Category Archives: Computing

Computing, networking, and the like. Non-Ham Radio related.

Ohio Section Journal – The Technical Coordinator – July 2021 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Tom – WB8LCD and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Tom has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

Coming soon: Windows 11. Wait, wasn’t Windows 10 the “last version of Windows?” Yes. Now, no. People interpret that statement to mean once you’ve upgrade to Windows 10, there would be free upgrades forever and you would never have to pay for another version of Windows. Microsoft: we kind of meant that but not really, it’s only “reflective” of delivery in an ongoing manner. On June 24th, Microsoft announced its next major version of the Windows operating system expected for release later in 2021.

As of this writing, no official release date has been set. Though a retirement date for Windows 10 in 2025 has been published. Retiring (or end-of-life) means after 10/14/2015, no mainstream support will be available for security updates, fixes, and enhancements. Businesses, or those paying for extended support. will likely have updates available for some time longer. The 2025 date puts Windows 10 in at over 10 years of service life, just a few months short of Windows 7’s service life. Has Windows 10 been out that long??

Microsoft is nothing, if not clear, in their statements and announcements. In Microsoft fashion, there is plenty of confusion around system requirements. Microsoft states that more than half, as much as 60%, of the PCs running Windows 10 today could not run Windows 11. I figure many systems upgraded from Win 7 to 10 will not meet the minimum requirements. Those who’ve bought a packaged PC since July 2016 should be good to upgrade and can upgrade for free. The reason for July of 2016 is when Microsoft required system integrators to include the TPM in new systems shipped after that date. TPM is used to generate cryptographic keys ensuring system integrity and security at system boot. DIY motherboards had this built in since about 2015. New PCs will see Windows 11 included as part of the entire purchase price. System builders will likely see the same prices as Windows 10, about $100 for Home and a little more for the Pro edition.

Home version of Windows 11 will require an Internet connection and a Microsoft account to complete first-time setup. If you have an account for Hotmail, Outlook, OneDrive, Office, or Xbox – you’re all set. If not, one can be created for free. Though nothing says you can’t unlink the account after setup. This connection between Windows and a Microsoft account has been used to store license information and retrieve a license should, when, a reinstall is needed. It also enables “cloud” features allowing some settings and preferences to be synced across all devices logged in with the same account. Pro versions can opt to use a Microsoft account or create a local account.

What else is new in Windows 11? “Sweeping” redesign of the user interface – to make it look more like a Mac – starting with a center aligned taskbar. A design choice aimed at touch users (tablets, Microsoft Surface devices). To be fair, GNOME has long adopted the center aligned taskbar as well as the Mac. Another start menu redesign “powered by the cloud” – which allows internet searches directly and synced documents across devices running Office 365. Microsoft Teams is directly integrated. Teams is the messaging and collaboration platform that started out as MSN Messenger and later absorbed Skype. To gain traction for the Windows Store (which no one ever went into), Windows will now be able to run Android apps natively.

Before the Microsoft announcement, a leaked build of Windows 11 appeared on the Interwebs. It appeared to be locked down to virtual machines only. Those that obtained the leaked version had significant issues installing it on bare metal. Not even an issue installing it on a virtual machine. The build might have been locked down to virtual machines for testing and demonstration purposes.

Windows 11 desktop (Wikipedia)

Since the announcement, a downloadable ISO image is still not available. There are guides how to download all the necessary files and build one yourself if you so choose to test out the preview on a real machine with a clean install. The official way is to enroll in the Insider program and do an in-place upgrade on a Windows 10 machine. This is done by signing into a Microsoft account in Windows 10, register for the Insider program online, enroll the device in the settings pane, then change Insider settings to the “Dev Channel.”

Though reviews have been initially positive about the new release, it seems very much like Windows 10 under the hood with the user interface redesign and improvements. Videos I saw had very good experiences gaming on the preview build leading more credence to it being Windows 10 underneath. If you’re like me and didn’t enjoy the user experience of having things buried, needing to do more clicks to accomplish the same/simple tasks, and ultimately moving to Linux as a result of Windows 10, this is going to be a ‘meh’ release for you as well.

On the subject of Windows. While I run Linux primarily and rag on current versions of Windows, if you are still running Windows 7 (which I am) or even XP on your machines, this is another friendly reminder to remediate, remove, or update unsupported versions of Windows. Removing would be replacing the machine or upgrade to a supported version of Windows if available. Remediate would be to remove Internet access to that device and remove its ability to access other devices on the Local Area Network by properly segmenting the device. Use of a hardware firewall appliance to block and monitor device communications is preferred. Should those options be unavailable, look to invest in a reputable service that provides patches for legacy operating systems such as 0patch (pronounced “zero patch”). 0patch Pro for Windows 7 end-of-support patching is available for 22.95 EUR +tax/computer (agent)/year, about $27 USD.

Vulnerabilities, such as PrintNightmare, will continue to be discovered. In situations such as this, emergency patches will be graciously released by Microsoft for unsupported operating systems but don’t expect this to continue. Vulnerabilities like this have always existed in affected operating systems but were only recently disclosed. PrintNightmare is a vulnerability in the Windows print driver, of all things. It allows a bad guy that has or can gain low level access to any affected Windows machine to take control of the local machine or domain controller gaining control of the entire domain. That second part regarding domains is not applicable to average users, only power users and corporations. Not to be out done by the exploit Microsoft botched the initial patch leaving systems still vulnerable. You would think a company worth $2 trillion would have the resources to fix the issue in its entirety.

Linux is not getting out unscathed this month too. I’ve talked about how I moved to Fedora and their very aggressive end-of-life cycle. Fedora 34 was released at the end of April. Typically, I’ll wait two months or so to let the bugs get sorted out in this community supported operating system. Realizing it had been three months since release, I took the dive and upgraded all my Fedora systems at once. Bad decision. I had two initial problems. My RAID array is showing individual disks in file explorer. This is a problem because it should never show individual disks. More to the point, if I accidentally write to an individual disk instead of the array because all elements are labeled the same (only the icon is different), the disk becomes out of sync with the rest of the array which would almost certainly result in data loss. The second is Redshift (shifts the screen color to red as it becomes later in the day to reduce eye strain) which keeps throwing an error at logon that all of a sudden manifested itself… from 2016. What? It’s been about an issue per day I’m discovering. Applications disappearing from the task bar is another very annoying issue. A downgrade attempt failed on the laptop which means wiping the operating system partition and re-installing Fedora 33. /home is on a separate partition meaning my files and most settings would be OK. Then praying 35 is not such a dud.

The Section is sponsoring learning and exploring sessions. Technical Specialist Jason – N8EI will be presenting one of those sessions on August 31st. Look for details in this edition or in forthcoming communications from our Section Manager. His topic is “Beyond the Baofeng: Thoughts on Equipment Choices for New Hams.” You received your license. Picked up a $20 Baofeng. Tried to reach some repeaters with it. Now what? Now comes a real station. He touches on prioritizing equipment purchases and gives recommendations on radios. It will be a good one not only for newly licensed hams but hams looking to improve their station.

Van Wert Hamfest

I’m jiddy that Hamfests are returning. I made both NOARSFest in Elyria and the Van Wert Hamfest last weekend. NOARSFest seemed like a few more were in attendance over previous years. That was the last hamfest I attended before we were sequestered to our homes so it was fitting being the first one to return. Van Wert had a perfect day for holding a hamfest – though it was quire foggy on the ride out, maybe due to the wildfires out west. Even though I attended school in the area and traveled often for work, never made it to Van Wert. Their ‘fest was one I’ve been wanting to attend for some time. Figured I would take in all that I can and support hamfests as much as I can this year seeing as all were canceled leaving clubs without that income over the last year.

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – February 2021 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Tom – WB8LCD and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Tom has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

I don’t know about anyone else, since most of us have been told to cower-in-place, my productivity has gone through the roof! Must be that 10-foot commute between the work desk and home desk, might get the sun in my eyes on my way over. Finally tacking items on the perpetual “when I have loads of free time” list.

First cleaned out my data hard drive that had become a general dumping ground for downloads, pictures, data files, abandoned projects, and all other forms of miscellaneous files. Kept telling myself ‘I’ll organize this later.’ I figure accumulation started around the time I graduated with my undergrad (2008) and really got involved with ham radio. Go figure. Downloads had grown to 2,900 files at 16 GB and the general dumping ground was around 73,000 files at 314 GB. Much of that got deleted but enough was kept for reference or sentimental reasons.

Synology NAS

After sorting, mutilating, and “organizing,” this led into another task to better utilize my NAS, or Network Attached Storage, functionality more than I currently was. NAS devices are a way to attach storage, like hard drives or SSDs, to the network for sharing data across devices on a local network or, in special cases, users on the Internet. NAS devices can be anything from a Raspberry Pi with USB hard drives attached, an old computer filled with spare hard drives running FreeNAS, to specifically designed devices from companies such as Synology, QNAP, or Asus. Many think “storage” when they think NAS because storage: it’s in the name. Consumer NAS devices offer packages that can be installed to add additional functionality commonly available through always-on devices. Functionality options such as a mail server, web server, git server, database server, docker virtualization, replication (mirroring, backup with another provider), network level authentication, VPN, IP camera DVR, chat, and document collaboration. I’m a loooong time Western Digital user. Their Red line of NAS drives are my choice, though they tried to pull some crap of quietly introducing sub-par drives (don’t use WD Red drives with “EFAX” in the model). Seagate is stepping up their game too with the IronWolf line, which is gaining popularity.

My strategy is to move files I’m not actively using on a regular basis to the NAS. These types of files would be: digital pictures, Office documents, document scans, emails, news articles, previous taxes, internet downloads, audio/video clips, newsletters, ham projects, school work and projects, old programs that aren’t updated but are still useful. Unbeknownst to me when I started, this didn’t leave a whole lot left over on my desktop data drive. Maybe in the future, I’ll move all data to the NAS.

For the remaining data left on my data drive, I still wanted to maintain a backup strategy in case something happened to those files. Anything from my own stupidity (accidental deletion, encrypted by a malware strain) to hardware failure. Previously, I used a cloud provider for remote backup but they decided to exit the consumer market. With their change in business strategy, I was using my own scripts to keep things synced from the desktop to the NAS, whenever I remembered to run them. Not great because if I deleted something with a bunch of recent changes and the last backup I had was a week or two ago, that sucks. This syncing strategy also didn’t have file versioning.

When a file is changed, the backup system preserves a new copy of the file but keeps previous versions in case you wanted to go back in time to an earlier version. Real-world example: a computer becomes infected with a malware strain that encrypts all pictures and documents. A backup solution will still make a backup copy of the newly encrypted file, because it doesn’t know its user or user on the network did something stupid. Saving previous versions means you can recover the unencrypted version without paying Mr. Bad Guy’s ransom.

Syncthing web interface (wikipedia.org)

I tried solutions like rsnapshot but had serious issues getting systemd timers (supposed to replace cron, yeah, we’ll see) to work with persistence and waiting until the NAS was mounted before taking a snapshot. That was abandoned after a few months. I heard about Syncthing on a podcast. It met my requirements and more! It’s quite an amazing piece of free and open-source technology. I could run an instance on my NAS (or any computer), attach devices, those devices send file changes in real time, and the software takes care of preserving previous versions. “More” came in the form of Syncthing being available on every platform I use. Supported are: source code for manual compiling, Linux (many distributions and processor architectures), Windows, macOS, *BSD, and Solaris. There is an Android client allowing me to backup my phone to my NAS. Syncthing is exactly what I needed since I have some Windows machines (like the shack PC).

A couple warnings about Syncthing. Getting started will seem overwhelming with options and what they mean. Look at good tutorials and in the forums where there are lot of users willing to help. Even more important: Syncthing IS NOT a backup tool. Wait, you said you are using it as a backup tool! I’m syncing file changes to my NAS. Backup comes in the form of making images of the NAS drive and storing those off-site. Also acceptable is using a cloud backup service to backup the NAS off-site. Both are acceptable uses of Syncthing as a “backup” solution.

Another thing on the “to do when I have tons of free time” was digitize VHS tapes. In December & beginning of January, I was on a mission to digitize my high school and college video tapes as well as family home videos. Close to 100 tapes in total. Those that are not familiar with my broadcast television past, I was involved with WHBS-TV in high school, a local cable access station. Schools from across the county came to visit us because we were doing 7 camera shoots with replay for all football games, 5 camera shoots for basketball, and competing in college level categories for regional Emmy awards. Worked at WBGU-TV in college. Did a ton of cool stuff including weekly productions for Fox Sports Ohio, a program that was distributed internationally, and lots of remote shoots in different parts of the state, to name a few. This was all before over-the-air digital was a thing. I recorded a lot of stuff on VHS tapes over those years and, of course, wanted to preserve them.

Most say “put it on DVD.” Like it or not, we’re being pushed to a streaming society so companies can control when and how you view content. Not only is physical media dead, but you now have to take care of, and store, a bunch of DVDs. There are services allowing you to roll-your-own streaming service, where you to make your own content library. There would be a server on your network containing your music, videos, TV shows, home movies, etc. making it accessible to smart TVs, streaming devices like Roku or Fire Stick, smart phones, tablets, or any modern web browser.

Plex media center (plex.tx)

I used a Hauppauge USB capture device to digitize VHS tapes played from a VCR. VideoReDo to fix errors in the data stream (some players have issues playing video streams with data errors) and cut recordings into smaller files. HandBrake to encode the video and Plex Media Server to make the video available to devices. Plex server runs on, you guessed it, the NAS! I’m glossing over how to use Plex, organize files, and produce files optimal for streaming as there are many support articles and forum posts covering these topics on the Plex or any other similar service’s site.

Reading up on recommended practices to digitize VHS tapes, VCRs with newer Time-Based Correctors (TBC) were recommended. Looking online, those were $400 or more. Since it’s likely these videos will be watched a handful of times, I decided to forgo more expensive VCR options. TBC can correct timing issues, making 1 second = 1 second, not longer due to tape stretching. It aims to correct visual image jitter and “wiggling.” I did see those artifacts and re-recorded if the video was bad enough. The Hauppauge device captures video at about 13 mbps (2 hr is about 13 GB). “Lossless” 25 mpbs capture devices were recommended. Do you remember the quality of a VHS tape? Lossless is not going to lose much VHS quality! All tapes digitized weighed in at about 1 TB of storage. Sounds like a lot. Though, 4 TB drives are under $140.

Watching college videos from 2004 as they were being digitized, I came across one of the shows and said ‘that guy looks familiar.’ It was two shows on school funding in the state of Ohio. Our previous section SGL Nick Pittner – K8NAP was one of the guests. I happen to be working camera in the WBGU studio for that show and Nick was in Columbus coming in via satellite. Emailed Nick some screen grabs. He remembered the show, hosts, other guest, and said they are still fighting the same fight after the better part of two decades later. Sometimes you never know who you’re working with!

On a commute a little longer than 10 feet, I’m planning to be in person at the Portage County Amateur Radio Service (PCARS) meeting coming up March 8th. Meeting topic will be VoIP modes (Voice over IP), both analog and digital, and the DVMIS. Hope to see everyone. There should be a Zoom link posted on their site if you would like to attend virtually.

Mike Baxter, KA0XTT, played by Tim Allen (arrl.org)

Speaking of the DVMIS, the Last Man Standing Amateur Radio Club – KA6LMS is sponsoring a special event starting at 00:00 UTC on March 24, 2021 and end at 23:59 UTC on March 30, 2021. This coincides with the last day of shooting for the show which is concluding its long, successful run. This event is going to be a multi-band, multi-mode, special event celebrating the show for its portrayal of amateur radio. AmateurLogic.TV is planning a net for March 27 from about 7 pm – 1 am eastern and the net will be carried on my system! I’m honored to be part of this event as Last Man Standing is one of my favorite shows. Mark your calendars and check the KA6LMS QRZ page for details!

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – October 2020 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

October is associated with a number of things: apple cider, fall weather, foliage displays, pumpkins, and Halloween costumes. One thing that might be gruesome, like some Halloween costumes, is most people’s cyber hygiene. Cyber hygiene relates to practices and precautions users take to keep their data safe and secure from outside attacks. October, in addition to the above, is Cybersecurity Awareness Month. It is a way to raise awareness about the importance of cybersecurity and give everyone resources to be more secure online.

uBlock Origin on mlb.com

First up, web browser. This is the portal and gateway to modern computing. A browser should be current, supported, and one that is updated. Current web browsers are ones like Chrome, Firefox, Microsoft Edge, and Opera. These are constantly being updated to support newer technologies, protect users, and eliminate known vulnerabilities. Don’t use a camera, microphone, or other accessories during browsing interactions? Disable access to them in the browser’s options. I’m not sure the last time I used a MIDI interface. Disabling it hasn’t affected my browsing in Chrome.

Browser extensions (or plugins): Limit the number of installed extensions and make sure they are also current and being updated. The one extension I have on every browser I use, including at work, is uBlock Origin. It is an excellent ad-blocker and does it very effectively. Additional features include ability to block other sources of vulnerabilities, such as scripts, large media items, like videos, and known bad domains. A lot of people love NoScript. It’s even better, security-wise, than uBlock Origin. However, like everything in security, there are tradeoffs. NoScript does what it says, block scrips like JavaScript because they are a major source of security problems. This is great in principle but it basically breaks every site on the Internet. Whitelisting necessary scripts to make a trusted site work, I think, is more effort than it’s worth. Choose the better option for you. For me, it’s uBlock.

Another good browser extension is HTTPS Everywhere. When a site is loaded over an unsecure connection, this extension upgrades it to a secure connection is one is available. Most severs configured by capable admins are now serving up HTTPS by default and redirecting HTTP connections to HTTPS. Finally, PrivacyBadger is good at blocking third-party tracking and browser fingerprinting. Browser fingerprinting is the ability for a site to interrogate the browser about the system it is running on. For example, which browser, is it accepting cookies, plugins installed, time zone, screen size and color depth, system fonts, language, OS and platform, touch device, and device memory. PrivacyBadger blocks sites from accessing many of these properties.

Bad sites: In August, I talked about the Pi-Hole security device. This device provides similar blocking to uBlock Origin but at the network level. Any browser plugins only add protection to sessions in that browser. It doesn’t block tracking, malware, or ads in other applications running on the PC. It doesn’t offer protection for any other device on the network such as phones, tablets, streaming, surveillance, and “smart” devices. That is where Pi-Hole comes in by blocking known bad domains at the network level. It will keep ads off smart TVs, Roku’s, and keep digital footprints to a minimum. A caveat, devices using hardcoded DNS servers (usually IoT, DNS over HTTPS) will bypass any Pi-Hole filtering. Routers that can perform NAT Redirection can re-route requests to Pi-Hole and block DOH.

If you don’t want to add a device like Pi-Hole, changing DNS servers in a home router will offer more protection. I recommend OpenDNS as a security focused DNS service. OpenDNS is free to use and enabled by simply setting Primary DNS and Secondary DNS to these IPs: 208.67.222.222 & 208.67.220.220 – does not matter which goes into primary/secondary. They do offer paid services which can categorically block sites and does require a little more setup. Another good DNS filtering service is “Quad 9” or 9.9.9.9 as the DNS server. These services block access to known infected sites made through DNS requests.

Password managers: sites do a relatively poor job of securing their user and password databases. On the other hand, users do a poor job of choosing strong passwords. We know this because of sites like Have I Been Pwned (pronounced “owned”) which search stolen password databases for associated Email addresses. Showing as ‘pwned’ on that site indicates the Email address was found in a database breach. Searching an old Email address of mine found two services I did not recognize. I suspect the data changed hands through company acquisition but, more likely, my information was sold to the highest bidder.

KeePass main window (keepass.info)

Lists are published of the most commonly used passwords from these breaches. Many are even easy to guess like 123456, password, qwerty, dragon, baseball, monkey, and letmein. A password manager will generate strong passwords and remember them so you don’t have to. In general, if you can remember passwords for services, you’re doing it wrong. It’s good to know the password for logging on to the computer and the password for your password manager. That’s about it anymore. Being able to remember passwords means they’re probably easy to guess. 55@[hg@owtWF(6eDOXR0 – is not be an easy to guess password, has lots of entropy, and would take around 1.15 thousand trillion trillion centuries to guess using one thousand guesses per second.

LastPass & KeePass will do the job of creating strong passwords and remembering (saving) them. Both of these password managers are considered best-of-breed because of their features, history of responding to issues quickly, and constantly squashing bugs. Other password managers do not have this reputation and most don’t offer adequate protection from attacks. LastPass is an online service. They have a free option but useful features will be found in the $3/month for single user and $4/mo. for families. If you don’t trust “the cloud” or want to manage your own password database(s) offline, KeePass is what you want.

Both have the ability to generate, store passwords, and save notes associated with an account. Largely they’re both available on multiple platforms in multiple browsers. LastPass apps tightly integrate many device types with their service. KeePass relies largely on the community to implement addons and create apps for platforms like Android. LastPass has nice features allowing sharing among family members or sharing banking credentials with a spouse. Another feature I like in LastPass is the ‘dark web’ monitoring and alerting for breached credentials. These alerts let you know it’s time to change that password. To retrieve stored usernames and passwords from a password manager, they’re copied and pasted from the app or automatically filled into a webpage using a browser extension.

LastPass interface (lastpass.com)

Both services require some sort of master password which MUST be remembered. LastPass gets its name from the password used to access their service as the ‘last password’ you’ll ever need. An easy way to generate such as password would be to find a famous speech, song, or lines from a movie. Take the first letter of each word, throw in some numbers, and voila! Strong master password. This method will create a password that is hard to crack but easy for you to remember. As an example, take the first line of the Gettysburg Address:

Four score and seven years ago our fathers brought forth upon this continent, a new nation, conceived in liberty, and dedicated to the proposition that all men are created equal.

Taking the first character of each word: Fsasyaofbfutc – even to the first comma is 14 characters and already on its way to being very strong. Get creative, maybe take the second or third letter of every word. Throw in some random capitalization. Then add maybe parts of an old phone number, an old address, old work address, old dorm room number, kids ages, etc. Then it becomes: FsasyaOfbfuTC219419216 – all of a sudden you have a password that takes 8.75 hundred trillion trillion centuries to guess. Sure, you’ll want to write down this password until its memorized. Destroy the written copy after it’s definitely committed to memory.

All this assumes there is no monitoring of the computer or device, no key logging, no intercepting communications, no monitoring the clipboard, etc. The strongest password does no good if it’s used on a compromised machine or used over an unsecure communication channel such as HTTP, FTP, or Telnet – which all use plain-text passwords.

Google Authenticator (play.google.com)

Should there be a situation where you can’t create a completely random password in a password manager or want to use a password that can be more easily remembered in certain situations (not your master password, that would be bad practice), use the xkpasswd generator. Inspired by an XKCD comic, it uses a method of random numbers and common words to create memorable passwords. The example they give: correcthorsebatterystaple – correct, horse, battery, staple.

Last practice I’ll mention this time around is use multifactor authentication. This is also commonly referred to as 2-factor authentication (2fa) or MFA. MFA uses more than one authentication method to validate identity. Usually consisting of something you know, a password, and something you have – a phone app or hardware token. This approach is an additional layer of authentication with the hope that miscreants don’t have access to one or more of those authentication methods. Good multifactor auth changes or rotates every time it’s used or changes after a set amount of time. Modern multifactor technology has been around for more than 15 years. Many companies are rapidly adopting it for all employees because they see value and it has proven to be a good way of keeping miscreants out of their systems. More and more services are adding two factor authentication.

Multi-factor works by going to site-I-login-to[dot]com. Enter your username and password. Usually after clicking log on, you are presented with a multi-factor prompt. Consisting of a pin that rotates frequently, clicking ‘approve’ in a mobile app, hitting a button on a hardware token, or being sent a unique code via SMS text or Email to enter into the site. A lot of services use SMS text messages and Emails. Those two should not be the primary multi-factor validation. SMS messages can be intercepted by miscreants who could have hijacked or cloned the SIM card from the carrier. If they have your password and hijacked SIM card, they might as well be you. Email is readily accessible to organizations hosting the mail server and often transmitted on the wire in the clear – though progress is being made to encrypt email messages in transit.

I like TOTP (time-based one-time password) solutions such as Google Authenticator on a phone or tablet. The password manager database is on the computer or in the cloud. The app lives on the phone, separate from the database. TOTP is an open standard, supported in nearly all services that offer multi-factor auth, doesn’t need a data connection, and isn’t stored anywhere except in a protected database on the phone. These passwords change every 30 seconds and are 6 digits long. In the case where a phone might get lost, there are “recovery” tokens that are generated at the time TOTP is configured. Where should the recovery tokens should be stored? They can be printed and stored in safe, or use your new password manager to secure them!

Scrap Value of a Hacked PC (krebsonsecurity.com)

It’s a couple years old, but Krebs on Security’s Scrap Value of a Hacked PC takes a look at all the things miscreants could do with information learned from a compromised machine. Things like hostage attacks through ransomware (encrypt files and demand payment to decrypt) and reputation hijacking of the social medias or credit scores. Brian’s site is also entertaining reading for taking a peek into the ‘dark web’ on things criminals do with stolen data and credit cards. Other useful security tools are Security Planner which walks you through creating a customized security plan based on interests and goals. PrivacyTools provides tools and knowledge for protection against mass surveillance. These steps and suggestions from known good resources will greatly improve your cyber hygrine for Cybersecurity Awareness month.

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – September 2020 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

On this month’s edition of “Pi Talk” – just when you thought I couldn’t talk about Pi anymore! I received a question from Chet – K8KIZ who has a laptop used for station operation. He wanted to replace it with a Raspberry Pi. In searching, he found way too many choices and wanted help to set him on the right path. This might be a question that others have or one they are considering. He soon found out it was a lot more complicated than originally thought.

Over the past number of years, I’ve done a lot of integration work which involves making one system or application talk to or replace another. It frequently involves bridging communications with other services such as databases or API’s (application programming interface) and facilitating data flow between them. Sales, Account Managers, and System Engineers for the new vendor will always throw around buzzwords and catch phrases – “setup and integration are easy and seamless,” “automated,” “zero configuration,” “drop-in replacement,” “pays for itself in three days” (not really), “reduce costs.” List goes on and on. It is never any of those things.

They have absolutely no idea about your environment, how involved, and how costly it will be to utilize their services. They just want you to buy them. Soon after comes the nickel-and-dimming: “you want to process how much data? That’s an extra couple thousand dollars” or “that doesn’t come with the license you purchased, that will cost you an extra-large-number with many 0’s!” Internal business units do this too. They weren’t prepared or made it seem like they are in position to handle a situation and were not. Feature requests take an extraordinarily long time to implement or claims of not having enough man-power soon follow.

The FCC is in a situation similar to this or they’re making it seem like they are: ‘oh, our licensing process is all digital and we can eliminate that pesky licensing fee!’ And the peasants rejoice. Reading the latest news about the FCC wanting to reinstate license service fees, “…we propose a nominal application fee of $50 due to automating the processes, routine ULS maintenance, and limited instances where staff input is required.” Wait, isn’t that why they went digital to reduce these costs? Someone sold them a bill-of-goods that didn’t actually reduce their costs or they’re looking to recoup costs elsewhere.

Not wanting the same thing to happen to Chet, where the alternative didn’t actually improve his situation, I took the approach of having him think about his station. What does he use his station for and what he would consider “a success” of replacing his laptop with a Raspberry Pi? Anytime anyone is looking to replace X with Y, an evaluation of this nature. What is X used for and are the pros/cons of Y sustainable?

In Chet’s case, replacing a laptop used for ham radio with a Raspberry Pi, he would need to consider things such as:

  • Is the current laptop setup Windows or Linux?
  • If it’s Windows, would he want to climb the Linux learning curve?
  • Is he using any software apps that are Windows only? Examples would be: RT Systems programmers, Ham Radio Deluxe, N3FJP logging, SmartSDR, N1MM, Wires-X, etc., etc.
  • Can those Windows only apps be replaced by Linux apps – and are those Linux apps equally as good?
  • Does he have any hardware requirements (like multiple serial or parallel ports)? The Pi has UART via GPIO pins but two or more serial ports require USB-to-Serial converters.
  • How many USB ports are required? Pi’s only have 4. 2 ports would be taken up by using a wired keyboard and mouse.
  • Do all of his hardware devices and interfaces work in Linux? These would be things like radio programming, control (CI-V) or firmware flashing, audio mixers and audio interfaces.

This is not an all-inclusive list especially since I didn’t know anything about his station – though I seem to remember he was into Vibroplex CW key tuning and repair from a local hamfest. I thought through scenarios that might apply to the majority of HF operators and came up with that list.

G4DPZ running GPredict on a Pi (amsat-uk.org)

Some Windows programs can be run under Linux using a compatibility layer program such as WINE or run virtual machines (VMs). That would contribute to the Linux learning curve. Raspberry Pi isn’t powerful enough today to run VMs. VMs or hypervisors maybe an option for some Linux desktop/laptop situations.

Instead of wired keyboards and mice, Bluetooth devices could be a replacement option but are more costly. Wired is preferred to wireless for reducing interference problems. Built-in antennas for Bluetooth or Wi-Fi aren’t going to be as good as laptop antennas. Additionally, monitors without HDMI or mini-HDMI connectors will need adapters, cables, or outright replaced if it doesn’t have compatible connectors. USB hubs are an option for expanding the number of USB ports. I have yet to find a USB hub that is problem free. They don’t work well with some operating systems, attached devices do not fare well with temporary connection interruptions, and they tend to break down after a short time.

Best way to track these considerations and more is to make a list. Start by looking at all connections to the existing laptop, both physical and virtual (like with an SDR). Include any software used during operating (radio control, prediction modeling, packet, digital, etc.). Programming radios? Those tend to be Windows (or DOS) programs along with firmware updaters. If using a Raspberry Pi is still desired, another Windows machine will be needed for programming and firmware updates. Include all of these in the list and evaluate solutions on the Raspberry Pi or Linux platform for alternatives that meet the requirements. Consider splitting non-supported, but essential, functionality to another Windows machine.

Another way to approach evaluation would be to operate with a new “Pi” system, hands-on, but keeping the old system up-and-running nearby. The old system would be used as a reference for program settings, coping or migrating data files (such as export from one and import to the other), and a comparison point when evaluating Linux programs.

Lastly, completely ditching the previous system and entirely starting from scratch is an option. This type of evaluation style is more draconian by ripping and replacing. Most people have their own operating style and rarely want to deviate from their ritual. Rip-and-replace might be needed if they’re fed up with a current setup and want to start over with something else. The operator, in this case, would not care about migrating previous data, starting out anew, and take whatever options are offered by a different platform.

Raspberry Pi 3 projects for Ham Radio with 7-inch touchscreen (qrznow.com)

To future proof, I’d recommend going with the latest version of the Pi. Currently, that would be a Raspberry Pi 4 Model B with at least 4GB RAM ($60), 8GB ($90) if able to spring for the extra RAM. Quality of the power supply and SD card plays a role in stability as I talked about in July. Data corruption possibility is still not zero. Even on a desktop PC. Corruption seems to be more prevalent on Pi’s, likely because of cheap components chosen by the user.

I strongly recommend making frequent data backups. This applies to any system. There should be 3 copies of data: the local copy (on the Pi), another copy on a storage device like a USB Hard Drive or Network Attached Storage (NAS). A third copy, off-site, located at a friend’s house, relative’s house, or a work location. Another off-site storage location would be cloud storage or backup service provider. Think about where you would be if you lost those LOTW logs, FT8 contacts, SSTV images, or Winlink messages. This strategy is known as the 3-2-1 backup strategy and should be used for ANY important data. 3 copies of data, 2 on different medium, and 1 copy off-site.

Starting out, I would consider the “Ham Pi” or “Build a Pi” projects I discussed in August initially. “Ham Pi” has just about every Linux ham radio application pre-installed. That would allow an operator to try different programs, find one that suits their needs or one they prefer. “Build a Pi” can be a little more tailored to operating style. You can also get down and dirty by compiling programs from source, depending on Linux experience or desire to tinker with Linux.

That just about covers broad considerations. Chet realized this was a larger undertaking than finding a plug-and-play option. He appreciated the analysis of the issues at hand. I hope he is able to find a working solution to replace his station laptop. When considering major overhauls such as this, know that for most people, it’s a little more complex and involved than most realize.

A quick note about Winlink. The WINMOR protocol has been deprecated systemwide and will soon be removed from the client software application. First introduced by Rick – KN6KB in 2008, it was the first ‘sound card’ mode offered by Winlink as an alternative to modem hardware needed at the time. Rick and the Winlink Team have moved on to developing robust and speedier protocols such as Amateur Radio Digital Open Protocol (ARDOP) and VERA HF. RMS gateways will only support ARDOP, VARA HF, and Pactor 3 or 4 (where applicable) near term. If you are still using WINMOR, it’s likely been hard to find gateways that support the protocol because sysops have been asked to remove in favor of the other modes. WINMOR had a great run and was the mode I used when I first got on Winlink.

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – August 2020 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

My article last month covered Raspberry Pi and problems users have experienced with the Pi 4 since its release last year. I gave some tips for keeping your Pi running like a top including choosing better power components, SD cards, and having the Pi run cooler despite higher idle temperatures. This month will cover recent projects you can make with the Raspberry Pi to learn about the device, computer programming, or Linux.

Ham Pi – formally the “W3DJS Raspberry Pi for Ham Radio image” is an operating system for the Raspberry Pi with over 80 ham radio applications pre-installed – which include digital modes, APRS clients, antenna programs, SDR, Morse Code, radio programming, and more. Dave wanted to have a Pi image loaded with any ham radio software application he might ever want to use. He initially shared it with a few club members and soon realized there was demand when his image had over 8,000 downloads. Since then, the build process is automated using an Ansible playbook. The playbook is also available on his github which is useful if you want to learn a provisioning technology or build your own customized version. A long time ago, I wrote instructions that just compiled Fldigi and Flmsg on a Pi2 for a go-box. Ham Pi is a definite must for anyone that has a Pi already in their go-box or wants to add one to an existing box.

Build a Pi – wanting a way to have ham radio applications installed on a Pi, Jason – KM4ACK wrote a script that does just that. Having many issues with the first couple implementations, which were mostly copy-and-paste installs, it was not flexible enough to update applications once installed. Version 3 includes an automated way of installing and configuring both ham radio applications and the operating system on a fresh Raspberry Pi OS installation. Differing from Ham Pi in that a stock Raspberry Pi OS download can be used, the user can also pick-and-choose which applications they want to install. A quick tutorial video is available.

Rig Pi Station Server – is a Raspberry Pi that controls your station and on-air activities. With a Station Server install and web browser or smartphone app, you can control a radio, rotor, use CW, operate digital modes, look for spots, and even upload your log. If you don’t want to spend much time learning about the Pi or Linux with the above projects, this is the way to get on the air remotely as quickly as possible. Hackaday did a review on the Rig Pi Remote Server.

“Rig Pi” may sound familiar because it was picked up and packaged by MFJ as the 1234 with a Pi and audio interface HAT. Before I receive complains (I’ve already seen them online), you can download the help and schematics as well as any of the software on the github repository absolutely free. Rig Pi is open-source. Not only that but no one needs to buy the commercial package. It can be installed yourself. People that complain about “selling” open-source projects really don’t understand how that typically works. It is common practice to release an enterprise grade software application as FOSS (free and open-source). A company/individual/whomever will make money on their application by selling licenses, services, or hardware. Same concept here. Assuming the license allows it, a vendor can package the program as part of a device. I’m going to assume the developer is getting a cut or donation as part of MFJ’s sales (but I don’t know this) as the product is promoted on the project page.

Pi-Star – create a digital hotspot or repeater with a Pi and transmitter. Providing complex services and easy configuration via a web interface, Pi-Star solved the problem of fragmentation when different hotspot boards all had their own Pi image. Most didn’t work well if at all. Pi-Star solved that problem by providing an easy to use interface for the beginner and allowing a tinkerer to dig deep into settings. Using the MMDVM suite from G4KLX, it can operate DMR, D-STAR, NXDN, P25, and System Fusion (depending on modem) and use many different protocols. This software is packaged and sold with different hotspot devices such as the ZUMSpot. Another example of software being packaged with hardware and sold commercially.

Ultimate Raspberry Pi Build

Ultimate Raspberry Pi Build – Julian – OH8STN from Finland covers topics related to off-the-grid and grid-down operating. He brings us an excellent instructional video on making a very portable QRP digital station using a Raspberry Pi. He set out to build a smaller and, in turn, much more portable setup than is available commercially with other devices. This video details hardware mods, HAT options, and software needed to operate digital, off-grid, from anywhere.

PiClock

Pi Clocks – a couple of clock projects are available depending on your level of interest. The first one is created by Kevin – N0BEL. It’s not a project specifically for Hams rather for anyone interested in making a nice weather display. His PiClock is a clock (“duh” – as he says) with weather forecast and radar map display. Though it could be used in the shack, it is better suited for a common area in the house, such as the kitchen, with an HDMI monitor. Everyone likes weather information. Emile – KE5QKR from Amateur Logic did a PiClock tutorial.

HamClock project – from Elwood – WB0OEW is geared toward the ham shack. It has clock (again, duh), current temperature and weather conditions, solar conditions, VOCAP predictions, satellites, DX spots and daylight map. His project can be built on any UNIX-like operating system including the Raspberry Pi. It cannot run naively on Windows but can run on a Unix system and displayed on Windows using X server forwarding. This has the appearance of a regular Windows application. Tommy – N5ZNO of Amateur Logic did a segment on setting up the HamClock.

Open Repeater – I lost track of this project. I first heard about it back in 2014 when they didn’t yet have a domain name for the project. Goal is to create an open-source and simple to use repeater controller. Utilized for high-profile repeaters or basic simplex nodes, the software walks the user through setting up a repeater controller. Owners can have traditional Morse IDs or create longer messages at every hour via audio recordings. Having SVXLink at the core allows seamless integration with VoIP modes like Echolink. Additional modules can be added to the core package providing more functionality.

Pi-Hole – not specifically Ham Radio related but a fantastic network appliance. DL6ER, a ham radio operator in Germany, is a Developer and Administrator for the project. Pi-Hole acts as a Domain Name System (DNS) sinkhole (returning a fake value) which blocks devices on a home network from accessing ad sites, trackers, or other malicious websites. Though originally intended for Raspberry Pi devices, it has been expanded to include any Linux operating system or docker container. It doesn’t filter bandwidth or inspect network traffic. The Pi-Hole acts as the DNS server for a home network instead of your ISP. DNS is referred to as the “phone book” of the Internet by looking up names such as arrl-ohio.org and returning the IP address in order for a network device to access the server hosting the Ohio Section website. When a request for a blacklisted website (such as some-malicious-website[dot]com) is requested, Pi-Hole intercepts and returns a different IP address so the access request will never reach the Internet. This is better compared to a web browser plug-in because Pi-Hole is inspecting DNS requests for all network devices.

Pi-Hole Dashboard (Wikipedia)

It’s great to block trackers and ad sites in theory, keeps digital footprints to a minimum and reduces the chance of fraud through scareware-type tactics. In practice, it often blocks couponing and deal websites as well as promotional email links from a favorite restaurant. Those emails are coded to tell the sender which links a recipient clicked and can be used to measure the effectiveness of an advertising campaign. Whitelist exceptions can be granted though the very nice web interface when legitimate sites are blocked. I have a similar application running on my network. After I received complaints about sites being blocked (but they wouldn’t tell me when there were problems to create exceptions), I disabled this blocking all together, effectively opening up the Internet. Within 10 minutes I was asked to turn it back on as pop-up ads immediately started to appear stating ‘your computer is INFECTED.’ Scared the, uh, stuff out of some. Other issues involve in-home advertising and monitoring devices, like Alexa, which freak out when the device can’t reach its severs. These devices flood the local network with hundreds of DNS requests per second. Smart TVs and Rokus often have similar problems when they can’t reach their servers to track what is being watched. Data feeds containing bad sites are aggregated for free, so you get what you pay for. Sites are frequently categorized as bad when they really aren’t. Some are legitimate services. Blocking these sites could cause undesired behavior, for example, using a favorite streaming TV service where you may receive errors.

Windows 10/desktop replacement – with the power and speed of the Raspberry Pi 4, many are finding ways to install traditional operating systems. Windows 10, in its many flavors, has an IoT stripped down version for devices like the Pi. The guide at Tom’s Hardware shows how to get the full desktop version of Windows 10 running on the Pi. It’s a little sluggish and not for the faint of heart but if you screw up, just start over.

There are plenty more ham radio and non-ham projects to do on a Raspberry Pi. Applications listed in the first couple projects can be installed standalone for single use setups such as a Slow Scan TV (SSTV) receiver when the International Space Station is sending images. A friend in Toledo recently used my instructions to setup an APRS RX Igate. DL1GKK’s site has instructions on installing ham radio applications as well. Raspberry Connect contains a list of ham radio applications that can be installed through the apt package manager which simplifies installation. There is no shortage of things to make on a Raspberry Pi.

Grant Imahara (Wikipedia)

News missed my article last month, but I wanted to mention the passing of Grant Imahara at 49 years old due to a brain aneurysm. Most probably never heard the name but have undoubtedly seen his work. Not a ham radio licensee that anyone can find, Grant was an electronics genius and maker in the truest sense of the word. Landing jobs at ILM (Industrial Light and Magic), the George Lucas special effects company, he modernized R2D2. He was one of three official domestic operators of the droid for the Star Wars movies. His special effects movie credits also include The Lost World: Jurassic Park, Terminator 3, and Matrix movies. Grant also competed on BattleBots where his robot was often highly ranked. The robotic sidekick on “The Late Late Show with Craig Ferguson” was also Grant’s creation. He was a designer for the animatronic Energizer Bunny seen in commercials. Joining MythBusters in 2005 is where I picked up his career in front of the camera during my college years. The program took on myths, legends, and Hollywood lure to see if they translated to real-life – oh, and they liked to blow stuff up. Grant not only provided technical expertise but participated in experiments and designed machines to take the place of a person for myths that were too dangerous. A tragic loss and he will be missed.

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – May 2020 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

Well, this stay at home thing seems to have run its course – beginning week 11 soon. Unless you’ve been under a rock, you know by now Dayton Hamvention was canceled this year. First time ever in its history. Weekend events that had the resources were virtualized such as Contest University. Some vendors and manufactures ran Dayton specials regardless of the lack of a physical showing. Technical Specialist Bob – K8MD pointed out that one of the retailers ran a special on D-STAR repeater components for $299 apiece. That meant a full stack (controller, 2m voice, 440 voice, 1.2G voice, and 1.2G data) could be purchased for about $1,500. Wow. Just ONE of those items cost about that much retail. Is ICOM feeling the pressure from the Yaesu repeater giveaway, DMR, or is D-STAR II around the corner? Hmmm…

Unfortunately, I’m starting to see on-the-air happenings return to previous levels. I guess that means people are returning to work, going out more, and returning to their normal. For me, I knew early on I wanted to utilize the hunker-in-place order to knock out some long-standing projects and “to-dos” of mine. Others had the same idea.

Among my list of annoying issues was a problem with one of my Fedora systems. As I’ve written about in the past, I made the switch to Fedora Linux as the primary operating system on my desktop and laptop. Fedora is a cutting-edge operating system and employs a very aggressive release and end-of-life schedule. The project releases a new version twice a year in April and October. When a new version drops, they mark the version two behind it as end-of-life. Fedora 30 released in April of 2019 means Fedora 28 went end-of-life one month after that date, May 2019. No bug fixes, no package updates, no security enhancements. And everyone complains about Microsoft ending life of a 10-year-old OS. Well, I knew what I was getting into.

Fedora 31 released at the end of October, 2019. I usually wait 2-3 months for the major problems to be ironed out and updates made available before I upgrade. When I tried to update to 31, I ran into a problem. Using the Fedora 31 Live CD or doing the automatic upgrade, the boot process would hang on this line:

A start job is running for Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling

This process neither finished loading nor failed to load after any amount of time. Off to the Internet I went. Searching “Fedora 31” and the message above brought me to a couple bug reports and forum posts about the same message. Unfortunately, none of the suggestions got me past this problem. Due to life and other responsibilities, I put it aside secretly hoping Fedora 32 would have fixed my problem, saying I would upgrade from 30 to 32. I saw Fedora 32 beta was available (now a full release) and downloaded the Live CD. Problem still existed. Darn!

Since this occurred during the boot process of both the Live CD and after upgrading a previous installation, I couldn’t look or pull stored logs easily to see if those provided any clues as to why the process was hanging. Live CD images are the lifeline go-to when the installed OS on the hard drive wont boot. In addition to installing the OS, they are used as a rescue method to repair a borked install. I couldn’t get the Live CD to boot so I was in trouble if this system ever became unbootable because I’ve never *cough* have done something that *cough* *cough* caused my system to become unbootable…

Storage server supporting RAID (Wikipedia)

The forum post above gave me a clue and I started exploring this as being an issue with my RAID array. RAID stands for Redundant Array of Inexpensive (or Independent) Disks. It’s a technology that combines multiple physical disks into logical units for redundancy, performance, or both. I tried messing around in the BIOS disabling other arrays, that didn’t work. I thought maybe something in the RAID information written to the disk was causing a problem. Backed up everything on the array and deleted it. Deleting a RAID array destroys all data on those disks!! When I recreated the array, the Fedora 31 Live CD booted! Problem solved!!? Yeah, no. It would boot successfully once then hang on subsequent reboots or after being installed to the hard drive.

After screwing around with it even more, I finally searched “Fedora 31 Intel RAID array LVM2 dmeventd” and found this bug report and how to work around the exact issue I was having. Whoo Hoo! Problem solved, well workaround provided. It took a while to get there. Simply searching a message, error, or problem may not return the most relevant search results for your issue. You might have to dig at it a bit by gathering other information to determine the real reason or peel back the right layer to discover the correct answer.

Work around involved masking the lvm2-lvmpolld.service via kernel load parameters and at the command line after install. Masking creates a link to the Linux blackhole /dev/null device so the service cannot be started by systemd or dependencies. The service is a polling system for the Logical Volume Manager (LVM). After all that, I was finally able to get Fedora upgraded to 31! Just in time as version 30 was about to go EOL. I noticed the data consistency validation scan no longer automatically occurs on the arrays, which is likely related to disabling the service. I initiate it manually every couple of weeks. The problem of not being able to boot has an active bug report that’s assigned. Hopefully gets attention from a developer and fixed.

Windows 7 Users: Take Heed

Broken Windows (Krebs on Security)

It’s become more imperative that you move to another operating system like Windows 10, Linux, or utilize a 3rd party patching service like 0patch. Unlike Windows XP’s end-of-life, there were not too many critical issues shortly after EOL. Microsoft did release patches for ‘really bad’ issues. XP, and any OS, always have an unknown number of undiscovered security problems. We were not so fortunate to run with Windows 7 as long without discovering major problems. There have been a number of significant critical issues each month since Windows 7 went EOL that affect Windows 7, 8, and 10, for which Microsoft has not (and likely will not) patch Windows 7.

My February OSJ article has information about how issues can affect ‘all versions of Windows’ and information on 0patch. March OSJ article covers upgrading to Windows 10 for free and check my Linux information article for choosing a Linux distribution. A reader previously tried to argue that exploits resided in browsers. Since the last official update for Windows 7 in January, these critical exploits are largely operating system based: ActiveX, Windows Installer, Graphics Interface, font rendering, and shortcut handling (.lnk files) with many being 0-day, meaning they are actively exploited in the wild. Could be a result of someone that has physical access to the machine, an application the user thinks are legitimate or an app that comes bundled with crapware/malware, or polled by an infected device on the network.

This month alone, 111 security holes were patched, 16 being critical, in supported Windows operating systems. Makes you wonder why anyone is still using a Microsoft Windows OS. Lack of software support and learning curve are probably the biggest. I have a few uses for Windows, ugh – thank you streaming services and your stupid ‘copy protection.’ Microsoft is looking at ‘containerizing’ the Win10 operating system. The belief being when a software component fails to update or creates a problem, it doesn’t affect other parts or crash the entire operating system – separate containers that only affect themselves. Or maybe Microsoft should focus on getting the operating system stable instead of “feature updates” no one cares about. </end rant>.

AmateurLogic.TV Sound Check Net

One of the nets created since the stay-at-home order is the Amateur Logic Sound Check Net. Amateur Logic.TV is a long-running monthly podcast featuring the latest in ham radio. There have been 5 nets so far. I became involved with the net because they wanted the ability to link D-STAR and DMR users to their EchoLink net. I was able to offer up my Digital Voice Multi-mode Interlink System Hub. Started utilizing only those three modes but quickly expanded to incorporate all. Users have checked in using all the modes each week, including Wires-X.

Previous net announcement with NCS K8JTK!

The AmateurLogic guys are using a local repeater in Mississippi connected to an Echolink node. I connect to their Echolink node and transcode audio to and from other modes: AllStar Link, Hamshack Hotline, D-STAR, DMR, YSF, and Wires-X. It has performed well as it mostly lives in the cloud and has data center level resources. Users and sponsors of the net have been impressed with how well it works and grateful to experiment with many modes to reach the net – one of the few, if not only, taking Hamshack Hotline checkins.

I was net control MC for a couple of their nets. It was my longest and most amount of checkins with about 40 at nearly 2 hours for a net. The net is on Tuesdays at 9pm eastern and should be running for at least a couple more weeks. Net can be reached by connecting to any of my hub nodes or checking ALTV social media for other connections. Everyone is welcome!

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – April 2020 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

Stay at home: day 42. Continuing to work from home. Haven’t seen co-workers or friends in a month and a half. Regular lunch outings and after work happenings have long since terminated. Virtual meetings and conferences have replaced in person interaction. Participation in Ham Radio activities is on the rise! Nets are seeing higher check-in counts than they’ve ever seen. The curve is rising for digital modes and logged contacts.

Are we all having fun yet during Corona Fest 2020?

As people are forced to work from home due to closures, companies are utilizing videoconferencing services to keep in touch with employees and teams. These are now methods for coordinating efforts and relaying the latest to employees about the status of their company. A videoconferencing solution was likely available for employees to interact with remote team members or vendors world-wide. Now, those services are utilized all-day, every day. My company decided to begin the transition from WebEx to Microsoft Teams for meetings. I liked WebEx and it generally worked. MS Teams, well it’s part of Office 365 and that’s probably down again. Corona Fest is forcing usage of these collaboration solutions, not only companies but social organizations that previously met in person. These include popular names like Skype, Google Hangouts, and Zoom.

Those who value open sourced solutions should use Jitsi or Jitsi Meet to hold meetings. The service is completely free and open-source where anyone can look at the source code of the project. The difference between Jitsi and Jitsi Meet: Jitsi is a roll-your-own solution meaning you can download server packages or code and deploy an instance however you want. Jitsi Meet Online is an extremely easy-to-use alternative solution for holding meetings – with no installation required.

Settings up a meeting is easy as visiting the Jitsi Meet Online link, create a name for the meeting, click Go, set a meeting password, then send out the meeting URL or phone numbers to participants. A meeting can be created in a matter of seconds! Yes, POTS phone service is available as part of the meeting for free. Note, plain old telephone service audio options will not be encrypted due to the nature of the technology. There is nothing to download for desktop PCs with a web browser and most smart devices. Smart phone apps are available for iOS and Android including the F-Droid store. Functionally, Jitsi Meet offers the same features as the others: video, audio, chat, and shared desktop.

If I had to pick one thing that I don’t like about Jitsi it is the use of WebRTC. Web Real-Time Communication is also a free and open-source project that provides web browsers and mobile applications with real-time communication (RTC). WebRTC is included in all modern browsers and enabled by default in most. This technology allows audio and video communication to happen without the need

Jitsi Meet options menu

to install additional plugins or apps. Makes it very easy. There are a couple problems with WebRTC in highly privacy focused implementations. One problem is the communication is direct, peer-to-peer. This makes it possible for a skilled individual to learn real Internet Protocol (IP) addresses even while the other is utilizing a VPN. Use of a VPN can allow a user to appear as though their traffic is coming from a different IP and aids in masking actual location. Corporations use VPNs to establish secure communications from their network to their endpoint devices over networks with unknown integrity. Another problem is that end-to-end encryption is not possible with WebRTC. Jitsi addresses this issue in their security document. End-to-end encryption (also abbreviated “E2EE”) is a method where only the communicating users can read messages exchanged, preventing eavesdroppers anywhere along the communication path.

I wish people used better tools such as Jitsi. That’s why there’s choice. I would use this for any meetings I hosted. It seems like a really good open-source alternative to the other solutions.

Zoom became very popular very quickly, almost overnight. It was even recommended right here in last month’s OSJ. Attacks and threats emerge as a result of that popularity and pose risks for users and clubs who are using these services to host meetings. Cyber criminals are crafting email messages to steal logon credentials and packaging malware to look like a Zoom meeting installer.

For most of us, club meetings are not doing anything that’s overly sensitive with Zoom. Some organizations (companies, agencies) banned the use of Zoom citing flaws in the encryption implementation making it easy to exploit and three Chinese companies develop the applications. These should be taken into consideration but there has been no evidence of influence resulting from these issues. Zoom should be commended, though, due to their responsiveness in correcting vulnerabilities and privacy issues that have been discovered in recent weeks.

Free for accounts, everything is managed by the Zoom cloud, including encryption keys. Data is encrypted between the clients and Zoom servers. However, audio is not encrypted if a paid account is using the POTS phone line options.

Shortly after its popularity exploded, so did the number of unwanted participants in meetings leading to the term “Zoombombing.” Having someone crash a meeting is obnoxious and an unwanted disruption. Examples of this have made the rounds where Zoom sessions were hijacked by individuals saying or showing things that are lewd, obscene, racist, or antisemitic in nature where everyone in the session can see or hear. Students themselves conspired to have pranksters harass teachers in their online classes. Others utilized ‘Wardialing’ tools to discover unsecured Zoom sessions. Wardialing is an early hacking term where every number in an area code was dialed to find computers, bulletin board systems, servers, and fax machines. The resulting list would be used to guess login credentials and gain unauthorized access to those systems. One person I know had her yoga session crashed by an individual cursing and displaying symbols associated with the National Socialist German Workers’ Party. I have not heard about any disruption to ham radio club meetings.

There are steps the organizer can take or have someone else follow the directions in the Zoom support articles to prevent these issues. Not all of these configuration recommendations are needed for every meeting, follow ones applicable to that meeting. For example, you may not want to lock a club meeting from participants but instead use a waiting room approach.

Latest version: ensure participants are using the most recent client version. In April alone, there have been three updates to the Windows client.

Meeting password: posting a meeting link to social media will draw attention. Send the event password to known users through a direct message or other means where your participants are known.

Waiting room: virtual staging area for guests and participants until you’re ready for them to join.

Zoom War Dialer (krebsonsecurity.com)

Manage participants: remove any participants that should not be in the meeting and set who can share their screen.

Disable video, file transfer, annotations, and private chat: cut down on distractions, unsolicited content, or messages as needed.

Accidental removal of a participant: a booted user cannot rejoin a session using the same email address unless a few settings are changed.

Put participants on hold during breaks: attendees audio and video can be disabled during lunch, bio breaks, or private moments.

Video recordings: exercise discretion when recording content and know where that content is stored. Paid customers have the option to record a meeting to the cloud.

Following these tips can lead to a successful, uninterrupted meeting.

I saw a posting by the developer of the MMDVM software, Jonathan – G4KLX. Digital hotspot and repeater owners should follow these guidelines.

This message contains important information that I want disseminated far and wide please.

I have been approached by the people who run aprs.fi and REF001/REF030 (not the same people) about problems being caused by hotspots. This is down to usage and I hope that people will act on this information:

1. APRS, it is important that when configuring your hotspot, that you ensure that the suffix used for accessing aprs.fi is unique. For example if you use more than one hotspot, then ensure that for every mode and for every hotspot, the aprs.fi access callsign is unique. This is usually done by specifying a unique suffix to the callsign used by the hotspot. If more than one hotspot attempts to access aprs.fi with the same callsign+suffix combination, the first one is thrown off, and the new one connects. In the meantime the original one tries to connect and throw the new one off. This can happen multiple times per second, and is causing problems for them. Please, please, please, look at your configurations and if you have a duplicate, change one of them.

2. REF001/REF030, apparently the network load on these D-Star reflectors is now very high due to the number of hotspots connecting and staying connected. Could you please consider changing your gateway configuration so that you disconnect after a certain period of inactivity (this means local RF activity) so that they aren't overloaded. I know we like to listen out for activity, but we must also realise that D-Star popular reflectors const money to run, and that includes network and processor usage. A quick look at their dashboards will reveal the problem, they're huge.

Jonathan G4KLX

Set unique SSIDs for APRS on different modes and on different hotspots. Finding where APRS information originates isn’t always easy with hotspots. The OpenSPOT 1 has a location information box in settings but it is not transmitted directly by that device, rather Brandmeister pushes that information to the APRS network. Disabling APRS data on the Pi-STAR requires editing the config files and setting priority messages in Brandmeister. The priority message solution should work for OpenSPOT devices too.

ZUMSpot on Raspberry Pi Zero compared to a quarter

Unlink from reflectors, talkgroups, and systems when you’re not using them, especially ones with large numbers of connected users. Users are apparently leaving their devices connected to popular reflectors ting up bandwidth and resources unnecessarily.

To put this into perspective, when I looked at REF001 there were 850 remote/hotspot users connected, about the same on REF030. A mere 12 had transmitted since they were connected. A 5 second transmission is about 9KB worth of Internet traffic. Multiply that by 850 connected devices, that’s 7.6MB of traffic in 5 seconds to connected hotspots, many of which are not being used. That’s an estimated 80 gigabytes or so for an hour-long net. There are ping/heartbeat packets to all connected devices even when the reflector does not have an active radio transmission taking place.

Please check your hotspot APRS configurations and disconnect when not in use.

K8JTK Hub Interlink System

Anyone wanting a place to meet-up for checking on friends and fellow hams or looking for something to do can use a system I’ve been working on the last few months. Currently, it offers 6 full-time ham radio VoIP modes interlinked for interoperability. Ways to access the system:

  • EchoLink: K8JTK-R 233196
  • AllStar Link: 50394
  • Hamshack Hotline: 94026
  • DMR: Brandmeister TG 31983
  • D-STAR: DCS/XLX983 A
  • YSF: K8JTK Hub 17374

Since I’m working from home, I’ve linked up my Wires-X room: K8JTK-ROOM 40680

More information or updates on the system: http://www.k8jtk.org/ham-radio/k8jtk-hub-digital-voip-mutimode-interlink-system/

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – March 2020 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

Now that we’re all sequestered to our homes, what the heck do we do to not go iNsAnE? Idle down time is an opportunity to learn something new, catch up on lingering projects, or improve operating skills – all while staying sane. Improve operating skills can mean getting on the air, making conversation with new friends, checking in on our brethren, or practice being a better operator.

Ideas for learning something new: study for a license or upgrade, learn a new mode or Morse Code, configure your station for digital modes and get on the OHDEN net, make or update a DMR code plug, setup a hot spot, configure a Raspberry Pi to learn Linux or Python, make an APRS RX IGate with an RTL-SDR, setup Hamshack Hotline, make an AllStar node, or learn about MakerSpaces and how we can draw like-minded people into the hobby.

Free time is a good time to tackle the “I’ll get around to it” tasks, aka “the to do list.” That maybe fix/repair/replace a broken antenna, spring cleaning of the shack, selling or getting rid of unused equipment, organize or clean out junk piles, install that new radio, configure the new radio, figure out a lingering problem, clean out old data files and documents on a computer, phone, or cloud storage account, or purge and clean out email messages.

Pirates

While everyone has downtime, not everyone is using it for good. I’ve received reports since the imposed staycation of what can be described as pirate “preppers” appearing on local repeater systems and simplex frequencies. Preppers, as they are often referred, sometimes called survivalists, “is a movement of individuals or groups who actively prepare for emergencies, including possible disruptions in social or political order, on scales from local to international.” Survival preparations range from job loss to stockpiling supplies to building self-sufficient structures. They appear to be “testing” and asking for text message signal reports from their buddies. The have also been holding informal nets on simplex frequencies. It’s funny they want to communicate off-the-grid but are using the grid to receive text messages. Obviously, they don’t present a call sign and do not properly identify. One can only speculate that they obtained a wonderful (read: crappie) BaoFeng radio for a couple bucks, figured out how to program it or are passing around a codeplug someone found or programmed for them.

When these stations appear, first kindly remind them they are using a licensed service and obtaining a license is easy. Provide them resources for obtaining a license through the ARRL study manuals, an online resource like HamExam or Ham Test Online. While they maybe illegally transmitting now, encouraging them to take a license exam will strengthen numbers and get them legal regardless.

If, after repeated attempts of encouragement to become licensed, they continue to appear on frequencies, politely ask them to immediately stop transmitting. Keep calm, cool, and collected on the air. DO NOT become irate. Continuing to transmit in this manner qualifies as willful or malicious interference. Do not engage them further. Contact the repeater owner or control operator and see if disabling the repeater is an option. If shutting the repeater is not desired, see if the owner wants you to document incidents. If they do, you are the repeater owner/control operator, or they are using a simplex frequency, record audio as part of documenting process. The FCC requires specific information that includes dates, times, and frequency(ies). Audio recordings dramatically strengthens the case. A VOX activated recording program with logging, such as Scanner Recorder, and feeding the audio into the computer from the radio’s speaker jack makes this easy. Scanner Recorder automatically logs the date and time of the recordings. Verify the audio is clear and understandable by doing a sample recording.

KerberosSDR

Locating the offending station will take some work. Contact someone who has access to direction finding equipment. Some of our Technical Specialists have access to this equipment. KerberosSDR is a low-cost direction-finding alternative option which employs four RTL-SDR devices. There are a number of YouTube videos on setting up and using the KerberosSDR on their site. It might be “good enough” but not as good as professional equipment.

Do not indicate to the other station they are being tracked or located as they will likely cease transmissions, preventing an accurate location fix. Multiple readings and triangulation techniques will be utilized to pin-point the origin. If a location is determined, DO NOT engage. Document the findings and file a complaint with the FCC. Local authorities will likely be of little help unless one is active in the ham community and really understands the situation.

Windows 10 Free Upgrade

I ran into my neighbor, John WG8H, who is a long-time friend of my dad, at a local hamfest before they were all canceled. He said ‘I read your article on Windows 7 but couldn’t find anything about taking advantage of the Windows 10 free upgrade.’ I found references online that indicated the upgrade was still active and available but had not gone through the process recently. Figured the ‘out of support’ messages that appeared in Win7 would instruct a user how to do this. They did not.

Officially, the free upgrade program has ended. However, this process gave me an upgraded version of Windows 7 to Windows 10. It’s really in Microsoft’s best interest to have as many machines upgraded as possible. Check this forum post for more details or if you run into issues. As always, backup first! On a Windows 7 machine you wish to upgrade, it must have Internet access.

  • Go to: https://www.microsoft.com/en-us/software-download/windows10
  • Under “Create Windows 10 installation media,” click Download tool now
  • Signed in with an administrator account, run the downloaded Media Creation Tool on the local machine. “Run as administrator” will not work and it will tell you to sign into an administrator account first.
  • When the tool starts up, accept the license agreement
  • On the “What do you want to do?” screen, select Upgrade this PC now
  • Click Next
  • Follow the rest of the on-screen prompts to completion

I was testing on a machine that had an unsupported Win10 driver. If this message appears where drivers are not supported in Windows 10, I clicked Confirm and it proceeded. Upgrade these afterwards.

When the upgrade to Windows 10 is complete:

  • Click Start
  • Click Settings (gear)
  • Click Update & Security
  • Click Activation
  • Confirm the resulting window shows “Activation: Windows is activated with a digital license.” If activation failed, there was not a valid key installed on Windows 7 prior to upgrade.

Click Windows Update and apply updates – including the cumulative optional updates.

To tie the activation to you and the PC requires signing into Windows 10 with a Microsoft account. On the Settings home screen, click Accounts and follow the links to create a Microsoft account or login to an existing account. Otherwise, try following Reactivating Windows 10 after a hardware change if activation fails after a reinstall or hardware change.

It might be possible to update a Win7 machine that does not have Internet access by selecting the Create installation media option when prompted in the Media Creation Tool. Though I did not validate this.

K8JTK Hub Interlink System

Anyone wanting a place to meet-up for checking on friends and fellow hams or looking for something to do can use a system I’ve been working on the last few months. Currently, it offers 6 full-time ham radio VoIP modes interlinked for interoperability. Ways to access the system:

  • EchoLink: K8JTK-R 233196
  • AllStar Link: 50394
  • Hamshack Hotline: 94026
  • DMR: Brandmeister TG 31983
  • D-STAR: DCS/XLX983 A
  • YSF: K8JTK Hub 17374

Since I’m working from home, I’ve linked up my Wires-X room: K8JTK-ROOM 40680

More information or updates on the system: http://www.k8jtk.org/ham-radio/k8jtk-hub-digital-voip-mutimode-interlink-system/

Thanks for reading, stay sane, and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – February 2020 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

Well. Windows 7 reached end-of-life on January 14, 2020. Systems didn’t meltdown. Internet is still running. The world didn’t end. Reaching “end of life” in Information Technology verbiage means the vendor no longer supports the software (or hardware in other cases), won’t provide security updates, and won’t fix bugs or problems. End-of-life (often abbreviated “EOL”) also implies there is a more recent version or iteration that is supported for those things mentioned above. Supported as opposed to the developer throwing in the towel or the company going out of business where there are no updates for other reasons. Windows 7 was my favorite version of Windows – the look and feel was nice, functionally made sense, and it was fast. Reality is that computers running Windows 7 will continue to work as they always have, but start considering alternatives.

No: Windows 7 will not stop working, you don’t need to run out and buy a Windows 10 computer, your files won’t be removed, past Windows 7 updates won’t be pulled from Windows Update, ISPs won’t disconnect you from the Internet for using Windows 7, caches of Windows 7 exploits will not be unleashed.

As with all past Microsoft operating systems, patches and updates will be available on their website and through the Windows Update service for all EOL operating system versions. An install of Windows 2000 can still receive all updates until it went EOL. No updates will be available to implement the latest in encryption enhancements, support newer hardware or protect from newer exploits found in the OS. One thing to note about Windows 7 is there were updates to the Windows Update process during its lifetime. You will run into problems updating a fresh Windows 7 install through the regular Windows Update process.

Your ISP won’t disconnect you for using older versions of Windows. The company you work for will most likely update your machine if it hasn’t been done already. This depends on license and support agreements with Microsoft or reseller. Most companies actively replace equipment to comply with those agreements, replace depreciated assets, and keep equipment current as a way to mitigate exploits that propagate through older operating system configurations.

Yes: you need to stop using Internet Explorer, you can still get the free upgrade from Windows 7 to Windows 10 (for now), you can dismiss the full page Windows 10 update nag screen, you need to patch Windows 7, extended patches from Microsoft are available for a fee, there are third-party alternative patching systems; software, devices, and browsers will continue to work, most programs will still support Windows 7 – at least in the short term.

For the love of all that is holy, stop. using. Internet Explorer. Not only is it riddled with bugs and security flaws, Microsoft keeps flailing round with standards even in Microsoft Edge, which is never a good sign. Chrome is the market leader at over 80% and reports suspected security issues to Google for mitigation or blocking in the browser. However, if you’re not a fan of “the Goog” knowing everything you view on the Internet or heavy-handed implementations in the name of security, alternatives are: Firefox the favorite with Linux users, the privacy focused Brave browser, or Opera if you want to be a one-percenter.

Microsoft offers extended patching (with associated fees) for Windows 7, usually for corporate customers. Consumers can get in on the action but they make it very complicated. Third-party patching is available through companies such as 0patch. The service is free for personal use and non-profit educational use. There are good reviews and many recommendations to use this service. Using these services requires a certain level of trust leaving the responsibility of fixing complex programs to a third-party – because we all know Microsoft has NEVER had problems getting their updates right.

Early Microsoft Windows 10 free update notification aimed at tricking the user into installing software they don’t want, similar tactics are used by spyware authors

The nag screen which recently started (re)appearing for Windows 7 users, reminding them to upgrade, can be dismissed. Click the text that says “Don’t remind me again” – and it actually seems to work as opposed to the weird mind games that were played during the initial push after Windows 10 was launched. Displaying this message raised awareness and reminded users about the impending DOOM of end-of-life. Continuing to offer the free upgrade is an incentive for moving users to a supported OS. Netmarketshare shows Windows 7 utilization is still around 25-30% or about 1-in-3 computers still runs Windows 7.

I was contacted by Jeff – KA8SBI who felt there was a lot of F.U.D. about Windows 7 EOL in the media and he is content using his Windows XP machine. He pointed out “A lot of security flaws have been in the browser.” A small number of browsers still support XP. Anti-malware and anti-virus programs still offer older operating system support as well.

Here’s the argument against running old and outdated crap on the Internet. I am of the school of thought that if you’re connecting any device to a larger network (ie: the Internet), that device (computer, Raspberry Pi, router, switch, server, security camera, TV, printer, DVR, repeater, hotspot, phone, car) must have currently supported operating systems and software. It is each user’s responsibility on the network to be good citizens, follow best practices, and not act as a conduit for spreading malware and exploits. The most effective way to do this is by keeping devices updated and current.

The argument can be made that ‘manufacturers force consumers to buy new devices by not providing any updates.’ Everyone wants their stuff cheap and buying cheap crap leads to these problems. Manufactures barely break-even on most devices let alone leave any extra for updates beyond initial device release. Consumers want to use the device well beyond its serviceable life too. A report released by the Commerce Department outlined things manufactures should do to reduce the number of attacks. It made some good points but was mostly vague [updated link for the report].

Jeff’s point about third-party anti-virus and anti-malware programs that still support XP is a valid one and will help. I stopped and don’t recommend using third-party anti-virus because they were found to downgrade the security of an encrypted session, like ones established during financial transactions, interacting with health care providers, or really almost all Internet communications today.

Remember, though, nothing is ever 100% secure. Secure just means there are no known vulnerabilities – until a researcher or hacker finds one. To Jeff’s point about the flaws being in the browser, the number that exist in the underlying operating system and supporting technologies including OS kernel, .NET framework, Office, database engines, media players, and graphics interpreters are just as important. Microsoft has never completely rebuilt Windows from scratch which is why vulnerabilities often apply across all versions of Windows. It’s the same underlying computer code. Search for stories about important Windows patches. It will often include some verbiage like ‘affects all versions of Windows.’ Some exploits are deemed so bad that Microsoft actually went back and patched some EOL versions, like XP. That does not mean there are no other vulnerabilities because there is no patch. Microsoft is not spending resources on an 18-year-old piece of technology. Non-patched issues still make a system vulnerable and less secure overall.

Ransomware is malware that encrypts files of importance on a system. That is things like downloads, programs, documents, PDFs, spreadsheets, pictures, movies, intellectual property, databases, or public records on local and network attached storage devices. Encryption renders these files unreadable and unusable. The malware then demands a ransom payment to obtain the decryption key and restore files to their usable state. Ransomware is lucrative for the bad guys because no one has effective backups of their data. Various companies, schools, health care, manufacturing, oil and gas, infrastructure, and municipalities have all been infected with ransomware and often pay the ransom. It is an economic trade-off between how much of a payment are the bad guys demanding versus time and effort it would take to restore their systems. Do a search for “ransomware attack” in your favorite search engine and browse the stories to get an idea of the scope and effectiveness of ransomware.

One thing that caused me pause around the details of the ransomware attack on the Georgia Department of Public Safety was a comment about the communication systems being affected. Believe it or not, their old radio system was still functional. This got me thinking about the radio system that covers the state of Ohio or regional systems and how they could easily be taken offline because of this type of attack. I have no knowledge of any instances where these systems were involved in such an attack – this is simply theoretical. As evidenced by the news story, it’s realistic to believe these attacks can take down a state-of-the-art radio communications system. Could be due to a targeted attack, a single computer where someone clicked a malicious link, someone viewed an infected attachment in a dispatch center, or even because of an infected authorized vendor or reseller of radio equipment for the system. Target anyone? It was an HVAC vendor that was compromised which lead to Target’s massive credit card breach. How many public service agencies still have their old/analog communication systems functional to fall back on if something like this took place?

Ransomware infections are utilizing and spreading through the EternalBlue exploit and BlueKeep exploit. EternalBlue, in particular, is present in all versions of Windows (see?) back to Windows 95!! It targets and attacks weak configurations of the SMB (Server Message Block) protocol used for sharing files, printers, and devices between hosts on a network. Microsoft has patched all versions back to Windows XP, even though XP is EOL. Win95, Win98, WinNT, and Win2000 were never patched and won’t be patched. The EternalBlue vulnerability still exists in fully patched systems running those operating systems.

Impending DOOM

I will keep using Windows 7 in the shack and as my Virtual Machine OS when I need a Windows VM. It will get replaced eventually. The reason I replace it will probably come due to loss of functionality, loss of application or hardware support for a particular program or device I want to use. Firefox was noted for supporting older operating systems. However, after 3 years of extended XP support, Firefox dropped support due to low usage and significant development time being devoted to working around issues in the operating system instead of providing enhancements on supported platforms. Sooner-than-later Windows 7 support will be dropped in favor of more recent and supported platforms.

Don’t have to jump ship on Windows 7 now unless there is a specific reason. Maybe a new computer device purchase is imminent, which will include Windows 10. Or if it’s desired to still use the old machine, maybe consider a move to a supported version of Linux!

Windows 7 is dead, long live Windows 7!

2020 ARRL Great Lakes Convention

The Great Lakes Division Convention and Hamfest 2020 sponsored by the Toledo Mobile Radio Association will be here soon. It is a two-day event with ARRL Great Lakes Convention Forums on Saturday, March 14, 2020 followed by the Toledo Hamfest on the 15th. I’ve been asked to give two presentations back-to-back on Saturday. Tentatively, the first on the Raspberry Pi and how it became a popular device with makers followed by NBEMS philosophy. I’m very proud of both presentations. The NBEMS philosophy has been presented as training in the Ohio Section and adopted by other ARES groups in other Sections. Details, locations, times, and tickets are all available on the convention’s website. Hope to see you there!

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – September 2019 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

A ham in the section asked me about obtaining the latest Linux kernel. Not wanting to deal with problems found after the operating system install media was released, the latest stable kernel version available was what he wanted to be installed during setup.

Before I get started, if you are not familiar with Linux and have not read my April 2018 OSJ article, I encourage you to do so as some of the terminology defined will be used here.

There is not an easy answer to the question which version of the kernel is “stable.” The answer is: it depends. Depends on:

  • Definition of stable. There will always be bugs and constant fixes being released. Most IT personnel take ‘stable’ to mean: the least amount of issues after testing and polishing.
  • Linux distribution. How well does a kernel version work with the packages and drivers of a distribution. Availability of a new stable kernel depends on maintainers, developers, and the community’s time to update everything including programs, libraries, and drivers. Then test, document, ship, and address bug reports.

At kernel.org, there is a giant yellow button which indicates “latest stable kernel.” As of this writing, currently 5.3. Terminology on the Kernel Archives website for the different kernel types:

  • mainline = beta
  • stable = less issues
  • longterm = maintained and updated longer, typically for business production systems
  • linux-next = patches for the next version of mainline, stable, longterm

Logging into a handful of updated Linux devices I have around the house, their kernel versions:

  • Fedora 30: 5.2.14
  • AllStar Node (Debian 9): 4.9.0
  • Raspberry Pi – AllStar node (Arch): 4.14.97
  • Raspberry Pi – stock install (Raspbian Buster): 4.19.66
  • Wireless access point: 2.6.36

You’ll notice exactly zero are on 5.3. Even Fedora, which is considered a “bleeding-edge” Linux operating system will lag behind. Fedora is currently a single release behind the stable channel. Each distribution has their own definition of “stable” because it’s up to each distribution to maintain and update their releases.

A similar situation exists for software packages too. There will often be different versions of the same named package between different Linux distributions. Packages Managers almost always lag behind source code releases. For example, the Linux printing system software called CUPS for Common UNIX Printing System (cups.org), its latest is version 2.3.0. The latest in the Fedora 30 package manager is version 2.2.12. Therefore, 2.2.12 is the latest stable CUPS install for Fedora 30. Version 2.3.0 will be available when it is approved.

I have nearly 2000 packages installed on one of my systems! That seems like a lot but some are very small and Linux is very modular. Some are programs I installed like VLC or YouTube downloader. Others, I have no idea. Those are likely dependencies for other packages or programs pre-installed by the distribution. Anything beginning with “lib” is a shared common library. Packages prefixed with a program name are modules of that program: “cups” is the core printing system while “cups-filters” are the printer libraries for CUPS. Some are required system packages. “tzdata” is time zone data – so the system knows about different time zones, changes DST correctly, and processes leap-seconds. “Mint-themes” are themes for the Linux desktop GUI Cinnamon.

Linux diehards will “compile from source.” To get the absolute latest and greatest features and fixes, this practice involves downloading the plain-text source code and compiling it into machine executable code manually. It takes alot of trial-and-error to get a successful compile. Not only is the program source needed but the source code for any dependencies and libraries will also be required. Most will say this is to validate the code, add their own custom modules to the kernel, or do kernel development.

Could someone download and compile kernel 5.3 for Fedora, Ubuntu, Mint, or any other distribution? Absolutely. Fedora has a process documented to update the kernel manually. It’s 15 pages. Or you can run a single command. You choose. But you have to deal with any issues that arise from using a custom version of the kernel and doing so is unsupported by most distributions. I have no reason to be on a later kernel version before it is made generally available by the Fedora project.

Unless there are bandwidth concerns, there is little reason to worry about installing the latest version of the OS. The package manager will handle all updates to the kernel, operating system, and programs. Updates through the package manager have been approved for that version of the operating system by those who maintain those programs. It does not mean updates are 100% bug free. There is no need to install updates the minute they are available – even every-couple-weeks will be OK. We’ve all been trained like Pavlov’s dog to install updates the minute we see that pop-up. Thanks Windows. Cherry-picking is not a good idea either – unless you have a specific reason not to install an update, like an incompatible version of Java with another program.

How to install the latest Linux OS updates? I’m a command line guy because I was brought up on the DOS and Linux command lines. Recent Linux distributions have both a CLI (command line interface) and a GUI (graphical) package manager. Once the Live CD install is complete, reboot. When logged in, open a terminal window.

For Red Hat based systems (Fedora, CentOS), run:
sudo dnf -y update
Replace dnf with ‘yum’ on older installs.

For Debian based systems (Ubuntu, Mint, Raspbian, etc), there are two commands:
sudo apt -y update
sudo apt -y upgrade

The -y option means “assume yes” to any download questions or repository updates. GUI versions vary but usually involve refreshing the repository data and selecting all updates. These should always be run after a fresh install. When complete, reboot the machine. I run these update commands about once a week, maybe more if I’m waiting for an update or fix. These can be run at any time after installation as well.

On the topic of operating systems, the much beloved Microsoft operating system Windows 7 will no longer be supported after January 14, 2020. Windows 7 reaching end-of-life means there will be no further security updates – in theory. Even after Windows XP reached EOL, Microsoft went back and patched some “really bad” vulnerabilities in all operating systems, including XP. I can’t say the January 14th date will be extended or moved beyond that date nor can I say how long Windows 7 will remain a safe operating system to use. For the first time ever at the beginning of this year, the number of Windows 10 users just passed the number of Windows 7 users. That means about half of Windows users are still running version 7. There was talk of hackers stockpiling Windows XP exploits that would be released the minute Microsoft stopped updating XP, bringing the world to its knees. That was more hype by the media than reality. Chrome and Firefox browsers continued to support XP until a time came when they decided it was more work than it was worth.

A conversation I had recently, this person was of the mind that Windows 7 is going to stop working all together after January. Not true. It will still work as normal after January 14. You may see nag screens saying Win7 is no longer supported encouraging update to Windows 10. This is not a requirement to continue using your computer because Windows 7 will continue to run fine, you know, until the machine dies. There will be problems installing 7 on certain newer hardware because Microsoft thinks regression testing and customizations for Windows 7 security on modern hardware will introduce more problems. This time may, however, be the last chance you can upgrade to Windows 10 for free, for the life of the computer. If you qualify and have the latest Windows 7 updates installed, you will receive a pop-up from Windows saying ‘Microsoft recommends upgrading to Windows 10.’ This is a similar promotion to the one I talked about in April 2016.

In general, users have grown numb to the constant updating and bloatware of Windows 10. Believe it or not, Microsoft solved all the real problems with Windows 10. It’s called Microsoft Windows 10 LTSC (Long-Term Servicing Channel). It’s fantastic. It doesn’t force you into feature updates, doesn’t have the Windows Store crap, Cortana junk, or Customer Experience tracking. Feature updates can be delayed 18-24 months instead of having to be applied every 6 months. Not to mention Microsoft has frequently pulled back feature updates nearly as soon as they are released due to lack of adequate testing. The gotchya is you need access to a costly MSDN subscription. This version is out there if you look for it. Microsoft heavily criticizes the use of LTSC saying ‘users want feature updates.’ No, they don’t, that’s why users are seeking out a usable version of your crappie ‘modern’ operating system.

Time Code Generator for WWVB (wwv100.com)

The oldest continuously operating radio station in the world deserves a grand celebration. The Northern Colorado Amateur Radio Club (NCARC) will operate a special event amateur radio station with the call sign WW0WWV, on the WWV property starting September 28 and going 24-hours a day through October 2. For information on the Special Event Station visit: wwv100.com. In addition, HamSCI and the Case Amateur Radio Club of Case Western Reserve University (W8EDU) will sponsor a “Festival of Frequency Measurement” on WWV’s centennial. They are hoping to measure 5 MHz propagation over a given day and compare measurement techniques. HamSCI’s first attempt at measurements occurred during the total solar eclipse in 2017.

Jim – W8ERW, Technical Specialist for the Ohio Section, gave an informative presentation at the Wood County Amateur Radio Club in August about ARDEN MESH networking. He talked about generations of devices used for MESH networking, including the infamous Linksys blue-box, and brought many pieces of his own equipment for demonstration. Seneca county is getting involved and finding plenty of uses for MESH. If you would like a presentation for your club about MESH, get in touch with Jim.

Thanks for reading and 73… de Jeff – K8JTK