Archives

All posts by kampf

I’ve been using WiGlE for some time (<a href=”https://wigle.net/”>here<a>) for Wireless Network Mapping since late 2017, when d4rkm4tter finally convinced me to try it. As an old-school wardriver, I was intrigued.

My old rig was a Compaq iPac 36- or 3800-series with a PCMCIA sleeve, a Lucent Orinoco Gold card, and either a Yagi or Omni antenna. Microsoft Windows Mobile and ministrumbler was used on the software side. I kept those logs till this year, when I uploaded them to the worldwide database.

WiGlE works by looking for wireless networks, Bluetooth, and cell phone towers, then trilateralating them with GPS. It only works on Android for mobile phone devices, and Google’s Android Pie breaks it due to severe limits on how often the wireless can be polled.

Astonishingly, I was able to find a nice Pixel for $100 from someone who’d purchased an S9 to replace it. Seemed legit, and all was well. It came with a Tech21 case and had a 3M/Scosche metal magnet mount on it, which was handy. The USB A-C cable and LG charger was worth $15 alone.

Now the issues with Android Pie are known about in late 2018, and there’s not currently a workaround to keep WiGLE able to do it’s job. The Pixel had been updated to Android 9, but hey, this is a Google device so it’s super easy to unlock the bootloader and flash Oreo, right? Right? Well…

For some reasons, most of which are stupid, but some of which make sense, Google has partnered with Verizon in the US market for Pixel sales online and in stores. This has undoubtedly helped the Pixel line sell more phones, but it enrages users like me who want to have the true Google experience, on a Google device, but without the barriers. I remember the pain of Sprint Nexus S and Verizon Galaxy Nexus owners went through, and I was hoping someone had figured out a workaround.

Some quick work to get the Android Studio and following some guides got my phone connected and I was able to shake off some cobwebs to get the proper components downloaded. fastboot was able to see the phone, but in my case, under Developer Options, the item called “OEM Unlock” was greyed out. My worst fears were coming true.

I rapidly searched for a workaround and came to an insightful, relatively clear, and eventually rewarding thread on the wonder of sites that is XDA. The thread can be found <a href=”https://forum.xda-developers.com/pixel-xl/how-to/how-to-unlock-bootloader-verizon-pixel-t3796030″>here</a> and I suggest reading the main post and comments before proceeding with an unlock.

Now, with this guide I was able to unlock the Pixel. The most important step I needed to keep in mind is that “OEM Unlock” one, and patience at that point. When I checked it after following the adb command, it was still greyed out, but after a minute or two, it lit up and I was able to successfully unlock.

After a download of the Android 8.10 image from Google, and following some other instructions, I used the “flash-all” script to get Oreo installed, and cross the finish line.

While the battery may be a little tired on this two year old phone, I still like it and will be using this alongside my Verizon G6, whose bootloader remains hard locked and to which no workaround has been found.

WiGLE works great, and I’m finding some interesting results between the G6 and Pixel, especially given that they’re both using the same Qualcomm Snapdragon 821 SoC. Must be some different antenna designs and implementations between HTC and LG.

The Raspberry Pi is a wonderful platform, not only because it’s well supported, but that’s as a result of it’s price and flexibility. Lots of USB ports on the 2 and 3 models, HDMI, Ethernet, and now it also includes wireless and Bluetooth onboard.

I have been meaning to experiment a build a wireless repeater using a Pi, and finally got a chance (and the courage) to attempt this feat. It wasn’t easy, and this is by no means a comprehensive guide, but rest assured that if you get it to work, you’ll understand why.

I started with a Pi 3, 16GB Kingston micro SD card, and an external Atheros AR9271 based adapter from TP-Link and made for a TCL television. I got this from an infamous friend, @d4rkm4tter of the #WifiCactus and it’s “high-gain” antenna gives it extra reach for connecting to distant APs.

Raspbian Stretch was used, the full version because I’m not a full cli master, starting with the April 2018 image, then eventually using the October 2018 installer (which is nicer).

My intention is to use the external USB adapter to associate with a remote AP and get a connection. This would be bridged by the Pi and dnsmasq with the built-in wireless adapter on the Pi. My testing shows that the 802.11n Atheros adapter with the external antenna does indeed have improved gain.

I followed the guide found here: <a href=”https://pimylifeup.com/raspberry-pi-wifi-extender/”>PiMyLifeUp</a>

All of this was very helpful, and the guide is extremely well written and intended for the Pi2/3 owners. My only change to this guide, or difficulty with, was that I wanted to invert the adapter role, so changing “wlan0” to “wlan1” and vice-versa throughout was necessary.

The packages called dnsmasq and hostpad are the real workers here, and to the heavy lifting, routing, and interfacing with the adapters. I had some success with just following this setup, but also found that it didn’t _just work_ so the tinkering and frustration curve began.

One neat trick that I did learn from elsewhere is that hostpad can be run with a config file as an argument, which means that you’ll start the service with a verbose console feed, but it will let you know if the config file is working and whether the AP has started. When you see “AP-ENABLED” and few, if any errors, you’ll finally know you’re there.

As of this writing, I’ve been running the AP for several days. Performance is weak for throughput, at less than 10Mbps, but the application this is meant for, or would be used in, is a location that has very poor cellular coverage for non-Verizon customers. This application of the Pi can be configured in a place or situation where _some_ connection is an improvement over _none_.

Interestingly, the PW-4210D adapter does have a removable antenna, so the use of a parabolic, omnidirectional, or yagi antenna with an adapter is possible for a very long run. There are also more solid, cheaper wireless bridges available online, but if you’re a tinkerer like I am, and have the spare hardware, there’s something special in feeling like you’ve made a bucket of parts do something interesting.

Go, do it.

Password managers like LastPass, Dashlane, Keepass, and 1Password (among others) are increasingly popular. Browsers, however, have been able to hold and store passwords for quite a long time.

Most of us use Firefox Sync or Chrome’s Google sign-in to keep things closer than a password manager is, with an eye towards simplicity rather than outright security. Sure, browsers have password requirements to use their vaults, but…

On a new PC, in Firefox, I’m struggling to get the browser to ask to save passwords. This is weird, as I’ve always seen the prompt when I enter a new password for a site, or update one. Not this time. In an effort to try again, perhaps thinking that a stored login was causing the issue, I clocked Remove All, and told Firefox to go ahead and remove all of the passwords.

Bear in mind that I’d put in text to filter this list down to two, a login item with and without “www” in the URL. So, it was showing a list of two items. Remove all would remove these two, right? Nope.

I got annoyed when Firefox stopped responding, and eventually got the message that a script was taking longer to run than expected, etc. I didn’t think more of this until I tried again to get Firefox to remember the site, and after it didn’t suggest saving the password, I checked the Saved Logins again only to find a completely empty list.

Oops. Breathe.

New PC is less than a month old. Old PC is right there. Sync loves to be tidy, so make sure it’s not connected to a network because, sure as anything, it’s going to remove them from that PC too if it can.

Open Firefox on the in-tact PC, enter “about:support” and look for the Profile Folder entry and click the Open Folder button. Search for “logins.json”, “key3.db” and “key4.db”.

I copied these to a USB stick, put that in the new PC, immediately put a backup elsewhere in the cloud, then closed Firefox on the new PC after opening that same profile folder on thew new PC. After copying all three files to the folder on the new PC, I held my breath, started Firefox, checked in Options for Saved Logins and saw a full list again.

Whew.

Now to get LastPass installed and export these to somewhere else more secure and cull the list of heavily-outdated passwords.

Oh, and yeah, figure out why Firefox isn’t asking to update or save new passwords…

I’ve had the unusual opportunity to get several used, late 2000s HP printers for use at work. Normally we get these new, fresh out of the box, and they’re maintained from that point. This has led to some interesting issues with firmware updates.

Anyone familiar with updates to firmware on HP printers made in the last decade knows that there are several ways to do these. The first is to install the printer locally on a Windows computer and run the updater program against this installed device. This works, and works well, but only if the firmware on the device supports it. Second is to use a built-in updater located on the printer’s web server, which is a feature on the higher-end Enterprise devices. Third is via FTP. Yeah, FTP.

After installing the printer as a local device, I have seen situations where the installer program will not work with a network printer object, whether it’s WSD or a TCP mapping. Usually this is resolved by plugging a device directly in to the printer, installing the local version, then running the program.

When this doesn’t work, however, FTP is still an option. It’s simple, and easy, but also a bit scary because this port is open by default, has no username or password, and allows a binary transfer directly to the devices. Even after a firmware update to a version less than 18 months old, this port remains open.

This works, and gets around the frustrating update process that most end users would use, but hey, at least isn’t not TFTP.

I have tried, and when the iPhone X is replaced by a newer, larger version, I’ll be back, but till then…

The iPhone 8 Plus is larger than I want it to be, but the screen is more important than FaceID, or the swiping gestures, or the one and only time I sent an Animoji to someone.

the [PRODUCT]RED iPhone 8 Plus is perhaps the best looking iPhone of all time, and it will be mine. If I’m going to pay an extra $10 per month to be in T-Mobile’s Jump! OnDemand plan, I’m going to use the hell out of it and have zero regrets.

The “RED” phone on the 8 and 8 Plus has a black bezel, which, let’s be honest, is THE RIGHT COLOR. White bezels are for basic people who like Rose Gold and Silver and whatever other weak colors are out there that aren’t Space Grey.

So, the minute I can switch from the wonderful, but just-a-bit-too-small iPhone X, I’m going to. Likewise, the minute I can switch from the 8 Plus to the X2 Plus (or whatever it’s called), I will.

I purchased my first iPhone for use as a daily device in February 2016. It was a 128GB Space Grey iPhone 6 S Plus, second-hand, from someone who had purchased it from and used it on Verizon.  This was great, because until some time in 2018, Verizon had kept their phones carrier-unlocked starting some years earlier.

Eighteen months on, and not terribly interested in the iPhone 7, the 8 was now a big step up. The X, as tempting as it looked, was just a bit too much different for me to look at it seriously. What I mostly wanted from a replacement phone was exactly the device I had in my hand already, just better. The 9 Plus was that.

I shopped locally for used/new devices on some classifieds and fished for fresh devices. This was also tempered by the fact that I could just go to T-Mobile or Apple and buy the phone outright. The price difference was minimal, but the risk wasn’t. I’ve been diligent in buying used phones, though not going as far as IMEI checks. There’s just a _feeling_ you get sometimes which makes you avoid things…

So, when a Space Grey 64GB iPhone 8 Plus, new in box, on T-Mobile popped up for $600, I had the hook in my mouth. This was $200 bucks off the MSRP, not taking sales tax into consideration. It also had two-years of AppleCare+ to boot. It looked too good to be true, but the seller sounded very reasonable and wasn’t being cagey, but neither was I asking the questions I should have.

Deal done, I swapped my SIM card in and got to using the phone. it was everything I’d wanted, with no surprises, and all was well. Figuring that my luck was just good, and that the device’s past wouldn’t catch up to it, I thought little more of it than to tell it as a story.

The story didn’t end there.

In late March 2018, after owning the 8 Plus for six months, I glanced at my phone one evening and saw the “No Service” message displayed next to my WiFi signal. Curious, I poked around, restarted the phone, and it showed the same message. The following day I didn’t look much at the device, but did get a phone call successfully, which was unusual in retrospect. Another day in, and I figured I’d call T-Mobile to find out what was going on.

The very helpful representative walked me most of the way through resolving this, which he was confident amounted to a security issue. In finalizing the steps to unlock the device, which had, according to the T-Mobile site, been reported “Lost or Stolen”, he hesitated. This was something different, and I mentioned that I thought I’d been the third party in the scenario where insurance fraud was concerned. The phone, as it sat, was now useless on any carrier in North America, and T-Mobile could not do anything about it permanently. Any unlock would be re-locked quickly. Oops.

Six months in my phone was now a 5.5″ 64GB iPod Touch with a REALLY nice camera setup. This was annoying, but I was quickly self-deprecating and admitted that it was silly and stupid of me to buy the device in that situation, knowing that the risks were high.

The representative noted my long tenure at T-Mobile, offered a generous amount of credit for signing up to get a new, working device, and eventually worked with me to pick up a new iPhone X less than 10 miles from my house. This was a pretty painless process, and even though I was at fault, everyone was very willing to work with me. A good deal is sometimes too hard to pass up, and the hook is seated very firmly in the cheek.

New iPhone X in hand, now I needed to decide what to do with the 8 Plus. i could keep it as a browsing device, with a great camera, or for parts if I did decide the X wasn’t for me (still undecided). I mostly wanted to ignore it for a few days, and try to get used to the smaller X screen, then return to it when I settled on what i was going to do.

A few days later, I typed “iPhone 8 Plus b” into eBay and found a whole list of phones with bad IMEI and ESN numbers for sale, and many sold. The prices were good, really good. More of the population of the planet is covered by wireless carriers that do not care about whether a device was paid for in the United States than those who do. Interesting.

I took a deep breath, listed the device after taking some comprehensive photos, found a reasonable price and listed it. The next morning I had an offer, then another, and another. These offers were good, and very close to the asking price. Maybe I should have sold it for more?

Either way, I will end up with a reasonable amount of money from the device which I could not use, even after PayPal and eBay take their slices (not insubstantial). All told, I actually did really well.

I’m undecided on whether I’ll keep the X or wait to trade it for an 8 Plus. The X has so many changes to what an iPhone has been for the past 4-5 years that it’s incredible, while holding it, to consider how damned good it is. It’s great, and I like everything, save for it’s size.

In the end, I was able to turn an unfortunate situation into what amounts now to a nearly-free iPhone 8 Plus for 6 months. Sure, there were some minefields to traverse on eBay and with T-Mobile, but those are places I’m comfortable going in to.

Got a phone with a bad IMEI/ESN? Find out what it’s worth on eBay and sell it. Most of the world doesn’t care, and if you’re clever and diligent, you can send it on it’s way and move on.

This guide should fix the issue with igdkmd64.sys and a BSOD

I’m a tech, and in this environment we use Apple’s excellent iMacs with Windows and macOS. The 2011 model is the last of the thick, optical drive-equipped and easily serviceable iMac series. They came in a 21.5″ and 27″ model. RAM, disks, and display are pretty easy to install.

Under Windows 10, booting from a USB stick into a UEFI mode, Bootcamp 5.1 drivers install and work correctly but sound from the onboard Cirrus Logic WILL NOT WORK.

The biggest issue, however, is that Windows immediately grabs an “updated” Intel Graphics driver, installs it, and then blue-screens. One or two reboots will happen, upon which Windows will start up the System Repair. This is where we can easily fix this particular issue.

Note that these iMacs have two video cards onboard. They’ll have the integrated Intel graphics and some version of an AMD Radeon. We’re disabling the Intel graphics, which won’t affect the use of the iMac, which primarily runs on the Radeon under normal circumstances.

Navigate through the options until you’re allowed to boot with options, at which point Safe Mode or Safe Mode with Networking is the choice needed. Boot into Windows 10, log in, and open the Device Manager.

You’ll see a line under Display Adapters called something like “Intel Display Graphics”. Right click on this, and select Properties, then click the Details tab. In the drop-down box select Hardware IDs. Open Notepad, or a text editor of choice, and copy the four lines of the long Device IDs shown.

Let’s delete the driver that’s causing us issues by going to the Driver tab, clicking Uninstall, checking the box to delete the driver, and clicking OK. Decline the offer to restart because we’re not done.

Run gpedit.msc, and dig down into the following stack:

Computer Configuration > Administrative Templates > System > Device Installation > Device Installation Retrictions >  Prevent installation of devices that match any of these device IDs

Click “Enabled” then “Show” and here’s where you’d past the four lines copied from the Device Manager.

Click Apply, close the Group Policy Editor, and restart.

This should completely resolve any issues you’ve had on iMacs with Windows 8.1 or 10 that are having issues with downloaded Intel Graphics driver updates. You’re likely to see a failed update for the Intel Graphics driver in the future, but this is to be expected, and shouldn’t cause issues. In the event that a major system update breaks this, following these steps again should return your iMac to working order.

Most of these tips came courtesy of a long search day and this video, in Italian, which shows the process.

https://apple.stackexchange.com/questions/199553/windows-10-installation-using-boot-camp-crashes-in-imac-with-system-thread-exce

 

Growing up is hard. It’s also inevitable. Friends who used to spend a lot of time per day, per week, per month at times only see each other a few times per year.

zZq is still a web of friendships, acquaintances, and bonds. Shared experiences are like glue that refuses to release, and in some cases, only gets stronger. I suppose it’s a bit like cement, which ingests Carbon Dioxide as it ages, increasing it’s strength in time.

Looking through old pictures from the early 200s I found some old Trasfires in which some 20 or more people had congregated in the backyard of a parent’s house, around a fire, chatting, making merry, and generally enjoying each other’s company.

It doesn’t happen like that anymore, and the cottonwood pile is nearly gone. Housewarming parties are more common. Wedding receptions too. Also, gatherings of friends in memory of another who has passed.

An on we go.

Our old friend, companion, antagonist, driver, and general ally veruus passed away. He fought against Leukemia, which had gone undiagnosed for a few years. Extensive treatment followed, and a bone marrow transplant was scheduled before he succumbed to the condition.

Ben attended many Black Hat and DEF CON conferences and lived between Utah and Florida.

Most of us can hope to be as memorable as he was, for better and worse.