Rescue mode for Fonera+ (FON2201) Wi-Fi router / OpenWRT / Redboot / Wlan-si

fon-la-fonera-970-80Running customized OpenWRT/Wlan-SI image for a long time and then upgrading the router caused it to crash, the error was probably triggered with the telnet/ssh timeouts and probably a high CPU load on the router which disconnected me several times before I managed to write in the image. As suggested on Wlan-SI website, you should upgrade this type of router (and others) using their “nodeupgrade” [1] application. If you fail to boot into the new image, there is one thing you can still do to reflash over ethernet. A good idea is to put Redboot as the rescue method prior to flashing (but this manual won’t cover that step). So considering that Redboot is already installed here is how to proceed:

1. Install required  packages on a PC.

# apt-get install tftpd-hpa tftp telnet netcat

Configure tftpd-hpa download directory in /etc/default/tftpd-hpa where you will put firmware images.

2. Set your PC to listen on 192.168.1.2/255.255.255.0. Connect your PC ethernet port with any of the two ethernet ports on Fonera router.

3. If Redboot is installed on Fonera router, it will listen for a few seconds on IP 192.168.1.1 or 192.168.1.254 port 9000, simply telnet there [2] , you will see a message like this one:

== Executing boot script in 8.530 seconds - enter ^C to abort
^C
RedBoot>

Press Ctrl+c in your terminal to enter

If you have problems here that Ctrl+c doesn't work 
(and router therefore already bypasses the escape sequence into failed boot mode) you can try the following trick [3]:

# echo -e "\0377\0364\0377\0375\0006" >break.bin 
# nc 192.168.1.1 9000 <break.bin

Just press "enter" or telnet again to 192.168.1.1 9000, and you entered Redboot.

4. Installing firmware into Redboot [4]

RedBoot> 
RedBoot> ip_address -l 192.168.1.1/24
IP: 192.168.1.1/255.255.255.0, Gateway: 0.0.0.0
Default server: 192.168.1.254
RedBoot> ip_address -h 192.168.1.2
IP: 192.168.1.1/255.255.255.0, Gateway: 0.0.0.0
Default server: 192.168.1.2
RedBoot> fis init
About to initialize [format] FLASH image system - continue (y/n)? y
*** Initialize FLASH Image System
... Erase from 0xa87e0000-0xa87f0000: .
... Program from 0x80ff0000-0x81000000 at 0xa87e0000: .
RedBoot> load -r -v -b 0x80041000 foneraplus-v2_0b_33_gbb622cc-kernel.lzma
Using default protocol (TFTP)
-
Raw file loaded 0x80041000-0x800f0fff, assumed entry at 0x80041000
RedBoot> fis create kernel
... Erase from 0xa8030000-0xa80e0000: ...........
... Program from 0x80041000-0x800f1000 at 0xa8030000: ...........
... Erase from 0xa87e0000-0xa87f0000: .
... Program from 0x80ff0000-0x81000000 at 0xa87e0000: .
RedBoot> load -r -v -b 0x80041000 foneraplus-v2_0b_33_gbb622cc-root.jffs2-64k
Using default protocol (TFTP)
|
Raw file loaded 0x80041000-0x80360fff, assumed entry at 0x80041000
RedBoot> fis create rootfs
... Erase from 0xa80e0000-0xa8400000: ..................................................
... Program from 0x80041000-0x80361000 at 0xa80e0000: ..................................................
... Erase from 0xa87e0000-0xa87f0000: .
... Program from 0x80ff0000-0x81000000 at 0xa87e0000: .
RedBoot> fconfig
Run script at boot: true
Boot script: 
.. fis load -l kernel
.. exec
Enter script, terminate with empty line
>> fis load -l kernel
>> exec
>> (press enter here with a blank line)
Boot script timeout (1000ms resolution): 10
Use BOOTP for network configuration: false
Gateway IP address: 
Local IP address: 192.168.1.1
Local IP address mask: 255.255.255.0
Default server IP address: 192.168.1.254
Console baud rate: 9600
GDB connection port: 9000
Force console for special debug messages: false
Network debug at boot time: false
Update RedBoot non-volatile configuration - continue (y/n)? y
... Erase from 0xa87e0000-0xa87f0000: .
... Program from 0x80ff0000-0x81000000 at 0xa87e0000: .
RedBoot> reset
This is all, wait some minutes then replug router in electricity.

Additionally:
Instead of image name foneraplus-v2_0b_33_gbb622cc-kernel.lzma 
you can use openwrt-atheros-vmlinux.lzma
Instead of image name foneraplus-v2_0b_33_gbb622cc-root.jffs2-64k 
you can use openwrt-atheros-root.squashfs

Download the OpenWRT firmwares here.

Manuals used in this procedure:

1. https://dev.wlan-si.net/wiki/Flashing/Nodeupgrade

2. http://wiki.openwrt.org/doc/techref/bootloader/redboot

3. http://www.dd-wrt.com/phpBB2/viewtopic.php?p=81815&sid=81c212ea61683ac3bbb9b626bc553ecd

4. http://wiki.openwrt.org/toh/fon/fonera2#method_1_with_tftp_server

I take no responsibility if you break the router using this manual (it has only been tested once), do it on your own risk !

Free hardware designs

Yeeloong2In the recent years the Free Software Foundation has encouraged (computer) hardware manufacturers to start producing free (free as in freedom) hardware. Most hardware produced and sold today has proprietary design (Apple, Intel, etc.) and is therefore restricted/encrypted and hard to use with free software, requiring programmers to use reverse engineering methods and write the code to free up parts of the hardware and optimize it for the use with free software. Free Software Foundation maintains a list of the high priority reverse engineering projects. Free hardware would be optimized for the use with free user respecting GNU+Linux software and should be released under the GNU General Public License (GPL), version 3 or later. Currently there are few alternatives around free hardware designs. In 2012 the Free Software Foundation started a project with the Chinese manufacturer Jiangsu Lemote Technology Corporation Limited for the production of the Lemote Yeeloong netbook. Yeeloong’s used the early Loongson 2F, a single core MIPS3-compatible 64-bit CPU with some custom ISA extensions (not all used in software), therefore a lot of customized software still had to be written for it. For that purpose a special customized GNU+Linux distribution gNewSense has seen the light of day. Since then we have seen other alternatives to free up parts of the hardware. The project Libreboot has written replacements for the standard BIOS using reverse engineering on Lenovo Thinkpad models, such as X60, T60 and X200 which are all obtainable from the U.K. store Gluglug. Another crowd funding initiative called Purism has raised funds and started with the production of the free modern laptops. Michał Tomasz Masłowski has written about Laptops and free software in 2013. There are also Replicant, a free operating system that works as a replacement for Android based devices and libreCMC a free replacement operating system for wireless routers. There are videos (with Slovene translations) from the Libreplanet 2013 conference, where Dr. Richard Stallman talks about the free hardware designs (video part 1) (video part 2) and also explains the idea in his recent articles “Why we need free digital hardware designs” and “How to make hardware designs free“.

Utilite computer 3.10.17 Linux kernel upgrade

Utilitie-introThis is the manual about how to (properly) compile Utilite-developed Linux kernel for the Utilite computer (Utilite Pro) running “Ubuntu 12.04 LTS (Precise Pangolin)”. It’s mostly written for my own reference in case of possible future upgrades, but some might find it useful, as otherwise the information seems to be scattered around the Internet. We will do the start in user-mode and finish it in superuser (root) mode. The commands in bold are those which you need to type on the command line. However, I am not responsible for any damage that you might experience trying out this manual on your Utilite Pro. These are unofficial instructions, if you want official instructions read information on the Utilite Forum and Wiki. So here we go …

1. First we are going to pull the kernel sources with git ( there is an online manual on how to use git ). This is a one-string command, so write all in one line.

$ git clone -b 'utilite/devel'
https://github.com/utilite-computer/linux-kernel --depth 1

2. Lets move inside the kernel tree.

$ cd linux-kernel

3. Let’s make default kernel .config

$ make cm_fx6_defconfig

4. Let’s define other settings with menuconfig. Beside of concatenating kernel image and DTB you need to make sure that the following kernel options are present in your .config :

CONFIG_ARM_APPENDED_DTB=y
CONFIG_ARM_ATAG_DTB_COMPAT=y
CONFIG_ARM_ATAG_DTB_COMPAT_CMDLINE_EXTEND=y
CONFIG_CMDLINE_FROM_BOOTLOADER=y

$ make menuconfig

5. Clean before compiling.

$ make clean

6. Let’s compile. Option “-j8” means that we’ll be using 8 jobs on all 4 cores ( x 2 for SMP) on Utilite Pro for compiling ( it’s faster ). Approx. build time is 24 minutes.

$ make -j8 zImage

7. If you enabled DTB settings in the kernel .config, DTB should be made successfully. Approx. build time is 1 minute.

$ make -j8 imx6q-sbc-fx6m.dtb

8. Let’s make the modules. Approx. build time is 4 minutes.

$ make -j8 modules

9. Until this step everything can be done in user-mode. From here on you will need to perform all the additional steps as root or with “sudo” command. Let’s install the modules.

# make modules_install

10. Let’s install the firmware.

# make firmware_install

11. Let’s install the kernel headers.

# make headers_install

12. Now with all things in place and no errors, we are going to mount the boot partition on Utilite Pro ( this is a one-string command, so copy the whole string ).

# boot_partition=`cat /proc/cmdline | awk ‘{ for (i=1;i<=NF;i++) { if($i~/root=/) { print substr($i,6,length($i)-6)”1″ } } }’`

# mount $boot_partition /boot

13. DO NOT FORGET to backup your existing working kernel !

# cp /boot/uImage-cm-fx6 /boot/uImage-cm-fx6.bak

14. Move the newly built Linux kernel image into /boot .

# cat arch/arm/boot/zImage arch/arm/boot/dts/imx6q-sbc-fx6m.dtb > /boot/zImage-cm-fx6

15. Perform the last step to fit everything in place ( this is one-string long command, write everything together ).

# cd /boot; mkimage -A arm -O linux -T kernel -C none -a 0x10008000 -e 0x10008000 -n 3.10.17-cm-fx6-1-beta2-aufs -d zImage-cm-fx6 uImage-cm-fx6; rm -f zImage-cm-fx6

16. The result should be similar to this if all went well …

Image Name: 3.10.17-cm-fx6-1-beta2-aufs
Created: Tue Feb 17 13:53:34 2015
Image Type: ARM Linux Kernel Image (uncompressed)
Data Size: 5460160 Bytes = 5332.19 kB = 5.21 MB
Load Address: 10008000
Entry Point: 10008000

17. un-mount the /boot partition.

# umount /boot

18. Reboot and pray !

# reboot

 

If all went well, you should have a new workable 3.10.17 kernel on Utilite Pro.

If you are unable to boot to the new kernel or if something was faulty, there are several things you can try for the rescue. Most information can be asked or found on the Utilite support forum. This is the best place to ask questions. You should enable serial console ( I won’t describe how you do this, you can find the information on the forum or wiki ). So after being connected with the serial console, the first thing you see starting is U-boot. There will be a similar output, compared to this one :

U-Boot 2009.08-cm-fx6-0.98+tools (Mar 10 2014 – 16:17:49)

CPU: Freescale i.MX6 family TO6.4 at 792 MHz
Temperature: 34 C, calibration data 0x59d4f769
mx6q pll1: 792MHz
mx6q pll2: 528MHz
mx6q pll3: 480MHz
mx6q pll8: 50MHz
ipg clock : 66000000Hz
ipg per clock : 66000000Hz
uart clock : 80000000Hz
cspi clock : 60000000Hz
ahb clock : 132000000Hz
axi clock : 264000000Hz
emi_slow clock: 29333333Hz
ddr clock : 528000000Hz
usdhc1 clock : 198000000Hz
usdhc2 clock : 198000000Hz
usdhc3 clock : 198000000Hz
usdhc4 clock : 198000000Hz
nfc clock : 11000000Hz
Board: CM-FX6:[ POR ]
Boot Device: SD
I2C: ready
RAM Configuration:
Bank #0: 10000000 1 GB
Bank #1: 80000000 1 GB
NAND: No NAND device found!!!
0 MiB
MMC: FSL_USDHC: 0,FSL_USDHC: 1,FSL_USDHC: 2
JEDEC ID: 0xbf:0x25:0x41
Reading SPI NOR flash 0xc0000 [0x2000 bytes] -> ram 0x17e030c0
SUCCESS

In: serial
Out: serial
Err: serial
Net: got MAC address from IIM: 00:00:00:00:00:00
FEC0
Hit any key to stop autoboot:

Here you have 3 seconds of time to hit any key and enter into the U-boot interface, where you can perform additional steps.

1. First step would be to boot the previous kernel. Define the previous kernel with “setenv”.

$ setenv kernel uImage-cm-fx6.bak

$ run bootcmd

This should at least bring you back to the previous kernel.

2. If you forgot what your previous kernel name was ( if you selected a different name ), you can try these commands :

$ sata init
$ fatls sata 0:1

This should list all available kernels in the /boot partition, so just select another name with “setenv”.

Good luck !

P. S. If you have tried this procedure and found any errors or know about the improvements, you are welcome to comment on the post and I will be glad to fix the article !

Encrypting external USB drive in GNU/Linux

I recently bought an external USB drive and while setting it up with an encrypted filesystem I thought I could blog about it. The procedure that I will use involves Logical Volume Manager (LVM) and luks0pen encryption. The procedure is being done with Trisquel GNU/Linux, but it will also work for Ubuntu Linux and other GNU/Linux systems.

  1. First you will need to open a terminal (xterm) and log in as a root user, use “su” and enter your root password.
  2. You can open another terminal and watch the system log with “tail -f /var/log/messages
  3. Then you will need some programs to make it work with encryption, you will need to install Logical Volume Manager tools (LVM) with “aptitude install lvm2 e2fsprogs cryptsetup“.
  4. Attach the USB drive into the computer’s USB slot, you can check “/var/log/messages” or type “dmesg” to see how the drive appears up in your computer. Mine shows up as “/dev/sdb“. Keep in mind that your drive might show up differently as “/dev/sdc” or “/dev/sdd” depending on your setup, so I will continue with the manual as the drive being set up for “/dev/sdX“, please consider changing X to another letter which matches your drive.
  5. Check the drive for bad blocks (takes a couple of hours): “badblocks -c 10240 -s -w -t random -v /dev/sdX“. For a 3 Terabyte drive it took a bit over 5 hours to finish.
  6. Write random data to the entire drive. This step took less than 12 hours to finish, but it ensures that never-written drive space can’t be differentiated from encrypted data if someone ever tries to crack the drive. (If you’re going to do this, you might as well do it right). Use “shred -v -n 1 /dev/sdX
  7. Create one big LVM partition on the drive using fdisk. Set up one big primary partition /dev/sdX1, set the tag to system id “8e” LVM, and write the changes to disk:
    fdisk /dev/sdX
    Note: sector size is 4096 (not 512)
    Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
    Building a new DOS disklabel with disk identifier 0x4a8d1c8d.
    Changes will remain in memory only, until you decide to write them.
    After that, of course, the previous content won't be recoverable.
    
    Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)
    
    Command (m for help): p
    
    Disk /dev/sdb: 3000.6 GB, 3000592982016 bytes
    255 heads, 63 sectors/track, 45600 cylinders, total 732566646 sectors
    Units = sectors of 1 * 4096 = 4096 bytes
    Sector size (logical/physical): 4096 bytes / 4096 bytes
    I/O size (minimum/optimal): 4096 bytes / 4096 bytes
    Disk identifier: 0x4a8d1c8d
    
       Device Boot      Start         End      Blocks   Id  System
    
    Command (m for help): n
    Partition type:
       p   primary (0 primary, 0 extended, 4 free)
       e   extended
    Select (default p): p
    Partition number (1-4, default 1): 1
    First sector (256-732566645, default 256): [ENTER]
    Using default value 256
    Last sector, +sectors or +size{K,M,G} (256-732566645, default 732566645): [ENTER]
    Using default value 732566645
    
    Command (m for help): t
    Selected partition 1
    Hex code (type L to list codes): 8e
    Changed system type of partition 1 to 8e (Linux LVM)
    
    Command (m for help): p
    
    Disk /dev/sdb: 3000.6 GB, 3000592982016 bytes
    255 heads, 63 sectors/track, 45600 cylinders, total 732566646 sectors
    Units = sectors of 1 * 4096 = 4096 bytes
    Sector size (logical/physical): 4096 bytes / 4096 bytes
    I/O size (minimum/optimal): 4096 bytes / 4096 bytes
    Disk identifier: 0x4a8d1c8d
    
       Device Boot      Start         End      Blocks   Id  System
    /dev/sdb1             256   732566645  2930265560   8e  Linux LVM
    
    Command (m for help): w
    The partition table has been altered!
    
    Calling ioctl() to re-read partition table.
    Syncing disks.
  8. Use cryptsetup to encrypt the drive: 
    "cryptsetup --verbose --verify-passphrase luksFormat /dev/sdX1"
  9. WARNING!
    ========
    This will overwrite data on /dev/sdX1 irrevocably.Are you sure? (Type uppercase yes): YES
    Enter LUKS passphrase: <Your password here>
    Verify passphrase: <Repeat your password>
    Command successful.
  10. Unlock the drive: (We will call this drive backupexternal, but you can choose a different name)
  11. “cryptsetup luksOpen /dev/sdX1 backupexternal” . Enter passphrase for /dev/sdX1: <Enter your password here>
  12. Create the LVM physical volume: “pvcreate /dev/mapper/backupexternal” , Physical volume “/dev/mapper/backupexternal” successfully created
  13. Create the LVM volume group: (We will call it usbbackup, but you can choose a different name) “vgcreate usbbackup /dev/mapper/backupexternal” , Volume group “usbbackup” successfully created.
  14. Create a logical volume within the volume group: “lvcreate -L 900G -n backupvol /dev/usbbackup“, Logical volume “backupvol” created.
  15. At this point you have a device named /dev/usbbackup/backupvol, so create a filesystem on the logical volume: “mkfs.ext4 /dev/usbbackup/backupvol”
  16. mke2fs 1.42 (29-Nov-2011)
    Filesystem label=
    OS type: Linux
    Block size=4096 (log=2)
    Fragment size=4096 (log=2)
    Stride=0 blocks, Stripe width=0 blocks
    58982400 inodes, 235929600 blocks
    11796480 blocks (5.00%) reserved for the super user
    First data block=0
    Maximum filesystem blocks=4294967296
    7200 block groups
    32768 blocks per group, 32768 fragments per group
    8192 inodes per group
    Superblock backups stored on blocks:
    32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
    4096000, 7962624, 11239424, 20480000, 23887872, 71663616, 78675968,
    102400000, 214990848Allocating group tables: done
    Writing inode tables: done
    Creating journal (32768 blocks): done
    Writing superblocks and filesystem accounting information: done
  17. Create a mount directory on computer drive “mkdir /mnt/backup
  18. Mount the volume: “mount /dev/usbbackup/backupvol /mnt/backup
  19. To get the volume to mount automatically at boot time add this line to your /etc/fstab file:
    "/dev/usbbackup/backupvol      /mnt/backup     ext4    defaults        0 5"
  20. To be prompted for the decryption key / passphrase at boot time first get the drive’s UUID: “ls -l /dev/disk/by-uuid” (In my example I use the UUID for /dev/sdb1)
  21. Then add this line to the /etc/cryptab file: “ext_drive /dev/disk/by-uuid/[the UUID of the drive] none luks

That’s it. You now have an external, encrypted hard drive with LVM installed. You’ve created one 900GB volume that uses half the disk, leaving 2100GB free for other volumes, or for expanding the first volume.

Hope you find this useful.

P. S. If you have tried this procedure and found any errors or know about the improvements, you are welcome to comment on the post and I will be glad to fix the article !

International Human Rights Day reminds us about Free Software

Free_Software4The Free Software Foundation (FSF) is a nonprofit organisation with a worldwide mission to promote computer user freedom and to defend the rights of all free software users.

As our society grows more dependent on computers, the software we run is of critical importance to securing the future of a free society. Free software is about having control over the technology we use in our homes, schools and businesses, where computers work for our individual and communal benefit, not for proprietary software companies who might seek to restrict us.

The Free Software Foundation is working to secure freedom for computer users by promoting the development and use of free (as in freedom) software and documentation — particularly the GNU operating system — and by campaigning against threats to computer user freedom like Digital Restrictions Management (DRM) and software patents.

FSF has sister organisations in Europe , France , Latin America and India.

Do a good thing TODAY ! Help the FSFE reach their 2015 budget goal of €420,000 by donating until December 31.

 

 

Self-organised European Citizens Initiative against TTIP, CETA & TISA

stop-ttip-generic-fbEuropean Union member states are under increasing pressure from North American business groups to open their borders to imports of genetically modified food as part of negotiations for a new Transatlantic trade deal, environmental campaigners have warned.

The Transatlantic Trade and Investment Partnership (TTIP) is being negotiated among European governments, the US and Canada, with the active participation of dozens of large businesses. It has already attracted strong criticism from democracy campaigners, who say it could mean the European Union could have to open the National Health Service further to private companies, and complaints against large companies could be treated in secret without proper legal recourse.

The potential impacts on food safety are less apparent as the negotiations are being conducted without public consultation. Progress on signing the partnership is expected to be hastened later this year when new EU commissioners are appointed.

The European commission has strongly denied that the partnership would allow North American companies to circumvent EU food standards, particularly with regard to genetic modification. A spokesman for the commission told the Guardian: “TTIP will not change the way we regulate GMOs [genetically modified organisms] in Europe. EU trade commissioner Karel De Gucht stressed that publically many times. The EU has its red lines in the negotitations and the GMOs is one of them.”

However, documents from various US and Canadian government agencies and business trade bodies suggest strong pressure is being brought to bear from US industries to allow GM products and other foods into EU markets that would violate the EU’s current standards, in the name of free trade. The US Department of Agriculture and Foreign Agricultural Service has explicitly identified “the EU’s non-tariff barriers to US agricultural products”, specifying in particular “long delays in reviews of biotech products [that] create barriers to US exports of grain and oil seed products”. The term biotech is generally used to refer to GM products.

The European commission says that the EU would not be forced to allow imports of GM foods under the TTIP deal. “Will the EU be forced to change its laws on GMOs? No, it will not. Basic laws, like those relating to GMOs or which are there to protect human life and health, animal health and welfare, or environment and consumer interests will not be part of the negotiations,” according to a Q&A on the EU’s website. (Source: The Guardian)

You can sign the petitions against TTIP here:

More informations regarding these topics can be found at:

V slovenskem jeziku :

 

libreCMC on TP-LINK TL-WR741ND

I was lucky that I already had TP-LINK TL-WR741ND ( version 1.8 ) previously installed with OpenWRT (libreCMC strips down OpenWRT to remove non-free software and binary blobs from the code) so that I could test out the libreCMC. At this stage the router seems to be (fully) functional with wired and wireless networking enabled. Here are the instructions how to install libreCMC on this router :

First check if your router version is compatible with libreCMC.

  • Versions supported : v1 – v2, v4.20 – 4.27
  • Version not supported : v2.1 – v3.1 + v4.0

If you still have default TP-LINK firmware, there are several methods to flash it into OpenWRT. I did use the “mtd write” procedure to get it from a functional OpenWRT to libreCMC, so I would recommend that you do that first in order to avoid mistakes. Default OpenWRT IP of the router will become 192.168.1.1 and you can telnet there without the password. Once you have a functional OpenWRT you can proceeed with “mtd flashing” over telnet.

Download the pre-built libreCMC ( version 1.2.1 ) firmware image to the wireless router

  • # cd /tmp/
  • # wget http://downloads.librecmc.org/snapshot/v1.2.1/ar71xx/librecmc-ar71xx-generic-tl-wr741nd-v1-squashfs-factory.bin

Download and compare md5sum

  • # wget http://downloads.librecmc.org/snapshot/v1.2.1/ar71xx/md5sums
  • # grep “librecmc-ar71xx-generic-tl-wr741nd-v1-squashfs-factory.bin” md5sums

If you did it right you should see the md5sum result which is 3933e76b3da872bcc0773965c9ad2e72

Check the md5sum of your image (should be identical)

  • # md5sum librecmc-ar71xx-generic-tl-wr741nd-v1-squashfs-factory.bin

Rename the image to TP-LINK compatible file

  • # cd /tmp/
  • # mv librecmc-ar71xx-generic-tl-wr741nd-v1-squashfs-factory.bin tplink.bin

Go back into the root directory

  • # cd /

Now you are ready to proceed with flashing.

  • # mtd -r write /tmp/tplink.bin firmware

When this is done, your router should automatically reboot and default into 192.168.1.1 with telnet access. You can also access it through “Luci” (GUI) with your web server on http://192.168.1.1

Happy hacking ! 🙂

 

 

 

libreCMC

libreCMC is a FSF endorsed embedded GNU/Linux distribution replacement for your wireless router which does not contain non-free software or binary blobs. The project’s goal is to provide an embedded distro that respects user freedoms and allows users to control what their hardware does. Since libreCMC is 100% free software, it allows the user to use supported platforms as a way to host their own services, like email, chat or file sharing; learn about how the device works. libreCMC is designed for users who would like to run 100% free software on their embedded device (routers) or would like to have more control over what their embedded device does. Future uses will expand to servers and HPC applications in a few years.

Currently supported (wireless) devices are :

  • TP-LINK TL-MR3010 v1
  • TP-LINK TL-WR741ND
  • TP-LINK TL-WR841ND
  • NETGEAR WNDR3800
  • XBURST BEN NANONOTE

20 years on the Internet

BtN-viqIYAIp0YhIt was around the year 1994, when my mother brought her business PC Atari XT 8086 home, which I was able to use. It had a Microsoft Windows DOS System installed. I managed to obtain the 2400 bps modem and install it into the computer. Because the internet wasn’t commercial at that time in Slovenia yet, my parents obtained Internet access through non-profit Academic and Research Network of Slovenia (ARNES). The modem was able to dial-up over telephone line into ARNES network and from there on friends of ours provided a terminal access to one of the UNIX computers at university, where I was capable to use E-mail and IRC. I spent many days on IRC chatting with people who were already able to access the Internet. Around that time Jonas showed us how Internet and IRC works in his popular TV show “Videošpon“.

Two-step verification from Google

Google offers Two-step verification for some time now, but I have only discovered it recently, when my Gmail account notified me with the warning :

  • State-sponsored attackers may be attempting to compromise your account

The warning doesn’t say “which” state attackers and there don’t seem to be any information or logs from break-in attempts in the account, or if this is just a Google integrated default warning for many users to enable their Two-step verification. But a Two-step verification is usefull in many ways. Let me explain you why : It gives another layer on protecting your password and doesn’t compromise your account if that password gets stolen or revealed. Here is just a basic example – many of you have probably used a public computer on some occassion to log into Gmail to read your E-mails either on a journey or while being at some public place, where you can never tell if your password was captured or not. There are different methods for capturing your password, most basic ones would be with a keylogger device or software. You can never be secure enough in a public place if your computer is protected. With Two-step verification from Google, you add another layer of protection by enabling SMS text code or voice message to your mobile phone number, which is always different and unique. Just a warning that with this method your phone number will be verified and linked to your existing Google/Gmail account ! Here is an article explaining how to make it work: