Creating an Ubuntu image on Google Compute Engine the right way

I’ve recently started playing with the Google Compute engine as part of me volunteering in The Public Knowledge Workshop here in Israel.
Being used to working with Ubuntu on Amazon EC2, while launching my first instance on GCE I was surprised to find out they don’t have Ubuntu images.
Googling revealed this guide, which seems way too complicated for doing a simple task – making Ubuntu cloud images run on GCE.

Read more of this post


Hacking asymmetric and symmetric lines together

Here in Israel, symmetric Metro Ethernet lines are expensive. A lot more expensive than a cheap asymmetric Cable/ADSL lines.

As a tech company with lots of programmers and intensive use of upstream hogging services (Git, Dropbox, etc.), we need a reliable, fast internet connection with at least 20Mbit upstream speed.
We tried a symmetric 30/30 Metro Ethernet connection, but it just wasn’t enough for our downstream demands. A 100/3 connection just isn’t enough for our upstream demands. So, what can we do? Combine them into a 100/30 one! but how?

Read more of this post

Python Tornado, Apache Thrift and Javascript

Hello everyone,
It’s been a while since my last post, a lot has been going on in my personal life.

I’ve recently started working on a project to implement a virtual joystick device on Microsoft Windows using open source software.
The idea is simple: your mobile phone can be used as a joystick on your Windows machine.The project is still under development, however, you can take peek at the code on Github and watch it working on Youtube, the architecture is as follows:

  1. Virtual joystick device driver from a Sourceforge project – controls a virtual joystick on your computer
  2. Python Tornado web server – receives RPC calls from the joystick client and hosts an HTML5 application – the joystick client itself
  3. HTML5 Joystick client

Note that the version shown on Youtube uses the phone accelerometer, the version currently on Github uses touch screen interface. I might upload a new video soon…

So, how does this relates to Thrift you’re asking? Well, the underlying transport protocol I’ve used for my RPC is a protocol I made up. I’ve used HTTP POST or Web sockets (depending on browser support. Apparently, Android’s native browser doesn’t support web sockets [tested on jellybean]) – and simple JSON for requests & responses.

Read more of this post

MikroTik – Enterprise level routers for the masses

Hello evreyone,

It’s been a while since my last post. I’ve been very busy at work.

I’ve just got my first MikroTik equipment few days ago, a RB751G-2HnD router.
More about that later, first of all, for those of you that never heard of MikroTik: MikroTik is a Latvian company manufacturing network equipment. Their products vary between switches, routers and WiFi equipment.
These equipment runs either SwOS (for the switches) or RouterOS (for everything else).

One more thing worth mentioning is that they sell both enclosed products (which are the routers/switches/access point you are familiar with) and bare boned mother boards to fit with modules – meaning you can “build” your custom router.

I never liked the SOHO routers sold on the stores for home use, they’re never reliable. Up until now I’ve used a Debian box with two NICs – one for the ISP (WAN) and one for the LAN.
That box was doing everything from routing to DNS/DHCP services (actually, it does more than that, but that’s the functionality I’ve replaced with my MikroTik). The only functionality I was relying on specialized hardware for is the WiFi – a 3COM wireless router (don’t even remember the product exactly) functioning as an access point.

For those of you who gonna jump and say “why don’t you use DD-WRT or <other_opensource_router_firmware_here>?” I’ll answer: it’s never reliable. I’ve actually ordered a DD-WRT mega from eBay to give it a shot, still, my Debian box was irreplaceable.

Read more of this post

Securing your WiFi – WPA2-Enterprise with EAP-TLS made easy with Open Source tools

Hello everyone,

Recently I’ve been playing a lot with WPA2-Enterprise EAP-TLS at work. I wanted to share my experience with you all.

First of all, a little explanation about WiFi security. Most of you are familiar with WEP/WPA1+2 from your home WiFi. You probably know that WEP has been “hacked” long time ago and isn’t considered secure. Also, there are publicly available rainbow tables for WPA2-PSK as well – although you need a combination of SSID+PSK for it to work (PSK authentication uses both the SSID name and the PSK to generate the secret with the access point. The publicly available rainbow table consists the top 1000 SSID names and a heavy load of passwords). WPA1/2-PSK is the method most widely used on WiFi networks. It uses a pre-shared key (password) to authenticate to the access point.

On large enterprises, PSK authentication simply does not fit. For example, consider a company with 1000 employees. One of the employees that knows the PSK password gets fired. The password is compromised and has to be replaced (not to mention that every employee with minor knowledge can extract the PSK from his/hers computer) – that is a big deal.

Read more of this post

Google authenticator – Securing your Google accounts and your favorite Linux

Google authenticator is a Google project implementing TFA (Two Factor Authentication). TFA is a way (as the name suggests) to authenticate with two factors. When you authenticate to GMail with only a username and password, that’s called a one factor authentication (the password). If your password has been compromised, anyone who knows your password can gain access to your GMail account, accessing all your private data there.

Read more of this post

Android your (my) way

During my work I was requested by my boss to create a cellular site survey application for Android.
The requirements were simple: display the cell id, location area code, signal level, network type (2G/3G), a ping button and a lock on 2G/3G buttons.

Android has an internal application (you can call it technician code, or whatever) that gives you all of that stuff, but is not user-friendly.
You can see it on your own, simply dial “*#*#4636#*#*” on your Android phone, then navigate to “Phone information”.

Basically, my goal is to get the same app, but with a simpler, more user-friendly interface. I don’t need a lot of stuff in there on my application.

The radio information stuff (signal, cid, lac, network type) are simple. They’re exposed through the API for easy query. The 2G/3G lock with a single button click is the tricky part.

Read more of this post