smartctl -l xerror,error /dev/sdX) to see if there are any reports of non-fatal errors which haven’t resulted in a bad sector.

09. Next comes a full write test. You can either use the long test, using badblocks which will perform 4 full read and 4 full write tests. (badblocks -wvsb 4096 /dev/sdX) This can take tens of hours. If you are in a hurry, you can also use a single pass test. (nwipe?)

10. After completion again check the SMART values (smartctl -a /dev/sdX) and compare them to the original readings.

[!] Some drives also support extended device statistics (smartctl -l devstat /dev/sdX) which can show you some non-standard stuff. [/!]

11. If the drive passes these tests without error it will usually be a good drive. The surface has been written and read from several times to ensure there’s no major problems.

12. If you want to stress test the drive mechanism (actuator/heads) you can use fio to perform small reads/writes at random locations across the entire disk surface. Be sure to keep an eye on the temperatures while doing this. If the drive isn’t properly cooled you might run into problems. It is probably reasonable to run this test for around two or three hours.

AcePC T11 Mini PC with Windows 10 CPU Throttling Fix

Standard

I have being trying to fix an issue with Windows 10 on the AcePC T11 Mini PC. It would after a while, only use 33% of its CPU and be limited to 0.48GHz, which made YouTube and other processor intensive tasks really slow.

There are two problems that I encountered on Windows 10. The first was in “Power Options” in the Control Panel there was only the option for Balanced. High Performance and Power Saver were unavailable.

The second problem is the option to disable throttling is not visible by default.

I have created a registry file to allow us access to these options again.

It is recommended to update to the latest version of Windows 10 before applying these fixes, as they might be overwritten by an update.

 

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power]
"CsEnabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\PowerSettings\54533251-82be-4824-96c1-47b60b740d00\0cc5b647-c1df-4637-891a-dec35c318583]
"Attributes"=dword:00000002

The first option CsEnabled restores the hidden options in the Power Options section of control panel.
The second change allows us to modify the option “Processor performance core parking min cores”.

Copy the above to a blank notepad file, and save it as “power-fix.reg” making sure to include the quotation marks. Double click the file you have just saved to apply the registry fix and then you should restart your computer.

Then open the start menu and type Control Panel. Then navigate to “Power”. Chose the High Performance option, then click “Change plan settings”, then “Change advanced power settings”.

Navigate to “Processor performance core parking min cores”, under Processor power management, and set this to 100%.

Then finally, “Allow throttle states” to “Off”.

Apply your changes and reboot. Now your system should not be stuck running at the slow speed of 0.48GHz, but run around 1.44GHz to 1.68GHz