Posted on Leave a comment

Securing The New Server & Security In General

This was originally going to be part of another post, but it ended up getting more complex than I originally intended so it’s been given it’s own. I go into into many of my personal security practices, on both my public facing servers & personal machines. Since the intertubes are so central to life these days, good security is a must, especially since most people use the ‘net to do very sensitive operations, such as banking, it’s becoming even more essential to have strong security.

Since bringing the new server online & exposing it to the world, it’s been discovered in record time by the scum of the internet, SSH was under constant attack within 24 hours, and within that time there were over 20,000 failed login attempts in the logs.
This isn’t much of an issue, as I’ve got a strong Fail2Ban configuration running which at the moment is keeping track of some 30 IP addresses that are constantly trying to hammer their way in. No doubt these will be replaced with another string of attacks once they realise that those IPs are being dropped. I also prevent SSH login with passwords – RSA keys only here.
MySQL is the other main target to be concerned about – this is taken care of by disabling root login remotely, and dropping all MySQL traffic at the firewall that hasn’t come from 127.0.0.1.

Keeping the SSH keys on an external device & still keeping things simple just requires some tweaking to the .bashrc file in Linux:

alias ssh='ssh -i <Path To Keys>'

This little snippet makes the ssh client look somewhere else for the keys themselves, while keeping typing to a minimum in the Terminal. This assumes the external storage with the keys always mounts to the same location.

Everything else that can’t be totally blocked from outside access (IMAP, SMTP, FTP, etc), along with Fail2Ban protection, gets very strong passwords, unique to each account, (password reuse in any situation is a big no-no) and where possible TOTP-based two factor authentication is used for front end stuff, all the SSH keys, master passwords & backup codes are themselves kept offline, on encrypted storage, except for when they’re needed. General password management is taken care of by LastPass, and while they’ve been subject to a couple of rather serious vulnerabilities recently, these have been patched & it’s still probably one of the best options out there for a password vault.
There’s more information about those vulnerabilities on the LastPass blog here & here.


This level of security paranoia ensures that unauthorized access is made extremely difficult – an attacker would have to gain physical access to one of my mobile devices with the TOTP application, and have physical access to the storage where all the master keys are kept (along with it’s encryption key, which is safely stored in Meatware), to gain access to anything.
No security can ever be 100% perfect, there’s always going to be an attack surface somewhere, but I’ll certainly go as far as is reasonable, while not making my access a total pain, to keep that attack surface as small as possible,and therefore keeping the internet scum out of my systems.
The last layer of security is a personal VPN server, which keeps all traffic totally encrypted while it’s in transit across my ISP’s network, until it hits the end point server somewhere else in the world. Again, this isn’t perfect, as the data has to be decrypted *somewhere* along the chain.

Posted on Leave a comment

Topping NX1a Portable Headphone Amplifier

NX1a Amplifier
NX1a Amplifier

Time for another teardown! Here’s a pocket-sized headphone amplifier for use with mobile devices. This unit is powered by a built-in lithium cell, and can give some pretty impressive volume levels given it’s small size.

Audio Connections
Audio Connections

The 3.5mm audio input & output jacks are on the front of the unit, along with the relatively enormous volume knob & power switch. There’s a little blue LED under the switch that lets the user know when the power is on, but this is a very sedate LED, using very little power.

Gain & Charging
Gain & Charging

On the back is the High-Low gain switch, and the ยตUSB charging port. There’s another indicator LED to show that the internal cell is charging, in this case a red one.

PCB Top
PCB Top

Removing a couple of cap screws allows the internals to slide out of the extruded aluminium casing. Most of the internal space is taken up by the 1Ah lithium cell, here on the top of the PCB secured by some double-sided tape. The volume potentiometer is mounted on a small daughterboard at right angles to get it to fit into the small vertical space in the case.

PCB Rear
PCB Rear

The bottom of the PCB is equally as sparse – the only ICs being the main audio amp in the centre & the battery charger IC at the top.

Amplifier IC
Amplifier IC

The main audio amplifier is a TP9260, I couldn’t find a datasheet on this, so I’m unsure of what the specs are. The row of resistors above the IC are for the gain divider circuit. There’s also a pogo pin on the right that makes contact with the back panel of the case for grounding.

Battery Charger
Battery Charger

Battery charging is taken care of by a UN8HX 500mA linear charging IC, not much special here.

This little amplifier seems to be pretty well made, considering the price point. The only issue I’ve had so far is the audio cables act like antennas, and when in close proximity to a phone some signal gets picked up & blasted into the headphones as interference.

Posted on Leave a comment

Pancake Vibration Motor Teardown

For a while I’ve wondered how these pancake type (AKA “Shaftless”) vibration motors operate, so I figured I’d mutilate one to find out.

Pancake Vibration Motor
Pancake Vibration Motor

These vibrators are found in all kinds of mobile devices as a haptic feedback device, unlike older versions, which were just micro-sized DC motors with an offset weight attached to the shaft, these don’t have any visible moving parts.

Cover Removed
Cover Removed

These devices are crimped together, so some gentle attack with a pair of snips was required to get the top cover off.
It turns out these are still a standard rotary DC motor, in this case specifically designed for the purpose. The rotor itself is the offset weight, just visible under the steel half-moon shaped section are the armature coils.

Weighted Rotor
Weighted Rotor

The armature lifts off the centre shaft, the coils can clearly be seen peeking out from under the counterweight.

Commutator
Commutator

The underside of the armature reveals the commutator, which in this device is just etched onto the PCB substrate, the connections to the pair of coils can be seen either side of the commutator segments.

Brushes
Brushes

The base of the motor holds the brushes in the centre, the outer ring is the stationary permanent magnet. These brushes are absolutely tiny, the whole motor is no more than 6mm in diameter.

Posted on Leave a comment

Cheap Lithium Polymer Battery Packs

In the past, I’ve used RC type LiPo packs for my mobile power requirements, but these tend to be a bit bulky, since they’re designed for very high discharge current capability – powering large motors in models is a heavy job.

I recently came across some Samsung Galaxy Tab 10.1 battery packs on eBay very cheaply, at ยฃ2.95 a piece. For this price I get 6800mAh of capacity at 4.2v, for my 12v requirements, 3 packs must be connected in series, for a total output of 12.6v fully charged.

For an initial pack, I got 9 of these units, to be connected in 3 sets of 3 to make 20Ah total capacity.There are no control electronics built into these batteries – it’s simply a pair of 3400mAh cells connected in parallel through internal polyfuses, and an ID EEPROM for the Tab to identify the battery.
This means I can just bring the cell connections together with the original PCB, without having to mess with the welded cell tabs.

Battery Pack
Battery Pack

Here’s the pack with it’s cell connections finished & a lithium BCM connected. This chemistry requires close control of voltages to remain stable, and with a pack this large, a thermal runaway would be catastrophic.

Cell Links
Cell Links

The OEM battery connector has been removed, and my series-parallel cell connections are soldered on, with extra lead-outs for balancing the pack. This was the most time-consuming part of the build.

If all goes well with the life of this pack for utility use, I’ll be building another 5 of these, for a total capacity of 120Ah. This will be extremely useful for portable use, as the weight is about half that of an equivalent lead-acid.

Posted on Leave a comment

New Radio – Baofeng UV-82

Thanks to Lewis over at Distant Signal Radio, the bad influence he is on my bank balance ;), I’m the proud new owner of a new Baofeng. This time it’s the UV-82.

This radio is a little different from the other Baofengs I have. Here are the main differences:

  • Dual PTT – This one is going to take some getting used to ๐Ÿ˜‰
  • Higher capacity battery pack
  • A more rugged, commercial feel

This radio has a different method of selecting the VFO mode – holding the menu key while the unit is powered on. This is a little awkward, but since I only usually use my local repeaters when I’m mobile, it’s not much of an issue.

UV-82
UV-82

Here’s the radio itself, it has a much more commercial feel to it than the UV-5Rs, and it’s slightly bigger. Mainly due to the use of a larger standard battery & larger loudspeaker.

Spec Label
Spec Label

Back of the unit with the spec label. As per usual Baofeng are a bit conservative with the power ratings, more to come on that below.

Battery Pack
Battery Pack

Here’s the battery pack, a 2-cell lithium-polymer unit. This has a bigger capacity than the standard UV-5R battery, at 2800mAh.

Here are the power settings as measured by my GY-561. Frequencies used are 145.500 & 433.500


 

VHF High: 7W
VHF Low: 2.5W


UHF High: 6W
UHF Low: 3.1W


 

Posted on Leave a comment

Stock Baofeng Antenna Problems

Recently I’ve noticed my usual mobile rig, the Baofeng UV-5R, has had very poor receive, and non-existent transmit.

I did a power test on the radio, and confirmed it was still outputting it’s rated RF power. Trying another antenna proved that the radio was fine.

Time to tear down the antenna & see if it can be fixed!

Stock Antenna
Stock Antenna

Here’s the antenna, just the factory rubber duckie. As with all these antennas, they’re a compromise between size & their efficiency.

Naked Antenna!
Naked Antenna!

Giving a gentle pull to the antenna sheath while it’s attached to the radio allows it to come apart. The quality actually doesn’t look to bad. It’s very similar in construction to my Diamond X-30, just on a much smaller scale.

At the bottom of the antenna is the matching network, an inductor & ceramic disc capacitor. Here lies the problem with this antenna.

Dry Joint
Dry Joint

Here where the capacitor joins onto the feedpoint from the SMA connector, the solder joint has come away. This was a very poor joint to start with, and the solder hadn’t wetted the capacitor lead at all

After cleaning the joint, and applying some flux, a new joint was easily made with some Real Solder.

Repaired Joint
Repaired Joint

Here’s the joint freshly repaired, the antenna is now back to full working order. It even seems to work better than the others I have ๐Ÿ™‚

Posted on Leave a comment

QSO Logging Systems

As per my site update post, I have migrated my radio log onto a new system, from CQRLOG.

CQR log has served me well since I first started in Amateur Radio, however it’s a bit complex to use, requires a backend MySQL server for it’s database, and as it’s a local application, it’s not possible to share my log with other Hams without some difficulty.
The only other major system with an online logging system is QRZ, and I find that particular site a bit of a pain, and many of the features there aren’t free. (Although it’s not horrendously expensive, I’m on a very tight budget & I must save where I can).

CQRLOG
CQRLOG Screenshot

Because of these points, I went on a search for something that would better serve my needs. I have discovered during this search that there’s liitle out there in the self-hosted respect.

I did however find Cloudlog, a web based logging system in PHP & MySQL.
This new system allows integration with the main site, as I can run it on the same server & LAMP stack, it’s very simple to use, is visually pleasing and it even generates a Google Map view of recent QSO locations.
It will also allow me to save some resources on my main PC, running a full-blown MySQL server in the background just for a single application is resource intensive, and a bit of a waste of CPU cycles. (CQRLOG and it’s associated MySQL server is 300MB of disk space, CloudLog is 27MB).

Backups are made simpler with this system also, as it’s running on my core systems, incremental backups are taken every 3 hours, with a full system backup every 24 hours. Combined with offsite backup sync, data loss is very unlikely in any event. All this is completely automatic.
I can also take an ADIF file from Cloudlog for use with any other logging application, if the need arises.

Cloudlog is built & maintained by Peter Goodhall, 2E0SQL.
From the looks of Github, there’s also a version 2 in development, although now I have version 1 up & running, I might just stick with it, unless an easy upgrade path is available.

When I am not operating mobile, new QSOs should appear in this system almost immediately, with their respective pins on the map. (These are generated by the Grid Square location, so accuracy may vary).
If you’ve spoken to me on the air & I haven’t updated it, I’m most likely away from an internet connection, in which case your callsign will appear as soon as I have access.

73s for now folks!

Posted on Leave a comment

Some Site Changes

After a few years of running with the same look, I’ve decided on some changes.

  • New theme!
    The site now looks much better, and has better support for more eye candy ๐Ÿ˜‰
  • Addition of my QRZ link
  • New QSO logging system
    Accessible from a button in the header, this is my new preferred system for logging my radio contacts. (I was originally using CQRLOG under Linux). If I’ve spoken to you on the radio your callsign will most likely appear immediately. ๐Ÿ™‚
    If not, I’m probably working mobile. In that case, drop me a comment or an E-Mail ๐Ÿ™‚

Finally there have been some behind the scenes changes to implement some better security on site.
Getting the number of hits I do per day, this site gets attacked by the Internet’s Great Unwashed on a regular basis. No attack has ever been successful but more security never hurts!

73s folks!

Posted on Leave a comment

Mobile Power Pack Upgrade

New Regulators
New Regulators

The original LM2577 based regulators I designed into my mobile battery pack turned out to be insufficient for requirements, therefore they have been replaced with higher capacity regulators.

The 12v regulator (left) is a muRata UQQ-12/8-Q12P-C SEPIC converter, providing a max of 8A at 12.1v DC. The 12v rail is also now independently switchable to save power when not in use.

The 5v regulator (right) is a Texas Instruments PTN78020WAZ switching regulator, rated at 6A.ย The pair of resistors on the back of the regulator set the output voltage to 5.1v.

Also a new addition is a pair of banana sockets & a 2.1mm DC jack, wired into the 12v DC bus, for powering various accessories.

New Additions
New Additions

Below the USB sockets is now a built in eCig charger, to save on USB ports while charging these devices.

IWA National Festival 2013
IWA National Festival 2013

These changes were made after much field testing of the unit at Cassiobury Park, Watford, for the IWA National Waterways Festival.

Posted on Leave a comment

Nokia 7110

Front
Front

Another phone from the mid 90s. This is the nokia 7110.

Slider Open
Slider Open

Here the slider is open showing the keypad.

Battery Removed
Battery Removed

Here the battery is removed, a Li-Ion unit.

Battery
Battery

The battery cell & protection circuit removed from the casing.

Rear Of PCB
Rear Of PCB

This is the rear of the PCB removed from the housing. Data & charging ports on the right hand side f the board.

Front Of PCB
Front Of PCB

Front of the PCB with the RF sections at the left hand side & the keypad contacts on the right.

RF Sections
RF Sections

Closeup of the RF sections of the board, big silver rectangular cans are VCO units.

SIM Connector
SIM Connector

Closeup of the top rear section of the PCB, with SIM cnnector, battery contacts, IR tranciever at the far left. Bottom centre is the external antenna connector.

CPU
CPU

The logic section of the board, Large chip is CPU, to right of that is the ROM storing the machine code. Other chips are unknown custom parts.

Mic & Speaker
Mic & Speaker

The Mic & the loudspeaker removed from it’s housing.

LCD
LCD

LCD from the front of the unit, SPI interfaced. Flex PCB also contains the power button, loudspeaker contacts & a temperature sensor.

Scroll Wheel
Scroll Wheel

The scroll wheel removed from the front housing.

Vibra-Motor
Vibra-Motor

Tiny vibration motor removed from the rear housing, alerts the user to a text or phone call.