Stopped in My Tracks

One major problem with using Someone Else’s Infrastructure is the inevitability of the Someone Else losing interest in the project while you’re still using it. This is a natural part of the progression of technology, of course — but it’s important to keep in mind.

For example, Google recently announced that they would no longer support their (pretty cool and reasonably lightweight by modern standards) My Tracks app. I’ve been using this for the past several years to track my walks around Philadelphia — mostly to and from work.

End-of-support announcements are nothing new, certainly — but this one had a more stark warning attached: Export your data before May, or you will lose it.

nexus2cee_mt

I understand Google no longer being able to justify maintaining a web service for the two or three of us codgers still using an app from way back in 2009 — but just a little foresight would have made it possible for My Tracks to keep right on working. All I really use it for is to get a position from the GPS module, timestamp it, and save it to a file.

The bottom line is, it doesn’t have to care about the Internet, or Google, at all, except maybe to display the moving map. And I don’t see Google dropping that functionality anytime soon. (Hopefully.)

Oh, well. Looks like it’s time to find another lightweight GPS app, write one, or maybe teach an Arduino about GPS logging. So long, My Tracks, and thanks for all the data. We hardly got to know you.

Posted in Android, Current Events, Digital Citizenship, GPS, Reviews | Leave a comment

Dirt Cheap Arduino Clones

While reading an article on making electronic “candles” for a few bucks out of a USB power stick and some LEDs, I came across aliexpress.com.

Now, I’m used to getting cheap parts from China. The four-dollar knockoff PING)) ultrasonic range finders usually work well enough — and it’s always nice to be able to get discrete components for basically free.

But Arduino clone boards for $2.65 just shouldn’t be possible, right??

Well, they are! Free shipping from China, and all. I just picked up five of them from AliExpress — and the first two work well, once I fiddled around with the USB driver a bit. I haven’t tested all of the functionality, but they did pass the Blink sketch test at two different timings, so there’s a real microcontroller on there. I was skeptical about posting about these things (since China does kind of have a reputation) — but they actually seem like the real deal.

Uno_clone

An Arduino Uno clone for under three bucks shipped — and it can actually be programmed and everything!

Come get ’em! (Note: I’m not affiliated with the site — just amazed.)

Posted in Arduino, Current Events, Digital, Resources, Toys | Leave a comment

A Better Voltage Regulator

A common theme in electronics is being able to create cooler, better, more interesting gadgets because someone developed a new, cooler, better, more interesting part.

This happens all the time — the advent of small, easy-to-use GPS units make all kinds of navigation projects feasible; the availability of efficient LEDs makes many lighting projects worthwhile; and certainly the advent of the Arduino ecosystem has made microcontroller-based projects, in some cases, literally hundreds of times easier.

Along with all of these cool new toys, occasionally a particularly successful part will work its way into not only common usage, but electronics lore. Parts like the 555 timer, 2N2222 transistor, LM386 audio amplifier, LM741 op-amp, and LM7805 linear voltage regulator.

Every once in a blue moon, these old standbys will also get a makeover, improving performance and opening up new possibilities.

Take the LM7805, for example. It does a good job of regulating voltage — from a minimum of about 7V or so, it will provide a steady 5VDC output. The only real problem is that it does this by basically adding a dynamic resistance to simply burn off the excess voltage at whatever current you’re using. If you were to power a 5V, 1A load through a LM7805 connected to 12V, it would need to dissipate 7W of power, since it would basically be acting as a resistor; that 7V voltage drop, combined with the 1A of current, means it would be putting out 7W of heat. Without a BIG heatsink, it would quickly get too hot to work. Also, you’d be wasting over half of the power for the device, even if the rest of your circuit was 100% efficient.

Enter the V7805-1000R from CUI. It’s a switched-mode, drop-in replacement for the LM7805. Replace the LM7805 with this, and your regulator is suddenly more than 90% efficient. (Efficiency in switched-mode regulators varies with voltage and current.)

v7805-1000r_spl

An efficient, drop-in replacement for the LM7805. Nice!

A drop-in, 90% efficient LM7805? Yes, please! I love living in the future.

Posted in Components, Current Events, Electronics, Power, Toys | Leave a comment

Cracker Hunting

I recently got a notice that the traffic on this site had reached 80% of the budgeted transfer for the month. This is not necessarily bad news — occasionally someone posts a link to Reddit and traffic spikes for a while. However, the stats page looked completely normal. HMM.

Fortunately, Apache (the webserver program) keeps a log of all accesses to the website. Looking through the file, it seems that several rather asocial individuals in Romania, China, and other places had picked up the “hobby” of running scripts to attack websites, in hopes of using them to send out spam. People Are No Damn Good, as my grandmother often points out.

Apache’s log files, however, are pretty big. The current access.log file is some 180MB. Clearly the solution here is to fight scripting with scripting.

Here are some of the relevant tools:

cat: short for “catalog.” This simply types out a file, either to the display (the default) or to another program. Cat will be used here to simply print out the whole access.log file.

grep: Grep finds lines of a file containing something. In this case, we’re interested in anyone accessing a file called xmlrpc.php. Grep will take the input from cat, and pass on only the lines containing this string.

cut: I learned about this one today. Cut can select out a particular section of lines, based on character count. While the later Awk step (see below) probably makes this unnecessary, I used Cut to select just characters 1-15 of each line of text. This stripped version is then passed along to…

sort: Does what it says. It takes in a text file and sorts it into alphanumeric order. This prepares the file to be processed by…

uniq: This takes in a sorted file and removes all duplicate lines. From here, the (greatly shortened) file is then passed to:

awk: Awk is a general-purpose string processor, with lots of features. I don’t yet know a lot about it, but I’m using it here to retain only the characters before the first whitespace — and then add a scripting command around that.

So, using all of the above in order, I came up with the one-liner:

cat access.log | grep xmlrpc.php | cut -c1-15 | sort | uniq -u | awk ‘{print ” sudo /sbin/iptables -A INPUT -s “$1” -j DROP “}’ > loserfile

This command prints out the webserver access log, finds any instances of attackers attempting to access xmlrpc.php, locates their IP addresses from the relevant line, and creates a command to instruct the firewall to ignore all traffic from those IPs. Once “loserfile” is set executable and then run, the new rules go into place.

As the graph below shows, the tactic seems to have worked.
Hasta la vista, fetchers.

The attack seems to have started about eight hours ago. Once the new rules were in place, it abruptly stopped.

Hour-by-hour chart of inbound and outbound traffic

Posted in Digital Citizenship, Internet, Networking, System Administration, Tools, Troubleshooting | Leave a comment