Facebook Home Now Available At Play Store

If you are a big fan of Facebook then you’ll be pleased to know that the social networking giant has finally released the Facebook Home app over at Google Play. Don’t be surprised if your device isn’t seeing it yet as it’s being released gradually so some devices will have access to the app while some won’t.

So far the app is only available for use in the U.S. and only on selected devices. The device list is as follows

• HTC First
• HTC One (officially supported, but not yet available)
• HTC One X
• HTC One X+
• Samsung Galaxy Note 2
• Samsung Galaxy S3
• Samsung Galaxy S4 (officially supported, but not yet available)

Installing the app can easily be done by downloading it on your device and opening it.

For those whose devices aren’t on the compatibility list then you’ll have to wait a little bit longer for the app to become available.

A way to use Facebook Home on the Nexus 4 and possibly any other non-compatible device was discovered by Krzysztof Bryk. This method requires that you manually install the three .apk files required to run Facebook home and do a little editing on the build.prop file. If you are up to the challenge then you might want out check out the procedure.

Facebook Home is the new interface from the social network that allows you to easily access your Facebook account on your Android device. You’ll just need to glance on your phone to view updates from your friends, there’s the new chat heads feature and it comes with bigger and bolder notifications.

Some of the features of this new app include

• Cover Feed: As soon as you turn on your phone, you see posts from your News Feed, so you always know what your friends are up to
• Chat Heads and Messenger: Install Messenger to send and receive texts and Facebook messages from the same spot.
• Notifications: Notifications from Facebook appear right on your home screen and stick around until you need them. Open a notification with a tap or clear them away to see your cover feed.
• App Launcher: Launch your favorite apps and post to Facebook from the same spot

via google play

Read More

Unbuffered Cable, Xilinx DLC5 Cable III

This is the simplest type of JTAG cable, the easiest to construct and the cheapest to make. The original cable was introduced by Xilinx and has a full name "Xilinx DLC5 JTAG Parallel Cable III". Someone removed a buffer and changed it with a four 100 Ohm resistor. Popularized by the Hairydairymaid de-brick utility software for Linksys routers, many people have successfully built their own unbuffered JTAG cable. 

It consists of only a few cheap resistors, a 25-pin parallel port connector and a ribbon-cable with a 12-pin connector that slides onto a header soldered onto the PCB found inside the cases of Linksys WRT54G and WRT54GS routers. The chief limitation of this type of cable is that it must be very short; the length must be 6 inches or less (15 cm) to avoid problems with electrical noise. Note : you can safely replace 100 Ohm resistors with couples of 220 Ohm connected in parallel. 220 Ohm (Red-Red-Brown) is a much more frequent value found on electronic boards of recovery.

JTAG-to-LPT mapping

TDI - DATA0 - pin 2
TDO - SELECT - pin 13
TMS - DATA2 - pin 4
TCK - DATA1 - pin 3

The Linksys WRT54G and WRT54GS routers are based on Broadcom CPUs which are a type of MIPS32 processor. Broadcom has implemented EJTAG version 2.0 in their chips. This allows the use of DMA transfers via JTAG which, while slow, is faster than the implementation of EJTAG v2.5 and v2.6 which do not support DMA transfers.

Read More

AdTrap: The Adblock in a Box

Whether we like it or not, advertisements are a vital part of our Web browsing experience. It’s what enables us to read, watch or listen to most online content for free, like the website you’re on right now. But sometimes these ads can be intrusive or slow down your browsing experience. Hence the popularity of ad-blocking software like Adblock Plus. Now someone’s come up with a hardware equivalent of such software.

Invented by Chad Russell, the AdTrap is an open-source device that has a wider reach than any ad-blocking program. The AdTrap blocks online ads for all devices – from a desktop computer to a smartphone – in the same network. You simply plug the AdTrap in between your modem and your router, then reset your modem. Any and all ads should be gone when you’re back online.

Fortunately the AdTrap also has a whitelisting feature so you can instruct it to display ads on certain websites – *hint hint* – or let certain ads through. You can actually do much more than that if you have the know how, because the AdTrap is designed to be hackable.

As of this writing a pledge of at least $99 (USD) on its Kickstarter fundraiser qualifies you for an AdTrap. If this device is successful, I’m guessing Russell and company are going to come out with a router (or a modem-router combo) with AdTrap built-in.

Read More

AdBlocking on TomatoUSB Router

The Internet is flooded populated with advertisements today. There are AdBlock plugins for browsers. But how about mobile devices like non-rooted or non-jailbroken Androids and iOS devices?

I recently came across a Kickstarter project called AdTrap. It introduces a small zero configuration device that removes advertisements from your Internet connection before they reach any of your home devices. This device is connected between your modem and home router. Sounds cool? Yes if you are willing to fork out US$132 (inclusive of US$12 shipping if outside US / Canada).

Do I need the Kickstarter project to achieve that? No!

So I gave it a thought – with dnsmasq on the TomatoUSB-enabled router (e.g. ASUS RT-N66U, Linksys E4200), I could probably achieve ad blocking with DNS Cache Poisoning on the TomatoUSB-enabled router. Too geek? In simpler terms, I can make the TomatoUSB-enabled router resolve known advertisement domain names / hostnames to invalid addresses like 0.0.0.0.

As a result, I am able to filter advertisements from the Internet before they reach any of my devices at home.

I started to google around to see if anybody has used the DNS Cache Poisoning technique (using dnsmasq) and found that somebody actually did the scripts (http://goo.gl/mhykQ)! Did a little modification to it and here it is.

Pre-requisites

1. TomatoUSB-enabled router like ASUS RT-N66U, RT-N16, Linksys E4200
2. Flashed to TomatoUSB firmware (I am using TomatoUSB on my RT-N66U) 
3. Geeky mind to do some troubleshooting

Inserting the AdBlocking script

1. Using a web browser, login to the TomatoUSB web administration page
2. Navigate to Administration -> Scripts -> WAN Up tab
3. Copy and paste the contents below. Then save and reboot the router

## ALL-U-NEED Ad Blocking v3.9e
## http://goo.gl/mhykQ
## Original script by YAQUI
## Updated by ~nephelim~, Syl, jochen, groosh, ng12345, ray123, mstombs
## base64 decoder by Danny Chouinard's

sleep 10

ADB="/tmp/ADBLOCK.sh"
{
cat <<'ENDF' >$ADB
#!/bin/sh

OPTIMISE="Y"
GETS="1 2 3 4 5 6"
TRIM_BEGIN=2
S1="http://mirror1.malwaredomains.com/files/justdomains"
S2="http://www.malwaredomainlist.com/hostslist/hosts.txt"
S3="http://someonewhocares.org/hosts/hosts"
S4="http://winhelp2002.mvps.org/hosts.txt"
S5="http://sysctl.org/cameleon/hosts"
S6="http://hosts-file.net/ad_servers.asp"

USEWHITELIST="Y" # N/Y/R for remote
WURL="http://example.com/whitelist.txt"
WHITE="intel.com
www.shadowandy.net"
BLACK=""

USEPIXELSERV="N"
PXL_IP=192.168.1.10
PXL_EXE="/tmp/pixelserv"
PXL_URL="http://www.example.com/pixelserv"

UPLOAD="N"
FTP_SERVER="example.com"
FTP_USER=""
FTP_PASS=""
FTP_PORT=21
FTP_PATH="/gen"

ADD_CONF="N"
USEHOSTS="N"
ROUTER="Y"

NIP="0.0.0.0"

ENDF
}

UPDATE="Y"
AUP() {
if [[ "$UPDATE" == "Y" ]] ; then
if [[ "$(cru l | grep AdUpd | cut -d '#' -f2)" != "AdUpd" ]] ; then
cru a AdUpd "0 4 * * * $ADB"
fi
fi
}

#### DO NOT EDIT BELOW ####

b64="openssl enc -base64 -d"
[[ "$(echo WQ==|$b64)" != "Y" ]] && b64="b64"

b64(){
awk 'BEGIN{b64="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"}

{for(i=1;i<=length($0);i++){c=index(b64,substr($0,i,1));if(c--) for(b=0;b<6 data-blogger-escaped--en="" data-blogger-escaped-b64="" data-blogger-escaped-b="" data-blogger-escaped-c="" data-blogger-escaped-cat="" data-blogger-escaped-echo="" data-blogger-escaped-else="" data-blogger-escaped-gunzip="" data-blogger-escaped-o="0}}}}" data-blogger-escaped-obc="" data-blogger-escaped-printf="" data-blogger-escaped-system="">>$ADB
H4sIAJn5fk4CA61Xe2/aSBD/359iuvHFkKsx5Jq7KtSRCI+ASgCBc+kpJBG1F1gV
bGo7j17od7/ZWRsMJG2kXpMq693Zmd+8Zyv9s4Gt72ln9Y7NrHi+sCbcZ5pz3ks+
Yz5fMK3a7TSSDTfwx0xrdgfOINmZBlEcMe2y0WrXk62HqYg50/CfGMPVFegVlANv
bCjC9TUsl3KP6blFBEuYhHwBJgfDNCVvI90y/OBz4H0z8gxsGxjDm2WIp9zXwjmY
Y9ARc2HuHWU/Z6Mo1sZCCq62+7k8PGVO0yUqly6lXuma8Gvf5d3epzbdVeCZfjGo
91qf6u1Bvf+3QvNPBo6iegPmI+h487b+qb4+fJjwGMzu+oQWF/225k7ngQe/ry9J
4GIsbSAm8DksHhfVUau3ApJbCC8Yw0I88lnEw/sd22zJafXA9CWvMkQzjkYtQRnk
VYAvYjYDc9A6uxj0S7DLuQwE55VytVkwmfAQKrXTdrf6Eer9frd/DO7I94MYongU
xuvbmvyj8fvRDFin1bMTqEwaAH/JBZ0qeeCiU6s37KI2DkIQIHzpSGdQBi8AxeAu
nNlsqA90wUDrlWw9x91pADruLyHiHhjR8mYax4ur6Prg2LKubqzrg2HOKhwM8/py
WFoaea3582vDnLqYx4vpNYnpUWIqwSH8ITFpsZjzlBeGNGvWKzX0RAmajtOzSoXS
MBz6TcyXY9Cb9FENfJ+7sQh8tNYsiLjcZEvNd8F8gCNJBu+LS5UkAtoY4OZ54Imx
4N7xMg7B9IANQ5YnX6GrJAQmU016JwmKzyEffSGHeoHPNyntDUpl7xLRKotIqpMT
yi6fPygGioNOxKjnV7RAymArGYmRIs9up+TaeU3aHrM4upuvj5fuXUyK4Y85LuUB
6Q636BDMLlmiGXJViuHqcKXcVowegx+AOx35Ex5BJHyXA0GTCr8F/ihi4U8K2eoi
9Zf7SZzO77MnmQJEAez0W+cUwjKaTIH1TYus4R6Gj2Xh6qZ0+NewUKTf0hUM4+sD
2lfLhOb4OHs0C9zRTBZbeWrd6JZnqGJG8moDkrabKDt5Iq1EZUlGu6xNJpbcdSTB
CXGFjeqmCzAnHA9Qq9vT+lmrsy45cg/I0e4oVndPTlTF3ba4lKiy/4f1IgWnpRGr
LDpwcvknDIWjzVDYDoMEcqZFyKazv0964G0ZGXqOsCbneVLmF4IEm02ZvpLSRpmD
ok5WTSqta+3LprPdWy6bLafebg2c3d4i3RlhLyWPEh0aJAkpYFZatiTJUpUta1iw
hvh/YuQtjyk3kA357GWR/UwHWYfHJbap5+ODeiW8kFbU/GciSjikaGWLTxIAVplg
qO0kmFUL3tBZ+YkO8r+g+msibhu3ynKSwvTTdqX6kUEqKUnLoY/C1F6iQxr55Oxu
b9PX+N06bw3qu37etmEUhDKygGarQqGQDReavXZZyCtg3oEZqBwkGKT56OELmA0w
CgYYlLtP3T4Ob+z7E5o6J+xOoyxOimVhmvlFKHzUX7A9VlZrhu3ou6ESTYpYrtjt
bbEre4CQfkO2YpwTvscfc3rxrZd/Y5f29zuNN3Yx/+TZejFhrJsmCtYUBFpvgmAF
possCEShSpN0y7bByFBkNu4VMtV5ZQlySLWjHOJ0HawhD9hjZ/CBzvO7tQqJgPtx
KHikbjec3kVvM3l77W6l9tJIyPR+98Kp959J63ixuCNv6cj0Fp3aB3OhPnqVwQDM
XvLR7TtqJWdPpEpInGbGv777v/HLTGCNWmdwvl2qXog9d5GWWxxYJEky3f757l26
kakCOFotDR0nP5z1jWfOSwKbY6GIPyVYNb0VIamcUEtWciAbeV7Io8i29i3FeGms
9FFlt9o4e50uQF3M4rFreX40H0VfC3Ikp8Sm54I8Tj/gw4d6t6GheN+kCLTXLyJN
nhDYlxlmIVZqtW2QuHUrxTwD8hV6qAEbedqElWXHbtpF6TRzrzRqnCUKeVN3YY7u
4mkQingUi3uphDvlZiT+5fZh8d17mS7mKPrmu/YRabqy9Gn7YzL3hPcC+2WiND4C
gsVrYKf06jlojsWMKwUU/mePs3Zs0CBEFlq/L43k2s7rElKx2+mfyhERhHe+j8X4
R20Eo0++cWTJTp2MRTtZrqDhmCDflvJ1g/OaHGhoHpBlSfYK+ktFRvtpBaHspLBO
AocMj8rT81cK0v4De76CG9wPAAA=
ENDF
}

chmod 775 $ADB
$ADB
AUP

Verifying that the script is running

1. After the TomatoUSB router has rebooted, ssh into the router
2. Verify that script_wanup.sh is created by typing “ls /tmp” without the quotes
3. Verify that the adblock script is running by typing “cat /var/log/messages | grep ADBLOCK” without the quotes
4. It should show that it has N amount of entries for hosts and dnsmasq is running
5. Congratulations! Ad block is running!

How do I remove the script?

To remove the script. Simply delete the content of the WAN Up tab, save and reboot. The /tmp/script_wanup.sh should go away.

What is in the base64 block

All scripts in TomatoUSB have a 4096 characters limit hence some contents are converted to base64. The contents of the base64 block is based on the following script. You can also verify by checking the file /tmp/script_wanup.sh to verify. You do not have the copy and paste this script anywhere. I am showing here for illustrational purposes only.

#!/bin/sh

{

cat <<'ENDF'|gzip|openssl enc -base64 ARGS=$# GEN="/tmp/gen" TMP="/tmp/temp" CONF="/tmp/conf" HOSTS="/tmp/hosts" WFILE="/tmp/white" if [[ $ARGS != 0 ]] || [[ "$(ps | grep -e '--conf' | grep 'nobody')" == "" ]]; then rm -f $GEN.md5 rm -f $GEN.last fi CLR() { rm -f $GEN rm -f $TMP rm -f $CONF rm -f $WFILE } PXL() { if [[ "$USEPIXELSERV" == "Y" ]]; then if [[ ! -x $PXL_EXE ]]; then wget -O $PXL_EXE $PXL_URL chmod +x $PXL_EXE fi ifconfig br0:0 $PXL_IP if [[ "$(pidof pixelserv)" == "" ]]; then $PXL_EXE $PXL_IP -n br0; sleep 1 ; else kill -SIGUSR1 $(pidof pixelserv); fi if [[ "$(pidof pixelserv)" == "" ]]; then logger ADBLOCK ERROR: cannot start pixelserv else eval "NIP=$PXL_IP" fi fi } NC() { UNDEF=0 for i in $GETS; do eval url="\$S$i" P1=$(echo $url| sed 's|^http[s]*://[^/]*\(/.*\)$|\1|') H1=$(echo $url| sed 's|^http[s]*://\([^/]*\)/.*$|\1|') for x in 1 2 3; do time=$(echo -e "HEAD $P1 HTTP/1.1\r\nHost: $H1\r\nConnection: close\r\n"| nc -w 5 $H1 80|grep -i Last-Modified:|tr -d "\r") if [ "$time" != "" ]; then break; fi done if [ "$time" == "" ]; then UNDEF=1; fi echo $time>>$GEN.new

done

if [ $UNDEF -eq 1 ]; then rm -f $GEN.last; fi

if [ -f $GEN.last ]; then

MD1=$(md5sum $GEN.last|cut -d " " -f1)

MD2=$(md5sum $GEN.new|cut -d " " -f1)

if [ "$MD1" == "$MD2" ]; then

logger ADBLOCK: no changes since last time, exiting.

rm -f $GEN.new

exit

fi

fi

mv -f $GEN.new $GEN.last

}

TRIM() {

sed -ie '

s/\#.*$//

s/^127\.0\.0\.1[ \t]*//

s/[ \t]*$//

s/^::1[ \t]*//

s/localhost$//

/^$/d' $TMP

}

DS() {

for i in $GETS; do

eval url="\$S$i"

if wget $url -O - | tr -d "\r" > $TMP ; then

if [[ $i -ge $TRIM_BEGIN ]]; then TRIM ; fi

cat $TMP >> $GEN

logger ADBLOCK: $url

else

logger ADBLOCK ERROR: cannot get $url

fi

done

}

TST(){

MD5=$(md5sum $GEN|cut -d " " -f1)

if [[ -f $GEN.md5 ]] && [[ $MD5 == $(cat $GEN.md5) ]]; then

logger ADBLOCK: no changes since last time, exiting.

CLR; exit

else

echo $MD5>$GEN.md5

fi

}

LWHT() {

if [[ "$USEWHITELIST" == "Y" ]]; then

for site in $WHITE

do

sed -i "/$(echo $site|sed 's/\./\\./g')/d" $GEN

done

elif [[ "$USEWHITELIST" == "R" ]]; then

if wget $WURL -O - | tr -d "\r" > $WFILE ; then

logger ADBLOCK: whitelist $WURL

sed -i -e '/\#.*$/ s/\#.*$//' -e '/^$/d' $WFILE

for site in $(cat $WFILE)

do

sed -i "/$(echo $site|sed 's/\./\\./g')/d" $GEN

done

else

logger ADBLOCK ERROR: cannot get whitelist $WURL

fi

fi

echo "$BLACK" |sed 's/[ \t]*/\n/g'|sed '/^$/d' >> $GEN

}

OPT() {

if [[ "$OPTIMISE" == "Y" ]]; then

logger ADBLOCK: sorting hosts...

if [[ "$USEHOSTS" == "Y" ]]; then

sort -u -o $TMP $GEN

else

awk -F '.' 'BEGIN{ORS=""}{for(i=NF;i>0;i--)print $i"#";print "\n"}' $GEN|sort|

awk -F '#' 'BEGIN{ORS="";d = "%"}{if(index($0,d)!=1&&NF!=0){d=$0;print $--NF;

for(i=--NF;i>0;i--)print "."$i;print "\n"}}' > $TMP

fi

logger ADBLOCK: hosts sorted.

fi

mv -f $TMP $GEN

}

CNT() {

TOT=$(wc -l < $GEN) logger ADBLOCK: $TOT entries } FTPUP() { if [[ "$UPLOAD" == "Y" ]]; then if [[ "$ROUTER" == "Y" ]]; then ftpput -u $FTP_USER -p $FTP_PASS -P $FTP_PORT $FTP_SERVER $FTP_PATH $GEN else ncftpput -u $FTP_USER -p $FTP_PASS -P $FTP_PORT $FTP_SERVER $FTP_PATH $GEN fi fi } FDNSM() { if [[ "$USEHOSTS" == "Y" ]]; then cp -f $GEN $HOSTS chmod 644 $HOSTS sed -i -e 's|^|'$NIP' |' $HOSTS sed -i -e '1i127.0.0.1 localhost' $HOSTS else sed -i 's|^.*$|address=/&/'$NIP'|' $GEN fi } LCFG() { if [[ "$USEHOSTS" == "Y" ]]; then cat /etc/dnsmasq.conf >> $CONF

cat >> $CONF <> $GEN
fi
}

ADDCFG() {
if [[ "$ADD_CONF" == "Y" ]]; then
if [[ "$USEHOSTS" == "Y" ]]; then
eval "CFG=$CONF"
else
eval "CFG=$GEN"
fi
cat >> $CFG < dhcp-authoritative
cache-size=2048
log-async=5
EOF
fi
}

LBLK() {
service dnsmasq stop
if [[ "$USEHOSTS" == "Y" ]]; then
dnsmasq --conf-file=$CONF
else
dnsmasq --conf-file=$GEN
fi
}

FS() {
if ps | grep 'dnsmasq' | grep 'nobody' ; then
logger ADBLOCK: dnsmasq is running
else
logger ADBLOCK ERROR: restarting dnsmasq...
dnsmasq
fi
}

CLR
PXL

NC
DS
TST
LWHT
CNT
OPT
CNT
FTPUP

if [[ "$ROUTER" == "Y" ]]; then
FDNSM
LCFG
ADDCFG
LBLK
FS
fi

CLR

ENDF
}

The AdBlock Sources

I have actually updated the AdBlock sources to one that is more suitable for me. The codes that are responsible for the AdBlock sources are:

OPTIMISE="Y"
GETS="1 2 3 4 5 6"
TRIM_BEGIN=2
S1="http://mirror1.malwaredomains.com/files/justdomains"
S2="http://www.malwaredomainlist.com/hostslist/hosts.txt"
S3="http://someonewhocares.org/hosts/hosts"
S4="http://winhelp2002.mvps.org/hosts.txt"
S5="http://sysctl.org/cameleon/hosts"
S6="http://hosts-file.net/ad_servers.asp"

You can choose which hosts files will be downloaded to block ads, update the variable GETS. I am downloading all of them.

A little explanation about TRIM_BEGIN=2:

S1 contains hostname only, it will be copied without formatting. While S2 to S6 are file formatted to replace hosts file, these files will be formatted to works with AdBlock. TRIM_BEGIN tells AdBlock which sources need formatting (from S2 to the end). Well usually you don’t need to touch this. Yes, you can add new blacklists to it.

If OPTIMISE=”Y”, AdBlock will remove duplicated entries.

Custom Whitelist and Blacklist

You can add inline whitelist and blacklist to the script by updating this chunk of the codes:

USEWHITELIST="Y" # N/Y/R for remote

WURL="http://example.com/whitelist.txt"

WHITE="intel.com

www.shadowandy.net"

BLACK=""

Auto Updating of AdBlock sources

By setting UPDATE=”Y”, AdBlock will update the AdBlock entries at the time specified in the cron rule.

UPDATE="Y"
AUP() {
if [[ "$UPDATE" == "Y" ]] ; then
if [[ "$(cru l | grep AdUpd | cut -d '#' -f2)" != "AdUpd" ]] ; then
cru a AdUpd "0 4 * * * $ADB"
fi
fi
}

Getting Pixelserv to work

Pixelserv is a super minimal web server whose sole purpose is to serve a 1 x 1 pixel transparent gif file regardless of request. When USEPIXELSERV is enabled (set to “Y” instead of “N”). The adblock-ed hostnames are resolved to PXL_IP (which actually points to the router itself). This result in your web browser requesting resource from Pixelserv.

USEPIXELSERV="N"
PXL_IP=192.168.1.10
PXL_EXE="/tmp/pixelserv"
PXL_URL="http://www.example.com/pixelserv"

To get Pixelserv to work, simply do the following:

1. Download Pixelserv V27
2. Unpack the package and upload it to your webhost or the public folder of your Dropbox
3. Update PXL_URL to point to the location of pixelserv on your webhost or Dropbox without the https (e.g. http://dl.dropbox.com/u//pixelserv)
4. Update PXL_IP to a unused IP address on your network (e.g. 192.168.1.10)
5. Update USEPIXELSERV to “Y”
6. Change TomatoUSB Web Admin page to run on port 8080 (TomatoUSB –> Administration –> Admin Access –> HTTP Port)
7. Save the changes and restart the router

Do note that you will need to append :8080 to your router IP if you intend to access the Web Admin in the future. - source

Read More

Asus RT-N66U Flashed with TomatoUSB firmware

TomatoUSB is an alternative open source firmware for Broadcom-based routers like the ASUS RT-N66U Black Knight. It is a modification of the famous Tomato Firmware but with built-in support for USB port, wireless-N support. Check out this entry for an overview of the ASUS RT-N66U Black Knight.

Some of the TomatoUSB features are:

• Very advanced QoS (Quality of Service) configuration
• Advanced wireless configurations (WDS, wireless client modes, etc)
• Graphical bandwidth usage monitor
• Printer server: access USB printer from LAN
• Media server DLNA
• Built-in support for USB – 3G, Storage

You can view more information about TomatoUSB here. You can always flash it back to the original firmware by following this guide and specifying the original firmware instead.

Not sure why are you flashing third party firmware?

I am flashing TomatoUSB into my ASUS RT-N66U due to the following:

• DHCP reservation in the original firmware do not work really well. For some reason, some clients just do not get their reserved IP correctly despite having the correct MAC address
• DHCP reservation in the original firmware does not give clues what you are reserving for. I felt that besides allowing you to enter the “MAC address” and “IP address”, it should allow you to enter “Hostname/Comments” so that I will know what that line is for
• Basic implementation of QoS in original firmware. This is subjective, to some, the QoS is just fine but the one in firmware 3.1.0.3.90 keeps assigning lowest priority to the first 3 custom rules. To be fair, this is fixed if you flash up to 3.0.0.3.108
• No option of defining range of DHCP client list in original firmware. For some reason, it just distributes ALL available IP addresses. For me, I prefer to cut my available IP addresses into 2 blocks – one for static machines/servers and the other for any clients

So are you ready to flash TomatoUSB onto the RT-N66U? If yes, just proceed on.

Warning: Flashing third party firmware will void your warranty! I will not be held responsible if anything goes wrong.

What are the required files?

You will need to have the following:

• ASUS Firmware Restoration Utility
• TomatoUSB (Shibby) firmware

Getting the ASUS Firmware Restoration Utility

1. Open another browser window/tab and navigate to http://support.asus.com/ServiceHome.aspx?SLanguage=en
2. Search for support for RT-N66U
3. Select the “download” link
4. Specify the OS you are using
5. Download the latest Utility for RT-N66U
6. Install the package

Getting the TomatoUSB (Shibby) firmware for RT-N66U

1. Open another browser window/tab and navigate to http://tomato.groov.pl/download/K26RT-N/
2. Look for the latest build for “RT-N66U”.
3. Download the firmware (.trx) file. If you do not know which to download, just download the one with “mega” or “BT” in the filename

Great! By now, you should have the ASUS Utility installed and the latest TomatoUSB (Shibby) firmware downloaded. Lets proceed to the next section.

How do I flash the TomatoUSB firmware onto the RT-N66U?

The steps are simple, you will need to:

• Start the firmware restoration process (using firmware restoration utility in the ASUS Utility package) so that it is searching for router
• Put the ASUS RT-N66U into firmware restoration mode and quickly start the firmware restoration process

Before you proceed, pull out the power cable to your RT-N66U and have a pen ready to press the reset button (between the USB ports and WAN port)

Preparing for firmware restoration to TomatoUSB (Shibby)

1. Launch the firmware restoration utility (this is one of the tools in the Utility you installed earlier)
2. In the firmware restoration utility, browse for the TomatoUSB firmware you have downloaded earlier
3. Start the firmware flashing and a prompt should appear stating that it is an incompatible firmware. Proceed to the next step.

Putting the RT-N66U into emergency firmware restore mode

1. Press and hold on to the reset button
2. While holding down the reset button, plug in the power cable so that the RT-N66U turns on.
3. Note: Keep holding the reset button until the power led starts to flash (on and off). When power led starts flashing, release the reset button and proceed.
4. On the firmware restoration utility, agree to the prompt saying that it is a incompatible firmware.
5. The utility should be scanning for device. Quickly proceed to the next step
6. Wait until the flashing is complete
7. Power cycle the router when it is complete

Finally, clearing the NVRAM before you use TomatoUSB

It is always a good practice to clear out the previous settings (in NVRAM) whenever you flash to different firmwares. In this case, it is required to flush out the NVRAM.

You can either flush the NVRAM either through key presses or through web admin.

Clearing NVRAM via key presses

1. Power off the RT-N66U
2. Press and hold down the WPS button
3. While holding the WPS button, plug in the power cable to turn RT-N66U on
4. Keep holding the WPS button for 30 seconds before releasing
5. The router should reboot
6. Congratulations. The NVRAM has been cleared.

Clearing NVRAM via web admin

The TomatoUSB administration web should be at http://192.168.1.1 . If it is not, do a “ipconfig” or “ifconfig” and navigate to the gateway address with your web browser. If you are not able to get an IP address from DHCP, you might want to set your computer’s IP address to 192.168.1.2 (255.255.255.0).

When prompted for a login, the default is:

• User: root
• Pass: admin

Once you are in, follow the next step to clear out the previous settings

1. Navigate to Administration -> Configuration
2. Under Restore Default Configuration, select “Erase all data in NVRAM memory (thorough)
3. Click “OK”
4. Wait for the router to be ready

Your RT-N66U is now running TomatoUSB (Shibby). Have fun exploring and configuring the RT-N66U. Do update me if there are anything wrong with this guide so that I can fix it. Thanks!

Read More

The Jewish Hijab Meaning

The term "Jewish hijab" is sometimes used to describe the head covering worn by some Jewish women after marriage. It should be noted, however, that the term "hijab" is not used within Jewish communities to describe this garment or the practice of wearing it. 

The reason why some people describe a Jewish woman's head covering as a Jewish hijab likely has to do with the common association of head coverings with Islamic modesty standards, which are collectively known as hijab. 

Modesty codes in Judaism, on the other hand, are properly known as tzniut. The nature of a Jewish women's head covering and standards of modest dress are different from that practiced by Muslims, however, and the styles worn as part of both Muslim and Jewish hijab are also distinct.

Modesty standards vary within the Jewish community, with some branches of Judaism rejecting strict modesty codes while others embrace them. Some women in Orthodox Judaism practice a custom of covering their hair in public after marriage, reserving the sight of their natural hair for their husbands. These women may choose to wear a wig, known as a sheitel, while others may tuck their hair under a hat, snood, or headscarf. Unlike many Islamic head coverings, those worn by Jewish women do not typically cover the wearer's neck or chest. Nor is a woman usually obligated to wear such a covering until after she is married. Unmarried women and girls are not required to cover their hair, although they may still be expected to dress modestly by covering their legs and arms while in public or in the presence of others.

In Muslim communities, women are typically expected to dress modestly from the age of puberty. Modest dress is often defined as covering the entire body, with the exception of a woman's face and hands, in a way that does not reveal the woman's body shape or hair. While these dress standards are known as hijab, the headscarf or head covering worn by many Muslim women is also colloquially known as a hijab. In countries like the United States, where the majority of women do not cover their heads while in public, the wearing of a headscarf is often associated with the Islamic practice, leading some to refer to head coverings worn by women of other faiths as either a Christian or Jewish hijab, even though the women who practice this custom may not refer to their headscarves in this manner.

Read More

Ainol Novo 7 Crystal 2 Is a Quad-Core Jelly Bean Tablet Worth Less Than $100

Android tablet prices have dropped and dropped and dropped for the past couple of years, but I’m sure you never suspected you could get a quad-core Jelly Bean-based slate for less than 100 bucks. That’s just crazy, isn’t it?

And yet it’s true. Ainol, a manufacturer that has been on our radar in the past with such dirt-cheap tabs as the Novo 7 Crystal, Novo 10 Captain and Novo 7 Venus, has done it again! The spanking new Novo 7 Crystal 2 looks better than its predecessor, has cooler specs and is also cheaper, all while coming with free international shipping via LighTake.

Sure, you should not expect a level of performance closer to, say, that of the Nexus 7, but for just $94.89 the Novo 7 Crystal 2 is an amazing bargain, no matter how you look at it.

But you know what the absolute craziest thing is about this 7-incher? It doesn’t even have the worst specs in the world, as you might thing. Yes, the LCD capacitive screen is sub-par, boasting a 1,024 x 600 pixels resolution.

And yes, the 1.5 GHz quad-core Cortex A9-based ATM7029 CPU is likely slower than several dual-core chips around. But the Novo 7 Crystal 2 comes with 1 GB of RAM, 8 GB of on-board storage and microSD support.

There’s also a front-facing camera, albeit a very modest 0.3 MP one. And what can one not like about the on-board Android 4.1 Jelly Bean with full Google Play support? I’m telling you, Ainol could have priced this baby at $120 or $130 and it would still look like a tab with a decent quality-price ratio.

Granted, the thing is not exactly the thinnest or lightest, but it weighs in at 338 grams and measures 10.5 mm in width, which is almost identical to Nexus 7’s numbers.

Other features include Wi-Fi 802.11 b/g/n, Flash support and a decent 3,700 mAh battery, but sadly there’s no GPS or Bluetooth. Then again, Ainol did have to cut a few corners to keep the price so low, right?

Regardless of that, I said it once and I’ll say it again. The Ainol Novo 7 Crystal 2 is an amazing bargain, and, if you’re in the market for a portable tab that won’t make you break the piggy bank, you’d be fools to pass on it. Are you in or are you out?

Via [GizChina]

Read More

Amazing Thermoelectric Fan Powered by a Candle?

A Thermoelectric generator powered by a tealight. It started as an experiment of how much power I could get from one candle. But I liked the idea and it worked really well so I built this electric-mechanical ornament. I did not use a high temperature TEG-module, but instead a cheap TEC-module. That can still handle 200 degrees Celsius which is good enough.

Concept:

It is also called a peltier element and when you use it as a generator it's called seebeck effect. You have one hot side and one cold. The module generates power to drive a motor and the motor fan/air flow will cool the upper heat sink. Higher temperature difference => increased output power => increased motor RPM => increased air flow => increased temperature difference and so on. The airflow will spread the heat into your room, which is the purpose of this construction.

http://en.wikipedia.org/wiki/Thermoelectric_effect

If you unmounts the basement you could also use it as a stove-fan or move air from other heat sources. The motor start to turn at about 15 degrees difference, which to my surprise worked when I just went outdoors with it and the upper heat sink got cooler than the basement. You can place it in hot water, on an ice cube, a pizza and it works just as fine.

Total cost was about 50€ (incl. shipping costs). I used some spare parts but I bought most of it.

Components used:

• CPU-cooler (cold side): Zalman CNPS5X (Base plate: 33x33mm)
• CPU-cooler (hot side): From an old PC (WxLxH=78x63x67mm)
• TEC-module: TEC1-07110T200 (30x30x3.3mm)
• DC Motor: 1,5-3V
• USB-fan (metal, only needed the fan)
• Thermal paste: Arctic MX-4
• A piece of wood
• Two pull springs
• Four M4 bolts and two M3 bolts
• Aluminum tubes (optional)

TEC specification (at ΔT=68C):

• Vmax: 8.5
• Imax: 10
• Qmax: 52.7
• Tmax: 200 degrees Celsius
• Source: http://www.termo-gen.com

Construction:

First of all, it does not need to be exactly those components. Other heat sinks, TEC/TEG, motor, fan, thermal paste, bolts and base plate can be used. Main concept rules are:

• A TEC or TEG module (smaller dimension than upper heat sink base plate). Specifications are not that important but make sure it can handle high temperature. Many modules are only 100 degrees C and then you need to modify the construction as it gets warmer than that.
• One hot side that is not hotter than TEC max-temp (My candle flame never touches the surface)
• One cold side, an efficient heat sink (heat pipes) are a good choice
• Good thermal paste to maximize temperature difference
• Low voltage motor, around 1V. I prefer it to be quite (low dB)
• Fan with high air flow at low RPM
• Base plate that adds stability, holder for light, isolate heat

The lower heat sink (hot side) was cut and polished to get it nice looking. I kept 5mm of the fins to absorb the heat well when the light flame burns and increases distance to the surface. New dimensions are 78x63x15mm. 4 holes are drilled through the heat sink and threaded as M4. 4 bolts will hold the lower heat sink on top of a wooden platform. Bolts go through the platform from below, covered with aluminum pipes for a better looking design and are screwed into the heat sink. The distance between wood and heat sink is 35mm but I would make it 40-45mm as the flame almost touches the surface. You don´t want that because it creates black soot. The lower heat sink gets really warm but at the same time it works as a cooler to not get TOO warm, that would melt the TEG-module.

Two springs attached to M3 bolts fixate the upper heat sink on the lower, with TEC-module and thermal paste in between. Both surfaces of the TEC are covered with a thin smooth layer of thermal paste. The springs adds pressure as well as isolate the heat to travel to the cold side. The upper heat sink could also be screwed into the lower heat sink but then you need isolated screws.

The TEC is directly attached/soldered to the motor and the motor is attached to the upper heat sink by another small piece of metal and a cable tie. The fan is attached to the motor with a small belt wheel and glue.

Result:

I think the hot aluminum part get to about 100-150 Celsius, I measured the temp with a grill thermometer covered in thermal paste but can´t tell how accurate it was. I measured 0.4V and 0.25A with one candle and 0.67V and 0.54A with two. That results in 0.1W resp. 0.36W output power. The efficiency to produce electricity this way is not that impressive though. A candle produce about 25 Watts, that means 0.7% efficiency.. But who cares, everything this machine does will eventually end up in heat any way =) That is a bit interesting, you increase the room-heating speed (I think) but looses nothing..

Thermoelectric Fan Powered by a Candle

It is a bit noisy to have running all the time. To find the optimal motor/fan => airflow/noise level will require some more experimenting.

Mod Proposals:

• Skip the base platform and bolts and use it as a stove-fan.
• Use two/four TECs side-by-side to multiply output power. Add a 5-10mm thick copper plate that covers all modules and then place the CPU-cooler on top of that.
• Use a brushless DC motor and a suitable fan to make it noiseless.
• Build in a slow motor beneath the platform to make the whole thing spin 360 degrees.
• Put wheels on the platform.

Edit:

I have changed the motor to a "Tamiya 76005 Solar Motor 02 (Mabuchi RF-500TB)". Got it on Ebay. It´s incredibly strong at low RPM and I give it only 0.5V. A very good motor, but best of all, it´s quiet! I cannot hear it at 2m distance at full speed. It also gives stronger air flow. Now I can run it all time =) source

Read More

Homemade Huawei BM622 LAN LED Programmer Flasher

This Homemade Huawei Echolife BM622 4G WiMAX CPE broadband wireless modem router LAN LED programmer flasher is a DIY using LPT printer port on old legacy PC, beware of using USB to LPT it will not work.

The hardware schematic diagram is wide available on the net, likewise part can be also purchased at local store. You can download the Willem programmers  its free, Programmer is very cost effective and suitable for electronic applications (PC BIOS, satellite receivers, DVD update/repair and more...).

Latest HW version EZoFlash4v5

EZoFlash+ 4v4

Schematic Diagram :

Programmer EZoFlash support :

• 8bit , 8/16bit and 16 bit flash memory in TSOP, PSOP, DIP and PLCC packages,
• EPROM, E(E)PROM and E2PROM parallel memory, FWH/LPC and AT89C51 family,
• +3.3V and +5.0V Vcc devices,
• address range to 64Mbit (..A22),
• +12V driver for programming and temporary sector unprotection,
• adapters with standard sockets for DIP and PLCC devices,
• adapters with memory chip soldering or surface mount identical footprint sockets (Meritec, Yamaichi) for TSOP , PSOP and SSOP devices,
• software commands - get ID, read, verify, erase, blank check and program.
• Latest version EZoFlash4v5 support serial EEPROM (I2C, Microwire, SPI), SPI Flash, Microchip PIC, Atmel AVR-8bit MCU (ATmega, ATtiny, AT90)

EZoFlash+ installation guide.

1.) Power supply output voltage +15…+18V, max current 300mA or more. Be sure , power supply connector internal positiv ! Recommended power supply with stabilised output voltage.

Check filtered non-stabilised power supply output voltage drop, load shortly power supply connector with resistor about 150 Ohm (load 100-120mA). Output voltage schould remain in recommended voltage range. Expect EPROM adapters use, check power supply voltage with resistor about 47 Ohm (load 300-350mA).

DC Power Jack and Plug are available with internal pin diameter 2.1mm or 2.5mm. Adapt both connectors for the same size.

Be sure on power supply isolated output voltage, no static voltage between power supply connector and computer grounds.

2.) Programmer EZoFlash+ default jumpers are Jp1, Jp3, Jp5.

Programmer logic IC and target chip have +5V voltage, A18 used on connector BU3.

Change jumper Jp5 (A18) to Jp4 (RST/Vpp) for BU3 based adapters only where Vpp or RST required , read settings in adapters page.

Change jumpers Jp1, Jp3 (+5V) to Jp2 (programmer +4.3V, target chip +3.6V) for low voltage (2.7-3.6V) target memory chip.

Change jumpers Jp1, Jp3 (+5V) to Jp2, Jp3 (+4.3V) for FWH/LPC adapters.

Other voltage options are available, for example all jumpers Jp1..Jp3 removed – programmer +3.6V, target chip +2.95V.

3.) Required adapter for target chip find in EZoFlash adapters page. Details and settings find on selected adapter page.

Corresponding flash memory and FWH/LPC chip adapter can be found in chip database.

Common jumpers on adapters – Jp7 (Vpp=Vcc), Jp8 (Vpp=+12V)

Extra adapter – voltage converter dc2dc_a4 is used with EPROM adapters to have higher programming voltages (Vcc=+5.7V , +6.2V ; Vpp= +12.5V…+13.2V, +21V, +25V)

Crossadapter prot_a1 is used for 8-bit flash memory adapters to provide sector lock/unlock in high voltage autoselect mode.

Verified chips, used adapters and test results are summarized in chip_test file.

4.) EZoFlash+ programmer works with Willem group programmer software in main PC OS , Windows XP and Windows 98SE preferably. Recommended latest software version 0.97ja. Sometimes useful are old versions 0.97g and 0.94a .

Software versions 0.98b, 0.98c, 0.98dx (0.98d2,.. 0.98d5) are not EZoFlash+ compatible.

Have a file setup97ja.exe, run it and follow to guide. Directory EPROM3 with files EpromM51.exe and io.dll will be created in Program Files. Uninstall option , Shortcuts in Desktop and Programs Menu are available.

Have a package with files EpromM51.exe (10.06.2004, 0.97ja ) and io.dll, unzip it and place both files in the same directory.

Have a package with files EpromM51.exe (26.01.2003, 0.97g or 21.02.2004, 0.94a) , dlportio.sys, dlportio.dll , unzip it and place all files in the same directory.

Click on program icon or it shortcut, programmer software window is launched.

5.) Utility 29C0x0.exe read boot block lockout on Atmel and Winbond small sector flash memory. Winbond chips boot block lockout can be enabled/disabled.

Utility hvasm.exe allow 8 bit flash memory sector lock/unlock in high voltage autoselect mode.

6.) Printer LPT extension cable is used to connect programmer and PC. Cable has 2 connectors (male and female), wired 1:1 according pin numbers. Shorter cable is recommended, but no more than 1.8m. Cable wires should be shielded , shield connected to both connectors housing. Long cable, bad quality and without shield may cause random errors in data transfer.

7.) Willem software supports programmer connected to standard LPT1, LPT2 or LPT3 port. Set selected in programmer software, settings “Printer Port”

Laptops with parallel port converters, PC with specific LPT port adress are not supported.

Recommended install registry XP_stop_polling.reg on PC with Windows XP. It stops PC internal resources random access/scan to LPT port. Check and close active resident programs that can use parallel port.

Generally data transfer works on default LPT port settings. Check parallel port settings in PC BIOS, sometimes change from ECP mode to EPP or Normal required.

Utilities are LPT1 supported only.

8.) Installing sequence.

• Connect LPT cable to PC and programmer.
• Run Willem software.
• Connect power supply to programmer. Programmer green LED flash only.
• Run Willem SW command Help/Test Hardware. Expect reply “Hardware present”
• Insert adapter with target memory chip.
• Run Read/Erase/Blank check/Program.
• Command in progress – red LED flash (Vcc on), yellow LED flash (Vpp on).
• Command finished, programmer green LED flash only. Remove adapter or replace target memory chip.

9.) Powered programmer - don’t connect and disconnect LPT cable.

Software not launched - don’t use or install adapter with target memory chip. All LED’s can flash on powered and connected programmer without software, target chip can be damaged !!

Command in progress, red or yellow LED flash - don’t remove or install adapter with target memory chip.

10.) Share your experience and problems in EZoFlash forum.

Read More

Chinese site exploits Apple's own tools to distribute pirated apps without jailbreaking

Chinese pirate site 7659.com is exploiting Apple's bulk enterprise licensing tools to distribute free versions of paid App Store applications. Bulk enterprise licensing is supposed to let businesses send in-house apps to employees without dealing with Apple's App Store. It works via a developer provisioning profile, which facilitates "sideloading" of sorts without jailbreaking.

The site is only open to users in China, but that restriction can be circumvented via proxy server. According to VentureBeat, 7659 is full of apps that would otherwise cost money. Those include our best new app last week, Badland, which is usually $3.99, and Final Fantasy V, priced at $15.99 in the App Store. In a statement on its site, Kuaiyong, the company that appears to run 7659, explains its reasoning behind offering the apps:

"First of all, we would like to thank all Apple users around the world and your support for Kuaiyong.

Statistics have shown that a significant amount of Apple users are Chinese based. However, the fact is that in China, a large number of Apple users are not very familiar with the iTunes system and how to effectively manage it.

In order for Chinese Apple fans to download applications securely, Kuaiyong developed its own method of giving users access to thousands of free apps without having to jailbreak their devices. Kuaiyong offers detailed descriptions of apps, free app download trial, IOS device management and visual and audio file backup system. IOS system backup and recovery features will also be released in the very near future.

Our goal has always been about bringing Chinese Apple users with quick, convenient and pleasant IOS experience. Since the introduce of Kuaiyong, the proportion of jailbreak in China has declined dramatically from 60% to around 30%. Kuaiyong will hold on to this goal in the future and we would like to see more support for Apple as well as Kuaiyong."

Kuaiyong's justification for providing pirate apps — that navigating the App Store is difficult for Chinese users — is laughable at best. It would appear that Apple won't have a particularly tough time putting a stop to this, though, as all of the apps are provisioned with the same developer profile. Apple just needs to find a way to cut 7659's profile off. Of course, there's always the chance that the same organization could use another developing profile to achieve the same thing, and it's not clear if Apple is able to remove apps remotely from users' phones. VentureBeat says it asked Apple for comment on the matter "multiple times" without response, but we've also reached out to ask how it plans to deal with 7659.com. - source

Read More

The Solar Cell That Turns 1 Photon into 2 Electrons

MIT researchers develop an organic solar cell that breaks 100 percent quantum efficiency

Solar cells are picky. If an incoming photon has too little energy, the cell won’t absorb it. If a photon has too much, the excess is wasted as heat. No matter what, a silicon solar cell can never generate more than one electron from a single photon. Such harsh quantum realities severely limit the conversion efficiency of photovoltaic cells, and scientists have spent decades looking for work-arounds.

Now, researchers at the Massachusetts Institute of Technology’s Center for Excitonics have published a compelling case that the key to greater solar efficiency might be an organic dye called pentacene. In today’s issue of Science Daniel Congreve, Jiye Lee, Nicholas Thompson, Marc Baldo and six others show that a photovoltaic cell based on pentacene can generate two electrons from a single photon—more electricity from the same amount of sun. Scientists have suspected for some time that this might work; today’s paper is proof of concept.

The key is a phenomenon called singlet-exciton fission, in which an arriving photon generates two “excitons” (excited states) that can be made to yield two electrons. Previous researchers had accomplished similar tricks using quantum dots (tiny pieces of matter that behave like atoms) and deep-ultraviolet light. “What we showed here,” Baldo says, in addition to using visible light, “is that [this process] works very, very effectively in organic materials.”

Why it works is still not particularly clear, and for now, the pentacene cell works only with an extremely narrow band of visible light. But Baldo says it should be possible to create a pentacene coating for silicon solar cells that boosts the total conversion efficiency from today’s 25 percent to a shade over 30 percent—a significant jump. Developing that technology is the obvious next step. “Can we apply this thing as a coating on silicon?” Baldo says. “If we can do that, it would have a pretty major impact on solar cell technology.” - source

Read More

Most Awaited Driverless cars expected by 2025

Google has been testing a fleet of autonomous vehicles on U.S. roadways for quite some time now, and other companies such as Mercedes-Benz are adding more advanced technology to aid drivers. We now have cars that can automatically stop, parallel park themselves and even detect when another car is in a blind spot. Google executives have previously said that they would like to see self-driving vehicles on the road within three to five years, however it may not happen that quickly. Industry experts believe that by 2020, car computers will handle much of the work when traveling at high speeds and five years later, we could finally see fully autonomous vehicles arrive “in meaningful numbers.”

The dates given are still “guesstimates,” Christian Schumacher, head of advanced driver assistance systems in North America for Continental, told The Wall Street Journal. She also noted that there are many obstacles the industry must overcome to make driverless cars a reality. One concern is the question of liability: Who should take the blame if a self-driving car gets in an accident?

Then again, accidents may be so rare that it could be a non-issue. Google’s self-driving cars have logged more than 300,000 miles across a wide range of traffic conditions and have not caused a single accident. Automakers and regulators in the U.S. and Europe are serious about the future of autonomous or semi-autonomous vehicles and have been pushing the technology in an effort to improve safety.

NHTSA researcher W. Riley Garrott revealed some interesting data this week at the SAE International World Congress in Detroit. According to the agency’s crash data, only 1% of drivers involved in a crash apply the brakes at full force prior to the impact, while 33% of drivers don’t apply the brakes at all. He said that accidents due to poor braking were found to cost society about $45 billion, based on data from 2006 to 2008, and that these new technologies would not only save lives, but also money.

As we patently wait for self-driving vehicles to arrive, Garrott noted that the NHTSA intends to make a decision by the end of the year on whether technologies such as “crash imminent braking” should be a standard across the automotive industry. - source

Read More

Malicious DDoS Attack On Reddit Continues

Reddit is currently under a large DDoS attack, according to the official Twitter account. The main site is functioning well, but some features have been disabled throughout the attack to keep the website speed stable and servers running.

The attack is a denial of service attack, one of the most common by hackers and Anonymous groups. The basic understanding on denial of service is thousands/millions of requests being sent at a time, making the servers shut down.

Most of the DDoS programs come free and can be installed and utilised quite easily, this is why it is such a common attack. The problem is you need a lot of bandwidth to make problems occur on the website.

The attack seems to have started on Friday, around the time the Boston Marathon bombings happened. Reddit users have been working to try and find potential suspects to help with the FBI investigation.

One of Reddit’s admins stated the attack was from someone with “a lot of time and bandwidth on their hands.” This would not be the first attempt at taking down Reddit, with many attacks happening to try and shut down the servers.

Reddit has said this is the biggest DDoS attempt on this scale ever, however Reddit is one of the most viewed websites and should be able to withstand this attack.

We are unsure what the course of action is, apart from finding IP addresses and loop holes in the attack and making sure the servers don’t go down. If they do, backup servers need to be prepared.

Read More

Android Malware Can Launch DDoS Attacks From Your Smartphone

Be careful of what you install on your Android device as you might unwittingly get it infected with malware. A new Android malware has just been discovered called Android.DDoS.1.origin and works by carrying out a DDoS (Distributed Denial of Service) attack from your smartphone to any target.

This latest threat was discovered by a Russian security company, Doctor Web, which reported this new threat uses social engineering techniques to spread itself. Android.DDoS.1.origin disguises itself as a Google Play icon tricking users into thinking it is the real thing. Once you click on it you will be routed to the actual Google Play store which is its way of distracting you from what is really happening.

This malware works in the background without your knowledge. Once it is activated it searches for its command and control center and sends out information regarding your device there. One piece of information that will be sent is your phone number. The criminals will be using this number to send text messages to your phone to control the malware.

The commands that can be sent to your infected device are for it to launch a DDoS attack or to send out text messages. A DDoS attack is performed when your device receives an IP address and a port that that it will need to ping. While one smartphone won’t make a difference, imagine what millions of infected smartphones can do to a particular site. It’s going to take that site down once it reaches critical mass. Your device can also be used as a platform to send spam text messages which might let you incur charges from your network provider.

The good news about this is that it doesn’t seem to be spreading quickly. You should however be prepared to take preventive measures by always making sure to have an updated security software running on your Android device. - source

Read More

Budget iPhone rear plastic shell?

Earlier this week, case manufacturer Tactus was one of several sources to share photos of cases reportedly designed for the fifth-generation iPad, once again showing that the device is expected to be smaller than the existing iPad and take design cues from the iPad mini.

Today, the company shares a photo of what is said to be the rear shell of Apple's rumored lower-cost iPhone. In line with previous rumors, the part appears to be manufactured from plastic.

The part is also consistent with iLounge's January description of the device, carrying a design somewhat similar to the iPod classic with a flat back and curved edges, as well as a shift to elongated volume buttons along the left side.

The report also shares a number of other claimed details about the device, including word of an A5 chip, a 5-megapixel rear camera, and five color options of black, white, blue, red, and yellow. The device is also claimed to carry a 3.5-inch Retina display rather than the 4-inch display seen in the iPhone 5, although that detail conflicts with reliable analyst Ming-Chi Kuo's claims of a 4-inch display for the lower-cost iPhone.

Finally, Tactus claims that the lower-cost iPhone will launch on October 15 and be priced at $300, although we place little faith in those details given that any source for part leaks likely coming through Apple's supply chain or accessory manufacturers would not be aware of Apple's specific launch plans. The report also claims that the rear shell is 0.4-0.6 mm thick, which is obviously not an accurate measurement and is likely a misreporting of previous claims that it would be 0.4-0.6 mm thicker than the iPhone 5.

We also can not verify whether this is indeed a legitimate rear shell for Apple's lower-cost iPhone. It could simply be manufactured based on circulating rumors, but even if fake it could be an accurate representation if it is based on design specs leaking through case makers. Case makers have a number of times created accurate physical mockups of Apple's upcoming devices, although they have on occasion been incorrect.

Read More

Huawei Echolife BM622 JTAG Serial Pinout

Today I have found the easy, best and simple way on How-To repair the Huawei Echolife 4G WiMAX CPE broadband wireless modem router being so-called firmware destroyer or FWD most of the times it is also referred as "bricked". On the other hand, Blank WAN is totally different you can navigate to the graphical user interface (gui) except your WAN intferface MAC address is BLANK and therefore techie labeled it as "blank WAN" this also can happen to the CPE. With this recent release of JTAG and Serial pinout there would be no more "Baklas Kabit" DIY hopefully.

The JTAG pinout must be tested first not with analog or digital multimeter because it will not do the work, eGizmo PIC18F2550 Pinguino is Andruino clone board can do the task on Boundary Scanning for absolute reading with open source apps.

Read More

eGizmo PIC18F2550 Pinguino – Arduino like Board

eGizmo PIC18F2550 Pinguino board is based on Arduino platform pin layout. Instead of using the Atmel AVR microcontroller, Pinguino uses Microchip PIC18F2550.

Features

• gizduino/arduino pin compatible
• gizduino/arduino shields compatible
• ICSP header for programming with e-Pickit2/pickit2
• PL2303 usb to uart chip for uart debugging

More on Pinguino is discussed on Hacking Lab.

The e-Gizmo Pinguino board is pin compatible with Arduino shields and users has the option to program the PIC18F2550 with Pinguino IDE or any microchip compatible compiler and programmer like the e-Pickit2.

Source: PIC18F2500 Pinguino Compatible e-PICKIT2

Read More

TP-Link WR703N Debrick with Arduino UNO

I recently flashed OpenWrt on a TP-Link WR703N and got locked out (Ethernet was not working and WiFi is disabled by default). I soldered the wires to get serial access, but I did not want to purchase a USB serial adapter (could have, but decided not to). I wanted to see if I could use an Arduino UNO I had laying around to debrick my device, so I came up with this small sketch.

/*
Arduino OpenWRT Serial Debrick Sketch
Piero Toffanin - 2013

Usage:
Power off the TP-Link
Connect TP_OUT --> Arduino RX Pin
Connect TP_IN --> Arduino TX Pin
(Optional) Connect 1000 Ohm resistor in series with an Led --> Pin 13
Setup TFTP server with IP 192.168.1.100/24
Place your image in the root TFTP folder and rename it "openwrt.bin"
Connect Ethernet cable from TP-Link to TFTP server
Upload Sketch to Arduino
Power up the TP-Link
LED will turn on during the de-bricking process
Wait ~1 minute
LED will flash 10 times when process is over
Remove connections
Reboot the TP-Link by turning it off and on
Buy me a beer

MIT License
Copyright © 2013

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the “Software”), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
*/


#define BUFZSIZE 800
#define DEBUGPIN 13 // Connect a resistor + LED to this pin to see debug activity

char buffer[BUFZSIZE];
int c;
boolean tpl;
int command;
boolean done;
void setup()
{
pinMode(DEBUGPIN, OUTPUT);
digitalWrite(DEBUGPIN, LOW);

Serial.begin(115200);
int i;
for (int i = 0; i < BUFZSIZE; i++) buffer[i] = 0; tpl = false; done = false; command = 0; } void loop() // run over and over { start: if (!done && Serial.available() > 0){
char ch = Serial.read();
if (ch == '#') goto start;
buffer[c] = ch;
if (!tpl && c >= 6 &&
buffer[c] == 's' &&
buffer[c-1] == 'd' &&
buffer[c-2] == 'n' &&
buffer[c-3] == 'o' &&
buffer[c-4] == 'c' &&
buffer[c-5] == 'e' &&
buffer[c-6] == 's'){
digitalWrite(DEBUGPIN, HIGH);
delay(400);
Serial.print("tpl\n");
digitalWrite(DEBUGPIN, LOW);
tpl = true;
c = 0;
}else if (tpl){
if (c >= 6 &&
buffer[c] == '>' &&
buffer[c-1] == 't' &&
buffer[c-2] == 'e' &&
buffer[c-3] == 'n' &&
buffer[c-4] == 'r' &&
buffer[c-5] == 'o' &&
buffer[c-6] == 'h'){
digitalWrite(DEBUGPIN, HIGH);
delay(8000);
if (command == 0){
Serial.print("setenv ipaddr 192.168.1.101\n");
}else if (command == 1){
Serial.print("setenv serverip 192.168.1.100\n");
}else if (command == 2){
Serial.print("tftpboot 0x81000000 openwrt.bin\n");
}else if (command == 3){
Serial.print("erase 0x9f020000 +0x3c0000\n");
}else if (command == 4){
Serial.print("cp.b 0x81000000 0x9f020000 0x3c0000\n");
}else if (command == 5){

//Serial.print("boot.m 9f020000\n");
//Serial.print("reset\n");

done = true;
int j;
for (j = 0; j < 10; j++){ digitalWrite(DEBUGPIN, LOW); delay(500); digitalWrite(DEBUGPIN, HIGH); delay(500); } digitalWrite(DEBUGPIN, LOW); /* Uncomment to print out buffer at the end (useful for debugging) for (j = 0; j < BUFZSIZE; j++){ Serial.print(buffer[j]); } */ // Stop while(true){ delay(100); } } command++; } } if (c++ > BUFZSIZE) c = 0;
}
}

The wiring is trivial and although Arduino's logic levels are different than the TP-Link it seems to work quite nicely. It basically waits for the proper U-boot message, sends the "tpl" command to enter the console and then sends the recovery commands. - source

Read More

RG100A Serial Position Wiggler JTAG Connection

I mentioned earlier in this article Nanjing Telecom donated Shanghai Bell Alcatel RG100A ADSL modem, did not expect the students glascholar from the Internet to buy a, I use violence to take it over first amend one.

Buffer 5V as shown capacitance bit access.

The Flash 16M, the above command only dump the 4M.
2 CPU arrow in the switch chip.

[Serial]

The first serial port. As shown in Figure 4-pin serial total of the order of 3.3 GND Tx Rx Unfortunately, the hole distance non-standard, so [tc] with a 4-pin cable cut bad GND to simulate non-standard hole spacing. Real GND cited elsewhere.

[JTAG]

Although individuals unbuffered JTAG structures, leading online most people are using this mode of four resistors to program the program, but I'm too lazy to find four 100 ohm, so it is still in use Wiggler JTAG done before ( here ).

Of course, hard to say how much help buffer for improving the signal strength. However, because the first 12 feet is compatible, so it is not difficult to work.

[Programming]
Screenshot after the connection is as follows (in part), where fc: 20 is said AM29LV320T compatible.

brjtag.exe-backup: custom / wiggler / window: 1E000000 / start: 1E000000 / length: 400000 / fc: 20 / silent

CPU Chip ID: 00000110001101011000000101111111 (0635817F)

*** Found a Broadcom BCM6358 Rev 1 CPU chip ***

- EJTAG IMPCODE .......: 00000000100000011000100100000100 (00818904)

- EJTAG Version .......: 1 or 2.0

- EJTAG DMA Support ...: Yes

- EJTAG Implementation flags: R4k MIPS16 MIPS32

Issuing Processor / Peripheral Reset ... Done

Enabling Memory Writes ... Done

Halting Processor ... ... Done

Clearing Watchdog ... Done

Manual Flash Selection ... Done

Flash Vendor ID: 00000000000000000000000000000001 (00000001)

Flash Device ID: 00000000000000000010001000000001 (00002201)

*** Manually Selected a AMD 29lv320MT 2Mx16 TopB (4MB) Flash Chip ***

- Flash Chip Window Start ....: 1e000000

- Flash Chip Window Length ...: 00400000

- Selected Area Start ........: 1e000000

- Selected Area Length .......: 00400000

bytes written: 4194304

=========================

Backup Routine Complete

=========================

elapsed time: 946 seconds

*** REQUESTED OPERATION IS COMPLETE ***

[Debug]

Detailed debugging I have not done, the next few days, in addition to the school thing, intends to compile several programs look on this machine. So stay tuned!

Read More