ArchLinux Webmin Adventure in PogoPlug Land

Gah. Decided to install Webmin on my PogoPlug Mobile – which is running ArchLinuxArm v5, incidentally – and spent a good hour or so trying to figure out why I couldn’t access the interface…

The installation is quite simple,

  1. As root, “pacman -Sy webmin perl-net-ssleay” to install the packages
  2. Tell webmin what IPs to listen on, “nano /etc/webmin/miniserv.conf” and add a line at the end which reads “allow=192.168.1.0” (making webmin accessible from any IP from 192.168.1.1 to 192.168.1.255), “allow=0.0.0.0” (if you want to allow access from any IP – not recommended), or some variation of those.
  3. Enable and Start the webmin service using systemctl – “systemctl enable webmin” then “systemctl start webmin”

With those steps completed, webmin will start during the normal boot process. To access the interface, point your web browser to https://(name or ip of your arch device):10000.

That’s where I encountered a problem. Any browser trying to access the interface would return an SSL protocol error. systemctl showed the service as active with no errors, so everything was nice and confusing. Even after a full reboot, the error persisted.

angry_jack

And now: the stupid solution.

Even though the service wasn’t started until AFTER I modified the configuration, and even though I REBOOTED the system, the Webmin service still needed to be stopped and restarted using systemctl. Don’t ask me why.

  1. As root, “systemctl stop webmin”.
  2. “systemctl start webmin”.

After that, everything worked just hunky dory. Blah.

Help! I’ve Tumbl’d!

We now enter a time of transition. I’m still using Scoop.it as my content curation platform, but I’ve decided to use Tumblr as the preferred publishing platform. What does this mean? Well, my Scoop.it feeds stay exactly as they are, but now all of their posts will appear together on my tumblog, Rabble rabble.

We’ll see how this works out…

And The Beat Goes On

steeeempyGreetings from thousands of miles beneath the Earth’s crust! I bring you blessings from the Lava Men and an update on my ongoing goings-on.

I’m really getting into the Scoop.it workflow for my content curation/blogging activities. I’m so pleased with it, in fact, that I’ve added two more streams:

Security Sausage Spectacular covers all things computer security related: products and services; concepts; exploits; authentication and identification; forensics; recovery; and, of course, hacking the Gibson.

Hardware Hackery Hootenanny provides information about making, modding, and messing with just about everything, but mostly electronics. I have the Maker bug and the “take everything apart” plague, so there will be a lot of teardowns and blah.

I do have a gripe with my current Scoop.it setup: it makes traffic analytics a pain. That’s not Scoop.it’s fault, really; I’m using the free account right now and my posts on other social networks link to the Scoop.it pages, who in turn link to the target article… Since Scoop.it can only tell me if someone clicked my link, and not if someone +1‘ed it or Liked it, I’m not seeing a full accounting of traffic or response. There’s a pro account option, costing around $13 US I think, that offers more perks; I’ll have to check and see what it offers. Ultimately I want to export my Scoop.it content to my own domain, and that’s an option for the pay accounts.

Keep watching the skies…

Update On Life, The Universe, and Everything

As you can see by the big jump between post dates, I haven’t been tending to my personal site. Apologies for that. My blogging and social media efforts have been spread across many separate platforms and without a plan for keeping them all synchronized; not a strategy I would recommend.

Recently, however, I was pointed to a content curation platform called Scoop.it. (Thanks Anne-Marie!) This platform shifts the goal from authoring to curation; the task is not to write an article, but to share a link and (perhaps) add insight. The difference between writing a blog article and “scooping” with added commentary may not be obvious right away, but I can tell you that it is psychologically very different. I may even write an article describing the experience…

For now, though, I’ll invite you to view my UX-related topic on Scoop.it:

UX Wins, Fails, and WTFs

NUIA eyeCharm – More Than A Controller

Read an interesting post in one of my UX groups on LinkedIn. The author linked to the latest KickStarter darling: the NUIA eyeCharm.

NUIA eyeCharm

The eyeCharm product, if funded, will clip onto a Microsoft Kinect, converting it from a room-gazing motion tracker to a face-gazing eye tracker; no small feat. The resulting device will let you control your PC with your eyes, according to the campaign.

As usual, I wrote a full response where a short comment is customary. Ho hum.


Beware of the Oversell 🙂 This looks like a great product for end-users and HCI researchers. From the research side, this could really reduce the costs and hassles associated with the old-school eye track rigs. I don’t know how this device’s sampling rate and resolution compares to the head-mounted rigs, but this is much less obtrusive to the research subject and less likely to add confounding variables to the results. If this device becomes a common tool for researchers, it could make data from different regions, different labs, different investigators, and different participants more readily comparable by reducing the amount of variability in the setup.

Eye Tracker in Space.

There’s much more to the end-user market than gaze-based control, however. This product has great potential for people with different physical abilities; people coping with ALS (Lou Gehrig’s Disease), for example, usually retain positive motor control over their eyes despite losing control of their limbs. In that case, users have fewer viable control options. The general user population would have less to gain by using this as a pure controller; eye movement is a more restrictive way to make unambiguous command signals… A mouse allows you to quickly select individual pixels, whereas gaze lets you focus on a larger high-probability target area that can be made more precise at the cost of increased gaze time or additional signals. I wouldn’t choose to type documents by eye tracker if I could use the keyboard in front of me.

It would make more sense to use this tracker in concert with other input devices, and also for non-control signalling. I hate zooming using the mousewheel; this tracker could detect a slight squinting of my eyes and cause the display to zoom-in. What about using gaze in a search interface to quickly determine which results are least interesting and using that information to improve follow-up searches without having to manually add other search terms?

There are oodles of augmentative possibilities, here. Thanks for the post!To do: link original thread

Fake Finger Attack! Run!

As someone who enjoys pointing out flaws and saying “I told you so” (I know, ‘people in glass houses’…), I thoroughly enjoyed news from Brazil that a fingerprint scanner was defeated by a…

FAKE FINGER ATTACK!

The unfortunate lady, a doctor, worked at a hospital in São Paulo and was allegedly forced to cover up for lazy colleagues.  The hospital uses a fingerprint scanner (of unknown make and model, at this time) to track employee attendance; employees must scan a finger to clock-in and clock-out.  According to her lawyer, her colleagues preferred watching episodes of E.R. dubbed in Portuguese (that’s unconfirmed) to actually working in a hospital.  But how to get around this bulletproof security system?  Remove a finger, like a disgraced Yakuza member?  No, no. Put down the knife.

Let’s make a fake finger!

The current news releases don’t have much detail on the methodology, but it sounds like precise casts were taken of one finger for each lazy person, then used as a form for a finger replica.  I presume they would have to be very careful with the casting and forming to preserve the fingerprint, but a little intense focus on crafts can pay dividends of George Clooney episodes.

DougRossPortuguese

If only someone had warned them about fingerprint scanner vulnerabilities!  Oh, they did.  In fact, this sort of “replay attack” is a fundamental weakness of biometric security.  If someone steals your password, there are gazillions more that can replace it.  Your supply of replacement fingers is more limited.  Your supply of replacement eyes for retinal scanners is even smaller.

On that note, I’m off to form a new band called Fake Finger Attack.

Missile Nostalgia

I’ve mentioned that I’m a space nerd, but my interest extends beyond the normal civilian programs.  If you know the history of the space race and of civilian space efforts, you know that they’re inextricably linked with military programs.  Many military space programs have operated under cover of peaceful civilian ones.  I write this prologue because I don’t want you to think that I’m interested in war and death.  That is to say, I’m not just a space nerd; I’m a technology nerd.  I’m all about the technologies, the efforts, the possibilities.

I’m fascinated with military technology.  I’m not so interested in the intent of the designers or the creators as I am in the underlying nature of the objects and ideas.

And so I’d like to introduce you to Sprint and Spartan.

These missiles were part of the Safeguard program.  This was an early anti-ballistic-missile program undertaken by the United States.  It was a system of tracking radars, computers, and intercept missiles meant to protect American assets from nuclear attack. The missiles are what really interest me.  Spartan would rocket into space to intercept warheads before they hit the atmosphere.  Sprint, on the other hand, was a point defense, a last-ditch effort to destroy a warhead before it was in range of its target.

The logistics involved in intercepting a warhead are really something to behold.  You have to track the warhead, plot its trajectory very accurately, issue launch orders, and have a missile with enough acceleration to meet the target within the desired kill zone.

Those challenges are hard enough for Spartan, but Spartan has the luxury of time — its target needed several minutes just to get to the kill zone.  Sprint’s target was practically in the kill zone when Sprint launched.  Sprint’s launch to intercept time was on the order of 15 seconds!  15 seconds to travel 30 kilometers from a dead stop.  100G acceleration.  It accelerated so fast that it needed a heat shield that burned away in flight, just so that the rest of the rocket didn’t melt from the air friction.

Check out the video below.  It gives you a brief outline of the whole system and shows actual test launches of Spartan and Sprint.


Just the Medals, please.

Here’s a great site for anyone who follows the Olympics but hates all the mindless chatter and commercials.  Also good for anyone who doesn’t really care about the Olympics at all but still wants to know how his/her country is faring.

 

Medal Count

 

This site just gives you the number of medals won by each country, ranked by amount and type.

It should probably contain a Spoiler warning for anyone who gets their coverage from NBC.  (Check out #NBCFail to share the pain)