i've done a lot of netbooting-related stuff at work. a *lot*. i could probably talk your ear off about PXE, WDS, and a million other bits of netboot-related jargon in my sleep.

however, there was one quirk with Ubuntu that was driving me crazy. Ubuntu Server 10.10 and before worked flawlessly. however, starting with Natty Narwhal, i'd do a netboot install that would proceed as normal...until i booted into the system. at that point, i couldn't actually see anything on the screen. it was clear the computer was booting: it would go through the BIOS, and only stop displaying video when it went into the operating system. i was stumped.

this happened on any machine i tried the netboot install on: Dell, Supermicro, HP, no-name, you name it. it happened on new machines and old machines. it always happened. i googled and googled with no luck, and finally just forsook netboot installs of Natty in favour of burning discs.

Oneiric Ocelot came out earlier this month, and i was hoping this problem would be fixed. i put it up on the PXE server, and no dice. i was annoyed, but i was determined. i cast a wider net in my search for a solution, looking at more general forum threads about Ubuntu video issues, since limiting it to just netboot install advice was getting me nowhere.

finally, i figured out the problem, and how to get around it. the problem was that trying to display the splash screen was completely borking the virtual terminal. (i figured this out because, when i hit Ctrl-Alt-F2 on one of the "hosed" installs, that virtual terminal came up just fine.) the problem can be avoided by preseeding the Ubuntu install to call a post-install script that removes the splash screen instruction from the default boot line generated by GRUB2.

to implement this, put the following lines at the end your preseed file. (or, create a preseed file with these lines, if you're not using preseeding with your Ubuntu install):


# this is just a post-install script.
#
# update Grub to get rid of that splash screen that borks the
# video on netboot installs of 11.04 and later
d-i preseed/late_command string \
cd /target; \
wget http://bigtruck.minazo.net/unbork_splash.sh; \
chmod +x ./unbork_splash.sh; \
chroot ./ ./unbork_splash.sh; \
rm -f ./unbork_splash.sh


this pulls a script down that fixes the GRUB issue, executes it in a chroot of the new install, and then deletes the script.

for the sake of openness, here's the script it pulls:


#!/bin/bash
# by rogueclown, 2011
# WTFPL (Do What The Fuck You Want To Public License)
cd /etc/default
sed "s/quiet splash/quiet/g" grub > grub.new
mv grub grub.orig
mv grub.new grub
update-grub
exit 0


voila: the box reboots, and you've got video.

why a server, much less a Linux server needs a splash screen, i'll never know. i love Ubuntu Server, but i'm quite angry that such a useless feature as a splash screen causes such an annoying problem as borking the virtual terminal on which it tries to display.

con-related busy season is right around the corner.

July 30 and 31 are Maker Faire Detroit; i'll be there from the 29th to the 31st. i'll be back from that for a whole two days, and then on August 2 i'm off to Vegas. i'll be attending BSides Vegas, as well as Defcon. i missed Vegas Con Week last year, so i'm over the moon that i'll be able to see everyone again this year.

then, less than two months later, i'll be attending DerbyCon in Louisville, Kentucky. DerbyCon is a first time con, but a lot of my good friends are attending, and there are a lot of speakers i recognize from other cons who i think are pretty neat.

(of course, if you see me at any of these events, come say hi! i'm not that scary, i promise.)

*****

as for my own projects...i feel like i'm at a bit of a standstill. i wish i could say more than just "i'm attending these events"; i wish i could say "i'm talking about this awesome thing i figured out". it's frustrating, and i'm thoroughly embarrassed that i don't have anything worth talking about or presenting about at any of these events.

part of it probably has to do with work: specifically, the fact that it has been really busy. i'm still working for the same company i've been with for over a year, and i'm really happy with my job, but there have been a few changes that have caused me to devote far more of my time and energy to work than usual, leaving me really just wanting to do things outside of there that don't require much brainpower.

most of it, though, i don't think i can blame on that. maybe i've hit a plateau, or a place where i lack direction. there are a lot of things i know a tiny bit about, or can explain at 30,000 feet. there's very little i feel i know well enough to use fluently, much less apply in new and interesting ways. my lack of natural aptitude in all things computer-related is a double-edged sword: it keeps the field interesting because i'm fighting uphill every step of the way to learn anything at all, but it also means i get frustrated by my shallow skill set, and intimidated by how much i have to retain in order to make it deeper and more useful.

alright, end of rant. back to your regularly scheduled radio silence.

facebook. diaspora. google+. blah. blah. blah.

there has been a lot of talk over the last few years about social media and privacy: how information is taken, how information is used, and how information is shared. it seems like such talk has only intensified now that google+ seems to have become what diaspora couldn't: a widely adopted social networking competitor to facebook. some say google+ has better controls. some say facebook does. i see the volleys going back and forth on twitter, as well as on technology news and opinion websites, about who has the better privacy controls.

i shake my head in astonishment that people care so much. the idea that anything you post on a social networking site is going to remain private, no matter how tightly controlled your privacy settings, circles, or whatever else you want to call them...that's naive, and nothing short of laughable. there is no such thing as social media privacy.

am i saying that this is reason not to use social networking sites? no.

i'm an avid user of social networking sites. i'm hopelessly addicted to twitter and facebook, and google+ is swiftly approaching that top tier of my social networking hierarchy. i post more information than most people do to such sites...my name, the city in which i live, my google voice phone number, what college i attended, whatever silliness i felt like ranting about on the way to work that morning? it's all there, and it's all on the internet. i have certain "privacy" controls set, like circles-only on google+ or friends only on facebook, but i know full well that the information may seep outside that range of people: either by a data breach, by some stranger shoulder-surfing a friend of mine who is reading my social networking posts, or any one of a million other ways that information could leak out.

of course, the only concern isn't other individuals reading your information -- there's also the issue of the site leveraging or selling various information you post in order to target ads and make money. the social networking sites may try to tell you that they're going to protect your privacy, or give you certain rights to your information, but those rules may change at any time. (case in point -- the twitpic terms of service kerfuffle.) available privacy controls and data use rules may change at any time. furthermore, sites may be not entirely truthful about how accessible your information is, or who they're selling your information to. it's not in their interests to protect your data. the only one who cares in the least about how well your information is protected, or how accessible your information is, is you.

in short, no matter what privacy controls i set, i don't post anything to a social networking site that i wouldn't post to something completely public. that's the only meaningful privacy control there is, as far as your data getting posted on the internet: if you don't want a certain piece of information out there, take your hands off that keyboard, get off the social networking site, and don't post that piece of information on the internet, anywhere. if you post your information on a social networking site, and then whine that it has been misappropriated or misused, i've got no pity for you.

am i saying that every single piece of information that is used anywhere online is public information? no.

posting on social networking sites, blogging sites, things meant for people to read is one thing...conducting sensitive business such as banking, online shopping, or anything involving medical records is another. in those cases, there should be strict auditing and oversight of privacy policies and data retention, and legal recourse when information is misused. it's analogous to real life: if you're carrying on a transaction with a brick and mortar bank, store accepting credit cards, doctor, or the like...you have a reasonable expectation that the institution isn't going to misappropriate the information necessary to complete the transaction, and should not have to give up that expectation because you're doing that bit of business on the internet.

whereas, if you're at the coffee house hanging out with some friends or acquaintances, and you share a piece of information out loud, there's not a thing you can do about someone else overhearing what you say, or someone in your conversation spreading that as gossip to someone else. if you're telling a friend a secret in the comfort of your own living room, even, there's nothing you can do to stop it if your friend turns around and tells someone else the secret, or someone was surreptitiously listening through your window. you can get mad, you can get annoyed, but the only way you could truly prevent it is by not divulging that bit of information in the first place.

it's the same thing with social networks: if you don't want it to get out there, don't say it in the first place.

Denemo is a lot better than i remember it.

i sing in choir. since i'm a terrible pianist, i cannot really sit in front of a piano and play my line of a song easily. this isn't a big problem for some of the music we sing, either because there's an easily accessible rehearsal track, or because we rehearse as a group frequently enough that i pick it up at practice. however, if it's difficult but not particularly well known, i'm in a position to have to make my own rehearsal track.

Denemo is score editing software for Linux...basically, a front end for Lilypond, a GNU music score engraver. it's useful for writing down compositions, but also invaluable if you need to learn a vocal line. it is supposed to allow you to type in a line with associated directions, and then play it back. you can follow along with the score; it plays what you've typed in accurately, unlike my inept piano fingers.

i remember using it about two years ago to make some rehearsal scores, but it was a clunky mess. the keyboard shortcuts weren't particularly intuitive, the menus were a mess, and i had a terrible time getting any of the graphical windows or mouse shortcuts to work. it was an unpleasant experience...i slogged through because i needed to have something reliable from which to rehearse some solos i was trying out for, but i cursed that program left and right. it was so bad that i went back to taking pieces to the rehearsal pianos at the library and blundering through them there. that's BAD.

tonight, i finally revisited it. i needed something in order to make some rehearsal materials for pieces i'm singing this season, and there was no way i was ever going to be able to stumble through playing all my parts. i wanted to give it one more try, since it had been so long. i was excited to see that it worked significantly better than before. the default keyboard shortcuts were easier to type: numbers for notes, and alt-numbers for the corresponding rests. the menus and mouse shortcuts actually work...i'm not tearing my hair out anymore about how to enter a time signature, key change, a fermata, a repeat sign, or anything else! and, if i want to make keyboard shortcuts that make sense to me for any or all of the edits i commonly make to a score, i can.

it isn't perfect. it took me several tries to get triplets to work correctly; this annoyed me greatly, as there were two pieces i was entering in which my line had a ton of triplets. furthermore, even though counting up from 0 instead of from 1 is correct (and the geekier way to do it), it's annoying to have the keyboard shortcut for a whole note (0) on the right side of my keyboard, and then start at 1, 2, 3 for half note, eighth note, sixteenth note, etc. however, i think that can be rectified by changing my keyboard shortcuts around, something i may do if i end up using this program with some frequency.

finally, i'm even more excited because once i did the work of typing in my line from each of my scores, it was so easy to turn each rehearsal score into an mp3 that i can toss on my iPod and listen to when i'm running around town. i just saved the Denemo file as a MIDI file (from right inside Denemo). since i had timidity (a MIDI player, which will also play MIDI files as .wav files) and LAME (an .mp3 encoder) installed on my machine, i just ran the following two commands on the MIDI file:

$ timidity -Ow file.mid -o file.wav
$ lame file.wav

and, there it was. an .mp3 of a piano playing my line in the song, far better than i would ever be able to play it.

earlier this month, some sketchy start-up showed up at CES. their website is full of all kinds of vagueness and puffery. i'm doubtful their magical voice and data mesh will ever pan out, and the fact that Scott Redmond (the mastermind behind plenty of other tech-related epic fail) is behind this does not do anything to help the case.

however, one of the pictures in Rafe Needleman's CNet article is enough to make me want to travel back in time and laugh these fools right out of CES.

take a look at this picture:

according to Peep, the depicted object is the "Peep Pod walkie talkie", a $20 gadget that will allegedly sync with a bluetooth headset and transmit voice up to thirty-six miles. however, if you've ever logged into any somewhat sensitive computer systems, you're probably already thinking what i'm thinking. if you haven't, take a look at this:

this is not a Peep Wireless device. this is an RSA SecurID fob, a hardware token used in two-factor authentication.

compare it to the "Peep Pod" above. the shapes are identical. the recessed areas where it looks like something was removed are identical to the locations of the stickers on the RSA SecurID fob -- up to and including the little dent in the circle on the left. the layout of the number on the screen, as well as the dots down the side, are identical to an RSA SecurID fob.

from the looks of this, there's no such thing as a "Peep Pod" at all. it's a defaced SecurID, being used to try and dupe people at CES into thinking that they actually have prototyped hardware.

i've been batting around in my head just blogging about the random bits of tech knowledge i learn along the way, or computer-related things i do. that way, it'll be a way to commit that stuff to memory for my future reference, as well as document the trajectory of things i'm doing and learning.

in the spirit of that last entry, i'll start with a little bit of code i wrote earlier tonight. i work in a data center, and my duties are as varied as the calamities and successes that befall our customers. however, one of the fairly common tasks i have to perform is preliminary investigation of abuse complaints: figuring out which customer sent the complained-about spam (much less, if it was a customer at all...), notifying the customer of the complaint, and escalating it if it's particularly messy. basically, this involves a lot of whois queries (or dig queries followed by whois queries, for those spam complaints that only provide domain names and not IP addresses).

it was a particularly long night of spam complaint lookups tonight, and i started to get very annoyed about having to type "whois" or "whodig" (a little one-liner i wrote a few months ago to automate the dig-then-whois process) before every single IP or domain i cut and pasted from the spam headers. i wished i could just paste the IP or domain at the command prompt, hit enter, and have the shell read my mind that i wanted a whois lookup.

so, as any self respecting lazy IT geek would do, i wrote a script that does just that.

#!/bin/bash

# whoprompt.sh
#
# an interactive whois command line
#
# this will run whois if an IP is typed at the prompt
# and whodig (a dig-and-then-whois script) in response to a domain name
#
# nicolle neulist
# December 25, 2010
#
# * ----------------------------------------------------------------------------
# * "THE BEER-WARE LICENSE" (Revision 42):
# *  wrote this file. As long as you retain this 
# * notice you can do whatever you want with this stuff. If we meet some day
# * and you think this stuff is worth it, you can buy me a beer in return.
# * ----------------------------------------------------------------------------

# define constants
SHELLPROMPT="whois> "

# define function to test for a valid IP address

function valid_ip()
{
	local  ip=$1
	local  stat=1

	if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
		OIFS=$IFS
		IFS='.'
		ip=($ip)
		IFS=$OIFS
		[[ ${ip[0]} -le 255 && ${ip[1]} -le 255 && ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
		stat=$?
		fi
	return $stat
}

# define function to run a dig query on a domain name and then a 
# whois lookup on the corresponding IP

function whodig()
{
	whois $(dig $1 | grep -A1 "ANSWER SECTION" | grep "IN" | awk '{print $5}')
}

# main loop
printf "type \"help\" for help.\n"
printf "type \"exit\" to exit.\n"
while [ 1==1 ]; do
	read -p "$SHELLPROMPT" -e address
	if [ $address == "help" ] ; then	# print help text
		printf "\ntype an IP address to run a whois lookup.\n"
		printf "for any other text, it will attempt to run a\n"
		printf "dig query, and then a whois lookup on that.\n\n"
		printf "it will return the same success or error text\n"
		printf "as a normal whois or dig lookup on linux.\n\n"
		printf "to end the program, type \"exit\".\n\n"
	elif [ $address == "exit" ] ; then 	# "exit" quits the program.
		exit 0
	else							# whois/whodig routine
		if valid_ip $address; then	# test IP
			whois $address		# whois on valid IP
			printf "\n"
		else
			whodig $address		# assume domain if not IP
			printf "\n"
		fi
	fi
done

Hopefully you'll get some use out of this little bit of code, especially if you're also in a position that requires lots of abuse complaint investigation, or anything else that requires a lot of whois lookups.

ugh.

earlier this month i was on here for the first time in months, and there were a couple of spam comments that i deleted.

today, i logged on, and there were THOUSANDS.

that's embarrassing, and i apologise to any of you who came to my site and saw all of that nonsense.

clearly, it's time to mess around with adding further comment spam protection on here. i've put a new captcha module on there, one that hopefully doesn't suck as much as the last one i had most obviously did. furthermore, i've added another module that identifies spam comments, marks them as spam, and notifies me instead of actually publishing them. i also went into my database, of course, and deleted all of that ridiculous spam. i don't think i deleted any legitimate comments, but if i accidentally did, i am sorry.

there are a few things that i don't suck at--some of which may even involve computers. administering websites, however, is clearly not one of them.

i have been terribly delinquent at updating this site.

that's not to say that i haven't been doing anything technical. in fact, a lot has happened since i last posted here. (has it really been since April?) i've just been, as usual, really terrible at documenting it.

first of all, i have finally gotten a job in the computer field. (well, maybe not "finally", but it's something that happened since i last wrote anything here.) i've been working for a managed data center services company for six months now; i started at the beginning of June. i love it so far...the job is a mixed bag of tasks. some days i'm fixing hardware issues, some days i'm installing and configuring operating systems, some days i'm helping troubleshoot network issues...it's a little bit of everything, and working there is doing a lot to broaden my expertise, and give me the knowledge and the context that i couldn't get without working in an enterprise-level IT environment day in and day out. some days are more fun than others, as with any job, but every day i'm reminded that i made the right career choice. even the worst day working in the data centre is still more interesting to me than the best day working as an attorney.

the weirdest thing about the job is my schedule. sure, it's a regular schedule, but it's 4 days a week, 9pm until 7am. even though i'm a night owl, i've never been specifically nocturnal. left to its own devices, my body likes to stay up until about 4 in the morning, and sleep until around noon. the night shift is kind of stressful between the fact that it's not quite my body's natural state, and it's completely opposite to the time that all of my friends work. however, it's still not as bad to me as working early mornings; i still feel better starting work at 9pm than i do starting work at 9am. the real bonus about night shift, though, is that it leaves a lot of time to work on more interesting projects. there are fewer customer tickets coming in overnight, so i get the time to work on longer-term projects that improve our internal infrastructure. i had never done anything with PXE boot servers before i started working there; over the last few months, i've done a significant amount of work improving both our Linux netboot server as well as our Windows one. i've gone from knowing absolutely nothing about them to feeling like i have a decent handle on how they work, and how they can be configured. i've worked on other projects as well, but so far netbooting infrastructure is the thing that i feel like i've had the circumstances to delve the most deeply into.

i've attended a couple of conferences since i last posted here. in addition to speaking at Notacon and Penguicon in the spring, i gave an updated version of my Notacon talk at The Next HOPE back in July. i also attended Security B-Sides Ottawa last month. i didn't give any talks there, but i had a fun and intellectually stimulating time--the talks on fuzzing and on the NMAP Scripting Engine were particularly fascinating. i have a current project in the works that involves the NSE, so it was enlightening to hear from an expert!

unfortunately, because of my work schedule, i will not be able to make it to the Chaos Communication Congress this year; it looks like the next con on my schedule is going to be Shmoocon, in late January. (thanks to someone very awesome, i do have a barcode, so it's all systems go...and it's time to start planning my Barcode Shmarcode entry!)

probably the only other major development over these last months that would be relevant is about Pumping Station: One...specifically, the fact that i'm no longer a member of the space, and haven't been since September. i don't want to get into too many details on here, but it suffices to say...i miss being a member of a hackerspace, and i hope to be part of one again in the future, although for right now i think stepping back was the best decision i could have made given the circumstances.

that is, in short, what's going on with me nowadays. hopefully i will find a rhythm, and start writing on here more frequently. i know myself better than to make any promises, but i know it would be good for me to document my projects, discoveries, and plans here.

I have made a few much-needed site updates today!

First of all, I have made a new page about Arduino music, and linked it off of the projects page. It contains links to the code for my Arduino musical projects, as well as links to various pages that I have found helpful in exploring the subject.

Secondly, I have updated my presentations page. I added the slides for the talk about instilling a more welcoming culture in the hacker community that I gave at Notacon 7 this month, as well as the slides from the FDCC Virtual Machine talks that I gave at Pumping Station: One's Pecha Kucha Night and at Neighborcon NYC in December. Also, I added the slides for my upcoming talk about Arduino music that I am giving at Penguicon on Saturday, May 1.

If you're going to be at Penguicon this weekend, please come to my talks! I am giving a talk entitled From Microcontroller to Maestro: Music on the Arduino at 3:00pm on Saturday, May 1 in Private Dining Room I. At 4:00pm that same day, in the same room, I will be talking on a panel entitled What the Hack? Hackerspaces in Detroit and Beyond with Russ Wolfe and Nick Britsky of i3Detroit, as well as Mitch Altman of Noisebridge.

It has been an eventful December so far.

On December 4, I presented at Pumping Station: One's Pecha Kucha Night. My talk was entitled Setting Up FDCC Testing Environments on Non-Windows Systems (Or: How Nicolle Lost Four Hours of Her Life for Want of a Nine-Kilobyte Text File). It drew from my rather frustrating experience trying to get the FDCC Windows XP virtual machine image running on my Linux box on VMWare, since the federal government releases it in Microsoft VirtualPC format.

On December 5 and 6, nine of us from PS:One went on a weekend road trip to Detroit to visit i3Detroit, the hackerspace in Detroit. It was a fantastic trip! There are a lot of creative and talented people at that space, and they've set up such a nice hackerspace in a few short months. I'm so proud of them, and I'm looking forward to the next time I can visit their space for a few days.

From December 11 through 14, I was in New York City for Neighborcon NYC. I have been to all three Neighborcons to date, and all three of them have been fantastic. It's a chance to get together with a group of hackers from all over the country in a far lower-key environment than most cons. Neighborcon NYC was held in a bar called Local 138, on the Lower East Side. Both days featured a lot of socializing and casual exchange of ideas, as well as talks later in the day. I gave the first formal talk of the conference, a slightly expanded version of my FDCC Virtual Machines talk.

This week, I have been focusing on getting as much done on projects at PS:One as possible, since I leave for 26c3 on December 25. However, in the last two days I have found out about two very exciting things on the horizon for early 2009.

Yesterday, I was informed that I was accepted for Shmoocon Labs, so I will be helping to set up and maintain the network at the conference! This will be my first time on any kind of network operation crew for a conference. I will learn a lot about setting up networks, maintaining them, and solving computer and network problems under pressure, and I can't wait to make the most of this opportunity.

Then, earlier tonight, I found out that my talk proposal for Notacon 2010 got accepted! My talk is entitled Hey, Don't Call That Guy A Noob: Toward A More Welcoming Hacker Community. I've noticed that in hackerspaces and other organizations, there's a lot of emphasis on trying to find new people to join, but very little time spent thinking about what to do once these new people have found their way to a space or a club meeting. It will discuss ways to make someone new to the hacker community feel welcome and valuable there. I am really excited--it will be my first time speaking at Notacon, and I'm looking forward to discussing a topic that I feel so strongly about.