Category Archives: Wireless

How 7-Zip, Hyper-V, and DNS Paralyzed A VOIP Phone System

Posted on by
Reply

Today was a tour-de-force in unintended consequences. It started with an old coworker, as a kind of boomerang. They came to work for us, then they moved on, only to come back. That was the premise of this story, the start of it, a coworker boomerang.

The task was really straightforward. De-compress the previously compressed user files related to this particular coworker, so that when they login, they see exactly what they left behind. It was modest, about 36GB worth of data. Looking at everything, the intended target had 365GB of open space, so plenty of room for this. I started with 7-Zip on Windows, opened the archive and extracted it to the drive with all the space. Near the end of the transaction, 7-Zip threw an error, “Out of Disk Space.” and I frowned and scratched my head. 365GB open space, and… this? Turns out, 7-Zip on Windows, at least this copy of it, unpacks the archive to a temporary folder on the temporary resource that Windows assigns, by default this ends up on C: drive. The process was filling an already low-on-capacity primary OS drive. I chased the temporary folder and removed it, correcting the issue. Or so I had thought.

An hour later, out of the apparent blue, around 12:30pm today, all the VOIP desk phones suddenly went “NO SERVICE”. I scrambled, naturally, feeling that rising panic as nothing had changed, there were no alarms, just suddenly total phone failure. I called the VOIP support line, and the official line from support was to reboot my network. A stack of eight fully packed Cisco Catalyst switches, three servers, and a gaggle of networking gear designed to offer at least a dozen vital services – reboot all of that. While talking with support, I opened up a console to my Linux box running on Hyper-V on one of my servers, which is to say, plugged into the very network core itself that I was asked to reboot. I then found my out-of-service desk phone, it’s IP was fine, it was totally functional, I grabbed the SIP password, logged into the phone, went to where it lists the VOIP endpoint for our phone carrier, and then asked mtr to show me the packet flow across the network, from my humble little wooden box of an office to the VOIP endpoint. The utility was clear, it was fine. No issues. 500 and counting packets all arriving promptly, no flaws, no errors, and NO SERVICE.

So I was growing more vexed with support, really unwilling to reboot the entirety of my network core when mtr was just merrily popping packets directly to the correct VOIP endpoint deep inside the carriers network. My traffic could get to where it had to go, the phones were NO SERVICE still. Support was flat-footed. I stopped myself, because I could feel the rage build, my old companion, the anger that comes when people aren’t listening to what I am trying to tell them. I stopped. It was not going anywhere and I promised myself that I would fight this anger, tooth and claw to the best of my ability. So I simply calmly asked for the ticket number on their side, and thanked them for their time and hung up my cell phone. I obviously muttered some choice phrases in a small voice, but otherwise I was very proud of myself. I derailed what could have become a very ugly scene.

Everything works. I am not going to reboot the core. The phones simply say NO SERVICE. Then other reports rolled in, network faults, adjacent but not the same, Wifi failures in Houston Texas, hmmm. What does Wifi out in Houston have to do with dud phones in Kalamazoo?

I had this sinking feeling, my gut screamed at me, something about the PDC, Wifi, and the Phones were all touching something common that had failed, but had failed silently. I chuckled to myself, the old IT chestnut occurred to me, “It’s always DNS.” and so, in respect to that, I opened the Hyper-V management window on the PDC and looked for my twin OpenDNS Resolvers, they are VM’s that run quietly, flawlessly, for years on years without a peep deep within Hyper-V. There it was, right there, right in front of me. The two resolver VM’s and just to the right of their names, the quaint little status indicator from Hyper-V. “PAUSED.”

The moment I saw that, I yelled out “PAUSED” and “NO SERVICE” and screamed. Right click on both VM’s, click Resume, and Hyper-V gleefully, in a heartbeat, resumed both little VM’s and just like that, another reboot to the VOIP phone and bleep-bloop-blunk, the phone was functional and just fine.

It is always DNS. I have three resolvers, the two resolvers were on the same host and the host had a wee panic and Hyper-V silently just paused everything, and then after a short while of cooking, the phones and Wifi, which also uses those resolvers, all went kaput all in one happy bunch.

Obviously the answer is to round-robin the resolvers, the primary on the PDC, then one resolver running in VMWare nearby, and then the secondary on the PDC. A sandwich right down the middle. I both thanked my past self and kicked my past self, for having the wits to set up a third resolver, which was then for a short while, the only resolver there was, except for choice parts of my network.

So, it ended happily, alls well that ends well. The next step is to spread this round-robin resolver correction throughout my network, to help avoid this from ever happening again. But then I laughed as I considered the gamut of what had transpired. 7-Zip, well meaning and purely accidentally caused an unintended disk space alert, Hyper-V silently and studiously paused its charges, and the network kind of rolled on over the speed-bumps, and at the end, proved again, “It’s always DNS.”

Hidden Killer

Posted on by
Reply

While working on Scott’s Thermal Cap, the brim, the band around the head, involved 32 discrete stitches per row. The pattern I was using demurred on chaining up the side and instead relied on the natural height of the SCTS to provide the height required as rows were added. Because the chain was omitted, every stitch requires attention, because usually when a chain appears on the side, it “uses up” whatever stitch was next in line, and so you customarily have to skip “where you should go” for the “next spot”. Without the chain on the side, progress is slower, the weave is thicker, and counting becomes rather picky. You want to make sure you have 32 in each row, lest you have decreases where there shouldn’t be any, and your hat comes out looking obviously wrong.

There are a lot of tools for maintaining counts in Crochet. Little plastic barrel counters, clickers, and a few apps for the iPhone. There was one of these apps, that among all the other features also had a verbal input mechanism. The app was updated and the verbal input mechanism was deprecated for Voice Control in iOS.

I have another app, called MultiTimer, in it are counters with audio feedback when you tap them. I had been using this app to count stitches in my work, but its a little annoying to have my hands on the work and then reach over to tap the phone. So I did a little poking around:

  1. Settings
  2. Accessibility
  3. Voice Control (turn it on, it downloads extra iOS components)
  4. ON: Show Confirmation, Show Hints, Overlay: Item Numbers. OFF the rest.
  5. Back to Settings, then to Control Center
  6. Customize Controls
  7. Add Accessibility Shortcuts
  8. Out to Home Screen

So, when I am working on a project, I plug the phone in (since Voice Control is a battery pig), start MultiTimer, switch to my Crochet panel where I have set up all my counters. Then I swipe up from the bottom, tap Accessibility Shortcuts icon, tap on Voice Control, then swipe down to hide the Control Center panel. Overlaid on top of all the screen items are little shaded numbers, so I focus in on the counter that I care about, “Stitch Count” and then I can say “Single Tap” to advance the counter, or “Tap 6” to clear the counter, or “Tap 4” to decrease the counter. That enables me to keep my hands on my work, and my eyes, and just say clearly what I want and the phone makes a little click sound when it does what I want. That way I can concentrate on the work, and then look at the display for the count. When my work session is done, I swipe up from the bottom, tap the Accessibility Shortcut icon, turn off Voice Control, and exit the MultiTimer app. Done and done. This way I can keep my mind focused on the work, I don’t lose count due to interruptions or cats, and it makes my phone do one singular task really well. After I started using this feature, I took back a little bit of the gripes I had previously issued against iOS, just a few. 🙂

We’re Always Shufflin

Posted on by
Reply

Yesterday I came home and like many precursors to the weekend we talk about what sort of meal plan we would like for the coming week. Along with that, we put together the shopping list for our weekend supply chores.

Ever since Apple released iOS 13, we’ve had nothing but headaches with their Reminder app. So the two places we usually go are named lists in the Apple Reminders app. My partner rattled off that there were four items in one list, and I saw none of them. After we wasted an hour resetting and screwing around with Reminders I went to look for alternatives. I found one, an app called “Remember The Milk” and I chiuckled as I had seen it before. Apparently I had an account there a long time ago, so instead of creating a new account, I reccovered the old one. I invited my partner to the app, he installed it, and then I created two lists for our two spots we usually go to, and then I shared them both out to him. Then we sat back and chuckled because with this alternative, proper sync was happening, which was everything we wanted. So we have turned our backs on the Reminder app.

As I started to look through Remember The Milk, I noticed that it had grown up a lot in the time I had been away from it. I’ve been having a headache with the ToDo App from Microsoft, which is actually Wunderlist rebranded. I had split some of my work tasks into ToDo from Microsoft because it was free with my work email, an Office 365 account. ToDo from Microsoft was having serious problems, mostly whenever I had to check off a task, a zombie task would reappear and I’d have to check each task off twice. There were only a few tasks there, so converting them over to Remember The Milk was really easy.

Then as I was working with Remember The Milk, I thought that I might finally leave Toodledo, so I bought a yearly subscription to Remember The Milk, which gave me parity features with Toodledo, and then backed up my Toodledo account and imported the entire thing over to Remember The Milk.

So now all my tasks live in one place again, instead of Reminders, ToDo from Microsoft, and Toodledo, now it’s all Remember The Milk. We’ll see how it goes.

Secure Channels

Posted on by
Reply

I explored the challenge of establishing a secure channel in a business-to-business use case a few days ago. Between the company I work for and another company, where the information was very sensitive, the risk of it being compromised was unacceptable, and the requirement that I share the information with the other party undeniable.

The goal was to get a secret string of text from my system into the system of another party. I have explored cryptography for a long while and so I was confident that all the tools I had could do the job very well. The real challenge was in establishing a communications protocol and a secure channel. Amongst my explorations, I had the entire suite of OpenSSL library ciphers at hand, I had GPG, and the answer which I sort of knew already even before I started this foray into cybersecurity, that Signal would eventually be my answer.

It was at first exploration of the challenge of it. How could I get a secret alphanumeric string to another party that had none of the tools or the experience of cryptography that I had in my library? All of it was fated before I even started, but I at least wanted to go through the motions and explore this problem as if I was sitting in the middle of it without any view of the win condition at the end. The first stab was GPG, so I searched for any public keys related to the other company, and there were none. That was worth a smirk, and I nodded because I would have been shocked if there was a hit at all, so GPG was a dead end. The next effort was thinking about what sort of cipher could be used. This selection of a cipher was symmetric cryptography. I would need to encode the message so that it would be suitable for email transmission, and encrypt the data using some standard cipher that I knew would be possible for both parties, and then I spent a while trying to figure out the password for the cipher. I knew that base64 would be great for encoding and decoding the message, and I still have faith in AES-256-CTR, but that left me having to select a password that I could use that both sides knew. Any effort to share that password in any other non-secure channel would render all my efforts for nothing because then the cipher would be a mathematical contrivance because the security of the password then became equivalent to the security of the payload. If the password was passed in clear text, then the entire endeavor was meaningless.

So this entry becomes a love letter to Signal. It covered everything I needed. It used encryption end-to-end and it was vetted and secure, it didn’t require public keys, or specifically, the user wasn’t involved with that part of the process, and I could trust that the inbound mobile number matched the intended recipient. I didn’t need to exchange passwords or agree on a cipher or a protocol. The application and service are free as well, so there wasn’t even a cost barrier to this solution! It checks off every box on my list. I was able to copy and paste the secure string of data over Signal to the other person and conclude the task that I set for myself at the beginning of all of this. There is more to Signal than just this use case and I encourage everyone I know to download it, sign in, and start using it.

The Future of Power?

Posted on by
Reply

The California PG&E outage is a clear note about what happens when you ignore your infrastructure and you don’t have a regular preventative maintenance schedule. PM can cost a lot, but as we see in California, does it really?

I started wondering about alternatives to high tension power lines in California. You couldn’t really bury any of it, with so many quakes, maybe. So what else? Microwave transmission? Maybe make it auto-aiming so if there is a quake and the tower moves a little, it can reacquire the source faster? Or perhaps spread out the generation stations, like solar reflector installations, to distribute the load and increase the production rate…

But then these ideas lead me to truly knackers ideas. If you are going to go this far, why not just also install immense Tesla coils and then outfit cars with wireless AC receivers and then the entire automobile fleet can be electric and not need charging, since you can skip batteries, it’s much easier and cheaper.

But if we did — then we might be able to use addressable frequencies per vehicle or overlay a data stream on top of the power itself, so a car that did a hit and run or is involved in an OJ chase could be remotely turned off. But man, with enough coils dotting the landscape, powered by solar reflector stations you could drive from coast to coast with ease. We could possibly make covered tunneled roadways and then increase the speed, then automate the entire thing so after you get past human reaction limits, your car can accelerate to a comfy cruising speed of 350mph or higher.

I want to trade an immense battery bank for honeycombed graphene and kevlar car bodies so I’m traveling safely even if I impact at ridiculously high speeds. Or I want a car that automatically fills with a gassy rubber filler and ejects the passenger compartment upon a catastrophic impact event, like we have with fighter jet ejection systems. And an adorable theme-able packed parachute, maybe Hello Kitty? 😉

But an entire truck fleet that is automated and powered by solar reflector stations and tesla coils. Zero emissions. Poof, just like that. I suppose I like solar reflectors more because they mean business. Plus you could put the parabolic mirrors on gantries say twenty feet up, and then have open pasture underneath for cows, chickens, and sheep. Or grow shade-happy crops?

These power stations might, if there are enough of them, raise the albedo of the local area and then you nip greenhouse effect at the beginning of the cycle. You’re channeling the incoming solar radiation elsewhere. It isn’t heating up water or pavement or farmland. It’s being soaked up by hungry devices like trucks and cars and trains.

I sort of wonder what an airplane with a wireless AC box would look like? Different jet technology, based on electrics not on jet fuel. And the tons of carbon saved. You could replace the jet fuel with new safety equipment, like foam bursters and ejection systems in case of some sort of failure in the air. The plane just falls apart, the cabin fills with sticky goop, and it parachutes to earth safely.

We would be free of oil completely. It would rewrite the entire narrative.

Apple iOS 13 or How To Kill An App

Posted on by
Reply

Apple released iOS 13.0 a few days ago, and then a series of iterative updates from there. The last I checked, we are now up to iOS 13.1.2. They have updated the Reminders app, and in doing so, and making the updates non-functional across their entire platform across the version barrier of iOS 12 and 13, iOS on iPad and iPadOS, and Mojave/Catalina they have, with a single stroke, killed their Reminders app for me. I was looking forward to the update to Reminders, maybe replacing the rather dull Toodledo app on my devices, and then they did it. Reminders only works if you “Convert” and if you do, it’s a one way deal. So now there is little to no point in actually using Reminders since it doesn’t work everywhere I am any longer, but it does push me further into using Toodledo and reinforces my purchase of another year of premium service with Toodledo.

I have just fielded a question about Exchange and sent items in iOS 13. It appears that iOS may not be successfully chaining Exchange emails into conversations. I will have to look into that today.

Derailing Robocalls

Posted on by
Reply

If you have an iPhone as your mobile device, you can set up a foolproof filter for pretty much all Robocalls, unwanted solicitations, or anything else that bothers you with multiple calls on your mobile phone.

The first step is to create a Voicemail Greeting that lets people know that they have to introduce themselves with their numbers first, and then once they exist in your Contact List, then your phone will ring and you might answer it. If your callers don’t know, then they will never get through.

The second step is to make sure your Contact List in your iPhone is as up-to-date as you can make it. Trim out any junk, do your best to de-dupe the list, get it so it is nice and tidy.

Third step is to go into Settings, then to Do Not Disturb settings, Turn Do Not Disturb ON, set Schedule if you want it off, although I just leave my phone on DND permanently. Silence Always, and in the Phone section, “Allow Calls From” and set that to “All Contacts”. Turn Repeated Calls off, and any other setting is your personal preference.

When inbound calls arrive, they will be checked via their Caller ID presentation with your Contact List. If they don’t know which number will match in your Contact List, then your phone will never ring. It will obviously ring for the caller, until they arrive in Voicemail, and then they leave a message introducing themselves, which is after all, a civilized way of using these devices. If you met someone IRL, then you’d have to create a contact for them in order for them to ring your iPhone.

If you have any other iOS device, like an iPad, you should configure that the same way as your iPhone so when it is connected over Wifi it doesn’t ring the way you don’t want it to.

After that, you won’t get any more inbound calls unless they are from your Contact List. No fuss, no muss.

Facebook Security

Posted on by
Reply

I haven’t logged into Facebook in quite a while and I’ve been doing bits and bloops around the network, like connecting MOD Pizza to my FB account and vastly lower interaction metrics. The Facebook security watchdog noticed!

So they locked me out. I could get back in if I could identify my friends in a quiz format. Fine. Took the quiz, passed. Account password changed and updated.

Hilarious. Facebook is like herpes. I hardly miss the cold sores.

Slack vs. Jabber

Posted on by
Reply

Several years ago I started working for a new company. Their phone system was stuck in the past. The past, like Version 4 when Version 10 was being sold. So we had to upgrade, there really wasn’t any other way around it.

Enter Cisco. As VOIP hardware manufacturers go, if you stay in the silo you’ll have a pretty good life. Call Manager, Unity, and Presence are a heady combination. I decided early on to hire a local company to help me with the design and the initial layout and setup, and I will always regard that choice as one of the best I have ever made, professionally. They did an amazing job, and their staff are absolute tops in their game. They are expensive, but in the end I think worth it. So they came, helped install the Cisco Business Essentials 6000 server, and all the heavy lifting that was needed to get all three products up and running, so that people who were using the old system saw next to nothing different about how everything worked. That’s a kind of holy grail in IT.

A part of the trio of products was Cisco Presence, or to use a shorthand about what it really was, simply Jabber. Jabber is an instant messaging platform, and I had quite a bit of experience as Jabber is, at least ostensibly, an open-source system. I had lots of Jabber experience back at my previous employ and I was looking forward to seeing Jabber rolled out across the company that I now work for. The previous employ was centered on Apple technology and as an IT administrator, Apple was like waking up in the Garden of Eden. It was an earthly delight. The Apple iteration of Jabber included a CLI option switch that allowed you to instantly join everyone in the Jabber directory, nee an LDAP directory, all together. It was called “–auto_buddy” and I loved that feature. It was the killer part of Jabber from Apple. When I added someone to OpenDirectory, I could open a Terminal and throw this one command and all my work would automatically add all my coworkers together, everyone is everyone else’s buddy. It was great, I really enjoyed it.

So then, years forward, on with Cisco Presence, their implementation of Jabber. Off searching for my favorite CLI friend, “–auto_buddy”, only to find out, none of that exists. And so, that hobbled Jabber immediately. Instant Messaging’s ROI is only really salient when you have everyone engaged. You can’t really argue about ROI until that point, because when you have only a handful of people actually connected, they don’t see the point, because not everyone is connected, including the people they want to communicate with right now. If you can’t do a thing immediately, then what is the point of doing it at all? This is the core reason why a lot of tech adoption trips and falls on its face. Especially with collaboration solutions like Jabber. Until everyone joins and uses the system, convincing them that they should use it might as well be one of Hercules’s tasks, like cleaning the Augean Stables. So without my ability to link everyone up, with “–auto_buddy”, I had a piecemeal system. Without the ability for everyone to see everyone else, adoption tripped and fell flat on its figurative face.

Shortly thereafter, it exited the cultural consciousness until years later, when a new coworker had stoked interest in it all over again. But it was doomed, not this time by the lack of demonstrable ROI or the lack of “–auto_buddy”, but rather by compliance control. By the time I had installed the required pieces for compliance, the entire affair was loaded into the figurative airlock and blown out into space.

Before the end of Jabber, and running currently is another system, one that I find more engaging at least personally and that is Slack. It’s free to use, which is a huge help, and also available everywhere. I don’t have to limit it behind the walled garden of our corporate VPN. That is a huge benefit and really eases the use of it, in every case. I can immediately see the benefits of using Slack, especially in groups like mine, in Information Technology. So that’s currently the extent of it. Again, tech adoption is flat and terminal, the selling point for Slack is still tied up with the same point for Jabber. You can only demonstrate the ROI when you have full engagement, and you can only get full engagement when people see the rewards of ROI. So even Slack is just a moribund as Jabber was. But at least with Slack there is room for enticing directions it could take. I’ve been kicking around the notion of examining Slack’s position in a B2B framework. Like between MSP’s and their customers. The MSP starts a Slack and invites their customers to join. Then each customer has a channel that they are invited to. Then the company staff at the MSP hop on Slack and use it for their own benefit. Everything is segregated using Slack’s internal controls, so the MSP gets a benefit immediately and the customers can effectively chat up their reps with a single click on an app, a website, or their phones. This could enhance the collaborative power between customer and provider. Invoices posted, updates about payments, and with IFTTT looming in the background, new automated benefits could be crafted and rolled out to customers immediately.

This could also revolutionize B2C relationships as well, but that would take more corporate bravery than even the B2B solution would. I don’t actually expect anyone to seriously accept my shoot-the-moon ideas, but I would like to imagine the world where I could start my Slack app, see all my professional relationships and be able to communicate with them that way. Maybe someday if Slack succeeds and more people ask the right questions. More people actively interested in collaboration would also help.

Windows 10, QNAP, and error 0x80004005

Posted on by
1

While setting up a new Windows 10 laptop we ran into a head-scratcher problem. We store a lot of our setup data in a network attached storage system called a QNAP. The laptop was connected to our local area network over Wifi, and everything connection-wise looked to be good. We could ping both the IP address of the QNAP and the DNS name as well, so we knew for a fact that the laptop could indeed send and receive traffic with the QNAP. When we attempted to call up the QNAP using Windows Explorer on this laptop we used the UNC convention to get to our data, like this \\10.1.1.100 and when we press enter, Windows 10 would pause for a short few seconds and then throw back an error code:

Windows Cannot Access \\10.1.1.100 Error Code: 0x80004005 Unspecified Error.

We then attempted to reboot, then we escalated to a full system rebuild and nothing seemed to work for us. We fiddled with PowerShell commands, to no effect, also flipping on and off IPv6, which also had no effect. So our next step was to switch to wildcat debugging and just start taking wild potshots at the laptop trying to find a way to just make this work. And we found the solution, thanks to a user by the name of dimamed on Spiceworks, who posted the solution we needed:

Adjust Registry Value:
HKLM\SYSTEM\CurrentControlSet\LanmanWorkstation\Parameters\AllowInsecureGuestAuth, and set the DWORD to 1.

Then I closed the registry editor, opened up Windows Explorer again, tried the QNAP as I usually do and it worked! We don’t really need it to function for our end users, but it became a matter of professional pursuit to make sure that all our technology can work together properly. It can, with some coaxing.

We hope this solution works for other folks, if you also run into this issue. Please leave a comment if you would, so we can see just how much of an impact something like this has if you don’t mind.