I read this excellent post by Simone Margaritelli on hacking a network connected coffee machine. Simone reverse engineered the Android app that controls the coffee machine and wrote a command line tool for getting the machine going.

Simone took a completely different angle to solving the problem than I would. Being a network person I would have gone straight to tcpdump, grabbed some traces from the app/coffee machine and worked from that.

Instead Simone used a tool to dump a disassembly of the Android apk. I haven't done that before, I don't think it would be my first thought when I had to take something apart. From this post I think I might give it a shot on the local bus app.

The coffee machine looks awesome, you might not want an internet connected coffee machine, but I think it is an awesome idea. Coffee is a great reward for solving a problem, the machine could automate teaching people how to reverse network protocols.

Reading: Little Brother

The tortoise needs an improved heating setup, now have a 'night time' buld that just puts out heat. Before I change anything I want to have numbers so I can try and quantify the change.

I knocked up a micropython script and ran it on a nodemcu board with a couple of dht11's. It looks like this:

def temperatureclient(sensors,addr="255.255.255.255"):
    print("       sending to: {} {} every {} seconds"
        .format(addr , PORT, DELAY))

    sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    while True:
        pkt = takereading(sensors)
        sock.sendto(pkt, (addr, PORT))

        time.sleep(DELAY)

def takereading(sensors):
    readings = []
    for sensor in sensors:
        sensor.measure()

        reading = {}

        reading["sensor"] = str(sensor.pin)
        reading["pin"] = str(sensor.pin)
        reading["temp"] = sensor.temperature()
        reading["humditiy"] = sensor.humidity()

        readings.append(reading)
        print(reading)
    return json.dumps(readings)

It doesn't have to live for long, just a day or two.

The always on machine on my network doesn't seem to have anything useful installed and without internet at home that wasn't going to be a simple fix. Instead I used tcpdump to capture the json packets.

Tcpdump works really well in this situation, the micopython board doesn't have a RTC, but the pcap from tcpdump will have acurate timestamps for each field. I did something like:

$ tcpdump -w tempreadings.pcap udp and port 6969

Later I can process this out with a shell script or scapy or something.

It is Sunday, so that makes seven days of writing .

Reading: Butter from my Feed Reader

My Cold Brew Recipe requires:

• 128g of Coarse ground coffee (I guess 125g is okay, if you aren't cool)
• 1L Vessel (I use a nalgene)
• 1L of potable water
• Fridge
• v60
• Jug

Method:

• Put the ground coffee in the vessel.
• Fill the vessel with cold water
• Place vessel in fridge

I use tap water because I live in a place with excellent drhinking water. If that isn't the case for you, you will have to figure something else out. Make sure the ground is well soaked, it will swell. I give it a good shake then add a little more water to make sure the nalgene is good and full.

After about a day take the nalgene out of the fridge.

• Pour the coffee/concentrate blend into the jug.
• Clean the nalgene.
• using the v60 filter the concentrate back into the nalgene.

I normally end up with about 700ml of concentrated coffee. I mix it with boiling water to drink, about 120ml of concentrate to 200ml.

Reading: Little Brother

To win this bet I have with Ed I need a WiFi adapter that can do 80211n in the 5GHz band. There aren't a lot of these around and n in 2.4GHz band makes it hard to find adapters with the right support.

I got pair of AC600 generic adapters on ebay for about a tenner, a quick look showed promising Linux support. This indicated I could use one for the bet without too much hassle.

I got a second so I could work on a wireless driver for FreeBSD, what else am I to do with my time?

The adapter is a MediaTek MT7610U device, there is a whole load of information about it on Wikidevi and there are a family of forks of the vendor code on github.

Wikidevi says the MT7610U is similar to the RT28xx series , which are supported by run in FreeBSD. I started last night by taking the run driver, getting it to build as a module, then turning everything off apart from probe, attach and detach.

This is the first time I have tried to port a driver, to help I collated everything I could find written about doing it.

There is straight up FreeBSD stuff:

• http://adrianchadd.blogspot.co.uk/2015/09/porting-wifi-driver-from-openbsd-ar9170.html
• https://people.freebsd.org/~jmg/drivers
• https://www.freebsd.org/doc/en_US.ISO8859-1/books/arch-handbook/

There are load of little posts where people have ported drivers from FreeBSD to somewhere else:

• https://wiki.smartos.org/display/DOC/Porting+Network+Device+Drivers+from+FreeBSD
• http://cnds.eecs.jacobs-university.de/archive/bsc-2011-pvaibhav.pdf
• https://www.dan.me.uk/blog/2010/01/25/ndis-wifi-drivers-in-freebsd-project-evil/
• http://www.netbsd.org/docs/kernel/porting-freebsd-net.html
• http://stackoverflow.com/questions/32156173/porting-pcie-driver-from-linux-to-freebsd

And there are a load of articles about building wifi drivers for android, these are worth read, but they are worth pointing out:

• http://blog.linuxconsulting.ro/2010/04/porting-wifi-drivers-to-android.html
• https://community.nxp.com/docs/DOC-93603
• https://befinitiv.wordpress.com/2015/04/18/porting-wifibroadcast-to-android/

Reading: Little Brother

I had an argument with some Germans about the pronunciation of WiFi, apparently it is WeeFii using the sounds of wireless and fidelity. They also pronounced HiFi incorrectly, English is a strange language.

Recently StarShipSofa has been delivering podcast files to me that contain 3rd party ads. It is their hosting provider that is inserting the ads, but both times I have been aksed if this my client is to blame.

I am certain PocketCasts would never do this.

Maybe there is something in the file that would indicate who did the encoding?

play (from the sox package)

$ play starshipsofa-454-ads.mp3:

starshipsofa-454-ads.mp3:

File Size: 33.7M     Bit Rate: 64.0k
  Encoding: MPEG audio    
  Channels: 1 @ 16-bit   
Samplerate: 44100Hz      Album: StarShipSofa
Replaygain: off         Artist: StarShipSofa
  Duration: 01:10:10.78  Title: StarShipSofa No 454 Alex Shvartsman and Stephen S. Power

In:0.05% 00:00:02.04 [01:10:08.74] Out:90.1k [  -===|===-  ]        Clip:0

Just the file name and year, lets try ffprobe from the ffmpeg tools:

ffprobe

$ ffprobe starshipsofa-454-ads.mp3:

[mp3 @ 0x809691000] Skipping 0 bytes of junk at 159.
[mp3 @ 0x809691000] Estimating duration from bitrate, this may be inaccurate
Input #0, mp3, from 'starshipsofa-454-ads.mp3':
  Metadata:
    title           : StarShipSofa No 454 Alex Shvartsman and Stephen S. Power
    album           : StarShipSofa
    artist          : StarShipSofa
    date            : 2016
  Duration: 01:10:10.39, start: 0.000000, bitrate: 64 kb/s
    Stream #0:0: Audio: mp3, 44100 Hz, mono, s16p, 64 kb/s

Nothing more there, a google says there is something called mp3info:

mp3info

$ mp3info starshipsofa-454-ads.mp3:

starshipsofa-454-ads.mp3 does not have an ID3 1.x tag.

Well that was no good at all.

I don't have a ton of time to find the mp3 metadata might be, none of these tools show anything. I guess that means I can be happy I am not leaking info when I encode an mp3, or I can't find it with normal tools.

Reading: Little Brother