Category: Technology

Despite getting home at 6am this morning after a night of clubbing, I’ve had a productive day hacking around with the troublesome modem.

I’ve produced a patch against 2.6.34-rc6 which blacklists the MF636 such that option_send_setup doesn’t send a the RTS and DTR states to the first three serial ports, ttyUSB[0-2].

Examining the contents of the Windows INF files in the files on the ZeroCD device, I’ve found the following nuggets:

• Interface 00 is a USB Diagnostic interface, which is probably why it doesn’t respond to AT commands
• Interface 01 is an NMEA interface, and interface 02 is an extended NMEA interface – I don’t know what this means
• Interface 03 is a Mass Storage device which appears when you first plug in the device
• Interface 04 is the modem itself

I’ve also made a breakthrough in the initialization string – this must be AT&F&D2&C1, which:

• &F: Revert to factory defaults
• &D2: Set the DTR behaviour to terminate the call gracefully upon a DTR on/off tranisition
• &C1: Sets the Received Line Signal Detect (RLSD – is this DCD/Carrier Detect?) on until all data is received from the remote modem
• S0=0: Do not automatically answer an incoming call

Another little gem I found – the moment you dial ATD*99#, you cannot terminate the connection unless you send a PPP LCP TermReq. You can’t send the usual escape sequence +++, then ATH, nor can you cause the modem to disconnect by sending ATH via another port. It appears it must be done via PPP. This seems a bit brain-damaged.

Finally, the best bit – if you don’t set the initialization string correctly, the modem will crash and disconnect itself from the USB bus. Very handy, and painfully difficult to debug. NetworkManager doesn’t send the correct initialization string, hence the modem crashes.

I’m hating this device less the more I learn about it. I could still do with something that ‘just works’ without all this faff – but I get a lovely warm feeling knowing I’m helping out other people who have had the MF636 imposed on them.

Way back when, I had a Huawei E220. This was moderately usable under Linux, more so after a firmware upgrade and usb_modeswitch. A great little device, installation of a long USB cable meant I could put the dongle where the signal was best. I still have it, although it’s likely locked to Vodafone.
For reasons unknown, the company I worked for ceased the contract on this and gave me a GlobeTrotter iCON 7.2 modem. Again, after some fiddling, success. The only problem was its shape – like a plastic ice lolly. It wiggled in whichever USB port I used it in, and I never really got on with it. However, it worked.
The iCON broke, and I now have a ZTE MF636. This is an aesthetically pleasing device, with one big flaw – it’s utter rubbishness under Linux.
I’ve spent a considerable amount of time battling these little gems:

• ZeroCD support – great for Windows and Mac machines as your drivers are forced upon you. It can be turned off permanently with the AT+ZCDRUN=8 command (and turned on with AT+ZCDRUN=9), or ejecting the SCSI CD-ROM device.
• option.ko support – of the four serial ports presented, ttyUSB3 (the final one) under Linux 2.6.32 is the only one accessible. I think I have a workaround.
• modemmanager support – right now, I can’t dial out using NetworkManager. With wvdial, I can poke commands at ttyUSB3 and connect successfully, but that’s ugly in my eyes.
• Random USB resets – reset high speed USB device using ehci_hcd and address 33 is not a welcome message, especially when I have to unplug and replug the USB device to get it to work again.

I’m not overly comfortable with delving down to the low level of these sorts of problems – but looking on the positive side, it’s a great learning experience. Yeah 🙂

Right after I upgraded the firmware on a 3ware 9650SE RAID controller in my desktop, the card failed. ‘lspci’ would recognise it, but nothing else.

I RMA’d it with 3ware, and within a week and a half – bearing in mind there was New Year in the middle – I had a new card couriered to me. Superb service.

My desktop machine has been reformatted and reinstalled, and it’s running much faster than before. The only downside is 3ware seem to insist I download 57Mb of JVM and InstallShield to install 3dm2 and tw_cli… why? Why can’t I just have the files and install them myself? Why do I have to run a JVM as root? That scares me a little.

For some years, I’ve been paranoid enough to run RAID-1 on my desktop machine to protect against a single hard drive failure. Backups are to another drive on a separate controller.

A couple of weeks ago, I flashed the firmware on my 3ware 9650SE, rebooted, and the BIOS wouldn’t see the controller at all. ‘lspci’ under Linux showed the card, but nothing else – the 3w-9xxx driver in the kernel didn’t recognise it, nor did 3dm2 nor tw_cli. Strange – although it’s within the year’s warranty, so I’m RMAing it on Monday.

On a separate, slightly strange matter, I’ve had an Asus P5WDG2 WS Professional motherboard with some DDR2-667 RAM for a couple of years now. Sometimes the machine boots and it recognises the RAM as DDR2-667, and sometimes as DDR2-533. Why, I don’t know. Anyway, fiddling around in the BIOS to determine whether I had a dead PCI Express slot, I managed to turn on some automatic overclocking functions – things that I don’t usually touch.

The results were strange – over the course of 24 hours, my machine gained a whole hour. Naturally, this was going to be down to something I’d fiddled with, so I turned overclocking off and in the past couple of hours, the clock keeps the correct time.

Here’s a lesson for you – change one thing at a time and check it works 🙂

I found how to run Oracle 10g Express Edition on a 64-bit platform. It’s, er, remarkably straightforward. I expected to jump through more hoops…

This may kick me in to touch and force me to test NetHorus on a database backend other than MySQL…!

It seems a 64-bit desktop isn’t all it’s cracked up to be. Adobe Flash Player has difficulty, but I stumbled across a pre-release of Adobe Flash Player 10 for 64-bit Linux.

Download the file, unpack it and copy it to /usr/share/ubufox/plugins/. Restart Firefox, and away you go.

As documented elsewhere, I needed a bit of shell hackery to get my Broadcom BCM4312 working under Ubuntu 9.10 Netbook Remix.

Not to worry – it’s not awfully scary. Now I can leave the flat, with three of my four machines upgraded to Ubuntu 9.10 within 24 hours of getting my hands on the ISO images.

Like many highly computer literate sons, my parents occasionally call on me to fix their computer.  This can be anything from “I turned it off and it won’t boot up again” meaning “The hard disk has failed”, to “I can’t get my email, it comes up with a certificate error”, meaning I’ve forgotten to renew the SSL certificate on my mail server.

This week, my father send me a text message to say neither he nor my mother could receive email – but they could send it fine.  I didn’t see any attempts from them to connect in my mail server’s log files, and they said they didn’t see any error messages.

This morning, I found some time to ask my mother to set up a reverse VNC connection to my desktop at home (I can’t remember what people did before VNC – maybe we installed pcAnywhere, or maybe we hopped on a car or train).
Here’s the key piece of information that was missing that I found out this morning – “We installed Kaspersky and email stopped”. D’oh! That piece of information is really important – I did something, and something else happened.

Further investigation showed that my parents installed Kaspersky as Barclays on-line banking suggested it, but then they uninstalled that, and installed AVG, but still couldn’t get email.

What caused the problem? It’s quite straightforward. POP3 doesn’t attempt any form of encryption at all, so I force people to use TLS when picking up mail from my server. It stops the very small risk of somebody finding out an email password by capturing packets, but it also encrypts all the messages being downloaded. I use SSL certificates from CACert which they provide free, and the whole system works better than self-signed certificates, but not quite as well as a full-bodied certificate from a widely-recognised CA.

AVG and Kaspersky intercept outgoing POP3 traffic, if asked, and scan it. They do this by proxying connections through their software, which can’t understand the TLS connections and so waits patiently rather than throwing up an error. The result is the mail client does nothing – no errors and no timeouts. A software stalemate.

This started me thinking – how long before encryption becomes a widespread way for malware starts to use SSL connections to bypass network-based antivirus services? You can’t disable encryption as it’s a form of security, but it’s also a form of stealth. One encrypted TCP connection looks just like the other, and there’s simply no efficient way to scan apart from right at the very edge.