1. 2

    That was a great investigation and highlights how insecure a lot of IoT devices really are.

    A while back I had the idea that I would buy several inexpensive home automation devices to audit for fun (or for a blog or something) and I reached out to Reddit’s home automation community for suggestions. I remember at least one incredibly negative comment that basically told me I was an awful person for wanting to hack these devices in such a way and I should leave. It amazes me that people would prefer to not know if their devices are insecure.

    1. 3

      Last week I finished my article for Neon Dystopia about the roots of bOING bOING (the zine), https://www.neondystopia.com/cyberpunk-books-fiction/the-brain-mutator-for-higher-primates-a-boing-boing-retrospective/

      This week I’m continuing my documentation for emulating a z/OS mainframe and then hopefully documenting my PBX configuration.

      1. 5

        Last week I successfully got my Soviet-era desk phone working with my Incredible PBX and a Granstream HT502 ATA that supports pulse-dialing.

        This week I’m aiming to:

        • Finish writing an article about bOING bOING (the zine) for neondystopia.com
        • Document my PBX setup into a series of articles/posts to share the configuration info and have good notes for myself.
        • Troubleshoot my red Western Electric series 500 rotary phone, which looks like it might have multiple issues involving wiring and a dead element in the handset.
        • Finish an article I started writing years ago about emulating a z/OS mainframe.
        • Work on recreating the iconinc yellow Motorola pager from the movie Hackers (1995). I have all of the supplies and need to start it.
        1. 4

          I received a Soviet-era desk/house phone from Lithuania (I’m in the US) that I’m attempting to integrate with my Incredible PBX. The phone is push-button, but is definitely pulse-dialing instead of using touch-tones, so I ordered a Grandstream HT502 analog phone adapter because (nearly) everyone recommends these for pulse-dial phones on a PBX.

          Long story short, I’m still unable to register the adapter on my PBX and have it respond to the extension I’ve created for it. For such a popular device, I’m surprised there isn’t more documentation out there to get it PBX ready, but I haven’t given up yet! If you are a Grandstream/FreePBX guru, please let me know :)

          1. 1

            Do you have the name or pics of the phone?

            1. 3

              It is a VEF TA-01LXA, and there are pics available at the eBay listing but let me know if you need more, https://m.ebay.com/itm/USSR-Phone-VEF-TA-01LXA-Working-Condition-/332638456798

              Everything seems to work as you would expect, but I have no idea what the R/K/M/W keys are for, or the round button on the bottom left.

              1. 2

                That’s about the plainest, toughest-looking phone I’ve ever seen haha. Thanks for the picture.

            2. 1

              Got it all worked out now :) I hope to do a few writeups on all of this shortly.

            1. 6

              I’m working on a website of Ted Nelson words (some people call them “Nelsonisms”) with definitions. He coined a lot of words, some stuck better than others. https://fangl.es

              I also set up my own gopherhole with pygopherd on FreeBSD that im going to expand a bit. You can view it via HTTP proxy here, and there is a file for how I did the setup if you want to make your own, http://gopher.modem.city:70

              1. 2

                shouldn’t your gopher server listen on port 70, and your web server listen on 80?

                1. 2

                  pygopherd actually appears to multiplex HTTP and gopher traffic on the same port! I don’t have port 80 open to reverse proxy it, but you can successfully open both HTTP and gopher connections on 70 :)

                  1. 2

                    Ah, good to know! 70 outgoing is blocked at $work, but it’s not a big deal.

                    1. 2

                      If you can’t access port 70, there is always the floodgap proxy :), https://gopher.floodgap.com/gopher/gw?a=gopher%3A%2F%2Fgopher.modem.city

              1. 4

                This is a godsend. I’ve been staring at my Indigo2 for months wondering how I’m going to take the next steps in getting it back online. Bam, here we go! Now I just need to get a working SCSI drive and burn these CDs to reset the root password. Thanks!

                1. 3

                  Use DINA instead?

                  1. 1

                    How will DINA help if @jamestomasino doesn’t have IRIX install media?

                    1. 2

                      It doesn’t but it saves on avoiding the clumsy install process from CDs which involves swapping disks in and out multiple times.

                  2. 2

                    I had a full Indigo2 with graphics upgrade that got abandoned in a move. :(

                    At one time we had a Challenge, a Fuel, an Octane (which I still, have, I think, or maybe an O2?), and that Indigo2.

                    1. 1

                      I also have an Indigo 2 and an Indy sitting around in need of various little repairs. I hope this might help me get back into things.

                    1. 7

                      > discord

                      God please, no!

                      1. 2

                        Better than slack.

                        1. 7

                          Of course!

                          But why you need to stick to proprietary solutions and make them unreachable on platforms you’re caring about on this community? Wouldn’t be better to just use IRC like civilized people do?

                          1. 7

                            Trying to convince people who want Slack or Discord to use IRC will get you nowhere.

                            IRC is awesome and some of us have been using it since dirt but it ITSELF lacks features some modern users really want - built in search / logging / voice chat / built in image / sound rendering, etc etc etc.

                            You can say “Bah that’s all crap” - and I’ll agree with you, but that doesn’t stop people from wanting.

                            Personally, I wish more open source folk would explore sollutions like https://zulipchat.com/

                            1. 2

                              Direct link to the code for everybody’s convenience: https://github.com/zulip/zulip

                              1. 1

                                I know Zulip but haven’t tried it personally yet…

                                And, more importantly - does it have an IRC gateway? :)

                                1. 1

                                  Sort of: https://github.com/zulip/python-zulip-api/issues/106

                                  I still like zulip quite a lot, i think its concept of topics does really improve discussions.

                            2. 1

                              They have an IRC channel too, and a bot that communicates between IRC & Discord

                              1. 1

                                These bridging bots (between Slack/Discord/Matrix/Telegram/Hipchat and IRC) are quite incomplete solutions, as they can’t do “puppeting” so the bot impersonates all IM users as single IRC user and it’s bad to interact with them in that way.

                                I hope Matrix could solve this in the future.

                                1. 1

                                  I’ve been using Matrix for about 18 months, and it does puppeting perfectly when bridging to IRC, from either side.

                                  The Slack bridging with Matrix looks to behave in a similar way; you’re almost unable to distinguish native users and bridged users.

                        1. 5

                          I’ve been spending a lot of time on resurrecting an old PBX I initially set up in 2012. I’ve done a fresh installation of Incredible on a first-gen Raspberry Pi and have configured incoming/outgoing calls with my SIP provider, as well as a hard phone on my LAN utilizing an old Western Electric phone and an OBi100 adapter. I plan on making some IVRs similar to the “Callin’ Oates” hotline so you can press something on the keypad and it plays music for you.

                          1. 2

                            I’ve been thinking a lot about doing the same thing as you are and using SIP to handle the land line. I would like to re-use my existing phone too. Is the OBi100 a good recommendation or should I have a look at something else?

                            1. 2

                              I think it’s a great device and reasonably easy to configure. I believe it has been discontinued by the manufacturer, but it still seems relatively cheap on the secondhand market and plays nicely with Asterisk and FreePBX. It has worked pretty well on the few phones I have tried it with, but I did notice some instability when I tried to hook two phones up to the unit with one far away. If you have more than one phone, I’d get more than one OBi and try to keep each phone as close to it as is reasonable. It’s probably some voltage drop over long runs.

                              I’m also purchasing an HT502 which has two lines and supports pulse dialing. I’m sure there are a ton of SIP adapter devices out there at about the same price point and they’re so inexpensive you could just throw them away if they don’t work for you.

                          1. 10

                            He’s fairly well known on lobste.rs, but I found a lot of concise guides by Roman Zolotarev, https://www.romanzolotarev.com

                            He was certainly the primary motivation for me installing OpenBSD as well.

                            1. 10

                              Thank you. :)

                              P.S. Folks, if you’re willing to try OpenBSD, I’m always here to help you.

                            1. 5

                              I have a few private servers in total running various things.

                              • Apache/nginx/httpd for various blogs and websites, most also utilizing Let’s Encrypt
                              • MediaWiki powering https://anarchivism.org
                              • Bind9 running a few public OpenNIC DNS servers.
                              • Tor middle relay
                              • A few Tor hidden services
                              • A now-malfunctioning SKS keyserver (that I need to look into)
                              • 6 or 7 cjdns nodes
                              • fingerd running on a few cjdns nodes
                              • Opentracker for Bittorrent running on 1 cjdns node
                              • 1 or 2 Yggdrasil-go nodes
                              • Riot and Synapse for matrix chat at https://matrix.phillymesh.net
                              • Gopher at gopher://gopher.modem.city
                              • Quassel for IRC

                              Not public, but I’ve been setting up SILC servers and a few IRDCds as well.

                                1. 3

                                  Hopefully your tmux article will finally be the one to make me switch from screen. Old habits die hard.

                                  1. 3

                                    If screen works for you, maybe you don’t need tmux. :)

                                    I’ve never tried screen. tmux(1) was my first terminal multiplexor on macOS and now on OpenBSD I don’t have screen(1) in base.

                                1. 2

                                  I’ve been fascinated with Ted Nelson’s work for years and the Xanadu project has always intrigued me. It’s great that Ted is still commited to sharing his ideas and making the concepts easy to understand for people. A lot of critics say that he caused his own downfall with Xanadu by being difficult to work with, but I feel like we see this a lot from those who don’t want to sacrifice their dreams to spawn inferior versions of a given product.

                                  It was impressive seeing some of these concepts come together somewhat in the Xanadu deliverable that was released a few years back, but a small part of me thinks that wikis could be a good way to express Xanadu concepts in a more accessible way.

                                  1. 2

                                    Wiki software has incorporated some Xanadu ideas, but largely in loose ways that miss key attributes. For instance, mediawiki has transclusions but doesn’t use them for versioning or make the connection to the original context clear to users, and while it has a bidirectional link tree internally, it doesn’t expose that information to the user. Nothing, aside from Xanadu demos, has visible connections (aka transpointing windows) in normal document viewing and editing (though some things, including mediawiki, use something that resmbles transpointing windows in diff displays).

                                    Having worked for Ted, I can verify that he’s “hard to work with”, but not in the way people usually use that term. He’s polite and cordial. Mostly, he gets easily off-track during meetings & has a hard time finding work he’s already done (and so he often ends up re-doing it). He’s got all sorts of tech & filing systems to help him with organization these days, so it must have been more difficult for him to act as a manager in the 70s. (Of course, during the Autodesk era, Ted had nothing to do with the day to day development of Xanadu. They had their own management difficulties, resulting in schisms and abandoned work, some of which is now open source.)

                                    Xanadu has changed a lot over the years, and made a lot of concessions. The past couple demos to have public release actually were in the browser & used regular HTTP for fetching documents – a huge concession, since HTTP doesn’t have any guarantees about content stability. The previous demo (XanaduSpace) also used HTTP. The stuff that Ted is bullish about is mostly stuff that works together in subtle but important ways – ex., transclusion-based versioning makes transcopyright straightforward & visible connections solve the droit moral problem of remixing somebody’s work without their explicit permission (since it acts as a very precise automatic attribution), & all this depends upon permanent addresses with unchanging content (or, in some cases, append-only content).

                                  1. 2

                                    Thanks for this write-up! I’d be curious to see just how many people are running MTA software as hidden services.