On vacation again… 8 bit computer time!

https://eater.net/8bit

I’ve been staring at Ben’s videos for the last 6 or so months and really wanted to dig a little deeper.. however, with as much knowledge and experience as I have with technology, I really don’t (didn’t..) understand electricity at all, except for the experiences I’ve had with accidentally grounding out light switches in the gang box, because I didn’t realize the electrician had sourced multiple circuits into the same box.. *poof*

What I did know, however, is that electricity is dangerous, and while I had a basic level of understanding electricity, and a pretty solid understanding of how digital circuits work, and how a computer is pieced together from thise circuits, I had no idea how actual electricity flows through all the different components to build up to a functional computer.

For example: what is a transistor, how does a resistor work, what about a diode, or a FET, how do capacitors work… how about electrical flow in circuits that are parallel, or in series, how do you “size” your circuits correctly?

I understood high-level differences with AC and DC, but how do you convert from one to the other, and why use either? The list goes on and on and on.

So, I started with an 11 hour course on Udemy from Ian Juby, on Electricity and Robotics, then I spent hours and hours and hours on youtube watching follow up videos, and demonstrations around Ohms law, impedance and the likes.

Now, I finally feel ready to start on my 8 bit computer from Ben, and confident I won’t electrocute myself. I’ve even started soldering components for the first time on my life – the first time was pretty ugly, but I quickly leveled-up.

First time attempt at Soldering
Initial Attempt at Soldering resistors on LEDs
Soldering after some practice
After a few times soldering – it’s not so bad!

I’ve also chosen to use lead-free solder; I don’t spend all my free time trying to boost my brain capacity just to smear lead all over my hands, which means I’ve had to run my soldering iron at 750 degrees!

Anyway, I’ve got a pretty good start on the 8-bit; I’m likely to spend most of my vacation working on it.

Beginnings of an 8 Bit Computer

Some things never change – this is what my vacations usually look like:

How I take Vacation

Palo Alto and Unifi

I.e. Adventures in Networking

I don’t have a lot to say right now, other than I spent *hours* trying to get my new Palo Alto to work with the Unifi Suite.

Little did I realize that Unifi’s concept of “Native VLAN” means it is going to strip the VLAN tag of the “Native VLAN” off the 1Q header, and the Palo Alto doesn’t have a concept of the “Native VLAN” which means, when it gets an untagged packet it sends it to the primary interface (not any of the sub-interfaces).

The fix:
– Create a Network Profile that has no native VLAN and tag the VLAN specifically destined for the Palo Interface.

I’m dropping this note here, b/c I could not find ANYWHERE on the internet that explained this, I had to piece it together based on lots of different documents around how Unifi, Cisco, Palo, etc. work.

Plus, I’ll probably forget this next week when I go to try and configure my next interface.

09/24/2023 – Also found out the hard way that the IP addresses set on the interfaces themselves have to have a net mask added, or apparently they consider themselves in a network all to themselves, and won’t route traffic. I think, after troubleshooting, I realized that it is because this is acting both as the IP of the interfaces, and the gateway address for the interface.

At least I can happily say …. it wasn’t DNS!

Angry businessman png giving speech

#AlwaysListening

So… I was just driving down the road, and I said:  

“I hate people that drive in the passing lane below the speed limit”.

Jediah Logiodice

My zfold2 phone comes to life and says:

“Virginia has a law against driving to slow, but it doesn’t define how slow is too slow.” 

Google “Always Listening” Assistant

Building GnuDisassembler for Ghidra on Kali 2020.3

Let me save you all an hour+ of your life. 

Grab the latest version of Ghidra: https: https://ghidra-sre.org/

Use the Ghidra GUI to install the GnuDisassembler and the SleighDevTools.

Install the following dependencies to Kali:

flex

bison

texinfo

zlib1g-dev

grade

Download the latest binutils source into your ~/.ghidra/ghidra_<version>/ directory.  Link for the right version can be found in the build.gradle file in that directory.

Set your GHIDRA_INSTALL_DIR to the location of your ghidra install (mine was /opt/ghidra/ghidra_<version>.

Check your version of gradle:

gradle –version

Compare the version of gradle Kali installed, to the required version listed in the /Ghidra/application.properties file from the source for the version of ghidra you installed.

Kali installed version 4.4.1 for me, but the minimum for gradle for ghidra 10 is 6!!

If there is a version difference, download the binary for the right version of gradle and use that to run your build command..

Sad to say, I spent over an hour trying to debug completely ambiguous errors from gradle (e.g. Could not find method get() for arguments [] on platform ‘linux64’ of type org.gradle.platform.internal.DefaultNativePlatform).

gradle build

Enjoy!

Through the looking glass

I’ve recently come back up for air (so to speak).

I’ve spent the last year in pandemic world trying to enable one of the world’s largest used car sales companies to have better experiences and more efficient ways to buy and sell cars online – without leaving the comfort of your “home”.

In some ways, I might be tempted to think that I am doing something really cutting edge.. which is why I feel like I have just come up for air.

I just finished a pretty amazing book called Sapiens – https://amzn.to/3jGq2bV.

Here are my thoughts:

This book is meta!  It is a story of myths and imagined realities used to frame up the story of myths and imagined realities all centered around this thing we called human experience. 

There are places in the book that you will find the author speaking authoritatively on ideas that he feels are universal, yet they fall short of accuracy and authenticity – but that’s the brilliance of the book – like a dream within a dream,  the book did such an amazing job at stretching the imagination both into the past and towards the future to frame a shared vision on the relevance of culture and society.

I could not put it down.

Jediah Logiodice

I followed up by reading A Crack In Creation – https://amzn.to/3ArJz6b.

Here are my thoughts:

Amazing story of how humans discovered how to reprogram the code that makes up their physical bodies – and the possibilities of amazing wonders or emerging horrors are limitless. 

I can almost imagine, that some years from now, the first sentient androids are going to be referencing this book as the dawn of the intelligence explosion Bostrom refers to as “Superintelligence”.

There is no going back now – as Collins would say,, let the hunger games begin.

Jediah Logiodice

But, that’s not all… we now have flying cars: https://youtu.be/a2tDOYkFCYo, and autonomous physical in-store shopping experiences: https://youtu.be/FynpkeS7RUM, and containerized housing: https://youtu.be/qVV6CyGJgZo, and artificial intelligence running buildings as a super organism: https://youtu.be/ssZ_8cqfBlE.

I just picked up Homo Deus: https://amzn.to/2UToQaT.

It is incredible to think about how far we have come, as a species, in such a short period of time; I am really excited, but slightly reticent to see how deep this rabbit hole goes.

Passing through the weekend

One of the things I do on the weekend, is run my small data center….

Step(s) 3:

  • On new server
    • turn off hardware raid
    • install 6 new hot swap 2.5 to 3.5 to 5.25 enclosures
    • install 6 new ssds
    • boot and install xcp-ng on a raid0 array x2 ssds for boot partition
    • Build new software raid10 array for storage
    • build new storage resources, network resources and configure xcp backups
    • build guest for XenOrchestrator opensource & compile from source
  • On existing esxi server; for each vm:
    • remove open-vm-tools and disable service
    • shutdown vm
    • Use vmfkstools to convert thick provisioned disks to thin
    • Use ovftool to download and convert vmdk to ova
    • import ova into xcp, reconfigure mac address and dynamic memory settings
    • boot up vm, reconfigure primary network adapter, install xen tools

Tomorrow, I’m going to tear down the old esxi and rebuild new arrays for boot and storage and try and merge it into the xen pool and try to live transfer some guests between hosts in the pool. Wish me luck..

Then, if that all works, I’ll need to install another patch panel in the network rack, setup a new ups, and reconfigure the switch for new VLAN and trunk ports.

I will say that the pfsense on a protectli box with 6 ports, and a Unifi SDN costroller, managed switches and WAPs throughout the house had made the networking side extremely easy!

Maybe tonight I’ll find time to finish up the Azure DevOps course and get back to learning React.

Oh, and I mowed the lawn and took Bob for a ride too.

p.s. if anyone knows why mdadm isn’t activating my raid10 on reboot, please drop me a DM.. its a huge PITA.

p.p.s. Second xcp-ng server is up with 2x ssd raid1 arrays, 48GB of ram and the migrations between the two hosts completed; also created and deployed my first Azure ASE tonight. Tomorrow I relocate it to the secondary media closet.

Update a week later: media closet was still too hot so I attached a nice fan to it; dropped the CPU temp by 10 degrees!

ISO: The Theory of Everything

Just finished up a thought provoking and highly-entertaining treatment of concepts and ideas swirling around related to life, the universe and everything.

Unlike some reviewers of the book, I specifically appreciate that the author tries to synthesize the scientific world view with the religious world view. 

There are too many in life that think the world is so black and white, on both sides, thus being completely unwilling to give credence to what another might say or think across the divide.

The dichotomy reminds me of a couple maxims summarized by Covey and Bragg: 1) first seek to understand, then to be understood, and 2) science and religion are opposed as the thumb and forefinger – between the two you can grasp anything.

I came to a similar simulation theory ages ago (without much science knowledge to back it up, just through general observation and cognitive experiences), I’m glad to see we have some great thinkers spending significant clock-cycles on it.

Somewhere in our future is “The Theory of Everything”.  Keep seeking!

General thoughts on OpenSource Software

While having conversations with a couple friends the last few weeks, I came to the conclusion that there might be value in writing down some of the ideas I have floating around in the big tin-can on my shoulders, as it relates to opensource software (oss).

Or, then again maybe not.

Regardless, I took a few minutes to jot down some thoughts. This list is by no means exhaustive, it’s just a quick brain dump around what comes to mind when I think about using oss in the enterprise.

Talent implications:

There are some definite and perhaps obvious implications to attracting talent when it comes to participating in the oss community.  First and foremost, it is an easy way for an organization to market itself, its culture, its people and its technology capabilities. Secondarily, in my mind, developers that engage with the oss community show an increased dedication and passion for ongoing learning and development outside of the 9×5. So participatory individuals definitely represent a type of individual I want to have in my organization.

Technology practices:

OSS can be fickle, as it involves many people with diverse backgrounds and perspectives agreeing to agree. 😊

When using oss, I would suggest setting up a company repository where oss and dependencies are curated and maintained as approved for corporate use. In addition, I would also recommend blocking teams from using external repositories, in order to manage and mitigate various risks based on company appetite.  JFrog Artifactory is one such example of a solution that can be used for a corporate repository.  

The link below gives a brief example of what can happen if you aren’t careful in how you manage the repository in the oss world.  😳

https://arstechnica.com/information-technology/2016/03/rage-quit-coder-unpublished-17-lines-of-javascript-and-broke-the-internet/

In addition, in order to maintain bench strength, autonomy, ensure continuity, and enforce corporate quality gates, it is also important to not become reliant on compiled binaries; as such, I would ensure the company has the toolchains and configurations to compile source code into binaries in a CI/CD type of model.

Security of open source:

On the upside, oss allows for easier identification and crowdsourced remediation of vulnerabilities; however, on the flip-side, it is easier for hackers to identify vulnerabilities, fingerprint companies using the oss, and subsequently exploit vulnerabilities, without disclosing them.

Thus, it is important to have a solid program in place for monitoring for emergent vulnerabilities and patching in a timely manner, especially for externally facing solutions. This also drives back to the discussion of having a centralized repository for curating approved oss.

Licensing models:

I’m not a legal expert by any means but know enough to state that careful considering needs to be made as it relates to the usage and mixing of different license models in the oss and proprietary world. 

As an example, some license models cannot be combined with others and some licenses like “copyleft” licenses are viral (to a greater or lesser degree) and may require disclosure of source even for derivative or combined works.

In addition, there are nuances and interpretations related to words like “propagate” or “distribute” when modifying oss.  As an example, using it on your internal corporate network may have different implications compared to embedding it into a website and having people remotely access it, which may also be viewed differently than using it in the mobile app and putting it in an app store.

Cost factors:

OSS has many cost factors, but I saved cost for last because it is tired to all the previous discussions. While the initial investment is often lower for an individual package, taking on maintenance and support for more complex oss packages will likely increase the TCO and have a negative impact on opportunity cost over time, as you will have teams that will need to continue to maintain and provide upkeep for what is likely to be a commodity for the organization – rather than focusing that same time slice on things that are of a competitive advantage.

Summary

A quick wrap up. I am a huge proponent of both the concepts and implementations of oss, however, I often see companies going down the route of oss because it is perceived to be “cheaper”. While, in some cases, that may be true, especially for smaller companies with very limited IT budget and a high tolerance for risk.

My advice is to think through the risk and exposure around the use of OSS for the company, and then compare what it would take for investments to make oss elevate to the same first class citizen as internally developed software. That’ll give you a head start on understanding the TCO and opportunity costs of using oss in the overall aggregate of your technology economy.

Finally – while I admit, I really haven’t read much of it, this looks like a great resource. https://opensource.org/faq

My hope is that you will find ways to manage the corporate risk, and still commit to engaging with, and supporting the OSS community!

As always, I am happy to learn from others, so if you have a perspective you’d like to share on oss – feel free to reach out to me and engage.

Meeting a legend! Kevin Mitnick.

23 years ago, on Feb 15th, the worlds most famous hacker, Kevin Mitnick, was apprehended in NC after years on the run from the FBI.  Prompting many, many young hackers and computer enthusiasts (including yours truly) to take up the mantra “Free Kevin”.

A little over 28 years ago, I started my own journey into information security (thankfully never pursued by the FBI), and much like Loyd Blankenship (Hackers Manifesto), Kevin had a profound impact on my young security career.

Today, not only did I get see Kevin in action (POC exploits), but I got to say hello and shake his hand. I didn’t even think about taking a picture, I just wanted to shake his hand; but I’m thankful, someone there said “would you like a picture”.

Thank you anonymous picture taker!