File Transfer & Windows 8.1

I want and need a better, faster interface for ftp and my blog server. Obvs needs to be encrypted. It seems that Windows 8.1 does not offer sftp natively but recommends WEBDAV. On my various clients I have multiple operating systems, but mainly Windows.

I had a quick poke around to see how to do this. Firstly I have an RTU for WISE-FTP through 1&1 which has great windows desktop integration but I usually use filezilla. (1and1 have moved away from WISE-FTP)

MS offer a One Drive cloud service as do Dropbox, but I want to use my 1and1 file system. (Perhaps the answer is wise ftp since that’s what they offer). Have Microsoft left this gap to enable third party products to fill it as part of non monopolistic behaviour, but surely doing the desktop integration requires the licensing of engineering rights and documentation.

Anyway Google doesn’t seem much help. Odd

I have for the moment decided to use filezilla with the –site-manager command line item. NB the — is what is used on windows as well as shell based command lines. I can find ways to go straight to my site but these require placing the password inside the shortcut.

ooOOOOoo

I have made this icon –

filezilla menuThis is a .png version, I used convertico to make a .ico

Ruggedising the Internet

Mike Masnick writes a little article forecasting the engineers re-writing the single points of failure out of the internet. He entitles his article, Building A More Decentralized Internet: It’s Happening Faster Than People Realize. He cross references to two articles written by himself back in 2010, Operation Payback And Wikileaks Show The Battle Lines Are About Distributed & Open vs. Centralized & Closed and The Revolution Will Be Distributed: Wikileaks, Anonymous And How Little The Old Guard Realizes What’s Going On in which he, more accurately, recognises the current and future power of distributed and private networks. It should be remembered that these predictions all occurred before the Arab spring and the recent protests in Turkey and the state responses to the use of networks.

Masnick predicts that the judicial and informal non-judicial attacks on certain sites on the internet will lead to an engineering response and that the single points of failure will be remediated. He points at an article in the New Yorker, The Mission to Decentralize the Internet, which discusses the barriers to mass adoption of superior distributed solutions and some of the ideological history.

One of the responses to today’s challenges is at this manifesto for an Internet for the 21st Century, which is hosted at wauland.de, with the hashtag #ybti, an interesting identification of the inadequacies of even the best today. I also need to check out the key note proceedings of the 30C3, the Chaos Computer Club; not sure if any of these act as an alternative manifesto. The manifesto calls for,

Our concept for a new Internet is based on the following design principles:

• ubiquitous end-to-end encryption, removing the necessity to trust any third parties that might access our data while it is being transmitted or stored
• obfuscation of transmission patterns, preventing the analysis of social relations, behavior patterns and topical interests of the participants in a network
• decentralized authentication mechanisms, removing the necessity to trust centralized certification authorities that can be compromised
• multicast technology, because we need to interconnect billions of users without the need for centralized server farms
• distributed data flow and storage, making bulk collection of data economically unattractive
• consistent use of free and open software, putting the system under permanent public scrutiny and giving users control over their computation

The comments in Mike’s article are gratefully short of the usually bile about piracy and at least one contributor points at DNS as one of the choke points. A contributor called ninja says,

One of the next steps on the Internet that must take priority is the development of a decentralized DNS system that can be trusted. And encrypted. There are many developments in the DNS field such as the recent DNSSEC and that OpenDNS initiative to encrypt DNS queries (I’m using it but I honestly don’t know how to check if it works!). Then bittorrent will evolve into a huge cloud hdd making it virtually impossible to take down files from that big cloud. I’m guessing tor may evolve into something that will be used everyday too to ensure privacy and anonymity.

and so adds a storage medium to the list of SPOFs.

One of the replies to the comment about DNS points at Zooko’s triangle. I documented my researches on P2P DNS at this article on this wiki which like the New Yorker article point at Bitcoin’s name services, Namecoin.

Interesting initiatives obviously include TOR and the EFF pointed me at the Tahoe-FS, which has its home here…. The pirate browser and Diaspora suggest with TOR that peer-to-peer is the way to go but the stranglehold that the ISPs have on connectivity in the US and Europe will remain a choke point. Another initiative I discovered while writing this article is Project Meshnet. We or maybe our municipalities will need to build peer to peer connectivity, which may work well and easily in the towns, but will be harder to build in rural areas. DIY is hard since the use of the radio spectrum is highly regulated but I know that the anti-HADOPI campaigners and some US municipalities have considered building mesh networks from wifi or wifi max appliances; in the UK this is currently frowned on by the ISPs and inhibited by the Digital Economy Act although this is struggling to become Law. (I need to remember the story about someone switching their hub OS where they had originally used Linux because the radio spectrum regulator didn’t want the radio ASIC device driver source published because it allowed an illegal and unlicensed use of the spectrum).

While tidying up the office, I came across a ghard copy of this, “Decentralized Infrastructurefor Wikileaks”, which has some good ideas.

My personal experiences recently are firstly in moving into a flat in London, where I was legally able to piggy back of my neighbours connections using BT WiFi and alternatively, the difficulties friends living in more rural areas have found in getting connected. At the moment only massive multi-national corporations can afford the cable or satellite networks that alllow the internet’s connectivity but it’s possible the entry point is coming down, shown the way by Facebook’s purchase of Ascenta. to begin to execute on the vision expressed in this white paper by Mark Zuckerberg.

When will they give up with the Digital Economy Act? (It’s coming up to it’s 4th anniversary and they still have no time table for its implementation.)

ooOOOoo

Bruce Schneier points to Whatsapp’s adoption of end to end encryption for all content. The comments are as ever worth reading and don’t degenerate into foolish argument. I like, “Encryption is a honeypot”, encrypted broadcasting kills the usefulness of meta data and the idea of running Whatsapp over TOR. DFL 9 Apr 2016

I have installed the Related Articles plugin and between me and it, the following links might be useful.

P2P DNS

Looking at DNS and the attempt to P2P it.

Peter Sunde launched a project, reported at Computer World in an article called “P2P DNS to take on ICANN after US domain seizures”

It seems to have got stuck. This article dated 18 Oct 2011 and called Continuing the Distributed DNS System on Slashdot has some pointers. See also P2P-DNS taking control of the Internet  at memeburn.com.

The nearest successor seems to be namecoin, see http://namecoin.info/ , http://dot-bit.org/Main_Page & its wikipedia page

While researching this I came across a page on alternate roots at Wikipedia.

Configuring NTP

I want to configure NTP on this box, i.e. the Cobalt Qube as its losing time. Badly.

Dhis is now done, I have a very simple ntp.conf file and am using DNS hostnames. This is not advisable under Linux because you must have a valid DNS service available when the daemon seeks to resolve the addresses. It might be possible to resolve the dns names vis the /etc/hosts file. The Howto article below is quite good.

The test should be ntpq -p to see if the deamon is working Ok, I don’t think the Cobalt ntpd script does this; it browses the process table.

So

  1. check ntp isn’t running
  2. Add the server lines to /etc/ntp.conf, you really need two. Use time servers from organisations that permit or don’t care that one’s taking a feed.
  3. Enable port 123/udp on the firewall
  4. Start the daemon
  5. Test the service using ntpq, can you see all the configured servers
  6. If the drift is significant from the time server, then take the service down and then use ntpdate -u to set the clock

The Linux chkconfig utility is set up for the rc script and I shall therefore invoke it using chkconfig -add.

I have found the following links

I returned to this in 2011, and found http://www.pool.ntp.org/en/use.html. It’s all got a lot easier.

Municipal WiFi

In Jan 2012, the Telegraph ran a story on how Westminster and Kensington & Chelsea boroughs have agreed with O2 to build the world’s biggest free wifi network, this is mirrored at this thread at South East Central.

  • Municipal Urban WiFi at Wikipedia, includes a list of Cities with fee Citywide WiFi, in the UK, Bristol and Norwich. (Liverpool has a paid service and the funding status for Newcastle in County Down is unstated.)

San Francisco

San Francisco famously experimented with free city wide WiFi. It was started with quite a splash and I was visiting it on a frequent basis. It seems they have suspended municipal investment in the programme in 2007 and invest in more directed programme to resolve the digital divide.

Socket Programming

It has to be Python

Don’t ask.

Building a W7 laptop

Introduction

Building a new laptop is always a fraught exercise and in this case I am upgrading from Windows Vista to Windows 7 Professional. I am also upgrading from a Dell Latitude to HP Probook 5320m.

So problem one, it comes with a load of chargeable addons and a bunch of HP “value added” software.

First things first… I need to remove McAfee anti-virus. It’s not our corporate standard. To do this I had to get the MacAfee removal tool from their site. Nice.

The HP disk encryption is tied to one user. This is not acceptable if the system is to be used by multiple users. So I have returned to Trucrypt.

Next Networking

I have five problem use cases

I need to use my laptop in multiple sites and hence multiple LANs/Internet connections. My main site is at work and I defined the WiFi connection as a “Work” LAN. I was able to ‘see’ our shared disk resource using the network browser, i.e. the network view of windows explorer. I took it to Deptford and connected it to the network there using WiFi and cable. When I returned to work, it had a ‘homegroup’ and could no longer ‘see’ the NAS device, nor some of the computers, nor a virtual machine running on a host that it could ‘see’. I rang Kaspersky, the firewall and antivirus vendor and reconfigured the zones such that all zones except the internet zone are now trusted. This involved deleting some of them and recreating them.

The laptop has no removable media, and I wanted to install some software from a CD. I attempted to share a DVD from my old Dell. I found a web page called, how to share a CD or DVD drive over a network in Windows Vista and 7, but couldn’t get this to work. The client system could browse to ‘see’ the DVD but couldn’t access the contents.

The third set of use cases relate to Virtual Box. So now I have three pieces of software to make work together, Windows, Kaspersky and VB. At the moment I am assuming that the SUSE guest is poorly configured. I am building an Ubuntu image to test this theory. I know I can get that to work. I can use the host to browse the exported directories using the tcp/ipaddress.

While working at home, I may have some problems seeing/acquiring other network resources. The MS “WORKGROUP” is different at home and at work. I have defined the wifi at home as “Home”, and so I now have an empty home group defined. This needs a better problem definition. This page at Microsoft Answers might be a start point.

While working in the flat, there is no inter-system connection i.e. the Mac can’t see it or any guests, and I don’t think the WE7 system can see the Mac. Again a better problem definition  is required. Home being seen by the Mac.

 

Microsoft RDP & Virtual Box

At some point Virtual Box came with RDP as part of the set up and its allegedly faster than VNC. I want to connect my ipodtouch to my PC’s using Mocha’s RDP Lite.

Problem

I have a windows 7 beta VM. (See my Sun blog.) Initially I couldn’t connect using Ipod or the Alienware.

I am now connected using the Alienware and the Microsoft client. The Host is XP Home Edition, SP/3 with a W7 VM hosted in VB 2.2.4, networking = bridged, port = !3389, with the NULL authentication libraries. NB the port is not available on the internet. It does not work with external authentication, and the manual suggests that guest is experimental.

Perry says I need to have the VRDPAuth.dll library in a folder that is pointed to by the %PATH variable. This page at computerhope.com explains how to do it.

I don’t know if port 3389 will work or not because of the order of the testing, but the Mochasoft Client is still not working. They have a FAQ. I can’t get it to work on the EDGE either. Mochasoft suggest an incompatibility or a firewall as the problem. So

  • fix the authentication problems and turn it on
  • sort out the mochasoft problems

What didn’t work!

I had assumed that the initial failures were due to the failure to present the RDP port to the LAN and I tried to map the VM port to the real port. My VM was a NAT machine. I wrote about port mapping on my blog when I exposed apache to my network. I need to port the script, maybe now is the time to wrap it in TCL. The Virtual Box 2.1.4 manual discusses port forwarding in Section 6.1.4. This fails. The W7 image fails to boot; using [gs]etextradata to map port 3389 from the guest to the host causes the VM to fail to boot. I have amended the VM config to chnage the port as suggested by this thread at http://forums.virtualbox.org and this blog at http://www.ubuntugeek.com. I still get “your remote session has ended”. PerryG says you must use bridged networking.

Links

N.B. The Virtual Box manual is the first port of call. Otherwise these might be usefull.