Status update:

be3n@mastodon.social

Most of the people i follow have already departed twitter. It hasn’t been useful for a while. now, it’s not even amusing.  I’ve moved to @be3n@mastodon.social.  I will still syndicate posts from this site to twitter and the twitter feed will also remain (for now).  I’ve already added Mastodon syndication and feed. (assuming this posts makes it there).  Exciting.

Upgrading to Unifi Dream Machine Pro.

Unifi Dream Machine Pro

I’ve been using Ubiquiti equipment since the original PowerStation.  I took it to the next level with Unifi.  I slowly acquired more and more equipment until their controller software had such an incredible sight into my network and it’s workings.  An insight that makes maintenance and  troubleshooting effortless.  Moving from the USG Pro to UDM Pro i immediately enjoy the faster speeds and the fancy touch screen panel.  What i don’t like is it’s complete lack of integration with non-local controllers and the missing features in its switch component.

Unifi panel showing link aggregation

As you can see from this image, i am a fan of link aggregation.  It is an inexpensive way to maximize existing  infrastructure and improve network performance.  Unfortunately, the 8 ports on the UDM are currently incapable of this feature.  I was hoping to remove one of the switches from my closet as i move links to the UDM, but it was not to be.  This seems like a serious oversight for a Pro branded unit.  I am hoping they fix this with a future update, but will not be holding my breath.

Status update:

network infrastructure

Well, my day was canceled and my phone needs a rebuild, so it’s maintenance day! finally getting to some much needed upgrades That i have been putting off.  please excuse the dust and potential outages.

Status update:

I’m back in Vegas for Defcon and it’s going swimmingly. so much so that i might get some actual swimming in.

Patrick Wardle Speaking at Defcon 27Thanks to the late night help of Professor Franklin i have improved and redeployed the Defcam!be3n at defcon 27 with defcam streaming hat?

Google Play Fail - Suspicious ActivityGoogle doesn’t think my account has been hacked or that I have lost control. They seem to genuinely believe that i am not authorized to pay with this “instrument” and that my intentions is fraud. This all started with a neglected Google Play account. So neglected that i never replaced the credit card on file and the one there had been reported lost in 2013. I logged into the account to buy a $4 app for some android cameras i was playing with. I purchased the app without error or incident 2 days ago. . .

Google Play Fail - Purchase

I use the app with the cameras problem free for 2 days.  In the end, one camera was a little glitchy, so i decided to restore it to factory settings and set it up new.  This is when it all went very bad.  When i logged into the store i couldn’t find the purchased app in my account and it wouldn’t let me buy it again. It was giving me strange errors about lack of internet or an error code: OR-IEH-01.  It was at this point that i noticed the email about payment information being needed.  I never received any emails about the purchase being canceled (apparently it was).  This is when i decided to call customer service.  The support agent interrupted me repeatedly, imparted the same explanation over and over, all the while asking me to submit a credit card statement from 2013. The incompetence was staggering.  I did some reading about reports of a massive Google outage today.  The agent insisted that i had added the lost card to the account the day of the purchase, the same day that i received the request for additional documents. This claim is ridiculous at every point, but not as ridiculous as google expecting me to have the same credit card number forever. Did the outage contribute to the problem?  i don’t know, but across Google’s ecosystem there has been failure today.  I even tried to create a new google play account with all new info.  It did not work, something is broken.  I jumped though the first set of rings and submitted my current credit card and state ID card.  The rejection came swift.  23 hours under their 24 hour ETA came this email. . .

Google Play Fail - Rejected reinstatement

I feel at this point i need to provide some context.  Was this a new account?  was it active?  I have used my google account almost daily since 2009.  In fact, i used their own google pay service for years until they changed their policy to require delivery of digital content thought their platform only. I charged clients weekly, and google deposited that into my bank account.  For years without a single charge back.  I used many of their experimental products. I even used Google+ and i still don’t know how i am going to replace fusion tables.

What now?  now i gather the remaining documents and try again?  what are our options with gatekeepers like these?  I’m still locked out of the play store and my google login is behaving erratically.  (gmail delays on both incoming and outgoing)

Pilgrimage to the Internet Archive

Internet Archive

The offering I brought was nearly 100 lbs of technology from my childhood.  I met some amazing staff and volunteers (they even archive their employees). Even visited the blinking lights of their servers.  They archive even more then I knew.  More then web, old software and films, they even archive music and have an impressive collection (i found several rare or out of print artists and albums in their archive).

Amiga Offering to Internet Archive


Continue reading “Pilgrimage to the Internet Archive”

my Asterisk PBX is back!

Google Voice Killed Asterisk SupportAfter Google killed XMPP support for Google Voice, I no longer had a house phone. I was using my Google Voice number as a home phone and for the gate info our building.  This lead to the whole system being ignored and neglected. By the time the SD card gave up the ghost, even the backups were in poor shape. I rebuilt the whole system fresh from the latest RasPBX dist and it’s working better then ever. Bought a real DID so i could continue to use Google Voice on our handsets at home. It’s great to have my Asterisk back.

Hosted Unifi controller with Let’s Encrypt SSL take 2!

Unifi Dashboard with SSL

UPDATE 11-09-21:  Discovered the amazing acme.sh toolcheck it out!

I visited this idea months ago, but for anyone who implemented it, it has been a nightmare.  Each subsequent Unifi controller update broke the https in new and exciting ways.  After remaining a very squeaky wheel with Ubiquity support, they’ve pushed out a version that should permanently resolve the problems. They even made promises of native Let’s Encrypt support.  All this will prove true of false with time, but for now i wanted to share my working procedure for Unifi controller version 5.9.32.

This solution required me to become more familiar with Java’s keytool then i would have otherwise.  Unifi has a hardcoded keytool path and password, don’t change that (thanks Corey F @ubnt). i don’t think alias matter, but they must be consistent.  I used mykey.  We start by generating a key and a code signing request for our domain.  For permissions reasons, we will want to do this as root. . .
cd /var/lib/unifi
keytool -genkeypair -alias mykey -keyalg RSA -keysize 2048 -keystore keystore -dname "CN=custom.domain.name" -storepass aircontrolenterprise

Now we export the csr file we will give to Let’s Encrypt.
keytool -certreq -alias mykey -keystore keystore -file custom.domain.name.csr -ext san=dns:custom.domain.name -storepass aircontrolenterprise

Now we run the interactive certbot script to prove the domain is actually yours before they hand out a cert.  Follow the instructions you can use DNS or hosting a file to verify.
certbot certonly --manual --csr custom.domain.name.csr

Continue reading “Hosted Unifi controller with Let’s Encrypt SSL take 2!”