Category: Uncategorized

Skip Month

Another month has come and gone, so what things have I been up to?

On Building Diplexers

So, I started working on an amateur satellite duplexer. Due to the nature of the Icom W32a, it makes sense to do this. Suffice it to say, its been troublesome. My problems started like this:

  1. No SWR meter. Okay, order one.
  2. Testing with an antenna shows no appreciable change. Call success.
  3. Be paranoid! Check again! And … wait, what’s going on?
  4. The cable that I was using to get from PL259 to BNC was bad. Took a bit to figure it out.
  5. Decide that I need to check with a dummy load.
  6. Need a dummy load
    1. After going to 4 different stores find out that only one had a gallon paint can.
    2. Find out that I would need about $32 of mineral oil to fill
    3. Find a quart can at Menards
    4. Purchase $4 of oil to fill
  7. Get weird readings\behavior on SWR meter? Why does my power go up then drop?
  8. Why the feedback on 70cm?
  9. Wait, why the behaviour on a dummy load?

So, this must be a cable problem. I decided I needed to order new cables. They’ll be here Wednesday, but it will be Monday before I can test everything

I ordered all my cables from Air802. They’re quick and I’ve heard that they’re priced competitively. I can’t recommend them enough. They’re very willing to help you with finding exactly what you need. Another plus is that I get my order a day or two later, even with the cheapest shipping. After my trouble with the cheap crap I ordered from fleabay, the extra price is worth it.

Other then my issues with testing them, I have to say that Digikey did as well as they always do. I’ll have to do a full write up on the diplexer, but Lee (K0LEE) was very helpful in getting replacements for the inductors. I tried to find exact replacements and ended up giving up and contacting him for help. A prompt response later and I had the information I needed. If you build them your self (and build 2), expect to spend about $32 for each. If you’re inclined, this is quite a bit cheaper then Arrow’s list price. The paranoia in testing comes from having the Icom that I would hate to destroy.

Fox Hunting!

Went on another fox hunt with the club. We changed up the technique quite a bit. I’ll be lazy and pretty much copy\paste my after action report on the event:

One thing I did think was effective was when Kris and I were using the arrow antenna/yagi to track it (the fox) in the truck with the antenna through the moon roof. I think if we had the time, and had I brought it, my handifinder would have been a good thing to deploy paired with a baofeng in the cemetery. Since we were about two blocks away, proceeding on foot would have made it easier to note the subtle changes. This make me excited to test this arrangement a member of the club purchased. I think it be an excellent replacement for the yagi-through-the-roof arrangement. I wish I had been able to get on the parking garage in town to get an initial bearing.

Orlando

Normally I don’t talk about guns here on the blog. I love guns. I even have some of the scary black ones. Now, I could like to various jokes about them, liberals, or whatever. I’ve wanted to, and that’s why there are not ads on this blog. I feel that talking about firearms could easily be misconstrued as encouraging violence. Not a thing I want to have to explain. This blog will always be ad free as a result. (If you think I deserve a reward for wrting, the homepage has my amazon wish list.)

Being a gun lover though, I feel the need to talk about Orlando. The media (and the Democratic Side of Congress) is in outrage about the events, and demanding that law-abiding citizens submit to their demands despite the ineffectiveness of those demands where implemented (stateside with California, cityside with Chicago and more). While I’d love to be brief, Orlando doesn’t lend to brevity. Not out of laziness, but due to the succinctness of what I wrote, I will quote Core Concept Podcast.

At Core Concept Podcast, its no secret we strongly support the 2nd Amendment and the right to Concealed Carry. We do not agree with the opinion of the 9th Circuit Court of California(Commy-fornia if you must). The Constitution was written as a whole to guarantee the safety and freedom of every citizen of the United States. It was not written to guarantee the prosperity of its citizens, though as a whole it has created one of the most prosperous nations in the world.

The attacks in Orlando are terrifying. Its not about being a gay, lesbian, or straight person. Its about an individual mass murdering defenseless people. Regardless of your position (a split decision here on the podcast), these attacks were, and any imitation there of, are immoral and wrong. We both believe that all people can find reason and ways to live in peace with each other.

But we also believe that a person should be ready to defend themselves. That it is better to be a warrior in a garden then a gardener in a war. That personal security is the duty of each and every individual for them to secure for themselves. Even when relaxing, you must not let your situational awareness fail. To stay “left of bang.” When your awareness fails, you’re right of bang, and being right of bang means that people will die.

Our world is a dangerous place, full of evil people doing evil things. Regardless of your religion, orientation or race, life is always precious. As the days continue (and they will), let us all remember that. Let us guard ourselves and each other. Because those who walk the path of darkness will always look to spread it.

Expect gun posts in the coming months.


And A General Update

Icom W32A/Working the Birds

The Icom is working pretty well. Ordered a replacement battery and charger from Batteries America and it seems to be in order. I was able to check into my local ham club net with the radio. However, I found out that with the stock antenna it seems to desense when carried against my body. With a NA-771 it doesn’t. I’ve started ordering parts to create a duplexer for working AO-85 and SO-50. I will also have to create an audio splitter for the handset. And I have a programming cable on the way from Amazon. With the weather warming up, I’ll be on the birds again soon.

Other Projects

I should be uploading a video of soldering a HandiFinder with my remarks on the kit.

I also have an upcoming NPOTA activation coming soon. I’ll be running my Arrow on 2M, and if I’m confident enough will try to work some satellites as well.

And maybe, just maybe, we’ll start to some firearm related videos.

Gibberish Be Here

I’ve been running syncthing as backup/sync solution, then rsyncing to a drive I keep in a firebox every month or so. I seem to have managed to screw everything up and it took awhile to straighten everything out. And syncthing keeps misbehaving the whole time.

In Closing

See you later, it will likely be a few months.


SSL

The soliloquy blog is now running ssl!  All requests will be handled through the secured side, https://soliloquyforthefallen.net as a result of my .htaccess.

Why? Because at this point SSL is super simple to set up in CPanel, cheap to purchase, and actually makes sense.

A few years ago when the firesheep plugin was released, it was required that each server have is own IP address to implement SSL. Your traffic might be secure, but it doesn’t take much to guess where it’s going. In my mind, this defeats the purpose of using SSL on a website.

We’ve come a long way since then and now every major OS and browser (yes, this was a client side failure) supports SSL for websites sharing a server IP with other websites.

So why SSL now? Well, google damages your ranking for not having SSL. Oh, and the whole argument about whether Americans have a right to encryption and privacy. We do. Backoff. We’re citizens, not subjects.


Yubikeys and Udev Locking

Impressions

I recently bought a yubikey after attending BSides LA and meeting an individual that used one to secure his gmail accounts. $30 and about a week after ordering, I had a yubikey of my own. I keep it tethered to my new fenix flashlight (which the jury is still out on) so that I can find it easily and will remember to take it with.

Now, I’ve been concerned about the physical security of my devices for awhile. If you know my simplistic password, bingo, you’re in. With the yubikey, I was able to change that. It now takes both a token and a password to log into my computer. Plus, I’ve been intrigued by the yubikey since the Fedora Project started using it a few years ago.

Yubikey toughts its one time authentication token as its primary feature, but the yubikey has more then just that. You can choose any two of the following modes:

  1. One-Time-Password
  2. Challenge-Response
  3. Static Password (32 character limit which saddens me)
  4. O-auth

Challenge-Response Auth Tokenization

When I plan things, I always plan on my internet connection not working or being unavailable. To me, the only usuable features of the yubikey are challenge-response and static password. So, I setup challenge-response in the first slot and static password in the second. Then, I set about requiring the challenge response token to log into my account.

This post from the Vermont Linux and Unix User Group has a great guide on setting up challenge-responce on your device. I’ll summarize:

  1. Install pam_yubico and yubikey-personalization-gui
  2. Edit /etc/pam.d/system-auth to include: auth [success=1 default=ignore] pam_succeed_if.so quiet user notingroup yubikey auth required pam_yubico.so mode=challenge-response
  3. Run the following commands after inserting your yubikey: sudo ykpersonalize -2 -ochal-resp -ochal-hmac -ohmac-lt64 -oserial-api-visible sudo groupadd yubikey sudo usermod -aG yubikey username

You should now test that everything works correctly by pressing ctrl+alt+f2 and trying to login with and without the yubikey. Do not log out of all of your sessions – if something’s broke you’re going to want to be able to fix it for sure!

Now, what I’ve implemented on my primary laptop doesn’t really secure the data, and I understand that. Sadly, I’m unable to fully encrypt my hard drive because of the triple boot with windows. If you know the harder root password, you can easily bypass my login and see the data. Or, you could boot an external USB with its own OS and view the files. When I finally purchase a new laptop next year, full hard drive encryption with a single booting OS is on the docket.

Udev Locking

Now, what if you want the screen to lock every time you remove your yubikey? You can try to do that with udev. Udev is the monitor system on linux that reacts when devices are plugged into a computer. The Vermont LUUG page has some guides on how to make it work, but here’s what worked on my system (mostly).

  1. `su -c "yum install -y slock"
  2. touch /etc/udev/rules.d/98-yubikey-rules.rules. If you do not end the file in .rules, then udev will ignore the file.
  3. Add the following text to that file: SUBSYSTEM=="usb", ACTION=="remove", ENV{ID_MODEL}=="Yubico_Yubikey_II", RUN+="/usr/local/bin/ykgone"
  4. touch /usr/local/bin/ykgone
  5. Add the following to that file: if [ -z "$(lsusb | grep Yubikey)" ] ; then /bin/su USERNAME to be your username.
  6. touch /usr/local/bin/lock
  7. Add the following to that file: DISPLAY=:0 slock
  8. chmod +x /usr/local/bin/lock && chmod +x /usr/local/bin/ykgone

Debug

While there is plenty of other posts and ways on how to get a system to lock when the yubikey is pulled, there’s very few on how to debug the udev system. The command that I found the most helpful was udevadm test --action="remove" /devices/pci0000:00/0000:00:1d.1/usb3/3-1 which tested what would have if I removed something. That helped me figure that without my udev rules ending in .rules it wouldn’t be used. You’ll need to change that device address to where ever you are mounting your yubikey. udev monitor will spit the device address whenever you remove or insert your yubikey.

Mostly

I said mostly, because for whatever reason I couldn’t get my system to lock properly with anything other then slock. Also, slock doesn’t require my yubikey to unlock the system. There’s no selinux denials that I can see, and I’ve stepped through as well as I can.

At this point, I’ve decided that I’m better to remember to grab my yubikey and press ctrl+alt+l to lock the system – at least then it requires proper two-factor auth to get back into my compuer.

Ending Thoughts

The yubikey works fairly well. I’ll be able to use it as a challenge response key for full hard drive encryption in the future. I’m not thrilled that the static password can only be 32 characters long. It should be 64-128 long, or more. It’d also be nice if the company could add a third programmable slot so that you could still maintain the OTP functionality without loosing the ability to use 2 very good offline usable authentication methods. But at $30 it may be to much to ask.

Should you buy it? If you want that extra auth token on your computer? Yes. What if you want to experiment with second-factor authentication? Sure. At $30 shipped, its a reasonable start. But if you’re passive about authentication the yubikey just doesn’t make sense.


RapidSSL And Murmurd (Mumble server)

I’m starting up a new podcast this weekend, and I’ll be using mumble to communicate with another person. Being a proper person, I decided that I wanted a proper SSL certificated instead of the self-signed cert that mumble/murmur generates on first start.

Everything went pretty well at first. I followed the instructions at the website, adding the following to my murmur.ini file:

sslCert=/home/OliverK/tron_soliloquyforthefallen_net.crt
sslKey=/home/OliverK/myserver.key

(Protip: just use hardpaths on a server. It seems to me that I never get anywhere using relatives.)

Which made the murmur server use my newly minted rapidSSL certificate. (Did I mention I’m cheap?)

But, when I tried to connect, I received the following errors:

Server presented a certificate which failed verification ..
The specific errors with this certificate are:

1. The issuer certificate of a locally looked up certificate could not be found
2. The root CA certificate is not trusted for this purpose
3. No Certificates could be verified.

Do you wish to accept this certificate anyway?
(It will be also be stored so you won’t be asked this again.)

After some searching, I found out that I needed to add the following line:

sslCA=/home/OliverK/COMODORSADomainValidationSecureServerCA.crt

Restart the murmur server, and get the same set of errors, minus one:

Server presented a certificate which failed verification ..
The specific errors with this certificate are:

1. The issuer certificate of a locally looked up certificate could not be found
2. The root CA certificate is not trusted for this purpose

Do you wish to accept this certificate anyway?
(It will be also be stored so you won’t be asked this again.)

Searching on the internet alluded to needed to concatenate various files, but which ones? My ssl cert package used different names then everyone else? On a gambit, I did this:

[OliverK@tron ~]$ cp COMODORSADomainValidationSecureServerCA.crt COMODORSADomainValidationSecureServerCA.crt.bak
[OliverK@tron ~]$ cat COMODORSAAddTrustCA.crt >> COMODORSADomainValidationSecureServerCA.crt

After that, everything connected rather happily.

Just thought I’d through this out for anyone trying to use a rapidSSL cert on their murmur server.


The Voice of God

I originally wrote this to be a two minute speech. It was out of scope of the prompt for the organization that I wrote it for, as well as quickly becoming to lengthy. But rather then letting it languish on a harddrive and disappear I thought I would let it have a life on the internet. The ideas I present and the language I use aren’t simple. But the concept that I present is deceiving as to its simplicity. Have a gander, and maybe leave a comment below.

I recently saw an image stating “I don’t need a religion, I have a conscience.” The idea behind this says that religion is an antiquated method that has as its sole purpose instilling moral and ethical guidelines within a person. As transcendent or enlightened individuals we no longer have need of a religion to create these values because our conscience should suffice as that authority. The ability for our conscious to determine this is part of an all inclusive worldview – or the totality of our beliefs about reality. It can be hard to test a worldview in its entirety. But if we determine the foundations of a worldview and then test those we can quickly determine the stability of the worldview as a whole.

Conscience is defined as “an inner feeling or voice viewed as acting as a guide to the rightness or wrongness of one’s behaviour.” So what happens when you allow your conscience to guide your actions? Let’s look to the Central African Republic, the ‘CAR,’ where Christians are actively engaged in the ethnic cleansing of Muslims. If you ask the Christian members of the CAR, as has the BBC, they can very easily justify their actions with socio-economic reasoning. So is this ethnic cleansing morally right? If you were to ask their conscience, and we allow our conscience to what define right and wrong, then yes the ethnic cleansing is morally acceptable.

But the near universal condemnation of the global community for the cleansing, however, would disagree. But on what grounds? In the 3 news articles that I read, it was never explained why the ethnic cleansing is wrong. Most of the articles, in fact, avoid calling the cleansing wrong and call it many things designed to make you subconsciously embrace their conscience’s decision that this ethnic cleansing is in fact wrong but with no justification. It is a decision of their conscience that you should not kill another person and that it is more terrible should you do so based on whatever religion that person embraces.

See, the practical out flowing of the idea “I don’t need religion, I have a conscious” is that everyone is allowed to make up their own moral and ethical guidelines. And those guidelines cannot be questioned because they are guided by that transcendent and infallible inner voice. At the very worst, the conscience of the CAR is childlike – and needs to be guided to a transcendent state by the global community. But the Christians of the CAR still aren’t wrong- their conscience says so.

So here is a war of two competing consciences. Who wins? The one with the means to force the other to embrace their worldview. But if a religion is just a framework for moral and ethical guidelines and the conscience can set the same guidelines with as much or more authority then an age old religion, as our quote implies, then wouldn’t fighting a war to force another to accept the views of our conscience not become paramount to an ethnic cleansing? If we apply thought and extrapolate to the end consequences of allowing our conscience to to become the final authority for what is morally right and ethically wrong in our lives, we can easily see the outcome of this worldview. That outcome is a world where everyone does what is right in their own eyes and there can be no consequences for when someone’s right is our wrong.

So what about religion? Do we need it? If we’ve just shown that using conscience as a moral authority gives way to the ability to create differing worldviews of what is right or wrong. One could posit that something external is needed. So does a religion fill that void of an external source? I would say no. Again, our quote “I don’t need religion, I have a conscience” implies that religion provides a required framework for what is right or wrong much like a conscience but that a religion includes the unnecessary weight of rituals and tributes to appease some god with the intent of gaining reward instead of punishment.

So we don’t need either a conscience or human defined religion to determine what is right in our world. The fluidity of moral and ethical truth that results damns their ability to maintain that authority. The Christians in the CAR have allowed their conscience to redefine the morals taught within Christianity to create a pocket exception that allows them to continue with their ethnic cleansing.

What we need is an external being with the authority to define moral absolutes. Christianity puts forth a God who is infinite, almighty, and the Creator of the Universe. If He created the universe, would that not give Him the authority to define what is right or wrong? At that point, Christianity is no longer a religion with rituals and tributes – it becomes a set of truths that impact everyday life and eternity. And part of those truths are whether or not ethic cleansing have pocket exceptions or not. And the finally, the most important truth is that when ethnic cleansing is condemned as a result of the Word of God it is not a debate of consciences. It is a debate of what God says is right or wrong and in the end there is that is no debate at all.

In the end, neither religion neither conscience nor religion can determine the moral absolutes of a worldview which is a summation of the reality in which we live. The Triune God who sent Himself as His Only Son to pay the penalty for the very sins which broke our communion with Him and who Lives within us and speaks to us the Holy Spirit.


Splicing MP3’s in Linux

It really shouldn’t be that difficult. As it turns out, it is.

Here’s how I pulled it off:
cat *.mp3 > output.mp3
audacity output.mp3

Re-export and smooth out your id3 tags and such.

There’s really no good way to do this under linux. Everything screws up some fiddly bit that turns out to be important to something that’s not fault tolerant.

So screw it up! cat everything together in the true spirit of linux! Hack shit together until it works.

Just use audacity to smooth everything out. People will thankyou.


Pretty Documentation

This is pretty much a direct follow-up to my last post. This is for how I’m generating the documentation for my camera trigger project. I’m making more progress on the documentation then the actual project, so I’m just like the big companies.

Markdown

I’m writing the documentation in markdown. This means learning markdown. Here’s what you need to learn markdown: https://github.com/ahrencode/Miscellaneous/raw/master/markdown-cheatsheet.png. Its not very hard.

The reason for using markdown is because github doesn’t support HTML for markdown. I think it I figured out why, but its still kind of annoying. (I believe it has to do with the proper tags for starting an html project, css styles, etc.).

HTML

Who doesn’t love HTML? It lets you make things look pretty. So does latex, etc. but I’m not wanting to learn that right now. I’m using pandoc to generate my html. You can use the original daring fireball markdown generator if you would like. But using pandoc allows you specify a style sheet for you to make the html render from. The command I’m using is
pandoc file-name -c stylesheet.css --html5 --output=file-name.html --to=html --from=markdown

I actually just have a function in my bashrc:
function markdowntoprettyhtml() { pandoc $1 -c stylesheet.css --html5 --output=$1.html --to=html --from=markdown ;}

PDF

The other pretty much standard documentation format is PDF. I’m generating that from my HTML file using wkhtmltopdf. To build I cloned the repository, then did git checkout 0.9.6 && qmake-qt4 && make && cp wkhtmltopdf to ~/compiled. The ~/compiled folder is in my path. I would have liked to done a symbolic link but I couldn’t execute wkhtmltopdf after I did that.

Now, I’m using this command wkhtmltopdf input-file outputfile.pdf.

The reason I’m using this is because although pandoc has its own pdf converter, I don’t want to use the pandoc styling, I want to use the styling in the HTML file. And I’m not writing another template when I already have the styling done in css.

You can checkout (literally!) the results on the beta branch for my camera trigger.

And . . .

A few one liners to tie it all together:

function markdownview ( ) { perl ~/compiled/Markdown.pl --html4tags $1 ;}
function markdowntohtml ( ) { pandoc $1 -c stylesheet.css --html5 --output=$1.html --to=html --from=markdown ;}
function markdowntopdf ( ) { pandoc $1 -c stylesheet.css --html5 --output $1.html.generate --to=html --from=markdown && wkhtmltopdf $1.html.generate $1.pdf && rm $1.html.gernerate ;}
function make-documentation () { markdowntohtml $1 && markdowntopdf $1; }

Enjoy!

One other note: If you open the HTML in firefox you’ll see that I’ve got some @font-face love going on. You’ll see I’m also pulling them from my website as well. What you might not notice is that if you to do this yourself without some setup, it fails. It has to to with Cross Origin Response Sharing and the way firefox implements it. You can check this page for a succent explanation of why. Its under “Firefox overview.” The easiest way to fix this problem is to create a .htacces file with the following line: Header set Access-Control-Allow-Origin * to the folder containg your webfonts.


Documentation

Please guys, document your projects. Document everything. Document all the things. Or you end up with stuff that’s horribly mangled like gitlab, mumble. Please document. And if you build something and end up with problems, document that and how you fixed it. For one, you’ll always have a place to look if you need to do something over again. For two, it will help other people if they run into the same thing.

Document.

Document all the things.


Front Seat or Back Seat?

Fs= μs × N
To get newtons is kind of convoluted but I believe the method is: mass × gravitational pull = Newtons.

Front Seat:

Fs= μs × N
Newtons = (Black’s weight + books) × 9.81; Newtons= 490.5
Fs= .5s × 490.5 = 245.25

Back Seat:

Fs= μs × N
Newtons = Black’s weight) × 9.81; Newtons= 392.4
Fs= .7s × 392.4 = 274.68

Answer

So, she should sit in the backseat.

Now. What is the what is the coefficient of static friction for the trunk?