Posted by: peter

You can clone two of the same type of input device by using the following undocumented method:

  1. Factory reset the remotes (press pair 4x within 5 sec).
  2. Pair one remote to a bulb (this may not be necessary, but I did this)
  3. Hold the remotes next to each other, press both pair buttons for 10 sec. LEDs on the front come on, then flicker off.
  4. Observe both remotes control the 1st bulb.

You can add additional lights with the following additional steps:

  1. Pair one remote to a 2nd bulb.
  2. Observe both remotes control both bulbs.
Posted by: peter

I recently purchased an IKEA TRÅDFRI LED driver, STRÖMLINJE LED Panel and TRÅDFRI Wireless Dimmer in order to add some more smart lighting to my office space. I also purchased a TRÅDFRI Gateway however this was primarily to try it out, as well as allow me to update the firmware of the driver and dimmer before hooking everything up to my existing Philips Hue Bridge. I may do a write-up of the TRÅDFRI Gateway later but suffice to say that it’s basically a budget equivalent to the Hue Gateway and seems to work fine, however I have already invested in Hue Dimmer Controllers in every room and want any additional smart lights to be controllable with them. The good news is that the first step of pairing the LED Driver (or any other IKEA Tradfri globe) to the Hue Hub is straight forward and works basically the same as pairing a Philips light. If for some reason you can’t the lights to pair here are some detailed steps that might help you with troubleshooting.

The IKEA TRÅDFRI Wireless Dimmer and TRÅDFRI Remote Control work quite differently to Philips accessories like the Hue Dimmer switch and the normal procedure to add a new accessory via the Hue App will not work.

You need to reset the remote, and then pair it to the Hue hub via TouchLink. This joins the remote to the Hue’s ZigBee network. There are a few different ways to do a a TouchLink search, which is not the same as a regular search. I used the LampFinder app on a windows laptop but you can alternatively use the Hue Lights iOS app, Hue and Me Android app, or Hue Developers’ API.

The steps I followed were:

  1. Reset the remote or dimmer by pressing the pair button 4 times quickly.
  2. Wait 10 seconds.
  3. Hold the remote directly next to the Hue hub (as close as possible).
  4. Hold the pair button.
  5. Immediately initiate a TouchLink search.

The light (on the front for Tradfri remote and next to the button for a Tradfri dimmer) will glow a steady red, then turn out after a couple of seconds when paired. If it doesn’t go out repeat steps 4-5.

If you have trouble, check that the TouchLink is not finding other ZigBee devices further away (e.g. bulbs — they will flash).

Some additional information which helped me can be found at RedSilico

Tags: , , ,
Posted by: peter

After five months of mucking around, I finally managed to get Android Auto on my HTC U11 working with my new 2016 model Honda Civic’s built in stereo system.

First though, the symptoms:

  • Neither my HTC M10 nor HTC U11 worked with the Civic’s Android Auto based stereo system
  • The HTC phones can however do normal bluetooth based phone calls and play music
  • The HTC phones work with Android Auto in other vehicles not made by Honda
  • Several different Samsung phones (Note 3, S8 etc) successfully work with Android Auto in the Civic

Things I’d tried unsuccessfully to get Android Auto working:

  • Reinstall Android Auto on the phone
  • Disable Boost+ power optimisation of the Android Auto application
  • Disable Boost+ power optimisation of the Google Maps application

And the trick that got it working in the end?

  • Enable USB Debug Mode under the hidden Developer Options menu!

I currently have no idea why this solves the problem, but at least it works…

A couple of weeks ago I picked up a Google Home device to play with from JB Hi-Fi. It’s an innocuous looking device which happily sits in the corner of the room and listens for the ‘OK Google’ trigger words and responds via Google Assistant in a similar manner to a modern Android handset.

It has a surprisingly reasonable speaker for a tiny device, and will happily play music via Spotify or Google Play when instructed to.

The fun bit was how excited my six year old son was to finally have Google listen and respond to him as Google Assistant on my phone wilfully ignores him because he doesn’t match the voice print!

He spent the rest of the evening asking Google random questions, and interspersed with instructions to play every song he knew the name of. I woke up the next morning to the sound of him asking Google “Do you have a girlfriend”, followed immediately by “What is your favourite food”. Clearly they’d become good friends!

The device also supports different voice profiles which can be linked to different google accounts, work addresses and associated news casts so that a “OK Google Good Morning” results in a “Good Morning Peter”, followed by the weather report, your itinerary and the news podcasts that you prefer. This obviously excited Mister Six even more once I taught Google his name!

While it’s definitely a luxury purchase, at $199 it won’t break the bank, is quite a bit of fun to play with, and provides a digital expert to children who aren’t yet allowed to use the internet.

There are a bunch of other things that it can control, including TVs and other bits of a smart home but I’ll cover that in another post.

Tags: , ,
Posted by: peter

My Canary Smart Home Security device arrived yesterday and now that I’ve had 24 hours a play with it I thought I’d write up my impressions.

It arrived in a large box which had the smaller Canary box in it as well as a really cheap North American to Australian power adaptor rattling around loose in the box. Given that I’d pre-paid 200 bucks and waited just over 18 months for this device to arrive seeing a 50 cent adaptor (Which I’d never actually use due to the fire risk) as the first thing when you open the packaging was a bit jarring.

Having said that, the actual Canary box has a premium feel and was pleasing to open with the Canary itself sitting nicely visible once you remove the lid along with a couple of high quality cables. As expected the power adaptor was an American blade style but as the Canary itself uses a micro USB socket for power I just plugged it into a smart phone charger that I already owned.

The device setup procedure is via the Canary smartphone app which then transfers the configuration via a standard audio cable plugged between the smartphone and the Canary which is a nice touch.

This was where I hit my first snag. The Canary simply refused to connect to my Wireless LAN, so I had to arrange an ethernet cable for it before it would connect up to the internet. At this point it automatically downloaded an update (all the while keeping me updated via the smartphone app)

After the device rebooted it came up straight aware and started working. As part of the setup process you are asked to pick your location from a Google map so that Canary can set up a geofence around your home which it uses to sense when you leave home in order to automatically arm the security features of the device. Unfortunately this feature works particularly poorly and decides that I’m entering and leaving my home multiple times per hour even though I’ve been sitting on the sofa the entire time. It continued to do this several times throughout the night with status changes between 4 and 5 am when I was most definitely asleep and my phone wasn’t moving anywhere.

The app let me invite my wife to access the Canary device also which works as expected giving her full access once she created an account for herself. Unfortunately she is also experiencing the same geofencing issue that I experience which means that the device constantly thinks that one of us is away.

The environmental sensors are a particularly nice touch (and one of the main reasons why I backed this project rather than buying a readily available D-Link device 18 months earlier) however despite asking me my location in order to setup the geofence, the software wasn’t smart enough to figure out that like most of the world I have no idea what a Fahrenheit is. After poking around in the application I found the switch to convert to the Celcius temperature scale and the graph started to make sense. (The smart thing to do would be to have the app default to Celsius instead of Fahrenheit and select Fahrenheit automatically if you geofence a location in North America)

So far in the 24 hours that I’ve been using the device it’s spent about 6 hour “offline” which I assume means that something is wrong with the Canary server infrastructure. If it continues like this it wont be very useful as a security device..

Tags: , ,
Posted by: peter

While I have been using Wireshark for many years (since back when it was still called ethereal) I only just discovered tshark which is the command line version. It’s a more modern replacement for tcpdump which has some very nice capabilities that make it worth learning for terminal based packet analysis, as well as a minimalist version called dumpcap which can be used for packet capture only.

In my case I want to capture traffic on a fairly busy gigabit interface in order to inspect a brief event that only happens randomly once every couple of days. I do have a separate SMS alarm that triggers when the event happens thanks to OpenNMS, but by the time I have received the alarm, logged into my packet capture machine and kicked off tcpdump it’s usually too late to capture anything useful. This is where the following usage of dumpcap’s inbuilt ring buffer mode comes in handy:

    dumpcap -n -a filesize:102400 -b files:4500 -w /tmp/capture/problem.pcapng

This command when run in the background using “screen” will continuously capture data from the network, storing it in 4500 automatically rotated, time stamped files of 100MB each. This means that I always have the last 450GB of network traffic available to analyse without ever filling up the 500GB disk in my capture machine which should allow me to solve the problem next time it occurs!

Posted by: peter

I recently had to setup some openSUSE Linux boxes which will be used to capture add-hoc network traffic for debugging purposes. As there will be multiple users with the need to do this, I wanted to allow the use of tcpdump by non-root users. This is fairly straight forward to accomplish using file system capabilities, but as it’s not clearly documented anywhere else here is what I came up with:

  1. First install tcpdump and libcap-progs:

    zypper install tcpdump libcap-progs
  2. Then create a dedicated group called pcap for users who should be able to run tcpdump and add your user to it:

    groupadd pcap
    usermod -a -G pcap peter
  3. Modify the group ownership and permissions of the tcpdump binary so that only users in the pcap group can run it:

    chgrp pcap /usr/sbin/tcpdump
    chmod 750 /usr/sbin/tcpdump
  4. Set the CAP_NET_RAW and CAP_NET_ADMIN capabilities on the tcpdump binary to allow it to run without root access (These options allow raw packet captures and network interface manipulation):

    setcap cap_net_raw,cap_net_admin=eip /usr/sbin/tcpdump
  5. Optionally, check that the permissions are correct:

    # ls -l /usr/sbin/tcpdump
    -rwxr-x--- 1 root pcap 770776 Feb 19  2011 /usr/sbin/tcpdump
    # getcap /usr/sbin/tcpdump
    /usr/sbin/tcpdump = cap_net_admin,cap_net_raw+eip
  6. Optionally, symlink the tcpdump binary to a directory that is in the path for a normal user:

    ln -s /usr/sbin/tcpdump /usr/local/bin/tcpdump
  7. Optionally, configure the SuSEconfig permissions module so that it wont reset the file permissions next time you run it by adding the following to the bottom of /etc/permissions.local

    /usr/sbin/tcpdump             root:pcap       0750
     +capabilities cap_net_admin,cap_net_raw+eip
  8. Inform that Linux kernel that it should enable file system capabilities at boot by adding the following option to the kernel line in /boot/grub/menu.lst:

  9. Reboot to enable file system capabilities

Tags: ,
Posted by: peter

Following on from APNIC’s (Asia Pacific NIC) earlier assessment that they would need to request the last available /8 blocks, they have now been allocated 39/8 and 106/8, triggering IANAs (Internet Assigned Numbers Authority) final distribution of blocks to the RIRs (Regional Internet Registries).

APNIC which is the fastest growing Internet region is expected to be the first regional NIC to run out of IP address space within 3 to 6 months time.