The Socrates of the NSA

August 11th, 2015

This is a disturbing look into the mind of an NSA employee. One wonders if it’s representative.

“I found myself wishing that my life would be constantly and completely monitored,” he continued. “It might seem odd that a self-professed libertarian would wish an Orwellian dystopia on himself, but here was my rationale: If people knew a few things about me, I might seem suspicious. But if people knew everything about me, they’d see they had nothing to fear. This is the attitude I have brought to SIGINT work since then.”

 

“We tend to mistrust what we do not understand well,” he noted. “A target that has no ill will to the U.S., but which is being monitored, needs better and more monitoring, not less. So if we’re in for a penny, we need to be in for a pound.”

 

“We probably all have something we know a lot about that is being handled at a higher level in a manner we’re not entirely happy about,” he wrote. “This can cause great cognitive dissonance for us, because we may feel our work is being used to help the government follow a policy we feel is bad.” Socrates advised modesty. Maybe the policy is actually correct — or perhaps it is wrong but will work out in the end. “I try,” he explained, “to be a good lieutenant and good civil servant of even the policies I think are misguided.”

Where have we heard this before… 

How stupid can you be…

August 7th, 2015

Read this in Jerusalem Post, couldn’t believe it. I know Swedes can be real useful idiots, or useful real idiots, but this? Did a quick search, and yes, Swedes can be even greater idiots than I ever imagined. They actually did it. It’s true. Rewarding voluntary ISIS fighters after homecoming. Way to go.

Congrats, Sweden. If there was a dumbass competition for city councils, Stockholm should get first price.

Win 10: It’s a joke, and nobody’s laughing.

August 7th, 2015

Interesting review by Allen Cobb. This doesn’t bode well for Windows. Sooner or later I will have to see it for myself.

Another couple of years?

June 14th, 2015

My Mac Pro is an early 2008. Over the last few years, it’s been losing function by parts. It’s like chip rot. First the firewire didn’t work right, lots of transfer errors. It may even have been that way from the start, but I always thought it was the LaCie drives or firewire hubs that screwed things up. So I stopped using firewire entirely.

Then the RAID gave me trouble, which turned out to be disk bay 1 being flaky. With or without the RAID card, bay 1 would give me disk errors even after replacing the disk. The bad disks worked fine in other bays, though.

The last couple of months, the machine started beach balling a lot, getting so slow I would almost scream. Dragging selections in Muse could take ten or twenty seconds to do, while they were instantaneous on my Macbook Pro. USB started to be flaky about a year back, with bad sound quality and dropouts using a USB headset. A few years back the upper DVD reader stopped working, too.

After a couple of months, I reinstalled OS X to no effect. Running TechTool Pro and Diskwarrior on the disk had shown no significant errors, but it took forever. Very slow disk reading. I then moved my system disk from bay 4 to bay 3, and the beach balling went away immediately. So now I was down to two functioning disk bays.

I’ve been eyeing the new Mac Pro, but the lack of serious disk space keeps me from going for it. And the price, of course. Decent alternatives would be a second hand 2010 or 2012 model. Or, I figured, trying to fix my 2008. The only thing I could think of as being the cause would be the disk cable harness (unlikely), the motherboard, or the power supply. You have to start somewhere, so I figured a new motherboard would be a good thing to do. Turns out you can get them for a decent price nowadays. I found a vendor on eBay that has a stack of them for $165, and they claim they’ve been tested before shipping. So I bought one, and got it less than a week later.

Today, I switched motherboards. It’s a pretty invasive thing to do to your Mac Pro, but you can do it in two or three hours without rushing it. Nothing broke, and I’m writing this post on that machine a few hours later and everything seems to work. I’ve moved the system drive to bay 4 and the machine remains snappy. No beach balling. I’ve installed a 4 TB in the previously really bad bay 1, and it seems to work normally. I’m having a glimmer of a hope this machine will work fine for another year or two, or maybe more. At least until Apple releases a decent modern replacement (if ever…). Below you’ll find a few pics of the process.

The new board arrived completely intact and well packaged in a sealed antistatic bag.

New motherboard in sealed wrap

Looks clean.

New board unwrapped

The machine before the slaughter. Note the unused (and unusable) bay 1. Bay 4 only serves for a slow drive with some old info. That slot is pretty slow in itself, hasn’t given any errors, but lots of huge delays (beach balling).

The machine before the slaughter

After removing the memory risers and the cards:

After removing memory and cards

Out goes the front fan:

Front fan cage removed

Then the turn comes to the memory cage. There’s a trick to this involving sliding the fan into the cage after releasing a few tabs. Read up on it carefully before attempting. iFixit has a good description.

Memory cage

Now it’s time to remove the three heat sinks. The two CPU sinks must be removed to get the main board out of the case, so you can just as well take the third sink (north bridge) as well.

Heat sinks

“Interestingly”, all the sinks are held in place by 3 mm in-hex screws. Three of these screws are right in between the three sinks so you need quite a long hexagonal screw driver to get them out. Luckily, the iFixit kit has both the right bit and an extender that was just long enough and narrow enough to get the job done. Most online sources say “flat screw driver”. Don’t believe them. It’s a hex you need.

Extender screwdriver with 3 mm hex bit.

The north bridge sink:

North bridge heat sink

One of the CPU sinks:

Lower CPU sink (B)

Time to disconnect the antennas. Do snap a pic first so you can look up which cable went exactly where. They’re nicely labeled, but there are no markings on the boards to correspond with the cable labels. Also, the antenna cable labeled “2” is over to the side somewhere and is not connected to anything. 

Airport and bluetooth boards

Now you have to take out the speaker assembly in the lower front of the case. There’s a screw holding the motherboard in place that you can’t get at otherwise. 

Speaker assembly

After disconnecting a truckload of connectors and carefully wiggling for a bit, out comes the old motherboard.

Old motherboard

A good use for old iTunes cards: scraping thermal paste from the CPUs and the Northbridge. (The north bridge isn’t necessary, since this one is on its way out, but its a good trial run for the processors.)

Scraping paste

Use a decent cleaner and lint-free cloth to remove the rest of the old thermal paste after scraping it off with the plastic card.

Dissolvant

One of the sinks after cleaning. Looks great!

Clean sink

The processors look fine, too, after cleaning:

Clean processors

Time to strap up before removing the processors:

Antistatic strap

An empty case with a lot of loose cables:

Empty case

Putting thermal paste on the north bridge and the CPUs. I’m using the procedure recommended on the Arctic Silver site. Except I unintentionally modified it to be messier. With this procedure, very little paste goes on the sinks.

Past on chips

And then you put back the motherboard, the sinks and all the rest. And cross your fingers and boot. Oh, your machine now has a new serial number, but really, who cares?

I used the opportunity to blow away all the dust from all the parts using compressed and dried air. This machine has never been this clean before. 

Razor Mako click of death fix

May 29th, 2015

I have the Razer Mako speakers on my desk. They consist of this heavy, huge amplifier/bass unit and two smaller round treble speakers. It’s a great sounding system, but a lot of them fall victim to the “click of death”. This is a failure mode where the speakers give a regular clicking or popping sound, about once a second, and no other sound comes out of them. As the system warms up, the popping disappears and they function fine again. Until the next time you switch them off and the misery starts over. 

With these symptoms, I was pretty sure there must be a failed electrolyte capacitor in the power supply somewhere. The problem is knowing which one. Searching on the net after schematics for the Mako, I found a lengthy and interesting thread about this on the Australian Whirlpool forum (go figure…) where the solution is described very well. Someone, somewhere, figured out which capacitor fails, which makes the repair quite simple.

So, here’s what I did, in pictures. Disconnect the base unit from power, satellite speakers and the control pad. 

DSC 0001

 Turn it over. You’ll find 11 (I think) screws in the bottom plate. Remove them all. There’s one in the middle hidden by the label, you have to remember to remove that one, too.

DSC 0002

 Lift off the bottom. The motherboard is connected to a switch in the upper case, in the picture that is in the upper right. To the left you see that it is held down by the red and black speaker cable. That’s the one we’ll remove so we’ll be able to turn the motherboard over. Heat the two pads with a soldering iron and remove the speaker cable.

DSC 0003

 Turn the motherboard over. You can do that even with the power supply cables to the power switch in place. The electrolyte capacitor we’re looking for is marked “C125” and is the one with the red circle in my photo below. It’s a 47µF/25V capacitor. The negative lead is the one marked with dashes and is on the side away from the heatsink, i.e. pointing downwards in my photo.

IMG 2462

Turn the board over again (without twisting the power cables too much), loosen the screw holding the plastic shield in place, and twist the shield away about 90 degrees, since the C125 solder points are otherwise hidden by the shield. I’ve circled the C125 solder pads in the picture below. 

IMG 2465

 With a lot of patience, heat, solder suction, and solder wick, remove the old capacitor and clean out the solder holes. (Yes, I realize this isn’t always easy, especially since one of the pads is the ground plane and needs more than a little heat, but I can’t teach you to do this in a short few sentences.) Anyway, try not to destroy the circuit board by using too much heat for too long. Use only a suitable regulated soldering iron for this. If you do this right, the end result will look like this from above the board (the negative lead for the capacitor is marked as a filled in white field, downwards in the image). You can see daylight through the holes here.

IMG 2470

 Seen from the solder side:

IMG 2468

 I didn’t have any 47µF capacitors, but I did find a 100µF/40V capacitor in my old stock. It’s very important that the voltage rating is at least as high as the original (25V). I figured that a higher capacitance would be ok, within reasonable limits (turned out it was). If you have to buy a new capacitor, splurge on the absolut best and most expensive you can find. The cheapest cost around 5 cents, while the most expensive can be as much as 15 cents. I’m not kidding. Of course, it may cost you 20 bucks to get it shipped and invoiced, though.

IMG 2471

 A curious aside: an entire huge capacitor is missing here, replaced by a short. Wonder what the story is behind that.

IMG 2473

 The new capacitor was quite a bit bigger than the old, but that’s not really a problem. Make really, really sure the negative lead is in the right hole, away from the heatsink, i.e. to the left in this image. 

IMG 2475

Ready to solder on the other side. (When flipping the motherboard around, always check that you don’t twist those power leads too much.)

IMG 2476

After soldering and cutting the excess leads, you should have a good connection with no solder bridges. Don’t use too much solder, just barely enough.

IMG 2478

 Rotate the plastic shield back into position and tighten the screw holding it in place (there’s a nut on the opposite side of the motherboard that you may need to hold still to do that).

IMG 2479

 Reattach the speaker leads.

IMG 2481

 All that remains is to put back the bottom plate and all the screws. There’s a really good chance your system will work fine, now. Mine did, with one exception: when switching on from standby, there’s a single sharp click from the speakers. I’m guessing it’s caused by my capacitor having an excessive value (100µF instead of the original 47µF). We’ll see if this turns out to be a problem or not.

 

 

Youtube is such a pain

May 10th, 2015

After trying to upload a 40 minute video to Youtube a couple of times, growing increasingly frustrated and, frankly, hateful against Youtube, I paid up for a Vimeo Pro account, and boy, was that well spent money. Youtube is nothing but pain and frustration. Vimeo simply works.

Yes, I know about verified Youtube accounts, but even after verifying it, it rejects my video as “too long” after an eight hour upload. It didn’t save it, but had me retry the entire upload again (yes, I’m on a pathetic 2Mbit/s uplink). Vimeo succeeded on first try.

Can’t recommend dumping Youtube and going for Vimeo enough. At least if you value your time and sanity higher than the price. I do.

You’ll never miss your anus ’till it’s gone

April 14th, 2015

John Oliver did a segment on the IRS, calling it the “anus of the nation”, something you don’t like, but can’t live without.

Now, I know you guys (USA) hate when we point out how far behind you are, but I really can’t help myself.

In this segment we have IRS people complaining of the ugly state of checks they receive. Checks… really? What is this, the middle ages?

People also complain about waiting lines to get in to get IRS assistance. Really? You don’t have phones? Ah, yes, they don’t work. Over here, the IRS actually answer the phones, or they call you back. They really do. They’re polite and very thorough. The few times I needed to ask about anything, I got so much information and advice there was no way I could misunderstand. An hour on the phone with two advisers is nothing out of the ordinary. On the other hand, I’ve only ever needed to ask for anything twice the last fifteen years, since the tax code here is actually very simple. At least in comparison.

Your forms are complicated, the tax code changes all the time, and regular people can’t handle it. Really? Over here they’re one page, with a second page if you have a registered company. That second page is replaced by a two page form if you own a limited partnership (as I do).

The form itself is already filled in with your income according to their information, your withholdings, and your regular and interest deductions. If you own stock, all the capital gains and losses are also already filled in. The “owner of a partnership” form has some complicated calculations, but those are done for you in a webbased form after you fill in how many shares you have. It carries the totals over from year to year automatically.

Oh, and BTW, you can do the whole thing over the internet. It requires that you have a full two factor authentication, but most people here have that already from the bank. And that authentication works most anywhere. Someone without a company normally only needs to sign the form without filling out anything at all.

The end result is that even for a company owner, the personal tax return takes something like ten or 20 minutes to do, is totally painless, and actually almost fun. This also causes very few people here to hate the IRS, or even much complain about it. At least compared to the US. That’s the way to run a tax system.

Payza takes the sleazy price

March 28th, 2015

Payza must earn some kind of prize for this… got this email today:

Dear Martin Wehlou,

Since you haven’t logged in for 18 months, your account is now dormant and a monthly inactivity fee of $10 USD is being applied. 

For more information on dormant accounts, please review Section 12.1 of our User Agreement.

To avoid the dormant account fee, all you need to do is log in to your account. So come on by and see what we’ve got for you!

• Personalize your account and make it even safer by setting up your customizable avatar and welcome message.
• It’s a small world after all – send money to loved ones in over 200 countries. Always free, always fast. 
• Our fresh account design makes for easy account navigation – find what you need, when you want it.

Thanks for choosing Payza, 

Team Payza

 
My first thought was: phish! Goes to phishtank! But no, this was real. Checked headers and links. Real as it gets.
 
Checked the user agreement, and yes, there it was. A “dormant fee”. And, an unspecified “reactivation fee” after dormancy. It was on page 24 of a total of 41 pages.
 
And, no, no way to cancel the account anywhere. I did find an unobtrusive link to delete the credit card, though. Wrote a support “request” to them:
I’ve received an email from you that I initially was certain was a phish, but actually seems to be real. You’re starting to charge me for *not* using my account… Oh, man, this is so sleazy I can’t believe it.
Additionally, there seems to be no way to cancel my account either. What I did was remove my credit card. If you so much as attempt to charge me, I’ll file a complaint through the bank.

I think you may have earned the epithet of most sleazy, not to say borderline criminal, internet company yet.

So, just remove that account pronto.

 

The basic idea here seems to be to exploit people who have changed their email addresses and won’t get the warning. Or who for some other reason aren’t paying attention.
 

This is what it’s really for

March 15th, 2015

New Zealand Used NSA System to Target Officials, Anti-Corruption Campaigner – The Intercept:

Analysts from Government Communications Security Bureau, or GCSB, programmed the Internet spy system XKEYSCORE to intercept documents authored by the closest aides and confidants of the prime minister on the tiny Solomon Islands. The agency also entered keywords into the system so that it would intercept documents containing references to the Solomons’ leading anti-corruption activist, who is known for publishing government leaks on his website.

The CIA Campaign to Steal Apple’s Secrets

March 11th, 2015

The CIA Campaign to Steal Apple’s Secrets:

A few months after Comey’s remarks, Robert Litt, the general counsel for the Office of the Director of National Intelligence, also appeared at Brookings. “One of the many ways in which Snowden’s leaks have damaged our national security is by driving a wedge between the government and providers and technology companies, so that some companies that formerly recognized that protecting our nation was a valuable and important public service now feel compelled to stand in opposition,” Litt said. He appealed to corporations to embrace “a solution that does not compromise the integrity of encryption technology but that enables both encryption to protect privacy and decryption under lawful authority to protect national security.”

(Via The Intercept)

The official line seems to be that it’s ok for the US government to break any law or constitution it pleases as long as the public doesn’t know. It’s not the governments fault for breaking the law, it’s Snowden’s fault for letting us know.

The governments (all of them) tried to drive a wedge between the tech companies and the users but failed, at least a little bit. Litt turns this narrative around and claims that Snowden’s revelations are driving a wedge between the tech companies and the government. No, it’s the act of the governments that is driving a wedge between themselves and the rest of us, tech companies, providers, and the public alike.

The pure gall is breathtaking.

Do read the article. There’s a lot of worrying stuff in there, including the attempt to subvert the XCode tool chain in order to build in malware into other developer’s executables.