Category Archives: Computing

Computing, networking, and the like. Non-Ham Radio related.

Ohio Section Journal – The Technical Coordinator – February 2023 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Tom – WB8LCD and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Tom has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the Ohio section will need to use the mailing list link above.  Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).

  • Go to www.arrl.org and click the Login button.
  • Login
  • When logged in successfully, it will say “Hello <Name>” in place of the Login button where <Name> is your name.  Click your Name.  This will take you to the “My Account” page.
  • On the left hand side, under the “Communication” heading (second from the bottom), click Opt In/Out
  • To the right of the “Opt In/Out” heading, click Edit
  • Check the box next to “Division and Section News.”  If it is already checked, you are already receiving the Ohio Section Journal.
  • Click Save
  • There should now be a green check mark next to “Division and Section News.”  You’re all set!

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

I finally did it. What would that be? Over the Christmas holiday, during my time-off, I cleaned and organized the shack. Unseasonably warm weather at the end of December made this job much easier. I don’t know how many years I’ve been threatening to do this. PC problems kicked off the whole cleaning process and I (finally) upgraded to Windows 10. N8SY pointed out: shouldn’t you be upgrading to Windows 11? Yeah, no.

Dust, dead bugs, miscellaneous parts from various projects, all the baggies, twist ties, and boxes are all cleaned up. Using small stackable plastic containers with lids (available at the local superstore) organized computer parts, Raspberry Pi parts, radio cables/accessories, and keep parts of a project together. Some time ago, bought a Power over Ethernet (PoE) network switch from a co-worker. Finally set that up and it’s now powering my Cisco phone used for Hamshack Hotline, Hams over IP, and AmateurWire. In addition, gained more Ethernet ports as those were in short supply.

Parts of the shack were reconfigured. I wanted a spare/second power supply. Astron stopped making their desktop switching supplies with analog meters. I found an SS-30M with analog meters on QRZ and purchased it from a local ham. That supply will be used to power network radios for AllStar Link and Wires-X. An old laptop is put back into service running the Wires-X node, full time. Wires-X was previously running on the same PC I use for operating and I didn’t want to keep that one running all the time.

I did much soul searching in regard to the shack PC. It is coming up on 10 years old. A Micro-ATX PC, Intel Core i5 4th generation (they’re up to 12th gen), 16GB RAM, 128GB SSD, and Windows 7. Due to family commitments and as a result of the shack being declared a disaster (by me), I wasn’t operating much the last 2-3 years. Most of 2022, I operated Winlink making few other contacts.

My intention was to get some operating time over the holidays and didn’t plan to spend that much time redoing things. While operating, quickly remembered ongoing problems with the PC. Cluttered with apps I was testing or no longer used, miscellaneous documents from net reports or drills – these were the least of my problems.

Lenovo ThinkCentre M900 Tiny (Lenovo)

It had serious audio issues. As someone who operates mostly digital on the HF bands, this is incredibly annoying. The Windows audio subsystem, at times, simply failed to start where a red X would be shown over the speaker icon in the system tray. This prevented any audio program from functioning. Rebooting once (or twice) would clear that issue. Random receive cycles in WSJT-X (FT8) would not decode any stations. RX cycles before would decode fine, a number following would also be fine. The waterfall looked OK (not distorted). However, at seemingly random times, there would be 0 decodes. I started to pray that a fresh install would clear these issues.

In recent years, I’ve been using smaller desktop form factor computers. Not needing to replace poor included motherboard peripherals (other than graphics cards, separate issue), NVMe M.2 storage (very fast solid-state drive), and use of USB devices, I don’t need many full sized PCs. Included motherboard peripherals, like sound and Ethernet, are very good and don’t need to be substituted with expansion cards as was the case 20 years ago. M.2 SSD storage comes in a very small form factor: 22mm x 30, 42, 60, 80, or 120mm with read/write speeds of 7,000-7,500 MBps. Good 2TB NVMe M.2 storage devices are available for $150.

IBM had an excellent reputation for producing solid hardware. That soured a little when they were sold to Lenovo. I’ve had good luck with Lenovo devices at work compared to other vendors. Lenovo’s ThinkCentre PC line are enterprise orientated machines offering mid-to-high specifications. Even though older models have reached end-of-life, Lenovo still releases BIOS updates. In comparison, most vendors release a new motherboard followed by maybe a handful of BIOS updates during its lifecycle. Continued BIOS updates address compatibility problems and patch exploits. I’m impressed their end-of-life PCs are still updated.

M.2 Solid Sate Drive – 22mm x 80mm (Wikipedia)

I looked at and purchased “renewed” Lenovo ThinkCentre Tiny PCs from Amazon, an M900 & M910Q. Amazon renewed are pre-owned and refurbished PCs resold to keep E-waste down. There are condition guidelines published by Amazon. However, as I found out, quality is left to third-party sellers and varies greatly.

This form factor measures 1.36″ x 7.20″ x 7.05″ weighing in at 1.3 lbs. (M900). Renewed M900 specs: Intel Core i5 6600T, 16GB DDR4 RAM, 512G SSD, Wi-Fi, Bluetooth 4.0, and Windows 10 Pro 64 for $422 (purchased late 2021). M910Q: Intel Core i7-6700T, 32GB RAM, 1TB NVMe SSD, DisplayPort, Wi-Fi, Bluetooth, and Windows 10 Pro was $349 (purchased mid-2022). They’ve come down quite a bit and are now $180 and $274 respectively.

While you get the chassis, motherboard, and CPU (presumably) from Lenovo, everything else is stripped from these renewed PCs. M900 had ADATA SSD and RAM, though a fairly well-known discount name they’re not OEM parts. The M910Q came with a “KingFast” M.2 SSD. That’s right, just KingFast – no model number. The M900 came with a Lenovo branded power supply while the M910Q came with an aftermarket supply that makes an audible sequel when powered. I suspect generates interference, too.

I’ve had issues restoring disk images to the KingFast drive – Acronis complains it can’t read the drive at times. Both included a keyboard and mouse but they are no-name junk. These ThinkCentre’s likely came with Wi-Fi cards from the manufacturer. Those cards are removed and substituted with USB dongles. While I am not using nor did I test any of the dongles, USB dongles for Bluetooth and Wi-Fi are generally bad only working acceptably at short ranges. Additionally, I cannot tell original configurations of these machines because service tags and serial numbers are removed.

Initially purchased these for Homelab projects (virtual machine hosts) and situations where I need a physical Windows machine when a virtual machine wouldn’t cut it. Thought these might be a good replacement for the shack PC. After using them and seeing the poor choice of components, wouldn’t trust these for much of anything. If one desired to go the route of renewed PCs, I would invest in known good replacement parts which adds to the cost. Additionally, the CPUs were only two generations newer than my existing PC. I scrapped the idea of using these or similar “renewed” PCs for my shack.

Beelink SEi8 Mini PC (Beelink)

What about new? Brand new machines like these would be great solutions in a car, camper, mobile shack, or boat due to their small form factor. With regard to USB, I need a minimum of six USB ports. While USB specifications and devices are supposed to be compatible, in practice this is rarely the case. To avoid headaches, I require USB cables controlling essential and important components (SignaLink, CI-V, mixers) be plugged directly into USB ports on the motherboard. I only use USB hubs for things I don’t consider essential (radio/scanner programming cables, RTL-SDR dongles). ThinkCentre Tiny PCs have 4 USBs in the back and 2 in the front. That number isn’t going to work for when I want to use additional devices.

I looked at Intel’s Next Unit of Computing (NUC) offering and mini PCs from BeeLink. They too did not have a sufficient number of USB ports. Using more than one small form-factor PC would be another idea. Unfortunately, don’t have room for another monitor and keyboard. If I ever found a quality keyboard, video, and mouse switch (KVM, or just the K and M), it may solve that. Also, power sources in the shack are becoming scarce. Not to mention current economic issues like higher prices, supply chain issues, shortages, and limited stock. I decided against a new PC until I discover better options or will revisit this when the economy rebounds. HA!

Deciding to keep the same PC, it was wiped and Windows 10 – LTSC installed. No hardware upgrades were performed. There wasn’t much debate for staying with Windows or going to Linux. Programs I use run natively on Windows, such as: radio programmers, scanner programmers, Winlink, Vara, Ham Radio Deluxe, and GridTracker.

Long-Term Servicing Channel (LTSC) is designed to keep the same functionality while not changing operating system features over time. LTSC is a decrapified version of consumer Windows 10, and it’s from Microsoft. It has none of the advertising. No Microsoft Store. No Cortana (virtual assistant). Telemetry still exists based on configuration screens. I used Group Policy Editor and Registry Editor to disable telemetry. A Pi-Hole, or similar, can block tracking at the network level. Consumer support for Windows 10 ends in 2025, LTSC is supported until 2027. Note: people confuse LTSC with the IoT version of Windows 10. This is probably a Microsoft branding issue. They are not the same.

An LTSC license is expensive at $210, or more. Though I did see a China based seller listing them for $19!!? – Caveat Emptor. I purchased through CDW. I’m willing to pay for bloat to be stripped from my Windows operating system. If you don’t want to play the license, that version can be found by doing some digging. I tried a number of the ways to remove bloatware in consumer versions of Windows 10 with programs and random scrips found online in the past. Removed crap often returns as part of “feature updates.” Windows 11 does not yet have an LTSC version and the reason I did not upgrade directly to 11, possibly released later this year.

A clean install of Windows 10 resolved my audio issues and my WSJT-X decode issues are gone as well. On Windows 7, switching between or launching applications would cause hesitation in applications that were running in the background. Opening the browser would cause digital programs to stop transmitting for example. That too is gone in Windows 10. I am happy with the results post upgrade.

Allow apps to access your microphone for ham radio sound card programs

There are some important settings to note in Windows 10 related to ham radio sound card programs. I’m overzealous turning off access to things that don’t need access. Most everything in Settings ? Privacy I have turned off. Doing so prevented ham radio sound card programs from functioning correctly. Programs such as: Echolink, Fldigi, DM780, FreeDV, WSJT-X, Vara, etc., etc., etc. Operating ham radio sound card programs in Windows 10 (and likely 11), Microphone access must remain enabled. Even though none of those programs are listed as accessing the microphone. While labeled Microphone, this setting prevents programs from accessing all sound input devices. These are input devices listed under the Recording tab in Sounds. Programs like SDRs use output from one program as input for TX, a double whammy.

  1. Close any programs using sound devices
  2. Go to Start -> Settings -> Privacy (Privacy & security in Windows 11) -> Microphone
  3. Set “Allow apps to access your microphone” to enabled/on
  4. Re-open programs that were using audio devices and sources

Sound card digital programs will now work. If there are still issues, move on to troubleshooting audio levels and verify correct audio sources are chosen in the respective program’s settings.

In Windows 7 and my guide for settings levels when using ham radio sound card audio programs, I recommended setting levels to 50%, or half. Some pointed out manufacturers indicated to choose the decibel scale, not the percentage scale I was referring. None of the references said why users should use that scale over percentage. After all, the slider didn’t change switching between the two scales.

After doing some digging and testing, figured it out. Different versions of Windows use different scales – even for the exact same audio device. The 50% setting will likely be different between Windows 7 and Windows 10.

Used my SignaLink to obtain these dB ranges:

  • Windows 7 – speaker (transmit audio): -128.0 dB to 0.0 dB
  • Windows 7 – microphone (radio receive audio): -192.0 dB to +30.0 dB
  • Windows 10 – speaker (transmit audio): -128.0 dB to 0.0 dB
  • Windows 10 – microphone (radio receive audio): -96.0 dB to +30.0 dB
Different scales for a SignaLink USB microphone device on Windows 7
Different scales for a SignaLink USB microphone device on Windows 10

In this case, speaker ranges are identical with -10.5 dB being 50% for both operating system versions. However, microphone input at 50% on Windows 7 is +24.0 dB. On Windows 10, +24.0 dB is roughly 96%. A wide variation and I noticed the level difference right away. Understanding this helped me translate my audio settings from Windows 7 to 10. I did find a Microsoft Learning document explaining Default Audio Volume Settings pointing out the differences in different versions of Windows.

I am very happy the shack is no longer a DMZ. My sound card digital programs are working again and I have a clean desktop install – for now, lol. Haven’t yet been consistently operating due to work and family commitments. When you do find me on the air, I’ll be (likely) logging contacts for Volunteers On The Air.

I would like to formally welcome the newest member of the Technical Specialists group, Ronald – NQ8W. He comes to us with a number of ETA International certifications in electronics, computers, and wireless communication. Ron is a former Master Electrician with degree in Mechanical Drafting. He obtained his GROL and has Emergency Communication certifications. When I talked with Ron a while ago, he was very pleased with the work of our Technical Specialists and wanted to give back with his skills. Welcome to the group!

Speaking of the Specialists. Earlier this month, I was invited to be the guest speaker at the Cuyahoga County ARES meeting. The topic: me, the Ohio Section Technical Coordinator. Not long before I was appointed Technical Specialist, I had no idea there was a technical organization at the section level. After being appointed TC, a group in Columbus asked for me to speak about ‘what does the TC do?’ Out of that came an opportunity to educate hams about the ARRL Field Organization and the work of our Technical Specialists. I had a great time at the Cuyahoga ARES meeting. There was plenty of discussion on technical topics and RFI stories (I cover troubleshooting techniques) after the presentation. If your group would like to know more about the technical and experimentation side of the Ohio Section, send me an E-mail.

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – January 2023 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Tom – WB8LCD and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Tom has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the Ohio section will need to use the mailing list link above.  Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).

  • Go to www.arrl.org and click the Login button.
  • Login
  • When logged in successfully, it will say “Hello <Name>” in place of the Login button where <Name> is your name.  Click your Name.  This will take you to the “My Account” page.
  • On the left hand side, under the “Communication” heading (second from the bottom), click Opt In/Out
  • To the right of the “Opt In/Out” heading, click Edit
  • Check the box next to “Division and Section News.”  If it is already checked, you are already receiving the Ohio Section Journal.
  • Click Save
  • There should now be a green check mark next to “Division and Section News.”  You’re all set!

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

I’ve traveled for work to our other facilities and taken advantage of training related travel. We were thinking I would have more travel opportunities. However, due to business need, sequestered to our homes for 2 years, and the freaking economy – it hasn’t happened. I had the opportunity to attend a work conference earlier this month and it gave me ideas to promote ham radio.

Work conferences are an opportunity to attend sessions and talks to gain skills, education, knowledge, keep current with industry trends, and network with others. If you’ve been to forums at Dayton, work conferences are 2/3/4 days of forums focused on an industry or segment. These could be: sales, information technology, manufacturing, human resources, C-Suite topics, project management, or general trends – like how work-from-home has changed and challenged work in the last 3 years. Similar to indoor vendors at Dayton, companies will sponsor booths with giveaways, swag, and maybe an opportunity to find a new job.

A number of co-workers and myself attended a conference called CodeMash in Sandusky at the Kalahari Resort (near Cedar Point if you’ve never been). This year was CodeMash 10000 (binary for 16). It was my first time at this conference. The conference is developer (programmer) focused but had tracks for information security, data, and career development. There were fun things to do including board games, laser tag, a maker space, evening events including casino night, and access to the resort’s indoor waterpark. The full conference runs four days in two halves. The first two days are called the “Pre-Compiler” consisting of two four-hour sessions per day. These are deep dive table-top exercises, discussions, and hands-on labs. Second two days are more byte-sized (see what I did there?) one-hour talks.

For work-related conferences, travel and accommodations are often paid for by the employer because these are training and educational sessions related to employment, job description, or a particular project. The employer hopes attendees return with new ideas and out-of-the-box thinking.

Depending on conference, cost can be way above beyond one’s means to attend on their own. CodeMash tries to be reasonable allowing individuals to attend at their own expense, if desired. A full 4-day ticket is between $800-$1,100 and the 2-day between $400-$550. Booking rooms through the conference at Kalahari offers discounted rates over normal nightly rates, though attendees can opt to stay at near-by hotels to be more economical. Kids have their own events called KidzMash, free with a registered adult.

Presenters for this conference are chosen by submitting abstracts to the CodeMash committee. If chosen, presenters get a free ticket to the conference as compensation for presenting. Sponsored sessions are hosted by companies sponsoring the event – these are listed as such and were on the last day. Presenters can plug their business and/or employer as their company is likely covering remaining costs. At least one presenter said they were there on their own dime as their employer “didn’t see the benefit” – and yet their lab session was standing room only.

Intro to Docker session. I’m way in the back row on the right. Twitter: @OtherDevOpsGene

I figured I wouldn’t have much time to play radio as the schedule was pretty grueling with breakfast at 7 am and sessions wrapped up around 5 pm each day – not including evening activities. In the past, I’ll bring at least one radio, a mobile radio if I’m driving and know I’ll
have extra time. Though I was driving and staying at the resort for this conference, I brought an HT, hotspot, and a couple RTL-SDR dongles because I like monitoring the Ohio MARCS-IP public service system. I was not expecting to have ham radio interaction during the conference.

First day of the conference at breakfast, this guy sits down at my table. It looks like he’s got a Yaesu Fusion radio with a whip antenna. I asked him “ham radio?” He says “yep, you?” “Oh yeah.” Talked with Dan – AD8FY about ham activities and his experiences as a pilot. He informed me there was an unofficial UHF simplex frequency and there would be a number of hams at the conference. This did surprise me as I wasn’t expecting it but again, first time. Feeling pretty good about the conference and some connection to ham radio.

During one of the Pre-Complier sessions, learned there was a Slack instance for the conference. Slack is an instant messaging platform available on just about every device. Slack started out as a professional communications platform (like Microsoft Teams or Google Chat) but became accepted as a community platform for things such as this conference. In addition to messaging, Slack can do VoIP calls, video calls, file sharing, and text messaging in channels (like a conference room) or to individual users. A feature I like is persistent messaging allowing people to see prior messages after joining. For example, I joined the Slack instance on the second day of the conference but I was able to see messages from the previous day. This is different from other chat services which only show messages sent after one has joined the channel.

Guy – KE8VIY SDR live demo, receiving ADS-B broadcasts

CodeMash’s Slack had many different channels: events taking place during the conference, discussions around hotel reservations, and water park. Announcements – changes, cancellations, updates, and general information. General discussions. Major cities had channels for attendees from those areas to network, such as #cleveland. Pre-Complier portion of the conference had a channel for presenters to post their slide-decks and labs. Slides channel for presenters from the second-half of the conference. Hobby channels included beer, wine, music jam sessions, and ham radio. Oh, really?

KE8VIY asked to have a #ham-radio Slack channel. Ten people conversed about radio and when they were monitoring the simplex frequency. Call signs seen: WX8TOM, WX8NRD, KD8NCF, KE8VIY, and myself. I found out later KD8NCF gave a presentation at the conference on Real-Time Web Applications.

Thursday afternoon, while heading to an afternoon one-hour session, saw this guy (that’s his name too) outside one of the conference rooms pointing an antenna around. Figured he was doing Wi-Fi hunting or something. He too had a HT with him. This was Guy – KE8VIY. He was preparing for his presentation later that afternoon using software-defined radio to decode ADS-B (aircraft broadcasts). Though he was unsure there would be any aircraft to track as all flights were grounded earlier due to a possible cyber-attack.

I told him I would be attending his presentation. Knowing a ham was doing this session helped swing my decision in his favor because there was another equally interesting session on another hobby of mine, homelabbing. That decision paid off because not only was Guy’s presentation excellent, it got the wheels turning on more ways to promote ham radio. “Tracking Aircraft with Redis & Software-Defined Radio” (GitHub repo) was the presentation.

I’ve never used Redis. Reading up on it, the technology works mostly in-memory as a structured data store, often as a caching service (session, page, message queue) or key-value database. According to Wikipedia, Twitter uses Redis and Redis is offered by the big-name cloud providers AWS, Azure, and Alibaba.

Guy’s slides were professionally done and visually appealing. Coupled with the slides, his personality, humor, and live demos, (if I didn’t know anything about it) he made ham radio seem fun and interesting. He stated he is a new ham and excited about what he’s been able to do processing radio signals. The audience was highly engaged asking questions and feedback was positive from hams that saw the presentation.

Most maybe thinking: you don’t need a license to receive ADS-B, how is this related to ham radio? That’s the tie-in. He worked in history of digital signals, formats, and all the things rooted in ham radio: Morse Code, RTTY, and APRS. Then demonstrated how he used a modern technology platform and a radio to capture and process digital signals, all at a developer conference. Well done!

There are a lot of slides in his deck. Due to the one-hour time limit, the first 30 slides and some diagrams were covered. He utilized Dump1090 for turning signals into raw data. Then used Redis (also his employer) to process, store, and make data available to consumers.

These things fit my thinking of how ham radio should be promoted. Promoting to kids is admirable and exposing them to activities early in life is a great way to maybe hook them later in life. Credit to my parents because ham radio was one of those activities and it happened to stick. Though, I seem to be the exception rather than the norm. There are other things my parents had me join in school that didn’t stick and I really don’t miss those activities. A way kids get their license is part of a school program or curriculum. How many carry on and renew their license after 10 years is up? Retention needs work. Chances are better if family members are active and involved.

Guy – KE8VIY SDR live demo, ADS-B broadcasts shown on a map

I have been a huge fan of initiatives by the ARRL and clubs to use Makerspaces as a way to breathe new life into the hobby. Makers are like-minded people whom like to learn, create, and invent as does the experimentation side of ham radio.

Gainfully employed individuals would be my next target audience – you know, if I were on a committee. Somewhere in the neighborhood of 25-45-year-olds – those looking to keep themselves busy – whether they’re single, don’t yet have a family, or had their kids graduate college. These individuals have disposable income for equipment and time that can be devoted to learning and operating.

A conference like CodeMash is a near perfect match for promoting ham radio to technically minded individuals, including kids. Not having any statistical data, I would say the median age was probably mid-30’s, early 40’s. Obviously, there were younger and older individuals. With few exceptions from my interactions, participants were gainfully employed as their companies were picking up the tab for them to attend the conference. There were an estimated 1,400 attendees at this year’s conference. (attendance was still down from previous years, close to half). That’s 1,400 technical people, a great audience to promote ham radio.

Does a conference you attend offer a communications platform like Slack? Ask for a ham radio group to be created. Post a simplex frequency for general chit-chat. Maybe organize a meetup during meal time or after events that day to network with other hams. Maybe non-licensed people will drop into the channel or drop in at the meetup. Maybe they’ll get bit by the bug and be looking for an Elmer.

Think about current job responsibilities, technologies or services your company provides. Guy, in the spirit of ham radio, took an existing technology, re-purposed it to receive signals and turn the data into events, maps, and an API (application programming interface, used for integrating with other applications) from aircraft broadcasts.

How can a technology you’re created, are familiar with, maintain, or work with become an interesting presentation that ties in ham radio? Figure that out and maybe you’ll get a free ticket to a conference with the employer picking up the tab for travel expenses!

I brainstormed examples using technologies seen at the conference to do radio related things:

  • Real-time data processors like Kafka for mapping propagation
  • Networking skills and technology to improve resiliency and security of mesh networks
  • Table-top-exercise to recover from a disaster. Assume all existing connection and authentication methods are non-existent.
  • Receive signal data from a distributed radio network
  • APIs to administer digital systems with many connections
  • Automate test-cases and frequent software updates with GitHub pipelines
  • Incident response to handle compromises of repositories or stolen credentials
  • Docker & Kubernettes to build simple, easily deployable applications
  • Can the “cloud” fit the general directive of not relying on other technology? How to handle and recover from outages?
  • Designing web apps to replace multi-platform applications
  • Write the next white-paper
  • Create technical documentation standards

Development work isn’t part of my daily responsibilities since I changed jobs a number of years ago. Initially wasn’t too sure about the conference. In reality, I learned a lot about technologies I hadn’t yet explored on my own. Ham radio connections made it a much better experience and hope to attend next year. Let me know if you’ve done something to promote ham radio in a similar conference-type setting to like-minded (non-ham) individuals or used modern technology platforms to improve and better ham radio.

Thanks for reading and 73… de Jeff – K8JTK

NOTE: an article written by Bob – K8MD on a portable operation during a work trip was included in the printed edition. That is available by the full edition links at the top of this post.

Ohio Section Journal – The Technical Coordinator – November 2022 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Tom – WB8LCD and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Tom has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the Ohio section will need to use the mailing list link above.  Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).

  • Go to www.arrl.org and click the Login button.
  • Login
  • When logged in successfully, it will say “Hello <Name>” in place of the Login button where <Name> is your name.  Click your Name.  This will take you to the “My Account” page.
  • On the left hand side, under the “Communication” heading (second from the bottom), click Opt In/Out
  • To the right of the “Opt In/Out” heading, click Edit
  • Check the box next to “Division and Section News.”  If it is already checked, you are already receiving the Ohio Section Journal.
  • Click Save
  • There should now be a green check mark next to “Division and Section News.”  You’re all set!

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

Even though it happens once a month, Windows Updates are a pain. On “Patch Tuesday,” the second Tuesday of each month, Windows users hold their breath. Will my machine come back from the brink? Sometimes issues are bad enough where updates are released “out of cycle” or “out of band” meaning at other times during the month. This month was one example. An update caused more issues requiring a follow up patch to be released after 11/8. Depending on the operating system used, the pain came in different ways.

Performing a Windows 7 fresh install today, Windows Update will not work. It’s broken. The way updates were released and authenticated changed drastically from Service Pack 1 to the point Windows 7 went end-of-life. This installation procedure brings Windows Update to a working state, if you need to build a Windows 7 machine for some reason. Note: since Windows 7 has completely reached end-of-life, Microsoft is not releasing updates and it is recommended to use a supported operating system. Once you get past that, checking for updates 87.5 times and applying the 8,392 updates for the next 6 hours was always fun.

Windows 10 has streamlined updates where there aren’t nearly as many updates on a fresh install and the process doesn’t take nearly as long. Due to users putting off or just not applying updates on older versions of Windows, updates and reboots are now forced on users. Forced to the point where users claimed their machines rebooted while they were actively using it, loosing hours of work. Instead of the user choosing when to apply updates or do a reboot, they implemented a band-aid allowing the user to set when they’re likely to be using the computer. This does not help as options are severely limited. Then there’s the quality of updates. Crashes, Blue Screens of Death (BSOD), broken functionality, missing documents and files, printing problems, hardware and device issues are regular occurrences.

I heard on a podcast once, speaking of a botched Windows 10 update which removed ‘old files’ from users documents and pictures folders. Beta users reported the exact problem to Microsoft before the problem became widespread. The commentator made the remark that Microsoft’s attitude was: only a small number of users reported the problem, we’re not going further investigate or solve the problem. When Microsoft rolled out the update to all Windows users, the ‘small number of users’ became a very large angry mob of users. Microsoft didn’t invest the time to resolve, what they thought to be, a fringe case and resulted in a lot of negative press.

As hams, we often have Windows machines at remote locations (towers, buildings, club houses, shacks). Whether these are running Echolink, Winlink Express, Wires-X, or some other service that requires a Windows machine. An Echolink node can be run on a Linux-based solutions such as AllStar or SVX Link. Wires-X and RMS Express require Windows.

The out-of-control nature of forcing Windows Updates and reboots cases grief for the owner, admin, or Technical Committee. The machine will be left at a site logged in and running desired applications. When Windows Updates happen, often a reboot is required and the machine automatically reboots. If the admins follow good security practice and set a password for the account, after rebooting the machine will stop at the logon screen. Prompting someone to enter the correct password. While waiting for a log on, the service provided by the machine will remain offline until the program can be restarted. Nodes will be offline for any local users wanting to access those resources or remote users wanting to connect into the node.

Windows automatic updates disabled

The developer could create a Windows Service which are background programs able to start at boot. Services are not allowed to interact with the desktop since Windows Vista. Changing settings would be a problem if the program can’t interact with the desktop. Doing automatic logon isn’t a great option, even if the machine locks automatically after a minute. Need access to the machine? Just reboot it. Automatic logon would only be viable if the machine is secured in a locked cabinet or room.

Clubs have reached out and I’ve provided options for gaining control of Windows Update. One way is to disable Windows Update until someone is available to run updates manually. Disabling automatic updates will allow services to remain available while providing the flexibility of doing updates when an admin is available.

Disabling updates does not mean ‘never run updates.’ This is to control when updates happen and have scheduled downtimes. An admin must remember to run updates on a regular schedule – during a club meeting or site visit, for example. Not updating the system can have consequences including the network connection being disabled due to machine compromise in situations where the machine is on the site’s shared Internet, a corporate network, or school’s Internet connection.

The first place I search when looking for Windows suggestions, tips, and tricks is TenForums as they have good tutorials. There are SevenForums and ElevenForum for the respective OS versions. There one will find a tutorial How to Enable or Disable Automatic Updates for Windows Update in Windows 10. Windows 10 Home has no built-in way to disable automatic updates and requires a program like Wu10Man to manage settings. The program is open source.

The second option in the post is for clubs running Windows 10 Professional or Enterprise editions. In these versions there is a built-in way of disabling updates by way of the Local Group Policy Editor. No additional software required, my favorite.

  1. To open the Local Group Policy Editor, start by pressing the [Windows key] + [R]
  2. For Open, enter: gpedit.msc
  3. Click OK

  4. In the Local Group Policy Editor left pane, navigate to: Computer Configuration -> Administrative Templates -> Windows Components -> Windows Update
  5. On the right pane, double-click Configure Automatic Updates

  6. To disable automatic updates, select Disabled
  7. Click OK
  8. Close the Local Group Policy Editor

For other configuration options of Automatic Updates, see steps 5 & 6 in option #2.

Going into Start -> Settings -> Update & Security, Windows Update will say in red “Some settings managed by your organization” and “Your organization has turned off automatic updates.” Though “Last Checked” will show a recent time, it will say “You’re up to date” regardless if updates are available for the system or not.

To manually update Windows, click Check for updates in that same Settings window. Windows Update will begin by checking for updates. Then download and install available updates.

Leave plenty of time for updates to finish. Reboot when required. Log on, apply other program updates, and restart necessary programs. Programs that should start after log on can be added to Startup Items. Machines with Solid-State Drives will apply updates in about a half-hour. Spinning drives, especially slower ones (4200/5400 RPM), will take much longer to apply. SSD and MVMe drives will apply updates quicker due to their much faster read/write speeds. Gain control over Windows Updates to gain control of nodes and services going down randomly until the Tech Committee can arrive on site.

Running Windows Update manually

WTWW, a shortwave station run by hams, gained a following in the community for carrying ham radio related content – original programming, simulcasted live shows, and podcasts. As of November 9, 2022, it has gone silent. According to a report by Amateur Radio Newsline, “Ted Randall, WB8PUM, cited difficulties in meeting the station’s ongoing expenses. Based in Lebanon, Tennessee, WTWW provided a wide range of programming at 5.83 MHz along with music and amateur-radio content at 5.085 MHz.”

The station went on the air in 2010. The flagship show “QSO Radio Show” broadcast live from Hamvention for many years going back to the Hara Arena days. The station ceased transmissions on shortwave but has plans to remain online with broadcasts available on their website. They hope followers make the transition from shortwave to web content.

I discovered another service like Hamshack Hotline and Hams Over IP, called AmateurWire. It was started around the same time as Hams Over IP. AmateurWire is available for general amateur use. In correspondence with the administrator, Roger – KE8LCM, this is an experiment for him learning how to run a VoIP service.

My direct extension on AmateurWire is 1140 if you would like to reach me. There is a trunk between AmateurWire and the Hams Over IP service, meaning users of each service can dial users on the other service. To reach a Hams Over IP user from AmateurWire, prefix the Hams Over IP extension number with 304. My DVMIS extension is 9004 which has links to Hamshack Hotline, Hams Over IP, and 12 other ham radio networks.

‘Tis the season for Santa nets! Get children, grandchildren, and neighborhood kiddos in touch with Santa! The Santa Net is held every evening between Thanksgiving and Christmas on 3.916 MHz at 8:00PM eastern time.

If HF is not available, the DoDropIn Echolink conference is hosting the Santa Watch Net on Christmas Eve! It begins at 6:00PM eastern on the 24th and runs about 4 hours.

Based in Colorado, and available on Echolink, is Santa on the Air. It runs now through December 9th. Times vary, see their QRZ post.

Third party traffic is always on the nice list for all Santa nets!

Thanks for reading. Happy holidays, Merry Christmas, and Happy New Year! 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – October 2022 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Tom – WB8LCD and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Tom has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the Ohio section will need to use the mailing list link above.  Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).

  • Go to www.arrl.org and click the Login button.
  • Login
  • When logged in successfully, it will say “Hello <Name>” in place of the Login button where <Name> is your name.  Click your Name.  This will take you to the “My Account” page.
  • On the left hand side, under the “Communication” heading (second from the bottom), click Opt In/Out
  • To the right of the “Opt In/Out” heading, click Edit
  • Check the box next to “Division and Section News.”  If it is already checked, you are already receiving the Ohio Section Journal.
  • Click Save
  • There should now be a green check mark next to “Division and Section News.”  You’re all set!

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

Two years ago, I wrote an article for the OSJ dealing with “cyber hygiene” – practices and precautions users take to keep their data safe and secure from outside attacks. I didn’t rehash it last October since most of the article was still relevant. For this year’s “Cyber Security Month,” it’s time for an update. I still encourage everyone to re-read that article in the October 2020 OSJ or on my website as 95% of it is still best-practice for normal people.

The browser is still one of the most utilized pieces of software in modern computing and one of the most attacked. Users hanging on to Internet Explorer are finding it harder and harder to visit modern sites as new encryption standards are recognized and made industry standard. Using an End of Life browser, users are seeing a lot of “This page can’t be displayed” because it doesn’t support current methods of protecting communication.

Brave browser (brave.com)

Chrome, Firefox, Microsoft Edge, and Opera remain good choices. Brave browser is a good alternative if you don’t want to use a native Google browser. It’s based on the Chromium project for those who want a privacy-focused browser. Before jumping to Brave, some things to be aware of before you have a jarring first impression. There are ads – mostly for cryptocurrency. Why recommend an ad supported browser for crypto-what? Unlike Chrome, which makes money on user’s data, Brave pays the bills with safe ads (opposed to malicious ones that would infect your computer). They can be turned off. If ads in a browser are not your cup of tea, there are plenty of other browser options but note Brave took top spot for privacy in terms of phoning home:

Used "out of the box" with its default settings Brave is by far the most private of the browsers studied. We did not find any use of identifiers allowing tracking of IP address over time, and no sharing of the details of web pages visited with backend servers (Leith).

Pi-Hole and 3rd party DNS services, such as Quad 9, are good options for blocking ads, tracking, annoyances, and malicious content at the network level. To go a step further and block unwanted social media, games, messaging apps, dating sites, or streaming services or entire categories of sites, freemium services like NextDNS and AdGuard offer additional blocking options. Advanced features including newly registered domain blocking, typo-squatting domain blocking (domains registered by squatters taking advantage of type-o’s made when users are inputting a site’s URL), parked domains, and entire top-level domain blocking go above Pi-Hole and other free services.

Free tier gives you a limited number of DNS queries. With devices that freak out when they can’t phone home or heck, the cloud providers used by my workplace, you’ll blow through the free tier quickly. With a yearly plan, the price is around $1.75/month. OpenDNS has a completely free tier with basic blocking. Their blocking of services and categories is also a premium option.

Note devices with hard coded or manually entered DNS for other services (such as the popular Google DNS 8.8.8.8) will bypass these protections. A router/firewall with the ability to intercept and re-direct traffic (also called internal port-forward or inside NAT) will stop requests from reaching other DNS services and redirect them to the service of choice.

KeePassXC interface (keepassxc.org)

LastPass, in 2021, decided to make their free tier limited to a device of a single type. Mobile or desktop, not both. To sync between both, a premium account was needed. Granted $3/month isn’t a huge amount (you can give up one coffee), users opted for a service called Bitwarden. It is an open-source password manager offering unlimited devices for free and a family account for $3.33/month with unlimited sharing. An option that appeals to me is the self-hosted option where you are in-control of your data.

KeePass remains a strong choice for managing password databases, especially offline. I recently moved to a fork called KeePassXC. Its lineage came from KeePass in that KeePassX was a fork of KeePass, KeePassXC is a fork of KeePassX. It too is free, open source, and databases are compatible between KeePass and XC if you want to try or use both. I like KeePassXC better due to its cross-platform support and TOTP/2FA integration.

Beyond my 2020 article, I would like to address the issue of administering devices remotely. In particular, devices we leave at remote sites or have in “the cloud.” Whether that is an AllStar node, EchoLink/SVX, Wires-X, router, controller, mesh node, or digital mode reflector. Though I’m writing this in the context of ham radio devices, this applies to anything – including devices on home networks. I hate the idea of devices, which provide services to a very small group, being available to anyone on the Internet. It’s dumb, terrible security practice, hygiene, and there are better options.

‘Well, my device is password protected!’ Most don’t change the default password on their device. Ones that do many have purchased from a dud company that ignores vulnerabilities for 3 years that, in theory, would allow anyone access to their camera, Wyze.

For clarification, I’m not taking the ports needed for normal user access to the AllStar/Wires-X/EchoLink/reflector/whatever. I’m specifically talking about the ports needed for administrative access. Ones such as SSH and remote desktop. Admins that figured out OpenVPN or WireGuard tunnels or ones that only have local access to admin services, you’re good.

With common admin services open to the Internet, check the logs. Internet miscreants are trying common username and password combinations. Not to mention probes not seen in logs like fingerprinting to figure out which outdated version is running and looking up exploits against that version. Once they get in, they will configure that device to be a cryptocurrency miner (making money for the bad guy), another device in their bot army used for attacking other victims, figuring what other devices they can get into, not to mention backdoors allowing them access at any time. When this happens, that device can no longer be trusted.

Fail2Ban is a popular option that only slows down attackers, doesn’t provide distributed brute-force attack protection, and is not available on Windows. Doesn’t solve the issue of unnecessarily exposing admin services to the Internet. Changing ports is not secure, often called security through obscurity – which is not security. A quick scan of the IP address will reveal the new port. SSH keys with PasswordAuthentication set to “no” is about as good of protection as you can get when wide-open access is needed.

ZeroTier and Talescale are an easy-to-use middle ground between the options of wide-open access and creating your own VPN connections. Both services create secure connections to just about any device including: Windows, MacOS, Android, iOS, Linux (including Raspberry Pi), BSD, and some Network Attached Storage devices. The device reaches out to a central server or peer, establishing a private connection. Permitted users are then able to establish connections with that device. A club might have five administrators, all five would have provisioned accounts for access to their club’s remote site devices.

These services are freemium and proprietary (not open-source) but they do have self-hosted options. Once the service is up and running, close the administration service ports in the router. Configure the device to only accept connections for admin services on the ZeroTier or Talescale interfaces.

For web services, such as status pages or dashboards running on devices at remote sites, something to consider is a reverse proxy as an additional layer of protection. Normally: install and configure the device with a web server stack, install a dashboard or status page, port forward 80 & 443, then hand out an IP address to users or provide link on the club’s webpage to that device, maybe using a DNS/dynamic DNS entry. You’re off and running. The device remains exposed to the Internet. Miscreants could send random junk attempting to bypass authentication or flood the connection with bogus data, denying legitimate users’ access (denial of service).

A reverse proxy works by being the point at which users access the site. Cloudflare is one such reverse proxy service and offers a free tier for personal/hobby sites. The proxy inspects traffic to determine if it is legitimate. Legitimate traffic is allowed to pass onto the server. Illegitimate traffic is dropped and never seen by the server, protecting it from possible malicious traffic. An additional benefit is the real IP address of the server or device, at a site or at home, is not easily determined, making the device less unlikely to be exploited.

(cloudflare.com)

This protects the device in a different way from that of a private link or VPN like ZeroTier or OpenVPN. The web site is still accessible to anyone on the internet. Having visitor’s setup private links or VPNs for commonly accessible web services is not practical and not something a majority of users will not opt into freely.

The Cuyahoga Amateur Radio Society (CARS) asked for one of our technical presentations at their meeting on October 11th. I was able to give a presentation put together by Technical Specialist, Bob – K8MD, on DMR. He was out-of-town but I was able to give his presentation. There was plenty of questions and good discussion after the presentation. I brought one of my hotspots and a DMR radio to demonstrate the AmateurLogic.TV Sound Check Net on my multimode system. The net got started about when the meeting wrapped up which was perfect timing. If your club is interested in this or another technical topic, let me know!

I heard from many hams that found my Hamshack Hotline tip useful in last month’s OSJ, including ones outside our section. Yes, they are reading THE OHIO Section Journal =) Some updates: even long after the DNS entry was removed, phones apparently cached the IP address. Some reported their phone still had green lights though the admin interface contained the old DNS entry. With this information, the phone will likely remain working until rebooted. Additionally, as suspected, other domains were seen. Replacing hhux.wizworks.net with hhux.hamshackhotline.com also worked. Some replaced the entire string with only hamshackhotline.com, leaving off subdomains like hhus (as was shown) or hhux. This won’t work either. The subdomain must remain intact.

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – October 2021 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Tom – WB8LCD and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Tom has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

Last couple times, I’ve been talking about my journey to preserve legacy media. First talked about different media formats and last month described how to create and use floppy disk images. This month is about optical discs, copy protection and storing images for preservation.

Optical disc images

Unlike floppy images, creating and mounting optical disc images was a hole other ball game. CDs have a variety of structures: data only (Digital Data), audio only (Digital Audio), CD-TEXT (artist and song details for Digital Audio), mixed mode (data on track 1, audio on tracks 2 – n), Enhanced CD (audio for audio players, data and multimedia for computers), and multi-session (data added or modified over subsequent writes to the disc). There are other standards such as MP3 CD, video CD, super video CD – those are all data tracks. DVD and Blu-ray are also data tracks.

Creating optical disc images

To meet my goal of having a raw data dump of optical media, Linux had the hardest time creating images. cdrao (CD recorder disc-at-once) can process different disc structures but the output files were not in a format most tools understand. Popular K3B disc writing program cannot make images of audio or mixed mode discs. dd won’t work either because it uses file structures (FAT, NTFS, Ext, CDFS, UDF). CD-audio is audio bits containing no file structure. Single track, digital data only discs were fine for Linux tools. Mixed mode and audio discs were a no-go.

On Windows, my long-time favorite, ImgBurn (freeware) made it all happen using the “Create image file from disc” option. Though not updated in some time, it still works well and the developer answers questions in the forum. It handled everything I threw at it. It defaults to ISO. If the disc doesn’t meet ISO9660 specifications, it creates the more flexible BIN & CUE formats. BIN file is binary data from the disc. CUE, for cue sheet, it a plain text file containing details about the tracks in the BIN file. This paring would be for CD-TEXT, multi-session, mixed mode, and Enhanced CD discs. UltraISO (trialware) created these images too and could output to different formats: ISO, Bin/Cue, Nero, Compressed, Alcohol, and CloneCD.

Copy protected discs

Then things went downhill quickly. One exception to “everything I threw at it” was copy protected discs. Copy protected discs aims to confuse the drive’s read system. A full read of a copy protected disc will fail. However, when activated, the protection software knows what to expect based on how it instructs the drive to read the disc. Many of these schemes are explained in this article. Other copy protection schemes install malware, called RootKits, that hides activities making detection and removal of the malware nearly impossible. Sony/BMG Music got caught installing RootKits in 2005. A user simply inserting the audio disc into their PC would unknowingly infect their system. As it turned out, companies were more concerned about their intellectual property and less about making software that didn’t have vulnerabilities. In the end, copy protection only hurts those who follow the rules.

I had one of those Sony/BMG discs. When I realized what they were doing, it was promptly returned. When referring to copy protected discs, I’m referring to a handful of unreadable game discs I have. Programs out there like Alcohol 120% (paid version) make perfect 1-to-1 copies, emulating copy protection schemes. It has been 15 years or more since I used those features but it worked great back then.

Failures creating working images using Alcohol 120% and CloneCD (trialware), which still tout making perfect 1-to-1 disc copies, I though was an issue with the application. After digging at the problem, I learned it’s probably not the fault of the application at all. First, I would identify discs with copy protection as ones ImgBurn showed had read errors. Next, make a new image of the disc using a 1-to-1 copy program. Then validate the image by installing the game on my Windows 7 64-bit operating system I was using to preserve legacy media. Finally, seeing if the game would run successfully. None of those games would launch. I spent waaaayyy too much time working under the presumption the problem was creating a good image. In reality, none (I mean NONE) of the copy protected games would run using their original discs. Imagine that, copy protection that doesn’t work.

ImgBurn creating a disc image of a CD-TEXT audio CD

Reasons copy protection wouldn’t validate successfully could be any of: a newer OS. These games are from the Windows 98/2000/XP era and cannot run on Windows 7. Running a 64-bit operating system when the copy protection drivers were written for 16 or 32-bit OSes. Could also be proactive blocking of the driver by Windows or Microsoft Security Essentials. With that information, though, I cannot say if those images created do or do not work. I would have to go down the road of getting an older operating system up-and-running. Could fire-up a Virtual Machine as well. I’ll pursue that later. Reading up on making images of copy protected discs, a disc drive that can read raw data is needed. While most noted drives state they read raw data, they really cannot. I couldn’t find a list of known working CD/DVD drives.

Avenues I looked into are sites that have cracks to bypass the copy protection validation schemes such as GameBurnWorld or GameCopyWorld. Not responsible for any damage or legal issues. This is for informational purposes only. Some cracks that I tried were for 16-bit OSes which is just not supported in a 64-bit OS. While I’m sure most of these games are available on a modern platform like Steam, I’m not feeling charitable enough to hand over more money to them seeing as they got it wrong the first time. Microsoft thinks Windows Compatibility Mode will fix all the problems. I think it only works on 32-bit versions of Windows. Most PCs are 64-bit, and 32-bit OS support is being dropped. I’ve never gotten any 16-bit Windows program to work in compatibility mode on a 64-bit OS.

Need to make copies of protected DVD or Blu-rays? See the products list at the CloneCD link above. Not responsible for any damage or legal issues. This is for informational purposes only. Unlike the game copy protection schemes which require software or a driver on the PC, DVD and Blu-ray store encryption keys on the disc which makes it fairly easy for programs like AnyDVD or DVDFab to read disc level encryption.

Mounting and using optical disc images

Things didn’t get much better when mounting disc images using virtual drives. Much like floppy disk mounting programs, I wanted something to emulate a CD drive on the host operating system. All programs I tried mounted ISO images to the operating system: Virtual CloneDrive (freeware), ImDisk (open source), Alcohol 120% (free edition), Daemon-Tools Lite (though installer is very bloated with crapware and maybe DNSBL on PiHole), UltraISO, and WinCDEmu (open source). Few of those programs mounted BIN & CUE correctly and even fewer handled multi-session images. Not all virtual drives are created equal. It may take some time to find a program or combination that works. In Linux, ISOs could be mounted using the “Disk Image Mounter” in the desktop GUI or using the command line (see part 2 in this series). Mounting BIN & CUE files in Linux required CDemu (open source).

Audio BIN & CUE files could only be mounted using Alcohol 120%, Daemon-Tools, and CDemu. An audio player like VLC (open source) would be used to play audio tracks. Foobar2000 (freeware) can play BIN & CUE files directly (without mounting). Enhanced CD and multi-session CD data tracks could not be accessed when mounted through any of the virtual drive applications I tried. Once the virtual drive hits the first lead-out in the image, that’s it. This affects images where data tracks follow audio tracks and multiple session images containing more than a single data track. I was never a fan of creating multi-session discs but I did have discs from friends that were.

Disc read errors. An indication of a copy protected disc.

UltraISO can access those data tracks from multi-session images and extract files. Maybe easier to copy the files from the disc to a folder instead of making an image for simplicity. There were two ISO editors listed for Linux, neither listed BIN & CUE file support. For completeness, all disc and structure data are still stored in the BIN image file and described in the cue sheet. It is a shortcoming of these virtual drive applications to not provide access to all data contained within the image. I have no idea why. Taking the same image and re-writing (burning) it to a blank disc would result in a complete copy of all sessions and data.

If possible, through the mounting software, mount the image READ ONLY! (see reasons in earlier parts). In addition, many virtualization and hypervisors such as DOS-box, VirtualBox, and vSphere can mount images naively to a guest operating system. Wikipedia has a comparison of disc image software applications for other suggestions.

Storing images

Lastly on this charade, storing these image files so they may live on forever! CD and DVD images are going to take up more disk space because the media can hold more data. Organize all images into a folder structure that makes sense: games, types of games, graphics, amateur radio, audio/video programs, operating systems, utilities, etc. I decided to store these images on my Network Attached Storage (NAS) with copies both off-line and off-site. The NAS file share is set for read-only to protect unintentional modification or deletion of the images or its contents.

Hard drives, until the beginning of this year, were relatively inexpensive. A 4-terabyte drive can still be purchased for around $100. Higher-capacity drives have been met with shortages and prices to reflect their supply. 4 TB is ALOT of storage. Use a new dedicated drive for storage, keep them on a local hard drive, or use an external hard drive. Make copies onto separate hard drives, USB thumb drives, or in “cloud” storage.

Plan a backup strategy sooner than later. The following is true for ANY data: data does not exist if it is not in two separate places. I argue three copies of data or it doesn’t exist (see #5 under “What can I do to protect myself?”): 3 copies of your data, 2 of them on different media (spinning hard-drive, sold-state SSD, thumb drive, optical, in the cloud, etc.), 1 must be off-site (at work, at a friend’s, storage locker – preferably temperature controlled/waterproof, safety deposit, with a relative, in the cloud).

Going more technical and into file system technology, use a file system that hashes files such as Btrfs or ZFS. Then scrub the data every couple-to 6 months. This keeps data in-check and detects errors in storage indicating media degradation or imminent failure. Linux has these features as do many NAS devices. Hashing protection and original floppies themselves are not additional copies. Hashing isn’t going to save data from a disaster (wind, power, tornado, fire, flood, physical destruction, theft, …). Original floppies do not count as a copy because this technology is dated, degrading, and getting harder to recover, a.k.a. legacy.

Recovery & file conversions

Half-Life Opposing Force copy protection disc authentication failure on original media

If you really, really, really want data back and are unable to recover it yourself, there are data recovery services. One ham said a person he knew used Gillware. A channel on YouTube I follow gave a recommendation to WeRecoverData. I did not use, research, or vet any of these companies so some due diligence is required before some phony-baloney service makes off with precious data. Gillware is a Micro-Center partner and WeRecoverData has a large number of companies that have used their services. Take that for what it’s worth.

Going back to my data that I “really, really, really” wanted to save from unreadable floppies. It turns out, I apparently told my younger self: self, you should make copies of these floppies onto other media or you may not have that data in the future. I copied all those important floppies, that are now unreadable, and burned them to CD. See, had two copies of data! I found those copies on a CD spindle of burned discs. Probably had read issues back then and saw the writing on the wall about floppies somewhere in the early 2000’s, near as I can tell. Writable CDs were reasonably priced about that time as well, $0.20, $0.30, $0.50, maybe as much as $1/each. I definitely didn’t know I could make an image of a floppy back then because the CD was drag-and-drop copies of the data. Better than not having it. Saved myself a lot of agony – although it doesn’t make as good of a story…

I didn’t touch on file conversions as the goal was to preserve data and I didn’t need to convert file formats. This may be needed in cases where proprietary programs were used and those companies no longer exist. The data can be read from the media but the file itself cannot be opened by any modern program. A copy of the original program used to create the file is best as there is likely some way to get that program running again. If it was an early version of a program that still exists, they may have changed data formats along the way and the earlier format is no longer readable by a modern version of the same program. Possibly filters or converters can be downloaded and installed.

Searching the Internet for the program originally used to create the file may lead to threads and worm-holes. Using an example of a very old word processing file, a similar-type program may be able to open the file such as Microsoft Office Word, Corel WordPerfect, LibreOffice Writer or legacy versions of old office suites like StarOffice or OpenOffice may improve chances. The more proprietary and obscure the program and format of the file, the harder it will be to find a program to read or convert the file, whereas open source programs and formats are likely to still be around 20 years later. I found enthusiasts will write free/open source programs to convert random obscure formats on GitHub.

Now that I’m done getting data off 3.5″ floppies, they’ll get destroyed for security reasons and donated to the circular file. I don’t see a reason to hang on to them seeing how many had read errors and now I have good copies of everything I want. I’m starting to see the same writing on the wall too with CD-R/DVD-R discs. A couple gave me read errors. Using another drive read the discs just fine. Still hanging on to those CD/DVD discs, until I get tired of looking at them.

While making disc images, I saw a name that sounded familiar: CMC Magnetics. Where have I heard that name before? If you were serious into your writable media mid-to-late 2000’s, a quick Internet search recalled memories of CMC being some of the cheapest & crappiest writable CD-R and DVD-R media available. Quality was not consistent, even between different spindles of the same brand. Verbatim was considered the gold standard for writable media. Even they got out of the market, selling off manufacturing to CMC. I think it’s the right time to get those important CDs and DVD-Rs imaged as well due to media quality concerns 😀

Epilogue:

I had one MacOS formatted floppy disk from grade school containing games that appears to use the HFS file system. Not much has gotten me anywhere near being able to play the games on that disk. I came across information for those needing to recover legacy Macintosh disks that’s worth passing along. Back in the early days, Apple developed a proprietary floppy disk technology to get more data on a standard 3.5″ floppy disk. Granted, everyone was trying to do their own proprietary formats to lock consumers into their technology and securing income for their company. Like proprietary technologies before and after it, users get shafted. The specific drives used to write those disks are the only ones that can read those floppy disks. Adding insult-to-injury, all recent MacOS versions have dropped support for those formats leaving users to find a branded drive with an appropriate legacy MacOS version should they want data off those disks. Not to mention, how will they get that data to a new system? A number of sources point to this website which has a lot of information to help MacOS users get their data recovered. Guess I’ll keep hoping to pick up an LC III or a LC 5xx from my early memories of MacOS.

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – September 2021 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Tom – WB8LCD and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Tom has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

Last time, I talked about a project I am working on to save data from legacy media: floppy disks, ZIP disks, and even optical media. This month I’ll cover programs and methods for creating floppy images and how to access data in image files.

Creating floppy disk images

I needed a program to create IMG files of these floppy disks. WRITE PROTECT disks before inserting into the drive to prevent accidental overwriting of the source disk! In Windows, I couldn’t find a decent program to make floppy images that wasn’t free. My usual go-tos failed me. Ones that did work as expected were WinImage (shareware, 30-day trial) and UltraISO (trialware). UltraISO is for creating, modifying, and saving CD/DVD images but has the ability to create floppy disk images too. Though, for some reason it doesn’t mount those images to the host operating system. dd for Windows is an alternative creator. dd is a well-known Linux conversion and copying program. If those don’t meet your needs, have a look at the Wikipedia article on disk image applications for a list of alternative options.

In general, on Windows, insert the floppy. Start the program. Select Make Floppy Image or Read Floppy. Then save the image file to the hard drive.

In Linux, making a floppy image can be completed with native tools. At the command line:

sudo dd if=/dev/fd0 of=/home/username/name_of_floppy.img
  • Failed to read from floppy using dd. dd will fail when it is unable to read a sector on the disk.

    if: “in file” or device to read data. /dev/fd0 is the common name in Linux for the first floppy disk drive

  • of: “out file” or device to write data

A better option to dd is ddrescue. That program is designed for data recovery, not only for floppies but CD-ROM and other media too. It will identify read errors and automatically re-read bad sectors hoping for one more successful read. Install through the Linux distro package manager. I had plenty of disks with read errors. Many were “oh, no – not that disk!” followed by moments of praying because I really, really, really wanted that data back. Some read errors were soft and easily recoverable. Others required manual intervention. My standard command line (one line):

sudo ddrescue -d -f -r5 /dev/fd0 /home/username/name_of_floppy.img /home/username/name_of_floppy.log
  • -d: direct access to the input file or device
  • -f: forces writing to the output file (if you locked the file somehow and ddrescue couldn’t write to the image file)
  • -rX: number of times to retry (X) reading bad sectors. I would set this value low initially, follow the methods below, and change to something like 150.
  • /dev/fd0: device to read (floppy drive)
  • /home/username/name_of_floppy.img: name and location of the output image file
  • /home/username/name_of_floppy.log: name and location of the output log file. This log is used to track sectors that could not be read, even across multiple runs of ddrescue.
ddrescue in progress

Once the initial run-through is completed with a couple attempts at re-reading bad sectors, the program can be terminated to blow debris off the magnetic medium or completely change out the disk drive. Re-run ddrescue with the exact same command and the program will continue retrying unreadable sectors of the same disk. Changing variables including giving things a rest for a few days will increase the chances of a successful read. One the disk is successfully read the log file is no longer needed.

My solutions for removing debris: bang the floppy physically to dislodge dust or other dirt. Blow across the magnetic medium while rotating to help do the same being careful not to introduce moisture, which would cause more harm. I saw this referred to as the “shake & blow” method. That got me through a good number of iffy disks. Trying another disk drive resolved even more errors. Some disks could not be completely read or there were so many read errors making the chances of total recovery slim to none. A number of excellent suggestions are available on this site dealing with copy protection, disk errors, and drive errors.

When ddrescue is unable to completely read the entire disk, try straight drag-and-drop copying of files to the hard drive. Entirely possible ddrescue is spending time on sectors that don’t contain usable data. Should that not work, let ddrescue do its thing as much as it can, mount the image, then try copying the files from the mounted image. ddrescue may not be able to recover the disk in its entirety but data it was able to read might be usable. I’m still praying for those disks that I considered important.

I didn’t find an exact equivalent to ddrescue for Windows. Searching online indicated a program like BadCopy Pro (trial) or TestDisk (free, open source) might be able to recover disk data at the file level, not at the sector level for the image. I’ve used TestDisk and derivative programs previously but did not test these programs for floppy data recovery.

Mounting and using floppy disk images

Pheew, making floppy images is done and the disks that were able to be read are preserved. Now, how to use these image files? They can be mounted to the operating system acting like another floppy or removable media disk drive. If so desired, the image contents can be modified. I do not recommend nor wanted any modifications to the image file once completed. If possible, through the mounting software, mount the image READ ONLY! Installers often write parameters or logs to the original media. The goal is to leave the img file completely intact as it was read form the original source disk. I didn’t want to risk having images modified from disks that took a long time to recover in ddrescue.

Mounting floppy image in ImDisk

If modifications are needed, make a copy of the image file and mount the copy for writing. If not available through the mounting software, or as an additional layer of protection, I made a file share on my NAS (network attached storage) that is marked read-only in the NAS configuration. After placing image files in that file share, setting the read-only property does not allow any write capability to that file share.

ImDisk (free, open source) worked well for mounting. It allows the device type to be changed or read-only options set to prevent modification. Selecting device type: floppy, check removable media, and check read-only are settings that worked best. In Fedora, I could use the “Disk Image Mounter” in the desktop, or at the command line (one line):

sudo mount -o ro /home/username/name_of_floppy.img /home/username/folder/to_mount_image
  • -o ro: sets the read-only flag
  • -t vfat/iso9660: maybe needed if mount cannot determine the image file system type

Many virtualization and hypervisors such as DOS-box, VirtualBox, and vSphere can mount images naively to a guest operating system.

Next time, CD/DVD disc images, storing images, and finally, the conclusion. Optical media images are harder to create, work with, and copy protection: the bane of my existence.

If you are a new ham or looking to improve your station and you weren’t able to attend Technical Specialist Jason – N8EI’s presentation “Beyond the Baofeng: Thoughts on Equipment Choices for New Hams,” you missed a great opportunity. It was a well throughout presentation and he made some great points. In attendance were a couple non-hams that wanted to become licensed. They were there trying to figure things out and he provided helpful information. The session was recorded and will be posted online at some point. I’m sure that will be announced when it is available. Don’t forget, Technical Specialists are available for presentations at club meetings or hamfests. If your club is looking to fill a program slot, reach out to Jason for his presentation or myself for ideas.

Speaking of hamfests, I made it to two more over the past month: Findlay Hamfest and the Cleveland Hamfest and Computer Show. At Findlay, I felt it was well attended. Not the numbers they’ve seen in the past, likely due to the on-going state of the world, but I was pleasantly surprised. I spent some money on connectors, couple gadgets, and found another power supply for my universal battery charger. Since it’s not available anymore, I wanted a backup incase the current one stops working. Could have spent a lot more money as I’m starting to look at smaller formfactor PCs – and they had a couple. Definitely saw a number of the disk drives I talked about in last month’s article. Good place to find them if you need ’em, just sayin’! Attendance seemed good, considering, at Cleveland too. That one is more of a social event for me as it’s my home turf and I run into a lot of hams I haven’t seen in some time. I also attended the presentation on one of my favorite linking modes, AllStar. All-in-all, two strong hamfests I recommend attending next year.

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – August 2021 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Tom – WB8LCD and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Tom has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

PSA: make copies of old computing media now before that data is lost for good. Those of us that are old enough to know or remember what floppy disks are – and no, it’s not the 3D printed version of the save icon! This is my adventure in preserving legacy media.

Floppy disks, simply “floppy” or “disk”, was a data device based on usage of a flexible magnetic storage medium. Systems dating back to the Commodore utilized floppies and other formats such as cassette tapes. PCs first used 8-inch floppy disks, then 5 1/4 or “five-and-a-quarter-inch disk,” finally 3 1/2 or “three-and-a-half-inch disk.” Most who are my age remember the 3.5″ floppy because it was a very common storage medium for transporting research, papers, and data between home and school. Never had any 8″ floppies. I’ve been around computers longer than most my age and have a couple 5.25″ disks.

Later in high school and college (through about 2005), advances in storage technologies allowed for lager capacities at roughly the same size. The Zip disk was still considered a floppy but had rigid housing to protect the medium at about the same size as a 3.5″ floppy, though twice as think. Zip disks could store 100 MB versus the 1.44 MB of the 3.5″ floppy. Writable CDs became affordable as anyone could now “burn” an optical disk with a storage capacity of 650-700 MB. DVDs for videos and large capacity 4.7 GB storage were standard mid-to-late 2000’s. Those have since been superseded by multi-gigabyte USB solid-state and “cloud storage.”

If you’re like me and hung on to those floppies because they still have old games, maybe using them for document or picture storage – for some reason, or old programs you would like to use again. I started this project as I was sorting through old computer equipment and it was probably past time to preserve the data. That is, if they could still be read. Since I was going through this work of preserving data on floppies, I decided it was probably time to save CD-ROMs and DVD-ROMs as well. In theory, medium, especially optical, should last a good long while. However, all medium will degrade over time. It’s also a factor of how the disks were stored, the quality of the drive that wrote the disk, cleanness of the head, quality of the diskette, reading drive aligns with written tracks, to name a few.

Being anywhere from 15-25 years old or more, another reason for doing this is because new computer systems (desktops/laptops) are not coming with devices to read legacy media. The new laptop I received from work doesn’t even have standard USB (A) or HDMI ports! Most keyboards, mice, USB drives, image scanners, SDR dongles, etc. still use that type of port. This machine only comes with USB-C and I need an assortment of dongles to connect standard keyboards, mice, and monitors to the new laptop. They took a cue from Apple MacBook.

While I still have 5.25″ disks, it was a much small number. Probably under 15. 3.5″ disks, I probably have 150 – 200 laying around. Whether I got lucky, the drive/medium are of better quality, or better error correction/recovery, I had no problem reading the 5.25″ disks. I thought: older medium, more problems. That was not true in my case.

Standard disclaimers: copying of some software (though the company may be long gone out-of-business), is still considered piracy – though highly unlikely really anyone cares. You are free to do with this information as you wish.

Locating drives and media

First, locate legacy media (floppies, Zip disks, CD/DVD-ROMs) to be preserved. If labeled correctly, you might be able to tell right away which ones are worth saving. Things you or your kids did when they were younger might be worth saving, but that old accounting program, probably not. Emulation and virtualization technologies have come a long way and is quite possible to get those old programs running again with a little effort. That’s another article.

Next – locate a device to read that media. Throughout the years, I’ve hung on to a handful of old floppies, Zip, and, CD/DVD drives. Before throwing in the towel this early, consider that it might be easier than you think to locate a drive – should one not be readily available. A floppy disk drive, floppy cable, and old motherboard with a floppy controller is all you really need.

8-inch, 5¼-inch, and 3½-inch floppy disks (Wikipedia)

To find 8″ drives, you’re probably going to eBay, computer surplus shops, or even a hamfest. They’re “vintage” on eBay, therefore asking prices are $100 and up for a drive. These old drives have been successfully connected to modern PCs with the help of an external controller or adapter. My 5.25″ floppy drive connected and worked just fine on a motherboard (late 2000’s era) I had laying around with a floppy controller. If a motherboard is not available, a floppy controller with USB capabilities from KryoFlux or GoTek would do the job. 3.5″ floppy drives are readily available, have USB connections and cost about $20. Consider 5.25″ and 3.5″ combination drives if both formats are needed.

Early Zip drives came as an external device with a parallel port connection. They were god-awful slow. With more than a few Zip disks to copy, look for a drive with an ATAPI (IDE) connection if you have a motherboard with an IDE controller. Otherwise, opt for the USB drive version. ATAPI isn’t breaking any speed records either. They are quicker and you don’t have to find a motherboard with a parallel port and locate Zip drive drivers. The Zip 250 and 750 drives can read lower capacity disks. The Zip disk format has been long dead and the Iomega company was bought and sold a few times, eventually being completely discontinued. All of these drives will be surplus/eBay/hamfest finds.

Operating system support still exists, at least on the PC side. A Windows 7 64-bit operating system handled all the formats I threw at it: 5.25″ floppy, 3.5″ floppy, Iomega Zip 100 ATAPI, and obviously CD/DVD. The Zip ATAPI/IDE interface showed up as a standard removable disk drive. An older PC with an older operating system increases your chances of a working combination.

Parallel port Zip drive and disk (How-to Geek)

Zip disks, in particular, had a proprietary software method of preventing accidental writing to the disk or requiring a password to read the disk. In the case where any of these protections were used, or any other proprietary method of encrypting media, those conditions under which the media was “locked” will likely need to be recreated in order to read or decrypt the data. The same legacy drive connected to a PC, same legacy operating system with drivers/applications used to write-protect or encrypt the disk – if you still have copies of all those programs. Not to mention, remembering the password.

CDs and DVDs were no problem as those formats are somewhat current and operating systems include native support for those drives. Fedora 33 worked with all, though it doesn’t automatically load the floppy driver by default. I had to:

sudo modprobe floppy

I did not test a copy of Windows 10. A Win10 rescue disk worked just fine with all formats so I suspect Windows 10 will be fine as well. Copying the data can be as easy as opening the drive in the desktop, selecting the contents, and copying files to a directory on your hard drive.

ISO files are a single file that contains the entire CD/DVD/Blu-Ray disc structure to precisely duplicate a disc. These are often used when downloading Linux/Unix distributions. Windows 10 can be downloaded as an ISO as well. Many utility and recovery tools available as ISO downloads are meant to be burned to disc or written to a bootable USB drive. Nearly all CD/DVD/Blu-ray authoring programs have the option of creating or burning ISO files.

IMG (sometimes referred to as IMA, standing for “image”) files are similar to ISOs but for floppy disks. IMG files are a single file, raw sector dump, of a medium. I have no scientific data to indicate drag-and-drop copying is just as-good-as creating an image file. If I had to guess reasons an image would be a better option: maybe a form of copy protection looks at a specific sector for a known value or possibly date & time stamps. If something wasn’t as expected, it might fail believing a copy was made. I came across one instance where straight copying files caused special characters to be converted. A “~” was converted to “_”. This is more likely to cause an issue for an installer program because a filename doesn’t match. To me, it just seems better to make a raw copy of the disk. Once again, the more complicated method is my preferred method.

My goal was to have an image made directly from the disk. In reading up, examples showed creating a ‘blank floppy image’ file, reading disk contents, and writing to the blank image. I did not want that as total disk size could be different. Disks containing my documents or picture files, I copied those to a folder on a hard drive. Disks containing programs or installation media, images of the disk were made.

A raw sector dump of a floppy disk occupying the same amount of space as if the disk was completely full. 1.44 MB disks will take up 1.44 MB, even if only 300K is written to the disk. 720K disks take up 720K. CD/DVD/Blu-ray ISO and BIN files will be the same size as the total amount of data written on the disc (333 MB disc = 333 MB ISO). For multi-gigabyte and terabyte hard drives, these sizes are nothing.

Next time, my adventures continue into creating, using, and storing image files.

The Section is sponsoring learning and exploring sessions. Technical Specialist Jason – N8EI will be presenting one of those sessions on August 31st. Details have been published in recent PostScrips and later in this edition. His topic is “Beyond the Baofeng: Thoughts on Equipment Choices for New Hams.” You received your license. Picked up a $20 Baofeng. Tried to reach some repeaters with it. Now what? Now comes a real station. He touches on prioritizing equipment purchases and gives recommendations on radios. It will be a good one not only for newly licensed hams but hams looking to improve their station.

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – July 2021 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Tom – WB8LCD and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Tom has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

Coming soon: Windows 11. Wait, wasn’t Windows 10 the “last version of Windows?” Yes. Now, no. People interpret that statement to mean once you’ve upgrade to Windows 10, there would be free upgrades forever and you would never have to pay for another version of Windows. Microsoft: we kind of meant that but not really, it’s only “reflective” of delivery in an ongoing manner. On June 24th, Microsoft announced its next major version of the Windows operating system expected for release later in 2021.

As of this writing, no official release date has been set. Though a retirement date for Windows 10 in 2025 has been published. Retiring (or end-of-life) means after 10/14/2015, no mainstream support will be available for security updates, fixes, and enhancements. Businesses, or those paying for extended support. will likely have updates available for some time longer. The 2025 date puts Windows 10 in at over 10 years of service life, just a few months short of Windows 7’s service life. Has Windows 10 been out that long??

Microsoft is nothing, if not clear, in their statements and announcements. In Microsoft fashion, there is plenty of confusion around system requirements. Microsoft states that more than half, as much as 60%, of the PCs running Windows 10 today could not run Windows 11. I figure many systems upgraded from Win 7 to 10 will not meet the minimum requirements. Those who’ve bought a packaged PC since July 2016 should be good to upgrade and can upgrade for free. The reason for July of 2016 is when Microsoft required system integrators to include the TPM in new systems shipped after that date. TPM is used to generate cryptographic keys ensuring system integrity and security at system boot. DIY motherboards had this built in since about 2015. New PCs will see Windows 11 included as part of the entire purchase price. System builders will likely see the same prices as Windows 10, about $100 for Home and a little more for the Pro edition.

Home version of Windows 11 will require an Internet connection and a Microsoft account to complete first-time setup. If you have an account for Hotmail, Outlook, OneDrive, Office, or Xbox – you’re all set. If not, one can be created for free. Though nothing says you can’t unlink the account after setup. This connection between Windows and a Microsoft account has been used to store license information and retrieve a license should, when, a reinstall is needed. It also enables “cloud” features allowing some settings and preferences to be synced across all devices logged in with the same account. Pro versions can opt to use a Microsoft account or create a local account.

What else is new in Windows 11? “Sweeping” redesign of the user interface – to make it look more like a Mac – starting with a center aligned taskbar. A design choice aimed at touch users (tablets, Microsoft Surface devices). To be fair, GNOME has long adopted the center aligned taskbar as well as the Mac. Another start menu redesign “powered by the cloud” – which allows internet searches directly and synced documents across devices running Office 365. Microsoft Teams is directly integrated. Teams is the messaging and collaboration platform that started out as MSN Messenger and later absorbed Skype. To gain traction for the Windows Store (which no one ever went into), Windows will now be able to run Android apps natively.

Before the Microsoft announcement, a leaked build of Windows 11 appeared on the Interwebs. It appeared to be locked down to virtual machines only. Those that obtained the leaked version had significant issues installing it on bare metal. Not even an issue installing it on a virtual machine. The build might have been locked down to virtual machines for testing and demonstration purposes.

Windows 11 desktop (Wikipedia)

Since the announcement, a downloadable ISO image is still not available. There are guides how to download all the necessary files and build one yourself if you so choose to test out the preview on a real machine with a clean install. The official way is to enroll in the Insider program and do an in-place upgrade on a Windows 10 machine. This is done by signing into a Microsoft account in Windows 10, register for the Insider program online, enroll the device in the settings pane, then change Insider settings to the “Dev Channel.”

Though reviews have been initially positive about the new release, it seems very much like Windows 10 under the hood with the user interface redesign and improvements. Videos I saw had very good experiences gaming on the preview build leading more credence to it being Windows 10 underneath. If you’re like me and didn’t enjoy the user experience of having things buried, needing to do more clicks to accomplish the same/simple tasks, and ultimately moving to Linux as a result of Windows 10, this is going to be a ‘meh’ release for you as well.

On the subject of Windows. While I run Linux primarily and rag on current versions of Windows, if you are still running Windows 7 (which I am) or even XP on your machines, this is another friendly reminder to remediate, remove, or update unsupported versions of Windows. Removing would be replacing the machine or upgrade to a supported version of Windows if available. Remediate would be to remove Internet access to that device and remove its ability to access other devices on the Local Area Network by properly segmenting the device. Use of a hardware firewall appliance to block and monitor device communications is preferred. Should those options be unavailable, look to invest in a reputable service that provides patches for legacy operating systems such as 0patch (pronounced “zero patch”). 0patch Pro for Windows 7 end-of-support patching is available for 22.95 EUR +tax/computer (agent)/year, about $27 USD.

Vulnerabilities, such as PrintNightmare, will continue to be discovered. In situations such as this, emergency patches will be graciously released by Microsoft for unsupported operating systems but don’t expect this to continue. Vulnerabilities like this have always existed in affected operating systems but were only recently disclosed. PrintNightmare is a vulnerability in the Windows print driver, of all things. It allows a bad guy that has or can gain low level access to any affected Windows machine to take control of the local machine or domain controller gaining control of the entire domain. That second part regarding domains is not applicable to average users, only power users and corporations. Not to be out done by the exploit Microsoft botched the initial patch leaving systems still vulnerable. You would think a company worth $2 trillion would have the resources to fix the issue in its entirety.

Linux is not getting out unscathed this month too. I’ve talked about how I moved to Fedora and their very aggressive end-of-life cycle. Fedora 34 was released at the end of April. Typically, I’ll wait two months or so to let the bugs get sorted out in this community supported operating system. Realizing it had been three months since release, I took the dive and upgraded all my Fedora systems at once. Bad decision. I had two initial problems. My RAID array is showing individual disks in file explorer. This is a problem because it should never show individual disks. More to the point, if I accidentally write to an individual disk instead of the array because all elements are labeled the same (only the icon is different), the disk becomes out of sync with the rest of the array which would almost certainly result in data loss. The second is Redshift (shifts the screen color to red as it becomes later in the day to reduce eye strain) which keeps throwing an error at logon that all of a sudden manifested itself… from 2016. What? It’s been about an issue per day I’m discovering. Applications disappearing from the task bar is another very annoying issue. A downgrade attempt failed on the laptop which means wiping the operating system partition and re-installing Fedora 33. /home is on a separate partition meaning my files and most settings would be OK. Then praying 35 is not such a dud.

The Section is sponsoring learning and exploring sessions. Technical Specialist Jason – N8EI will be presenting one of those sessions on August 31st. Look for details in this edition or in forthcoming communications from our Section Manager. His topic is “Beyond the Baofeng: Thoughts on Equipment Choices for New Hams.” You received your license. Picked up a $20 Baofeng. Tried to reach some repeaters with it. Now what? Now comes a real station. He touches on prioritizing equipment purchases and gives recommendations on radios. It will be a good one not only for newly licensed hams but hams looking to improve their station.

Van Wert Hamfest

I’m jiddy that Hamfests are returning. I made both NOARSFest in Elyria and the Van Wert Hamfest last weekend. NOARSFest seemed like a few more were in attendance over previous years. That was the last hamfest I attended before we were sequestered to our homes so it was fitting being the first one to return. Van Wert had a perfect day for holding a hamfest – though it was quire foggy on the ride out, maybe due to the wildfires out west. Even though I attended school in the area and traveled often for work, never made it to Van Wert. Their ‘fest was one I’ve been wanting to attend for some time. Figured I would take in all that I can and support hamfests as much as I can this year seeing as all were canceled leaving clubs without that income over the last year.

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – February 2021 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Tom – WB8LCD and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Tom has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

I don’t know about anyone else, since most of us have been told to cower-in-place, my productivity has gone through the roof! Must be that 10-foot commute between the work desk and home desk, might get the sun in my eyes on my way over. Finally tacking items on the perpetual “when I have loads of free time” list.

First cleaned out my data hard drive that had become a general dumping ground for downloads, pictures, data files, abandoned projects, and all other forms of miscellaneous files. Kept telling myself ‘I’ll organize this later.’ I figure accumulation started around the time I graduated with my undergrad (2008) and really got involved with ham radio. Go figure. Downloads had grown to 2,900 files at 16 GB and the general dumping ground was around 73,000 files at 314 GB. Much of that got deleted but enough was kept for reference or sentimental reasons.

Synology NAS

After sorting, mutilating, and “organizing,” this led into another task to better utilize my NAS, or Network Attached Storage, functionality more than I currently was. NAS devices are a way to attach storage, like hard drives or SSDs, to the network for sharing data across devices on a local network or, in special cases, users on the Internet. NAS devices can be anything from a Raspberry Pi with USB hard drives attached, an old computer filled with spare hard drives running FreeNAS, to specifically designed devices from companies such as Synology, QNAP, or Asus. Many think “storage” when they think NAS because storage: it’s in the name. Consumer NAS devices offer packages that can be installed to add additional functionality commonly available through always-on devices. Functionality options such as a mail server, web server, git server, database server, docker virtualization, replication (mirroring, backup with another provider), network level authentication, VPN, IP camera DVR, chat, and document collaboration. I’m a loooong time Western Digital user. Their Red line of NAS drives are my choice, though they tried to pull some crap of quietly introducing sub-par drives (don’t use WD Red drives with “EFAX” in the model). Seagate is stepping up their game too with the IronWolf line, which is gaining popularity.

My strategy is to move files I’m not actively using on a regular basis to the NAS. These types of files would be: digital pictures, Office documents, document scans, emails, news articles, previous taxes, internet downloads, audio/video clips, newsletters, ham projects, school work and projects, old programs that aren’t updated but are still useful. Unbeknownst to me when I started, this didn’t leave a whole lot left over on my desktop data drive. Maybe in the future, I’ll move all data to the NAS.

For the remaining data left on my data drive, I still wanted to maintain a backup strategy in case something happened to those files. Anything from my own stupidity (accidental deletion, encrypted by a malware strain) to hardware failure. Previously, I used a cloud provider for remote backup but they decided to exit the consumer market. With their change in business strategy, I was using my own scripts to keep things synced from the desktop to the NAS, whenever I remembered to run them. Not great because if I deleted something with a bunch of recent changes and the last backup I had was a week or two ago, that sucks. This syncing strategy also didn’t have file versioning.

When a file is changed, the backup system preserves a new copy of the file but keeps previous versions in case you wanted to go back in time to an earlier version. Real-world example: a computer becomes infected with a malware strain that encrypts all pictures and documents. A backup solution will still make a backup copy of the newly encrypted file, because it doesn’t know its user or user on the network did something stupid. Saving previous versions means you can recover the unencrypted version without paying Mr. Bad Guy’s ransom.

Syncthing web interface (wikipedia.org)

I tried solutions like rsnapshot but had serious issues getting systemd timers (supposed to replace cron, yeah, we’ll see) to work with persistence and waiting until the NAS was mounted before taking a snapshot. That was abandoned after a few months. I heard about Syncthing on a podcast. It met my requirements and more! It’s quite an amazing piece of free and open-source technology. I could run an instance on my NAS (or any computer), attach devices, those devices send file changes in real time, and the software takes care of preserving previous versions. “More” came in the form of Syncthing being available on every platform I use. Supported are: source code for manual compiling, Linux (many distributions and processor architectures), Windows, macOS, *BSD, and Solaris. There is an Android client allowing me to backup my phone to my NAS. Syncthing is exactly what I needed since I have some Windows machines (like the shack PC).

A couple warnings about Syncthing. Getting started will seem overwhelming with options and what they mean. Look at good tutorials and in the forums where there are lot of users willing to help. Even more important: Syncthing IS NOT a backup tool. Wait, you said you are using it as a backup tool! I’m syncing file changes to my NAS. Backup comes in the form of making images of the NAS drive and storing those off-site. Also acceptable is using a cloud backup service to backup the NAS off-site. Both are acceptable uses of Syncthing as a “backup” solution.

Another thing on the “to do when I have tons of free time” was digitize VHS tapes. In December & beginning of January, I was on a mission to digitize my high school and college video tapes as well as family home videos. Close to 100 tapes in total. Those that are not familiar with my broadcast television past, I was involved with WHBS-TV in high school, a local cable access station. Schools from across the county came to visit us because we were doing 7 camera shoots with replay for all football games, 5 camera shoots for basketball, and competing in college level categories for regional Emmy awards. Worked at WBGU-TV in college. Did a ton of cool stuff including weekly productions for Fox Sports Ohio, a program that was distributed internationally, and lots of remote shoots in different parts of the state, to name a few. This was all before over-the-air digital was a thing. I recorded a lot of stuff on VHS tapes over those years and, of course, wanted to preserve them.

Most say “put it on DVD.” Like it or not, we’re being pushed to a streaming society so companies can control when and how you view content. Not only is physical media dead, but you now have to take care of, and store, a bunch of DVDs. There are services allowing you to roll-your-own streaming service, where you to make your own content library. There would be a server on your network containing your music, videos, TV shows, home movies, etc. making it accessible to smart TVs, streaming devices like Roku or Fire Stick, smart phones, tablets, or any modern web browser.

Plex media center (plex.tx)

I used a Hauppauge USB capture device to digitize VHS tapes played from a VCR. VideoReDo to fix errors in the data stream (some players have issues playing video streams with data errors) and cut recordings into smaller files. HandBrake to encode the video and Plex Media Server to make the video available to devices. Plex server runs on, you guessed it, the NAS! I’m glossing over how to use Plex, organize files, and produce files optimal for streaming as there are many support articles and forum posts covering these topics on the Plex or any other similar service’s site.

Reading up on recommended practices to digitize VHS tapes, VCRs with newer Time-Based Correctors (TBC) were recommended. Looking online, those were $400 or more. Since it’s likely these videos will be watched a handful of times, I decided to forgo more expensive VCR options. TBC can correct timing issues, making 1 second = 1 second, not longer due to tape stretching. It aims to correct visual image jitter and “wiggling.” I did see those artifacts and re-recorded if the video was bad enough. The Hauppauge device captures video at about 13 mbps (2 hr is about 13 GB). “Lossless” 25 mpbs capture devices were recommended. Do you remember the quality of a VHS tape? Lossless is not going to lose much VHS quality! All tapes digitized weighed in at about 1 TB of storage. Sounds like a lot. Though, 4 TB drives are under $140.

Watching college videos from 2004 as they were being digitized, I came across one of the shows and said ‘that guy looks familiar.’ It was two shows on school funding in the state of Ohio. Our previous section SGL Nick Pittner – K8NAP was one of the guests. I happen to be working camera in the WBGU studio for that show and Nick was in Columbus coming in via satellite. Emailed Nick some screen grabs. He remembered the show, hosts, other guest, and said they are still fighting the same fight after the better part of two decades later. Sometimes you never know who you’re working with!

On a commute a little longer than 10 feet, I’m planning to be in person at the Portage County Amateur Radio Service (PCARS) meeting coming up March 8th. Meeting topic will be VoIP modes (Voice over IP), both analog and digital, and the DVMIS. Hope to see everyone. There should be a Zoom link posted on their site if you would like to attend virtually.

Mike Baxter, KA0XTT, played by Tim Allen (arrl.org)

Speaking of the DVMIS, the Last Man Standing Amateur Radio Club – KA6LMS is sponsoring a special event starting at 00:00 UTC on March 24, 2021 and end at 23:59 UTC on March 30, 2021. This coincides with the last day of shooting for the show which is concluding its long, successful run. This event is going to be a multi-band, multi-mode, special event celebrating the show for its portrayal of amateur radio. AmateurLogic.TV is planning a net for March 27 from about 7 pm – 1 am eastern and the net will be carried on my system! I’m honored to be part of this event as Last Man Standing is one of my favorite shows. Mark your calendars and check the KA6LMS QRZ page for details!

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – October 2020 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

October is associated with a number of things: apple cider, fall weather, foliage displays, pumpkins, and Halloween costumes. One thing that might be gruesome, like some Halloween costumes, is most people’s cyber hygiene. Cyber hygiene relates to practices and precautions users take to keep their data safe and secure from outside attacks. October, in addition to the above, is Cybersecurity Awareness Month. It is a way to raise awareness about the importance of cybersecurity and give everyone resources to be more secure online.

uBlock Origin on mlb.com

First up, web browser. This is the portal and gateway to modern computing. A browser should be current, supported, and one that is updated. Current web browsers are ones like Chrome, Firefox, Microsoft Edge, and Opera. These are constantly being updated to support newer technologies, protect users, and eliminate known vulnerabilities. Don’t use a camera, microphone, or other accessories during browsing interactions? Disable access to them in the browser’s options. I’m not sure the last time I used a MIDI interface. Disabling it hasn’t affected my browsing in Chrome.

Browser extensions (or plugins): Limit the number of installed extensions and make sure they are also current and being updated. The one extension I have on every browser I use, including at work, is uBlock Origin. It is an excellent ad-blocker and does it very effectively. Additional features include ability to block other sources of vulnerabilities, such as scripts, large media items, like videos, and known bad domains. A lot of people love NoScript. It’s even better, security-wise, than uBlock Origin. However, like everything in security, there are tradeoffs. NoScript does what it says, block scrips like JavaScript because they are a major source of security problems. This is great in principle but it basically breaks every site on the Internet. Whitelisting necessary scripts to make a trusted site work, I think, is more effort than it’s worth. Choose the better option for you. For me, it’s uBlock.

Another good browser extension is HTTPS Everywhere. When a site is loaded over an unsecure connection, this extension upgrades it to a secure connection is one is available. Most severs configured by capable admins are now serving up HTTPS by default and redirecting HTTP connections to HTTPS. Finally, PrivacyBadger is good at blocking third-party tracking and browser fingerprinting. Browser fingerprinting is the ability for a site to interrogate the browser about the system it is running on. For example, which browser, is it accepting cookies, plugins installed, time zone, screen size and color depth, system fonts, language, OS and platform, touch device, and device memory. PrivacyBadger blocks sites from accessing many of these properties.

Bad sites: In August, I talked about the Pi-Hole security device. This device provides similar blocking to uBlock Origin but at the network level. Any browser plugins only add protection to sessions in that browser. It doesn’t block tracking, malware, or ads in other applications running on the PC. It doesn’t offer protection for any other device on the network such as phones, tablets, streaming, surveillance, and “smart” devices. That is where Pi-Hole comes in by blocking known bad domains at the network level. It will keep ads off smart TVs, Roku’s, and keep digital footprints to a minimum. A caveat, devices using hardcoded DNS servers (usually IoT, DNS over HTTPS) will bypass any Pi-Hole filtering. Routers that can perform NAT Redirection can re-route requests to Pi-Hole and block DOH.

If you don’t want to add a device like Pi-Hole, changing DNS servers in a home router will offer more protection. I recommend OpenDNS as a security focused DNS service. OpenDNS is free to use and enabled by simply setting Primary DNS and Secondary DNS to these IPs: 208.67.222.222 & 208.67.220.220 – does not matter which goes into primary/secondary. They do offer paid services which can categorically block sites and does require a little more setup. Another good DNS filtering service is “Quad 9” or 9.9.9.9 as the DNS server. These services block access to known infected sites made through DNS requests.

Password managers: sites do a relatively poor job of securing their user and password databases. On the other hand, users do a poor job of choosing strong passwords. We know this because of sites like Have I Been Pwned (pronounced “owned”) which search stolen password databases for associated Email addresses. Showing as ‘pwned’ on that site indicates the Email address was found in a database breach. Searching an old Email address of mine found two services I did not recognize. I suspect the data changed hands through company acquisition but, more likely, my information was sold to the highest bidder.

KeePass main window (keepass.info)

Lists are published of the most commonly used passwords from these breaches. Many are even easy to guess like 123456, password, qwerty, dragon, baseball, monkey, and letmein. A password manager will generate strong passwords and remember them so you don’t have to. In general, if you can remember passwords for services, you’re doing it wrong. It’s good to know the password for logging on to the computer and the password for your password manager. That’s about it anymore. Being able to remember passwords means they’re probably easy to guess. 55@[hg@owtWF(6eDOXR0 – is not be an easy to guess password, has lots of entropy, and would take around 1.15 thousand trillion trillion centuries to guess using one thousand guesses per second.

LastPass & KeePass will do the job of creating strong passwords and remembering (saving) them. Both of these password managers are considered best-of-breed because of their features, history of responding to issues quickly, and constantly squashing bugs. Other password managers do not have this reputation and most don’t offer adequate protection from attacks. LastPass is an online service. They have a free option but useful features will be found in the $3/month for single user and $4/mo. for families. If you don’t trust “the cloud” or want to manage your own password database(s) offline, KeePass is what you want.

Both have the ability to generate, store passwords, and save notes associated with an account. Largely they’re both available on multiple platforms in multiple browsers. LastPass apps tightly integrate many device types with their service. KeePass relies largely on the community to implement addons and create apps for platforms like Android. LastPass has nice features allowing sharing among family members or sharing banking credentials with a spouse. Another feature I like in LastPass is the ‘dark web’ monitoring and alerting for breached credentials. These alerts let you know it’s time to change that password. To retrieve stored usernames and passwords from a password manager, they’re copied and pasted from the app or automatically filled into a webpage using a browser extension.

LastPass interface (lastpass.com)

Both services require some sort of master password which MUST be remembered. LastPass gets its name from the password used to access their service as the ‘last password’ you’ll ever need. An easy way to generate such as password would be to find a famous speech, song, or lines from a movie. Take the first letter of each word, throw in some numbers, and voila! Strong master password. This method will create a password that is hard to crack but easy for you to remember. As an example, take the first line of the Gettysburg Address:

Four score and seven years ago our fathers brought forth upon this continent, a new nation, conceived in liberty, and dedicated to the proposition that all men are created equal.

Taking the first character of each word: Fsasyaofbfutc – even to the first comma is 14 characters and already on its way to being very strong. Get creative, maybe take the second or third letter of every word. Throw in some random capitalization. Then add maybe parts of an old phone number, an old address, old work address, old dorm room number, kids ages, etc. Then it becomes: FsasyaOfbfuTC219419216 – all of a sudden you have a password that takes 8.75 hundred trillion trillion centuries to guess. Sure, you’ll want to write down this password until its memorized. Destroy the written copy after it’s definitely committed to memory.

All this assumes there is no monitoring of the computer or device, no key logging, no intercepting communications, no monitoring the clipboard, etc. The strongest password does no good if it’s used on a compromised machine or used over an unsecure communication channel such as HTTP, FTP, or Telnet – which all use plain-text passwords.

Google Authenticator (play.google.com)

Should there be a situation where you can’t create a completely random password in a password manager or want to use a password that can be more easily remembered in certain situations (not your master password, that would be bad practice), use the xkpasswd generator. Inspired by an XKCD comic, it uses a method of random numbers and common words to create memorable passwords. The example they give: correcthorsebatterystaple – correct, horse, battery, staple.

Last practice I’ll mention this time around is use multifactor authentication. This is also commonly referred to as 2-factor authentication (2fa) or MFA. MFA uses more than one authentication method to validate identity. Usually consisting of something you know, a password, and something you have – a phone app or hardware token. This approach is an additional layer of authentication with the hope that miscreants don’t have access to one or more of those authentication methods. Good multifactor auth changes or rotates every time it’s used or changes after a set amount of time. Modern multifactor technology has been around for more than 15 years. Many companies are rapidly adopting it for all employees because they see value and it has proven to be a good way of keeping miscreants out of their systems. More and more services are adding two factor authentication.

Multi-factor works by going to site-I-login-to[dot]com. Enter your username and password. Usually after clicking log on, you are presented with a multi-factor prompt. Consisting of a pin that rotates frequently, clicking ‘approve’ in a mobile app, hitting a button on a hardware token, or being sent a unique code via SMS text or Email to enter into the site. A lot of services use SMS text messages and Emails. Those two should not be the primary multi-factor validation. SMS messages can be intercepted by miscreants who could have hijacked or cloned the SIM card from the carrier. If they have your password and hijacked SIM card, they might as well be you. Email is readily accessible to organizations hosting the mail server and often transmitted on the wire in the clear – though progress is being made to encrypt email messages in transit.

I like TOTP (time-based one-time password) solutions such as Google Authenticator on a phone or tablet. The password manager database is on the computer or in the cloud. The app lives on the phone, separate from the database. TOTP is an open standard, supported in nearly all services that offer multi-factor auth, doesn’t need a data connection, and isn’t stored anywhere except in a protected database on the phone. These passwords change every 30 seconds and are 6 digits long. In the case where a phone might get lost, there are “recovery” tokens that are generated at the time TOTP is configured. Where should the recovery tokens should be stored? They can be printed and stored in safe, or use your new password manager to secure them!

Scrap Value of a Hacked PC (krebsonsecurity.com)

It’s a couple years old, but Krebs on Security’s Scrap Value of a Hacked PC takes a look at all the things miscreants could do with information learned from a compromised machine. Things like hostage attacks through ransomware (encrypt files and demand payment to decrypt) and reputation hijacking of the social medias or credit scores. Brian’s site is also entertaining reading for taking a peek into the ‘dark web’ on things criminals do with stolen data and credit cards. Other useful security tools are Security Planner which walks you through creating a customized security plan based on interests and goals. PrivacyTools provides tools and knowledge for protection against mass surveillance. These steps and suggestions from known good resources will greatly improve your cyber hygrine for Cybersecurity Awareness month.

Thanks for reading and 73… de Jeff – K8JTK