Hacking and Living on Lanzarote: Day 0 and 1

Day 0

After a flight of only 4 hours I arrived at 8:30AM at Lanzarote Airport. I only got maybe two hours of sleep, but at least everything with my luggage was okay. We went shopping for food and checked out an abandoned building site which was supposed to become a tourist centre. In the evening, David cooked a nice meal and we were discussing plans on how to proceed.

Day 1

We started to dig a hole for a toilet at the place where we are currently staying to do a favor to the owner. The hole needs to be 2m deep, and we made like half a meter of progress. We made a nice time lapse video of it:

We then headed for an abandoned dam to see if it would be suitable to live in. We were hiking for an hour to reach the top of the mountain, and eventually got down to the dam. It was in pretty good shape, however, there isn’t much space inside the dam to use. We talked to a local who told us that there were actually people living inside the dam, and the police eventually came and threw them out.

We discussed a few ideas about how to get sponsorship and talked to a few other locals about opportunities to buy land.

In the evening, David cooked a nice meal and we set up syncthing in order to be able to share files without the need for an online connection.

Hacking and Living on Lanzarote: Day -2 and -1

B3pnrhaIMAEsitLThe last two days were pretty “straightforward”, so this is just a mini update. Packed my bags and I’m pretty sure I missed several important things. I’m sitting in the train heading for Frankfurt, where I have to switch trains to Frankfurt Airport. I’ll arive there approx 1:30 AM so I should have plenty of time for baggage check in – flight departures at 4:45 AM. Unfortunately my estimate for the baggage weight was too optimistic, so I had to leave a few things at home, including the solar battery, the panel, my multimeter and several minor stuff. As I’m heading for the congress on Dec 23rd, I should be able to bring the other stuff as well if I decide to continue with the Lanzarote adventure.

I expect that there will be some minor trouble at the airport regarding the electronics stuff and the Li-Ion batteries for my E-Cigarette as well as weight issues as my body scale isn’t that accurate. I pretty much maxed out the weight restrictions (20kg for the main bag and 6kg for the carry-on baggage. I also noticed that it’s pretty hard to follow all guidelines to put what item in which bag and I’m seriously thinking about creating a web app where you choose your bag contents and the app guides you what to put where, especially for potentially dangerous goods like Lead-Gel batteries as well as medicine. They are allowed on most airlines, but you might need to contact your airline before your flight and supply material safety datasheets. I know that there are websites where you can look stuff up, but it’s much easier to simply specify an item and get recommendations on what to do. For Lead-Gel batteries it’s important to protect the contacts against accidential shorts. Also I noticed that there’s no “how to ship stuff cheap from A to B” web app which guides you through the cheapest logistics company, otherwise I would have simply shipped the panel and batteries via a logistics carrier. Did you know that you can ship “letters” in a box format up to 500 grams pretty cheaply from Germany to almost anywhere in the world for about 3,45 Euro and up to 1 kg for 7 Euro? Maybe two interesting projects to realize.

Hacking and Living on Lanzarote: Day -3

I travelled from Berlin to my home town in order to pick up stuff for the Lanzarote trip. When I stepped out of the bus in Mannheim, my depression almost immediately kicked in. For me, this is a definite sign that the environment is not suitable for my further progress.

I was not sure if it would be a good idea to tell my mother that I’ll be on Lanzarote, but I eventually called her up. She’s for holiday on Fuerteventura, and was understandably confused about my plans. What’s not understandable is the immediate negative vibe she communicated to me. Instead of: “Sounds interesting, what are you doing there?” and wishing me good luck, she covered me with negative aspects of the idea, including missing medical treatment on Lanzarote (which is not true), that I should see my therapist before leaving and so on. I am pretty much sure that she will read this blog post sometime near in the future, but I’m not scared anymore. From every person I’ve told about the Lanzarote plans, I only got positive feedback so far, which confirms that I am on the right track.

What I failed to communicate to my mother is that hackers and nerds are different. We care for each other, and even due to the fact that I had to leave the hacker-hippie-flat in Berlin doesn’t mean that I’m mad with my former flatmates. The essence of us hackers is that we try new things, we explore and make the impossible possible. We communicate mostly open-minded and find new approaches and solutions. We build up huge camps with fast internet and 3000+ people camp every 2 years in the middle of nowhere. We organize the yearly Chaos Communication Congress for 4000+ people. We enable people to get internet access for free using the Freifunk project. We share our inventions, our procedures, our projects and our knowledge.

We are crossing the boundaries for the greater good. We are changing the world. Together. One small step at a time.

If you like to call that crazy, then I guess we are crazy. But it’s more likely that we have a different mind set.

Hacking and Living on Lanzarote – Day -4

My stomach wasn’t that well today, and my mood wasn’t either. I had some doubts if Lanzarote is really the right choice in case something happens to my health. On the other side, I’ve been surviving with those symptoms for the past 5 years and probably some outdoor stuff will do no harm.

I had to order a trekking backpack and trekking shoes which I don’t own. My luggage is split:

Personal Stuff: Everything I need while we seek for the location of the CHT base

  • Sleeping Bag
  • Trekking Shoes
  • Trekking Backpack
  • Camelbak
  • Clothes including Rain Coat
  • Regular Shoes
  • Power Banks, Laptop
  • Cat Ears and Skirt (yes, I love to wear those)
  • Sun Protection
  • Sun glasses and replacement glasses
  • Towel and washcloth
  • Power Banks
  • Mobile Phone and replacement phone
  • Medicine
  • Paracord
  • Hat
  • Camera + Charger to document stuff
  • Pillow
  • Flashlight and Headlamp

Stuff I can put into storage and fetch later when needed for setting up the base

  • 20W+40W Solar Cells
  • Charge Controller
  • Lead-Acid Batteries (if possible to transport by plane)
  • 12V to 230V Inverter
  • Unifi UAP and Unifi EdgeRouter Lite
  • Mechanical Tools like Screwdrivers
  • Cables for wiring up the solar cells, Wago Clamps
  • Spade
  • Replacement notebook
  • Multimeter, Wire strippers, pliers etc
  • Raspberry Pi
  • Network Cables
  • Soldering Iron, Soldering Wire
  • LED Lighting
  • Duct Tape
  • Alligator Clips

 

David confirmed that they’ll pick me up at the airport. Sounds like quite an adventure, but I’m optimistic that things will go nice. My bus from Berlin is leaving tomorrow morning. Hope I didn’t forgot to include anything important to this list. I always carry my ID and stuff with me, so no, that’s not included to the list.

Stay tuned!

Hacking and Living on Lanzarote – Day -5

I’m going to Lanzarote for working, hacking and a hopefully life-changing experience. If you’re following me on Twitter, you probably know about the awkward situation I’m in. I suffer from depression, I have left my family and I’m semi-homeless since two months and staying with friends since then. I had much time to think about my situation and came to several conclusions. I’m not going to list them except for one:

Don’t do what logic and society dictates – do what feels right.

I’ve listened to too many people giving too many false advices, simply because they believe that their lifestyle fits me. I mostly followed their advice without using my own brain. And believe me – that felt very very wrong. I was raised to follow other peoples advice, and I’m changing that since 2010 – since I joined RaumZeitLabor. I learned to accept that I am an individual, a thinker, maker and hacker. I also learned that I need to ask for help and to communicate with people to find creative solutions to problems.

As it’s hard to host people for extended periods of time, I have to move out of my hosts in Berlin. One solution would be to continue couchsurfing, but thanks to Sam, I learned about projects which hosts hackers to hack, work and colaborate on projects and get new views on life and the future of humanity.

One of those projects is totalism.org and the CHT, who hosts a hacker community on Lanzarote. The upcoming season consists of building up an entire community, preferably off-the-grid with own power generators and a water treatment plant. This might sound quite as an adventure, and you’re right: It will be. But I’m not scared anymore, and I want to learn on how to deal with new situations and challenges.

Right now I’m looking for flights and planning what I need to bring, including medication, clothes, solar panels and inverters etc. The flight costs somewhere between 60€ and 100€. The cost for CHT is estimated to be around 400€ per month, which can probably be reduced. If you are able to financially support the project, please donate here.

Stay tuned for hopefully regular updates.

OXID Rants

Today I had a major outage in an OXID-based shop system. The reason is unknown; it did resolve “itself” as quickly as it appeared, leaving behind an almost 3 hour downtime of the system. I assume that it’s a combination of their odd caching, and during debugging what went wrong, I took some notes which I eventually wrote down in this blog entry.

OXID, why do you disable modules without any visual indication on the modules list?

OXID shows that modules are enabled, but some aren’t. Nothing in the error logs. No information on the GUI. After an hour of digging into the code, I found out that there’s a configuration entry in the OXCONFIG table (of course, crypted see below) which holds a serialized PHP array of disabled modules (“adisabledmodules”). I do not know at this point where this array is filled, but if it is, modules are silently ignored – and the worst thing: They are shown as if they are enabled.

OXID, why don’t you give any hints why a module can’t be enabled?

If OXID fails to enable a module, it does so silently. At least, this time you actually see that the module is disabled again, but you get no clue why.

OXID, why you store your config encrypted in the database?

OXID uses DECODE() and ENCODE() with a public known key to store data in the OXCONFIG table. This is next to useless and only makes maintenance harder. The key is actually the same for each installation. Of course, one could change the key, but this isn’t documented. Additionally, some contents of the OXCONFIG table are stored as temporary, unencrypted data in the tmp folder anyways.

OXID, why do you use a custom class extension system?

OXID uses a custom class extension system. Probably to emulate some kind of multiple inheritance. In theory, this doesn’t sound too bad, but in practice, this gives headaches, because it is implemented poorly.

Class names are mangled to lower case in some places, but not in others, causing all sorts of problems, combined with too much or simply wrong caching mechanisms. One needs to add their class extensions into a file called “metadata.php”, which looks like this:

Don’t ever change the case of _any_ class name. Here’s where the inconsistency begins: The actual PHP class name is “Thankyou”. Most modules so far use “thankyou” as class identifier for the “extend” portion of the array. If you’d use “Thankyou” as identifier, you’d mess up the whole system, resulting in “method not found” errors. And if you did that once, it gets cached in the system, and you have no chance to revert this unless you manually delete the information from the OXCONFIG table.

Conclusion

When I first started out with OXID, it didn’t seem too bad as a shop system: They got unit tests and a wide range of modules. Some of them are available as purchase-only variants, which is okay.

However, the quality of the whole OXID infrastructure is a big problem. It uses smarty templates all over the place, even in their admin backend. Modules assume that they are the only one who extend a template, which is often not the case (example: List headers). There’s no documentation on where you should extend functionality. There’s no overall picture of how the business logic works. You can even purchase two modules, which change the business logic.

The lack of technical documentation is a big no-go. Did you knew that database properties are mapped to an object’s tablename__fieldname property? If you want to retrieve an order’s order date, you need to use:

This is neither documented within the oxBase class nor on their OXIDForge Website. If you decide to step into OXID development, be aware that you’ll be on your own – forums aren’t too much help, and expect to read lots of (odd), undocumented code.

We need more troubleshooters for 31c3 (and other big chaos events as well)

This is a small personal review of the 30c3. I realized that the congress (and other big chaos events as well) need more troubleshooters – that is, angels that take responsibility for minor problems and willing to solve them.

Update: jz pointed out that your troubleshooter for all concerns is heaven (DECT 1023), even for minor tasks. So this blog post is mostly obsolete, but kept as-is for reference. However, you (as an angel) still may want to take responsibility to call heaven when you spot a problem which you can’t solve.

While I was not able to attend the congress as I had planned to due to a cold, I did 4 hours of NOC Helpdesk as well as other minor tasks. During that, here is a small list of items which occurred:

  • (unconfirmed) It appeared that some switches (if not all) had ports 1-4 reserved for NAT64, which was not labeled on the switches themselves.
  • The NOC Helpdesk did not have enough seating for the 4 angels assigned to the NOC helpdesk shifts
  • The NOC Helpdesk didn’t have pens, paper and a list of contacts to call (like the NOC itself). This was partially solved
  • Each Colo Server should have a set of contact information (name, DECT/GSM number, departure date, IP address). People put the labels onto by themselves with missing information, until we realized that a printed form would be a better idea (that also decreased setup time for each Colo server)
  • People were going up to the Colo by themselves, without being aware of that they need to report to the NOC helpdesk prior putting their servers up (solved by putting up some signs which said something like “YOU SHOULDN’T BE HERE, REPORT TO THE NOC HELPDESK”)
  • At least one person reported that the WIFI access data should be put up as signs all over the congress (aka you can use any Username/Password combination and which WiFi does what), especially as the wiki was down (was not solved AFAIR, but couldn’t solve it myself due to the cold)
  • A local wiki mirror should have been put up, as it was down several times

All those items listed required that some angel stepped up and took care of it (=responsibility).

This might also go wrong in some cases; in my case, I opened the door for the NOC to the Colo with some lockpicking tricks (the person with the key to the colo was asleep) and I was “caught” by a security angel. I tried to explain the situation, however, even saying that this was for the NOC and he should call the NOC to resolve the issue was ignored. Yes, I probably shouldn’t have opened the door and instead calling somebody, but that wasn’t obvious to me in that situation. So yes, taking responsibility for things sometimes goes horribly wrong and you might end up with wrong decisions.

But again, we need more angels who not only do what they’re told to do, but who do take responsibility and willing to resolve problems (or do improvements) as they appear. After the congress experience (and, of course, the OHM2013 experience where I acted as emergency toilet cleaner/soap/toilet paper refiller), I really feel that there’s a big need for angel problem solvers – maybe not only within their shifts, but in general. This will make the congress more enjoyable for everyone.

Probably there should be a team of “troubleshooters”, which takes care of any “interdisciplinary” issues occurring. That team should also be walking around and ask angels doing shifts what could be improved – because often, angels can’t leave their posts to solve those issues.

30c3 Quick VPN setup

The CongressChecklist mentions that a VPN tunnel is a good idea; in fact it is. Here’s a basic OpenVPN recipe. You need the following tools:

  • A server with enough bandwidth to handle the incoming and outgoing bandwidth (I’ve got a root server with 1Gbit/s connectivity at Hetzer, that should do)
  • OpenVPN

The recipe is fairly simple; I use a preshared secret and NAT so that I don’t need a separate IP.

Note: This setup is only suitable for a single device; it doesn’t do DHCP or other fancy stuff.

Step 1: Generate the shared secret

This generates a key to be used as shared secret. You need the same key on both your server and your client(s). Personally, I’ve placed my key in /etc/openvpn/secrets, but you may use any other path as well (AFAIK).

Step 2: Server Configuration

Additionally, we need a NAT rule which applies to the tunnel network (technically, the netmask is too big; but hey, you can fix that later). eth1 is my output interface.

Step 3: Client Config

Step 4: Testing

Start both tunnels. Check the output of both logs; you should see something like this:

Test that you can ping the server’s internal IP from your client:

Verify that you can ping the interwebz:

Verify that you actually route via the tunnel:

Possible solutions for non-working setups (I’ve not tested them and I am not 100% sure that you need those; they’re just ideas)

  • Check that /proc/sys/net/ipv4/ip_forward on your server is set to 1. On the client, this shouldn’t be necessary.
  • Check that /proc/sys/net/ipv4/conf/all/rp_filter is set to 0 on your server.

Step 5: IPv6 Tunneling

You can tunnel IPv6 over OpenVPN as well, but I have neither setup nor tested this. Technically, you could simply use two static IPv6 addresses and route them via the tunnel; however, this requires additional works with routing tables. You could even setup NAT, but that’s not a good idea either.

A better idea might be to use a tunnel broker or miredo, which should simply use the IPv4 tunnel. If you have comments about how to easily setup IPv6 over the tunnel, feel free to comment!

Updates:

  • The MTU was still too big, 1380 didn’t work (yet?) on the congress network. Using 1300 for now
  • I couldn’t get DNS push to work, probably because clients don’t use DHCP for now – I simply created a script which pushes my own nameserver into /etc/resolv.conf

IP Power Strip “Reverse Engineering”

Wöhlke Websteckdose
Image © Wöhlke EDV-Beratung

I recently came across an IP controllable power strip from Wöhlke, which looked quite neat, however, it was way too expensive. They want 199€ for 3 controllable sockets. Reichelt has an IP controllable power strip for only 70€, and there you have 4 sockets including nice LEDs. The one from Reichelt also looks more like a custom designed product, while the Wöhlke one looked more like a product “mashup” (which isn’t a bad idea at all). They even sell a separate board, so my interest was increasing.

I’ve been looking for a nice power strip which I could re-cable for quite some time, but most power strips are designed down to a price, so they do whatever they can to keep it cheap. That’s also the reason why you’ll find so many power strips in a 45° angle – they’re much cheaper to produce.

A cracked open cheap power strip

I’ve cracked a cheap power strip open (literally – most cheap power strips don’t have screws, because they’re bolted down or only clipped together). You can clearly see how the (presumably) copper strips are arranged. If you’d have 90° outlets, you’d have to pay lots more for the copper strips, because they have to be routed in some sort so that they don’t short out.

I realized that the power strip Wöhlke used must be much simpler to modify, so I did a quite long search for power strips and I finally came across a manufacturer where the power strip looks pretty much identical to what Wöhlke uses: the Bachmann Craftsman Power Strip.

 

hwl_awd_cmyk_igel

The Bachmann Craftsman Power Strip
Image © Bachmann

I decided I’d give it a shot, mainly because of curiousity, and ordered the strip. It isn’t a cheap power strip; it costs 19,98€ on Amazon, whereas most cheap 6 port power strips come in the 3-6€ range. When the strip arrived, I realized that I was absolutely right: You can easily open the strip using 4 screws (2 on each side) and an additional one for the cover. They also use some kind of copper strips, which happen to be about 6mm – great for 6,3mm cable lugs. Now it’s easy to understand how Wöhlke (probably) did it – cut the copper bars, and put cable lugs onto there which are fed into their custom board. The case isn’t aluminium, but plastic, but that’s completely okay for the price IMHO.

 

That’s a real nice base for own projects, and you can even get 9 or 12 port ones, and the 12 port is only 36€ - quite a nice price! Of course, you’d have to rip out 2 or 3 plugs to make space for electronics and take care on how you cover the holes, but the problematic part is solved: Getting a base for any power control projects.

More Pics below!

IMG_2540

IMG_2539 IMG_2538 IMG_2535 IMG_2534IMG_2533

SolarWind currently out of order

A few weeks ago, SolarWind became pretty unstable. This mainly has 2 reasons:

  • The router draws too much power (I planned to upgrade to Carambola2, but haven’t gotten the time yet), thus it becomes unreachable in the night. This was expected.
  • It doesn’t connect to my home WiFi network anymore, which I’m unable to debug due to lack of the serial interface – I’m using the serial to communicate with the power measurement board

This means that there’s no data. I hope that I can free some money to buy a larger panel and finish the Carambola2 upgrade. In the meantime no data is available – sorry!