News aggregator

Dick Turpin: Hi-Spec

Planet WolvesLUG - 8 hours 32 min ago
Customer: "I need a Hi-Spec laptop something really stable for our business."
Me: "Well we have another customer who is in your line of work, I supplied them yesterday with one for just under £2K"
Customer: "Yes, the Director was thinking about £1K"
Me: "OK let me get a quote together for that and the other work you want doing."

A few minutes later.

Customer: "The budget for the laptop is £600.00."

And would you like me to throw in a box of crayons, some play-doh and a painting by numbers book? Hi-Spec pfffft
Categories: LUG Community Blogs

Mick Morgan: nsa operation orchestra

Planet ALUG - Wed, 16/04/2014 - 22:30

In February of this year, Poul-Henning Kamp (a.k.a “PHK”) gave what now looks to be a peculiarly prescient presentation as the closing keynote to 2014′s FOSDEM.

In the presentation (PDF), PHK posits an NSA operation called ORCHESTRA which is designed to undermine internet security through a series of “disinformation” or “misinformation”, or “misdirection” sub operations. ORCHESTRA is intended to be cheap, non-technical, completely deniable, but effective. One of the opening slides gives ORCHESTRA’s “operation at a glance” overview as:

* Objective:
- Reduce cost of COMINT collection
* Scope:
- All above board
- No special authorizations
* Means:
- Eliminate/reduce/prevent encryption
- Enable access
- Frustrate players

PHK delivers the presentation as if he were a mid-ranking NSA staffer intending to brief NATO in Brussels. But “being American, he ends up [at FOSDEM] instead”. The truly scary part of this presentation is that it could all be completely true.

What makes the presentation so timely is his commentary on openssl. Watch it and weep.

Categories: LUG Community Blogs

Mick Morgan: more heartbleed

Planet ALUG - Wed, 16/04/2014 - 12:04

For any readers uncertain of exactly how the heartbleed vulberability in openssl might be exploitable, Sean Cassidy over at existential type has a good explanation.

And if you find that difficult to follow, Randall Munroe over at xkcd covers it quite nicely.

My thanks, and appreciation as always, to a great artist.

Of course, Randall foresaw this problem back in 2008 when he published his take on the debian openssl fiasco.

Categories: LUG Community Blogs

Mick Morgan: pulitzer guardian

Planet ALUG - Wed, 16/04/2014 - 11:42

The Guardian and the Washington Post have been jointly awarded the Pulitzer prize for public service for their reporting of Edward Snowden’s whistleblowing on the NSA’s surveillance activities.

The Guardian reports:

The Pulitzer committee praised the Guardian for its “revelation of widespread secret surveillance by the National Security Agency, helping through aggressive reporting to spark a debate about the relationship between the government and the public over issues of security and privacy”.

Unfortunately that debate seems to be taking place in the USA rather than in the UK.

In typical Guardian style, one correspondent to today’s letters page says:

Congratulations to all. Can’t wait for the film. All the President’s Men II? Johnny Depp as Alan Rusbridger?

I’d pay to see that. But I’m not sure how it ends yet.

Categories: LUG Community Blogs

Martin Wimpress: BIP IRC proxy

Planet HantsLUG - Wed, 16/04/2014 - 07:07

BIP is an IRC proxy that maintains a persistent connection(s) to a list of IRC channels. You can then point your IRC client to BIP each time you log in and playback the conversations that took place while you were away.

I've found bBIP to be so useful that I now maintain BIP for Arch Linux, although I now run my BIP proxy on Debian because my new VPS provider doesn't offer Arch Linux as an option.

Installing BIP

Installing BIP is simple for both Arch Linux and Debian.

Debian

I run BIP on Debian Wheezy with the backport repository enabled.

sudo apt-get -t wheezy-backports install bip sudo sed -i 's/ENABLED=0/ENABLED=1/' /etc/default/bip Arch Linux pacman -S bip systemctl enable bip Create a user

The next thing to do is create a username and password and BIP provides it's own utility for doing this called bipmkpw. Replace 'username' with whatever you want your BIP 'username' to be. This name has no relation to any IRC usernames so it can be anything.

bipmkpw username

Enter a password when prompted. The password will then be output as a hash. Make a note of both the hashed and un-hashed values somewhere, you will need them later.

Create a certificate

We don't want the username and password being sent as clear-text, so we will create an SSL certificate for BIP to use.

openssl req -new -newkey rsa:4096 -nodes -x509 -keyout bip.pem -out bip.pem

Move the certificate to /var/lib/bip

sudo mv bip.pem /var/lib/bip

Change ownership and permissions of the certificate to the user bip which was created automatically when the package was installed.

sudo chown bip:bip /var/lib/bip/bip.pem sudo chmod 600 /var/lib/bip/bip.pem Configure BIP

Here is example configuration for BIP. Copy it to /etc/bip.conf, modify it accordingly and then change the ownership and permissions.

sudo chown bip:bip /etc/bip.conf sudo chmod 640 /etc/bip.conf Example configuration # bip default config file. # Thou shoult change thy password ip = "0.0.0.0"; # To connect a client to bip, try the port below, and # be sure to set the password to the value # specified in the network you want to connect to. port = 7778; # If you set this to true, you'll only be able to connect to bip # with a SSL capable IRC client. Be sure to generate a certificate # for bip with 'make cert' client_side_ssl = true; log_level = 3; pid_file="/var/run/bip/bip.pid"; # This is where logs go. Channel and private messages will use that # configuration value as a prefix, and then log_format to determine # full log filename. log_root = "/var/log/bip/"; # Log format allows you to make log filenames depend on the log line's # attributes. Here's a list : # %u -> user name # %n -> network name # %Y -> 4 digit year # %m -> 2 digit month # %d -> 2 digit day # %c -> destination (#chan, privates, ...) #log_format = "%n/%Y-%m/%c.%d.log"; # Sets the frequency (in seconds) of log syncing (real write to kernel) #log_sync_interval = 5; # Makes bip send the log of each channel and privates while # you were not connected to the proxy upon connection. backlog = true; # enable backlog backlog_lines = 0; # number of lines in backlog, 0 means no limit backlog_always = false; # backlog even lines already backlogged # If blreset_on_talk talking on an irc network has the same effect of issuing # /bip blreset, meaning that stuffed logged before the command won't be read # back on backlog blreset_on_talk = true; # Network definition, a name and server info network { name = "freenode"; server { host = "chat.freenode.net"; port = 6667; }; }; network { name = "blitzed"; server { host = "irc.blitzed.org"; port = 6667; }; }; # Configuration example with one user who connects to two irc networks # To use the multi-server feature: # - define the connections # - chose and setup a different login for each connection # on your irc client: # - Use the multi server feature of your client, the server being each time # the server where bip is running. In your client setup server password to: # username:password:connectionname # - do not store the password in clear here, use the bipmkpw util to generate # a hash # User structure is grouping information for a given user user { # The name in bip of the user # This is used by bip only name = "USERNAME; #BIP User account created with bipmkpw password = "00000000000000000000000000000000000000"; # the hash bipmkpw created ssl_check_mode = "none"; # These will be the default for each connections default_nick = "NICKNAME"; #IRC Nick default_user = "IRCUSERNAME"; #IRC User default_realname = "REALNAME"; #IRC Real Name admin = true; backlog_msg_only = true; # When true, # A user can have mutiple connections to irc networks. # define a connection: connection { name = "freenode"; # used by bip only network = "freenode"; # which ircnet to connect to # these will be sent to the real IRC server user = "IRCUSERNAME"; realname = "IRCREALNAME"; password = "serverpassword"; #can be commented out if not needed # Some options: follow_nick = true; ignore_first_nick = false; #on_connect_send = "PRIVMSG NickServ :IDENTIFY nspassword"; # Autojoined channels: channel { name = "#cat"; }; # Join #cat channel { name = "#dog"; backlog = false; }; # Join #dog but don't backlog it. channel { name = "#pig"; key = "01nk01nk"; }; # Join #pig that has a password. }; connection { name = "blitzed"; # used by bip only network = "blitzed"; # which ircnet to connect to # these will be sent to the real IRC server user = "IRCUSERNAME"; realname = "IRCREALNAME"; password = "serverpassword"; #can be commented out if not needed # Some options: follow_nick = true; ignore_first_nick = false; #on_connect_send = "PRIVMSG NickServ :IDENTIFY nspassword"; # Autojoined channels: channel { name = "#bar"; }; channel { name = "#foo"; }; }; };

If you require any clarification about what the configuration options do then man bip.conf is your friend.

Start BIP

Now that BIP is configured, it can be started.

Debian sudo /etc/init.d/bip start Arch Linux sudo systemctl start bip Client configuration

I use HexChat, but other IRC clients are available. I add a new Network to HexChat for each of the IRC networks I defined in /etc/bip.conf. The screen shot below shows how I configure a BIP network in HexChat.

Password format

The Password is the most important and confusing item. This is for BIP, not for any IRC network. Remember the unhashed password? That goes here but with a twist. The format for the password is:

bipusername:unhashedbippassword:bipnetwork

Bipnetwork? What is that? It is from the following section of /etc/bip.conf on the server?

network { name = "freenode"; server { host = "chat.freenode.net"; port = 6667; }; };

A more practical example:

myuser:S3cr3tP@$$w0rd:freenode Conclusion

And that's it! We are now perpetually connected to IRC, can connect to BIP proxy from multiple devices in a completely transparent and seamless manner. Moreover, the logs for all channels are saved and automatically rotated on the server.

If you looking for an alternative to BIP, then try ZNC.

References

Categories: LUG Community Blogs

Mick Morgan: boot and nuke no more

Planet ALUG - Tue, 15/04/2014 - 19:54

I was contacted recently by a guy called Andy Beverley who wrote:

Hope you don’t mind me contacting you about one of your old blog posts “what gives with dban”. Thought I’d let you know that I forked DBAN a while ago, and produced a standalone program (called nwipe) that will run on any Linux OS. That means it will work with any Live CD, meaning much better hardware support.

It’s included in PartedMagic, as well as most other popular distros.

“No I don’t mind at all” is my response. In fact, since DBAN seems to be borked permanently, it is nice to see an alternative out there.

Andy’s nwipe page says that he could do with some assistance. So if anyone feels able to help him out, give him a call.

Categories: LUG Community Blogs

Andy Smith: On attempting to become a customer of Metro Bank

Planet HantsLUG - Tue, 15/04/2014 - 12:51

On the morning of Saturday 12th April 2014 I visited the Kingston Upon Thames store of Metro Bank in an attempt to open a current account.

The store was open — they are open 7 days a week — but largely empty. There was a single member of staff visible, sat down at a desk with a customer.

I walked up to a deserted front desk and heard footsteps behind me. I turned to be greeted by that same member of staff who had obviously spotted I was looking a bit lost and come to greet me. He apologised that no one had greeted me, introduced himself, asked my name and what he could help me with. After explaining that I wanted to open a current account he said that someone would be with me very soon.

Within a few seconds another member of staff greeted me and asked me to come over to her desk. So far so good.

As she started to take my details I could see she was having problems with her computer. She kept saying it was so slow and made various other inaudible curses under her breath. She took my passport and said she was going to scan it, but from what I could see she merely photcopied it. Having no joy with her computer she said that she would fill in paper forms and proceeded to ask me for all of my details, writing them down on the forms. Her writing was probably neater than mine but this kind of dictation was rather tedious and to be quite honest I’d rather have done it myself.

This process took at least half an hour. I was rather disappointed as all their marketing boasts of same day quick online setup, get your bank details and debit card same day and so on.

Finally she went back to her computer, and then said, “oh dear, it’s come back saying it needs head office approval, so we won’t be able to open this right now. Would you be available to come back later today?”

“No, I’m busy for the rest of the day. To be honest I was expecting all this to be done online as I’m not really into visiting banks even if they are open 7 days a week…”

“Oh that’s alright, once it’s sorted out we should be able to post all the things to you.”

“Right.”

“This hardly ever happens. I don’t know why it’s happened. Even if I knew I wouldn’t be able to tell you. It’s rare but I have to wait for head office to approve the account.”

As she went off to sort something else out I overheard the conversation between the customer and staff member on the next table. He was telling the customer how his savings account couldn’t be opened today because it needed head office approval and it was very rare that this would happen.

I left feeling I had not achieved very much, but hopeful that it might get sorted out soon. It wasn’t a very encouraging start to my relationship with Metro Bank.

It’s now Tuesday 15th April, three days after my application was made or two working days, and I haven’t had any further communication from Metro Bank so I have no idea if my account is ever going to be opened. I don’t really have any motivation to chase them up. If I don’t hear soon then I’ll just go somewhere else.

I suppose in theory a bank branch that is open 7 days a week might be useful for technophobes who don’t use the Internet, but if the bank’s systems don’t work then all you’ve achieved is to have a large high street box full of people employed to tell you that everything is broken. Until 8pm seven days a week.

Update 2014-04-15 15:30: After contact on twitter, the Local Director of the Kingston branch called me to apologise and assure me that he is looking into the matter.

About 15 minutes later he called back to explain, roughly:

The reason the account was not approved on the day is that I’ve only been in my current address for 7 months, so none of the proofs of address would have been accepted. Under normal circumstances it is apparently possible to open an account with just a passport. If not then the head office approval or rejection should happen within 24 hours, but their systems are running a bit slowly. Someone should have called me to let me know this, but this did not happen. Apparently approval did in fact come through today – I am told someone was due to call me today with the news that my account has been opened. I should receive the card and cheque book tomorrow.

I’m glad this was so quickly resolved. I’m looking forward to using my account and hopefully everything will be smoother now.

Categories: LUG Community Blogs

Martin Wimpress: LXC on Arch Linux

Planet HantsLUG - Tue, 15/04/2014 - 02:44

At some point last year I was experimenting with Linux Containers (LXC) on Arch Linux. I never finished the blog post but somehow it was briefly published and then unplublished. I have no idea how accurate this blog post is but someone did see it and bookmarked it. They recently emailed me to ask where the blog has disappeared to, so here it is in all its unfinished glory.

Install LXC sudo pacman -Syy --needed --noconfirm arch-install-scripts bridge-utils lxc netctl netctl Bridge

The guest containers will connect to the LAN via a bridged network deviced.

sudo nano /etc/netctl/bridge

Add the following.

Description="Bridge" Interface=br0 Connection=bridge BindsToInterfaces=(eth0) IP=dhcp ## sets forward delay time FwdDelay=0 ## sets max age of hello message #MaxAge=10

Enable and start the bridge.

sudo netctl enable bridge sudo netctl start bridge Creating Containers

I'm only interetsed in running Arch Linux or Debian containers.

Container Configurations

Each container should have a matching configuration file, they look something like this.

lxc.arch = i686 lxc.utsname = myhostname lxc.network.type = veth lxc.network.flags = up lxc.network.link = br0 lxc.network.ipv4 = 0.0.0.0 lxc.network.name = eth0
  • lxc.arch Architecture for the container, valid options are x86, i686, x86_64, amd64.
  • lxc.utsman Container name, should also be used when naming the configuration file
  • lxc_network.type Type of network virtualization to be used for the container. The option veth defines a peer network device. It is created with one side assigned to the container and the other side is attached to a bridge by the lxc.network.link option.
  • lxc_network.flags Network actions. The value up in this case activates the network.
  • lxc.network.link Host network interface to be used for the container.
  • lxc.network.ipv4 IPv4 address assigned to the virtualized interface. Use the address 0.0.0.0 to make use of DHCP. Use lxc.network.ipv6 if you need IPv6 support.
  • lxc.network.name Dynamically allocated interface name. This option will rename the interface in the container.

More example files can be found in /usr/share/doc/lxc/examples/. Find details about all options via man lxc.conf.

Arch Linux sudo lxc-create -t archlinux -n arch-01 -f ~/arch-01.conf -- --packages netctl

I am unable to get DHCP to work for a Arch Linux LXC container, therefore my dirty hack is to alway use a statis IP address in the netctl profile. There is also a bug (#35715) was helpful in narrowing down the problem, but wasn't the solution in my case. Use /var/lib/lxc/CONTAIN_NAME/rootfs/etc/netctl/example/ethernet-static as a template.

sudo cp /var/lib/lxc/CONTAIN_NAME/rootfs/etc/netctl/example/ethernet-static /var/lib/lxc/CONTAIN_NAME/rootfs/etc/netctl/static

Modify /var/lib/lxc/CONTAIN_NAME/rootfs/etc/netctl/static accordingly. Now create a hook, with the same name as the netctl profile.

sudo nano /var/lib/lxc/CONTAIN_NAME/rootfs/etc/netctl/hooks/static

Add the following.

1 2 3 4 5 6#!/usr/bin/env bash if [[ $(systemd-detect-virt) != none ]]; then BindsToInterfaces=() ForceConnect=yes fi

Start the container and enable the netctl profile.

netctl enable static netctl start static Debian Containers.

Install debobootstrap and dpkg so that Debian containers can be created.

packer -S --noedit dpkg debootstrap Squeeze

Create a Debian container, squeeze is the default.

sudo lxc-create -t debian -n squeeze-01 -f ~/squeeze-01.conf

Change the root password.

chroot /var/lib/lxc/squeeze/rootfs/ passwd Wheezy

Much the same as the Squeeze exaple above but use the following template.

Using containers

Start a container

sudo lxc-start -d -n CONTAINER_NAME

Connect to the container and log in:

sudo lxc-console -n CONTAINER_NAME

To halt a container cleanly by the containers initv-system:

sudo lxc-halt -n CONTAINER_NAME

Stop and remove your container always with the two steps:

sudo lxc-stop -n CONTAINER_NAME sudo lxc-destroy -n CONTAINER_NAME References
Categories: LUG Community Blogs

Steve Engledow (stilvoid): Netcat

Planet ALUG - Tue, 15/04/2014 - 01:30

I had occasion recently to need an entry in my ssh config such that connections to a certain host would be proxied through another connection. Several sources suggested the following snippet:

Host myserver.net ProxyCommand nc -x <proxy host>:<proxy port> %h %p

In my situation, I wanted the connection to be proxied through an ssh tunnel that I already had set up in another part of the config. So my entry looked like:

Host myserver.net ProxyCommand nc -x localhost:5123 %h %p

Try as I might however, I just could not get it to work, always receiving the following message:

Error: Couldn't resolve host "localhost:5123"

After some head scratching, checking and double-checking that I had set up the proxy tunnel correctly, I finally figured out that it was because I had GNU netcat installed rather than BSD netcat. Apparently, most of the people in the internet use BSD netcat :)

Worse, -x is a valid option in both netcats but does completely different things depending on which you use; hence the less-than-specific-but-technically-correct error message.

After that revalation, I thought it was worth capturing the commonalities and differences between the options taken by the netcats.

Common options
  • -h

    Prints out nc help.

  • -i interval

    Specifies a delay time interval between lines of text sent and received. Also causes a delay time between connections to multiple ports.

  • -l

    Used to specify that nc should listen for an incoming connection rather than initiate a connection to a remote host. It is an error to use this option in conjunction with the -p, -s, or -z options. Additionally, any timeouts specified with the -w option are ignored.

  • -n

    Do not do any DNS or service lookups on any specified addresses, hostnames or ports.

  • -p source_port

    Specifies the source port nc should use, subject to privilege restrictions and availability.

  • -r

    Specifies that source and/or destination ports should be chosen randomly instead of sequentially within a range or in the order that the system assigns them.

  • -s source

    Specifies the IP of the interface which is used to send the packets. For UNIX-domain datagram sockets, specifies the local temporary socket file to create and use so that datagrams can be received. It is an error to use this option in conjunction with the -l option.

  • -t in BSD Netcat, -T in GNU Netcat

    Causes nc to send RFC 854 DON'T and WON'T responses to RFC 854 DO and WILL requests. This makes it possible to use nc to script telnet sessions.

  • -u

    Use UDP instead of the default option of TCP. For UNIX-domain sockets, use a datagram socket instead of a stream socket. If a UNIX-domain socket is used, a temporary receiving socket is created in /tmp unless the -s flag is given.

  • -v

    Have nc give more verbose output.

  • -w timeout

    Connections which cannot be established or are idle timeout after timeout seconds. The -w flag has no effect on the -l option, i.e. nc will listen forever for a connection, with or without the -w flag. The default is no timeout.

  • -z

    Specifies that nc should just scan for listening daemons, without sending any data to them. It is an error to use this option in conjunction with the -l option.

BSD netcat only
  • -4

    Forces nc to use IPv4 addresses only.

  • -6

    Forces nc to use IPv6 addresses only.

  • -b

    Allow broadcast.

  • -C

    Send CRLF as line-ending.

  • -D

    Enable debugging on the socket.

  • -d

    Do not attempt to read from stdin.

  • -I length

    Specifies the size of the TCP receive buffer.

  • -k

    Forces nc to stay listening for another connection after its current connection is completed. It is an error to use this option without the -l option.

  • -O length

    Specifies the size of the TCP send buffer.

  • -P proxy_username

    Specifies a username to present to a proxy server that requires authentication. If no username is specified then authentication will not be attempted. Proxy authentication is only supported for HTTP CONNECT proxies at present.

  • -q seconds

    after EOF on stdin, wait the specified number of seconds and then quit. If seconds is negative, wait forever.

  • -S

    Enables the RFC 2385 TCP MD5 signature option.

  • -T toskeyword

    Change IPv4 TOS value. toskeyword may be one of critical, inetcontrol, lowcost, lowdelay, netcontrol, throughput, reliability, or one of the DiffServ Code Points: ef, af11 ... af43, cs0 ... cs7; or a number in either hex or decimal.

  • -U

    Specifies to use UNIX-domain sockets.

  • -V rtable

    Set the routing table to be used. The default is 0.

  • -X proxy_protocol

    Requests that nc should use the specified protocol when talking to the proxy server. Supported protocols are “4” (SOCKS v.4), “5” (SOCKS v.5) and “connect” (HTTPS proxy). If the protocol is not specified, SOCKS version 5 is used.

  • -x proxy_address[:port]

    Requests that nc should connect to destination using a proxy at proxy_address and port. If port is not specified, the well-known port for the proxy protocol is used (1080 for SOCKS, 3128 for HTTPS).

  • -Z

    DCCP mode.

GNU netcat only
  • -c, --close

    Close connection on EOF from stdin.

  • -e, --exec=PROGRAM

    Program to exec after connect.

  • -g, --gateway=LIST

    Source-routing hop point[s], up to 8.

  • -G, --pointer=NUM

    Source-routing pointer: 4, 8, 12, ...

  • -L, --tunnel=ADDRESS:PORT

    Forward local port to remote address.

  • -o, --output=FILE

    Output hexdump traffic to FILE (implies -x).

  • -t, --tcp

    TCP mode (default).

  • -V, --version

    Output version information and exit.

  • -x, --hexdump

    Hexdump incoming and outgoing traffic.

I uninstalled GNU netcat and installed BSD netcat btw ;)

Categories: LUG Community Blogs

Steve Kemp: Is lumail a stepping stone?

Planet HantsLUG - Tue, 15/04/2014 - 00:21

I'm pondering a rewrite of my console-based mail-client.

While it is "popular" it is not popular.

I suspect "console-based" is the killer.

I like console, and I ssh to a remote server to use it, but having different front-ends would be neat.

In the world of mailpipe, etc, is there room for a graphic console client? Possibly.

The limiting factor would be the lack of POP3/IMAP.

Reworking things such that there is a daemon to which a GUI, or a console client, could connect seems simple. The hard part would obviously be working the IPC and writing the GUI. Any toolkit selected would rule out 40% of the audience.

In other news I'm stalling on replying to emails. Irony.

Categories: LUG Community Blogs

Martin A. Brooks: Buying a custom gaming PC from Overclockers UK

Planet HantsLUG - Mon, 14/04/2014 - 17:25

My current workstation and gaming PC is slowly disintegrating. I built it myself from components some 6 years ago and it’s simply wearing out.  Several USB ports don’t work and Windows sometimes bluescreens with errors that suggests bits of the motherboard are getting tired.  I don’t really have the spare time needed to build a high-end PC and make a great job of it, so I decided to treat myself to a pre-built custom system.   After hunting round, I settled on Overclockers as the company to buy from.

Their system configurator didn’t quite give me what I wanted, so I contacted them and asked if they could customise further which they could.   I put together my list of requirements, they send back a price.  I paid, cash wired to their bank account, upfront and sat back and waited for my new shiny liquid-cooled PC to arrive.

The system shipped.  It shipped to the wrong address.  I had provided Overclockers with a billing address and a shipping address.  They shipped to the billing address which is almost guaranteed to be unoccupied during regular working hours.

A simple mistake.  It happens.  I contacted the courier who were unable to redeliver again that day, but promised they would deliver it to the shipping address the next day.

Next day, my new shiny PC arrives.  I opened the smaller of the two boxes, one for spare components and so on, and immediately see a problem.  The spares and cables and whatnots are not branded with anything I specified, wrong motherboard and wrong graphics card.  I call Overclockers who suggest that the component boxes may have been mixed up and can I please open the main box and check. I do.  It’s someone else’s computer.  I later learn that my system has been shipped to somewhere else.  Overclockers’ mistake?  Courier’s mistake?  It doesn’t really matter. Overclockers have a courier come and pick up this system.

Meanwhile, my system makes its merry way back to Overclockers’ HQ and I, confusingly, get an email asking what I’d like done with it.   I suggest shipping it to the shipping address and could I please have an AM delivery so I don’t potentially waste a whole day.  I offered to pay for whatever that was going to cost.  Overclockers said it was no problem.  Super.

My PC finally showed up at Friday 8pm.   The more astute amongst you will spot that 8pm is not exactly an AM delivery.  Overclockers’ mistake?  Courier’s mistake?  I have no idea, the question has not yet been answered.

I unpack my new PC.  The first thing I notice is that there is a bolt rolling around in the bottom of it.  Stuff can come loose in shipping, so what.  I find that the bolt belongs to a radiator housing in the bottom of the case, there’s a hole, a loose radiator and tool marks around the hole.  Not ideal, but the system’s not going to be moved around much so no big problem.  Despite being an SLI system, there was no SLI cable installed linking the graphics cards.  Simple to fix, but a silly thing for an expert system builder to miss.

One of the customised things I asked for was the pre-cabling of some SATA drives bays: one for a blu-ray writer and two for a pair of big SATA disks I use for bulk local storage.   None of these were done.   I call Overclockers about this, and the loose bolt, and they say there’s not much that can be done without returning the system to them.  As I’ve no interest in another game of couriers, I grumble a bit but then do the cabling myself.

Over the next day or so I had almost no chance to really push the new system.  It ticked over happily, was lovely and quiet and lovely to look at too.  On Sunday night, though, the headphones went on, the office door was closed and I got on with a bit of GRID 2, with all the visual effects turned up to maximum.  I settled down for a couple of hours of hard racing.   After about an hour, the screen froze, went black, and all the system fans kicked into life.

I powered off, reached for my mini-torch and opened the case.  What I saw sickened me: liquid coolant leaking from the CPU block, down onto a graphics card and spilling on to the motherboard.  It was impossible to tell whether the CPU had simply thermally shut down or if the coolant had shorted something expensive.  It kind of didn’t matter.

The next morning I called Overclockers who arranged to pick the system up.  I asked if they could sort of the cabling and the loose bolts while they were at it.  They agreed.

A couple of days later, I got an email saying the system had been repaired and was on its way back to me.  The next evening I get a call from the owner of the billing address saying that a courier had tried to deliver something with my name on it.   They had shipped to the wrong address. Again.

I had now run out of patience and I asked for a full refund.   To their credit, Overclockers didn’t argue on this and they said one would be arranged.  As it was convenient for me, I asked to keep the Windows 8.1 licence and the SSD.   As it was convenient for them, I agreed to pay for these again separately, they would then issue a refund for the full amount of the original transaction.  I didn’t ask, but I kind of expected they would simply wire the cash back to my bank account.

After 3 days or so, nothing had showed up, so I called and they said that processing a refund might take up to 7 working days.

Today, 10 days on, nothing had showed up, so I called them and they said a cheque had been issued on the 4th and had been sent to……. you guessed it, the wrong address.  The owner of the address had not had a cheque arrive.

They offered to send a new cheque to the right address.  I suggested they simply wire the money to my account, I was told this was impossible due to the people who would have to do that being in Germany.  No, makes no sense to me either.  I asked if the cheque could be sent by special delivery, for which I was happy to cover the costs.   This was, of course, not possible.

So, 5 weeks after placing a cash order for a high-spec custom PC from Overclockers UK, I have no PC and they have a large amount of my money.

Please consider this post next time you’re thinking of ordering from them.

 

(Update: 15/4/2014:  A handwritten cheque arrived from Overclockers this morning. )

Categories: LUG Community Blogs

Surrey LUG Bring-A-Box 10th May 2014

Surrey LUG - Mon, 14/04/2014 - 15:13
Start: 2014-05-10 11:00 End: 2014-05-10 17:00

This month's meeting is yet to be confirmed.

Who

New members are very welcome. We're not a cliquey bunch, so you won't feel out of place! Usually between 10 and 30 people come along. 

Categories: LUG Community Blogs

Meeting at "The Moon Under Water"

Wolverhampton LUG News - Mon, 14/04/2014 - 14:55


53-55 Lichfield St
Wolverhampton
West Midlands
WV1 1EQ

Eat, Drink and talk Linux

Event Date and Time:  Wed, 16/04/2014 - 19:30 - 23:00
Categories: LUG Community Blogs

Chris Lamb: Race report: Cambridge Duathlon 2014

Planet ALUG - Mon, 14/04/2014 - 13:59

(This is my first race of the 2014 season.)


I had entered this race in 2013 and found it was effective for focusing winter training. As triathlons do not typically start until May in the UK, scheduling earlier races can be motivating in the colder winter months.

I didn't have any clear goals for the race except to blow out the cobwebs and improve on my 2013 time. I couldn't set reasonable or reliable target times after considerable "long & slow" training in the off-season but I did want to test some new equipment and stategies, especially race pacing with a power meter, but also a new wheelset, crankset and helmet.

Preparation was both accidentally and deliberately compromised: I did very little race-specific training as my season is based around an entirely different intensity of race, but compounding this I was confined to bed the weekend before.

Sleep was acceptable in the preceding days and I felt moderately fresh on race morning. Nutrition-wise, I had porridge and bread with jam for breakfast, a PowerGel before the race, 750ml of PowerBar Perform on the bike along with a "Hydro" PowerGel with caffeine at approximately 30km.

Run 1 (7.5km)

A few minutes before the start my race number belt—the only truly untested equipment that day—refused to tighten. However, I decided that once the race began I would either ignore it or even discard it, risking disqualification.

Despite letting everyone go up the road, my first km was still too fast so I dialed down the effort, settling into a "10k" pace and began overtaking other runners. The Fen winds and drag-strip uphill from 3km provided a bit of pacing challenge for someone used to shelter and shorter hills but I kept a metered effort through into transition.

Time
33:01 (4:24/km, T1: 00:47) — Last year: 37:47 (5:02/km)
Bike (40km)

Although my 2014 bike setup features a power meter, I had not yet had the chance to perform an FTP test outdoors. I was thus was not able to calculate a definitive target power for the bike leg. However, data from my road bike suggested I set a power ceiling of 250W on the longer hills.

This was extremely effective in avoiding going "into the red" and compromising the second run. This lends yet more weight to the idea that a power meter in multisport events is "almost like cheating".

I was not entirely comfortable with my bike position: not only were my thin sunglasses making me raise my head more than I needed to, I found myself creeping forward onto the nose of my saddle. This is sub-optimal, even if only considering that I am not training in that position.

Overall, the bike was uneventful with the only memorable moment provided by a wasp that got stuck between my head and a helmet vent. Coming into transition I didn't feel like I had really pushed myself that hard—probably a good sign—but the time difference from last year's bike leg (1:16:11) was a little underwhelming.

Time
1:10:45 (T2: 00:58)
Run 2 (7.5km)

After leaving transition, my legs were extremely uncooperative and I had great difficulty in pacing myself in the first kilometer. Concentrating hard on reducing my cadence as well as using my rehearsed mental cue, I managed to settle down.

The following 4 kilometers were a mental struggle rather than a physical one, modulo having to force a few burps to ease some discomfort, possibly from drinking too much or too fast on the bike.

I had planned to "unload" as soon as I reached 6km but I didn't really have it in me. Whilst I am physiologically faster compared to last year, I suspect the lack of threshold-level running over the winter meant the mental component required for digging deep will require some coaxing to return.

However, it is said that you have successfully paced a duathlon if the second run faster than the first. On this criterion, this was a success, but it would have been a bonus to have really felt completely completely drained at the end of the day, if only from a neo-Calvinist perspective.

Time
32:46 (4:22/km) / Last year: 38:10 (5:05/km)
Overall
Total time
2:18:19

A race that goes almost entirely to plan is a bit of a paradox – there's certainly satisfaction in setting goals and hitting them without issue, but this is a gratification of slow-burning fire rather than the jubilation of a fireworks display.

However, it was nice to learn that I managed to finish 5th in my age group despite this race attracting an extremely strong field: as an indicator, the age-group athlete finishing immediately before me was seven minutes faster and the overall winner finished in 1:54:53 (!).

The race identified the following areas to work on:

  • Perform an outdoors FTP on my time-trial bike outdoors to develop an optimum power plan.
  • Do a few more brick runs, at least to re-acclimatise the feeling.
  • Schedule another bike fit.

Although not strictly race-related, I also need to find techniques to ensure transporting a bike on public transport is less stressful. (Full results & full 2014 race schedule)

Categories: LUG Community Blogs

Debian Bits: DPL election is over, Lucas Nussbaum re-elected

Planet HantsLUG - Mon, 14/04/2014 - 07:10

The Debian Project Leader election has concluded and the winner is Lucas Nussbaum. Of a total of 1003 developers, 401 developers voted using the Condorcet method.

More information about the result is available in the Debian Project Leader Elections 2014 page.

The new term for the project leader will start on April 17th and expire on April 17th 2015.

Categories: LUG Community Blogs
Syndicate content