Stupid connectors

So, new TV, empty space in bedroom, TV point and Ethernet points nearby, all I had to do was finish the wiring (left unconnected as it was not needed 15 years ago!) and scan for channels. Simple.

OK. So I had a splitter and then found a smaller one so used that. Stuck it to the wall in the airing cupboard, wired in the CT125 coming down from the loft and two TV coax runs to the two bedrooms, and connected the other end of the CT125 to the aerial distribution amp in the wiring closet. Turned the TV on and it began scanning. And found very little. Hmmm. Well, it found the HD channels but would not receive them.

Out with the meter. Connectivity fine from the splitter to the TV, so blamed the splitter and wired in the larger one. Rescanned. Same thing. Got a barrel connector and bypassed the splitter. No difference. Went to the wiring closet and checked the connection there… which I had plugged into the DAB aerial feed input, rather than a TV output!

Put the smaller splitter back in and fitted the cables again and all is well.

Ugh.

Signal box lever work

A lot of my work on the railway this year has been as part of a team building up all the components to make a 27-lever signal box frame. Components from two separate dismantled boxes were gathered from a variety of storage locations on the railway. Shown here are some of the segments prior to them being dismantled.

The various components are shown here placed side by side to ensure there are sufficient parts to make up the frame. Three base sections, the various segments along with segments supporting the locking trays (not shown), and the end castings were then all ready to be sent off for shot blasting.

Levers needed completely stripping down to their component parts. There were two types of lever, the differences being in the foot casting and the end of the catch rod. Each lever consists of a number of components: the foot, the lever itself, the catch rod, catch handle and pins, a spring housing and spring.

As can be seen, the shot blasting had a quite dramatic effect. Here are the levers as returned after being cleaned and primed. The two leftmost levers show the differences – each has a different type of foot and the stop for the catch rod – a square peg on one and round on the other are also different.

The spring housings, shown here on top of the cleaned and primed segments were not sent away and were cleaned by wire brush and files. New spring had to be ordered for these as the originals were mostly in a very poor state.

Assembly of the frame commenced after space was made in the workshop. We tried a few methods of assembly and in the end it proved easiest to place each lever without the catch rods or spring assembly and add those later. Despite losing a few nuts down various holes this work carried on that way.

Here, the first five levers are in place. Only 22 to go…

Assembly continued over a number of weeks, working one day a week. This photo shows the locking trays in place.

Finally, all the levers were in place fully assembled and adjusted to ensure that they moved smoothly. This proved tedious as numerous adjustments had to be made not just to the castings, but also catch rods, levers, and even some of the springs had to be shortened.

The next steps are for the frame to be marked up and dismantled. It will then be sent away for the locking to be built up before coming back to us ready for assembly in the signal box. This story is ongoing and will be continued!

Airline fined over website cookie consent

Pinsent Masons carried a story recently regarding an airline being fined for a poor cookie consent mechanism on their website (1). Although the fine is relatively small it hopefully highlights the fact that authorities are taking note of complaints against websites.

For some years now it has been necessary to declare cookies and have a mechanism to gain consent, but many websites are sadly lacking, some really badly. I’ve ranted about this in the past and when I was still working I always tried to ensure our websites were compliant.

The case in hand (2) is one where the website in question told users how to block cookies but had no consent mechanism. It was pointed out that there needs to be a mechanism whereby cookies can be rejected, as well as options to enable all cookies or to enable just specific ones.

From my own checks on websites some are really good, some so-so, and some down right awful. Among the best I’ve seen are ones that have a very simple consent mechanism at the bottom of the page with checkboxes for each type of cookie, as well as a ‘reject all’ button. Among the worst are those that throw up a large popup which gives little choice other than to accept their cookies with no way into the site without so doing. Some, typically media websites seem to burden the user with vast lists of partners with a ‘yes / no’ button against each. I have to say that when I find these latter types I take a screenshot for reference, and then wave goodbye. I also regularly clear my cookie cache so I don’t get stalked by adverts.

(1) https://www.pinsentmasons.com/out-law/news/airline-fined-over-cookie-consent-mechanism

(2) https://www.aepd.es/resoluciones/PS-00300-2019_ORI.pdf

Under attack?

My little VPS went crazy yesterday. Unresponsive, it took ages to log in. I quickly discovered multiple attacks, some attacks on WordPress’s xmlrpc.php and wp-login.php, a sustained attack on imaps from China and several concurrent brute force ssh attacks all at once. The poor little VPS kept running out of memory which caused it to kill off memory hogs – generally Apache and Mysql. At the stage I should add – and probably question my sanity – that it’s good fun thwarting such things and I’ve been doing similar for 10+ years…

Then I discovered that the out of band access to the VPS wasn’t working and I assumed this to be a part of the greater whole. It wasn’t.

My provider, Heart Internet has very good technical support. I’ve used them for ages for my own VPS as well as professionally, as have others partly due to the fact that I recommended them, something I very rarely do. They came up with a very detailed analysis. First off, an Ubuntu upgrade had knobbled /dev/ttyS0 so no out of band access and this was not the fault of the attack, I’d just never needed to use it so was unaware. A quick fiddle in the GRUB config sorted that. Next, the VM framework was itself suffering a high i/o load and that was causing my VPS to pause. These pauses then made matters worse as it seems that mysql inserts were queueing up and then went in with a bang when the VPS got some CPU time again. That, plus the WordPress attack caused the memory killer to terminate Apache and mysql causing further issues when they restarted. This was not eased by my watchdog process that restarts any failed PHP scripts which spend their life pulling in railway data and stuffing it into a mysql db meaning that as soon as mysqld went back in the PHP process would drag in a bag load of data and fire off tons of inserts.

To add insult to injury fail2ban, er, failed to ban. It had upgraded itself at some stage to a non-working state and I really could not spent the time reading the docs to find out what it needed, so it got purged and denyhosts, which I used to use anyway was installed and is working nicely. Not quite the same thing, but ideal for ssh attacks as it simply adds the IPs to /etc/hosts.deny. I still used iptables when, for example I see zillions of spam injections, but those are infrequent and sort themselves out in any case. But it’s still nice to see them suddenly stop when I can be bothered to look.

Having tidied up the little beggars via iptables and protecting the bits of WordPress that were under attack, and with the VM framework finally calmed down by the provider my VPS could once more tick along quite nicely at its usual load of, well, pretty much zero.

Fun nonetheless. Perhaps I’m just weird!

Cellular woes

The mobile provider we use is having issues right now with no data or voice services across the UK and including issues for those abroad using UK based accounts. It might be wider still. Of course there is no news from the provider and their website is apparently down for maintenance.

It happens. No doubt there will be some explanation in due course.

Twitter is alight – always a good source of gossip and alerts. But alerts on Twitter that fire off to a hashtag generate other issues. People use those hashtags to peddle their own, unrelated crud. And then there are confusing messages such as ‘Latest Trending in UK : “Three network down”. Find it on Amazon! ‘. But in general here is where Twitter comes into its own if you can cut through the dross.

Of course, there are numerous Tweets about the poor service with people saying they will leave and how bad it all is. There was one good Tweet from someone who said it’s the first outage they have seen in years and to wait it out. And that’s all you can do. Cellular networks are complex animals, and remember if something has a 99% uptime it can be down for more than three whole days a year, and all at the same time! Things go wrong.

Of course, I can still talk to the world via my amateur radio kit, running off batteries if needed, 24/7 with no other technology involved… just saying. Ok, joking apart it is worrying that we are increasingly pushing emergency communications onto cellular providers who are private entities responsible to their shareholders and not to us with what I am guessing are multiple single points of failure able to take down the whole country in one go.

IP camera password reset

I had some time today to finally change the webcam that looks over our driveway. I got a PoE security camera from an eBay trader a while ago but only plugged it in once for testing. There must have been default password which is now lost. So, you can reset these things, right?

First problem – there’s no hardware reset at all. Not that much hope via Google (or, rather duckduckgo which I use now) other than having to email stuff to the manufacturer. I tried a password resetter found on GitHUB but it does not work.

Ok, what do I need to do… 

First, get their software. Oh it’s only Windows, so fire up the old Windows laptop and wait for it to do it’s booting up updates and sort itself out, usually at least 5 minutes.

Next, run the software and select ‘forgot password’ at which stage I can download some XML or take a photo of a QR code. These go to the manufacturer.

Next, download their PDF which has to be filled in. Find the laptop does not have Acrobat Reader, so go and get that. IE insists on opening…

Next, find out that their software does not let you copy text from the various fields needed for filling in their PDF. Ok, it will export to CSV so do that.

Next, open the CSV into Excel, which for some reason thinks it’s unlicensed and sticks in read only mode. Discover that for some reason read only mode also means no copying!

Next, close and restart Excel to sort its licence out, and finally copy the relevant fields into the PDF.

Last, send an email with the PDF and the XML and wonder why the XMP does not include all the fields you have to type into their PDF.

Finally, turn laptop off and wait for it to do its updates, only 10 minutes this time.

Notice and autoreply from the company that the email has been received but suggesting I contact the local branch in the UK. Forward the email and wonder why they don’t simply say that in their instructions anyway…

Honestly, the time it has taken for me to do this far exceeds the cost of the camera. If the password reset code does not come within a day it would actually be cheaper to simply buy a new camera on one-day delivery!

Good grief…

Edit: so, the reset key arrived. It does not work.

Enquiry forms

If someone goes to the trouble of creating a web based enquiry form I consider it reasonable that said someone would also create some form of acknowledgement on submission, rather than just send the visitor back to the home page! Honestly, its really not hard.

Exit Sky box stage left…

I finally cancelled Sky recently after fretting over it for far too long – no fault of Sky, we just don’t watch that much Sky content now. Anyway, this rendered the Sky+HD box useless as it will no longer record, or indeed play already recorded content, even non-Sky stuff. No biggie, and the box was free after all. So I got a Freeview Play recorder.

I decided to tidy the cabling up ready for the new box and that’s where the day suddenly got longer…

First off, the amount of dust! I dare say that there is no dust left anywhere on Earth other than behind our TV. Clearly it all came here and settled. I guess I should have been prepared as one of the hamsters once ran under the TV unit and emerged a completely different colour… poor thing, it took me ages to clean her up. Ok, vacuum at the ready, dust gone.

The wires. For some reason unknown to me (even though I did it) I used the two longest Ethernet cables I had to connect the TV and the DVD, and both were intertwined with everything. Ok, so let’s get rid of those for starters. Then there is a gigabit Ethernet switch sat in the dust because there were not enough outlets – fitted 4 and needed 5. As the Sky box is gone I no longer needed the two CT125 satellite cables and outlet (well, more hole really as the outlet would not fit so the cables just carry on out the hole) which I replaced with a dual Cat5 socket. Why were there ever two different colour standards for Cat5 cabling and why did I never write down the one I used? Ok, pull a faceplate off and check… right, ‘A’, write it down. Ok later. Ok I took a photo at least.

Terminating these new cables in the wiring closet was an act of contortionism. I have a 19” rack bolted to the back wall and a 48-way Cat5 unit installed on a hinge so it can swing out to access the wires. This is great provided nothing is plugged in with cables going to stuff located on top of the rack. Which is what I have of course… so hinging the thing out means also carefully moving the two Ethernet switches on top of the rack as well, and balancing them carefully. Good grief, who designed this set-up… oh, me. Anyway, I got the cables in and yes I did remember to write down what goes where. So, let’s test them. Grabbed the tester from the workshop only to find out the 12V battery is dead and I don’t have a spare. Ugh. Ok, I used the TV to test each socket and both are fine. See how things snowball?

By-bye Ethernet switch and associated wall-wart. Remind me to figure out why I have a 24 port Ethernet switch and an 8 port PoE switch almost full when there are only 15 or so active devices in the house…

Dust – check. Wiring – check. Ethernet cables, shortened and sorted. Ok, the Freeview Play recorder is in place and it was pretty easy to set up.

I wonder if anyone will notice me replacing the now-redundant Sky dish with my 1.2m one with a dual band patch and aiming it at Qo-100…

Home automation

I have three ‘onewire’ temperature sensors running up from the hot water cylinder and central heating pump to a Raspberry Pi in the loft. These record the water temperature going round the central heating, as well as that going into the hot water cylinder and the temperature of the pipe back to the boiler. The Pi records these every minute.

Nothing whizzy in any of that, it’s all standard stuff. Only I discovered that the temperature readings make a lot more sense if the sensors are actually on the pipes and not sitting in a pile of fluff on the floor! Ah…

New broadband

Just switched broadband providers to a deal half the price for 12 months. Funny how you never re-check stuff though. I had carefully put two outgoing rules in the previous hub for my VoIP phone. While adding these into the new hub I realised that there is already a rule allowing any device any outgoing connections so that was rather a waste of time! Oh well…