In the past couple weeks I contributed to a bunch of different open source projects in different ways and I thought I’d write about some of them.
I’ve been using an OpenBSD laptop as my workstation a lot more lately, probably because most of my hardware just works now and I don’t have to think too much about it. The touchpad works when I touch it, I can be confident that when I close the lid, the laptop will fully suspend and then fully resume again when I open it, WiFi works all throughout my house (although it’s not terribly fast), and my web browser is fast and stable. What amazing times we live in.
In the past, one thing that frequently kept me going back to my Mac, aside from iOS and Android development, was 1Password. I have a ton of logins for websites and servers, and because my browsers are all configured to clear cookies for most websites after I close their tabs, I need frequent access to passwords synced across my laptops and phones, and 1Password has great apps for all of those except OpenBSD.
ThinkPads have sort of a cult following among OpenBSD developers and users because the hardware is basic and well supported, and the keyboards are great to type on. While no stranger to ThinkPads myself, most of my OpenBSD laptops in recent years have been from various vendors with brand new hardware components that OpenBSD does not yet support. As satisfying as it is to write new kernel drivers or extend existing ones to make that hardware work, it usually leaves me with a laptop that doesn’t work very well for a period of months.
After exhausting efforts trying to debug the I2C touchpad interrupts on the Huawei MateBook X (and other 100-Series Intel chipset laptops), I decided to take a break and use something with better OpenBSD support out of the box: the fifth generation Lenovo ThinkPad X1 Carbon.
The Huawei MateBook X is a high-quality 13” ultra-thin laptop with a fanless Core i5 processor. It is obviously biting the design of the Apple 12” MacBook, but it does have some notable improvements such as a slightly larger screen, a more usable keyboard with adequate key travel, and 2 USB-C ports.
It also uses more standard PC components than the MacBook, such as a PS/2-connected keyboard, Intel WiFi card, etc., so its OpenBSD compatibility is quite good.
The Xiaomi Mi Air 12.5” is a basic fanless 12.5” Ultrabook with good build quality and decent hardware specs, especially for the money; while it can usually be had for about $600, I purchased mine for $489 shipped to the US during a sale.
I recently had access to a Surface Pro 4 and tried to boot OpenBSD on it. It did not go well, so I am just putting this here for posterity.
The 2016 Surface Pro 4 is basically just a keyboard-less x86 (Core i5 on the model I had) tablet with some tightly integrated (read: not upgradeable) components. Its optional Surface Type Cover is just a USB-attached keyboard and trackpad, which magnetically secure to the bottom of the device.
The Chromebook Pixel LS (2015) has an Intel Core i7 processor (Broadwell) at 2.4Ghz, 16Gb of RAM, a 2560x1700 400-nit IPS screen (239ppi), and Intel 802.11ac wireless. It has a Kingston 64Gib flash chip, of which about 54Gib can be used by OpenBSD when dual-booting with a 1Gb Chrome OS partition.
I recently activated a new dedicated server that came preinstalled with Linux, as the hosting provider didn’t support OpenBSD. Since they also didn’t provide an IP-based KVM without purchasing a dedicated hardware module (though most of the IP-KVMs I’ve used recently require interfacing with some terrible Java-based monstrosity anyway), I needed a way to remotely install OpenBSD over the running Linux server.
I spent a week in Toronto, Canada attending the OpenBSD t2k13 hackathon hosted at the University of Toronto. While these events are put on every year in random places, I have not attended one since c2k7 in Calgary back in 2007. I tried to go to the Portugal hackathon last year but my travel plans got all screwed up.
I wrote about the technical details of what I accomplished at this event at the OpenBSD Journal so I won’t duplicate it here, but it was a fairly productive week for me. I remember at c2k7 I didn’t really have much to work on and felt out of place but this time I had more things to do than I had time.
I’m a big fan of my Fitbit pedometer because it does most of its work without any interaction. I clip it onto my pocket and it counts my steps and flights of stairs as I walk throughout the day, then automatically, wirelessly uploads the data to Fitbit’s website whenever I’m within range of its USB dongle plugged into one of my computers. The whole thing works without having to think about it or plug anything in. The battery lasts for about a week, and when it finally runs low, my low battery notifier sends a message to my phone through Pushover telling me to put it on its charger for a few hours.
To add to my step data, I got a Withings scale last year which logs my weight and BMI on Withings’ website automatically every time I step on the scale. Fitbit’s website syncs this data from Withings, so now I’m able to track my steps, flights of stairs, weight, and BMI, all automatically, all on Fitbit’s website. I use this data mainly as a motivation to walk more and not get fat, just as my Wii Fit motivated me to exercise every day by tracking all of the data. When I know my Fitbit is counting my steps, I’ll avoid hopping on the bus or train to get home and just walk. A few times I’ve left the house and upon noticing my Fitbit wasn’t there, walked all the way back and got it just so the steps I was going to take that day would “count”.
Last night I tried to visit one of the websites that I host on one of my dedicated servers, and to my surprise, I saw this instead of the usual content:
At about 9am yesterday morning, I noticed on my server monitor that the CPU utilization of one of my servers was abnormally high, in addition to a sustained 1mbit/sec of inbound traffic and 2mbits/sec of outbound traffic. syslog messages from Asterisk showed it to be a SIP brute force attack, so I dropped the offending IP (an Amazon EC2 instance IP) into
/etc/idiots to block it and went back to my work.
A while later, I noticed the traffic still hadn’t died down, so I reported the incident to Amazon and my server’s network provider. No luck on either front; Amazon just sent back a form reply stating the incident was forwarded to the EC2 instance’s owner (yeah, seriously) and the network provider said they wouldn’t bother adding an ACL to their border equipment unless it was needed to protect their entire network. With the IP blocked on my server, the CPU utilization had died down and it was no longer sending out reply traffic, but I was worried about the inbound garbage traffic counting towards the server’s monthly bandwidth cap.
Since I will never be interviewed for The Setup, I have interviewed myself.
Update Feb 2015: Okay, I was interviewed for The Setup.
I received an e-mail asking me how I got started with OpenBSD, so I thought I’d write the answer here in case anyone else wanted to read it.
I started using OpenBSD in 1998 (version 2.3 or 2.4) to host a BBS that I was running. I chose OpenBSD because of its security record and because I was getting fed up with Linux (Slackware) at the time. I think the machine was a Pentium 75 or something, and OpenBSD worked quite well on it. During the course of building the BBS, I had to install some 3rd party software, so I got interested in OpenBSD’s ports system to make installation of that software cleaner. I submitted some ports to the ports@ mailing list and got them committed by other developers. I tested others’ ports and supplied feedback where I could. I hadn’t done much unix development back then, so writing simple makefiles for ports was an easy way to get involved.