Tag Archives: flash

The Carputer

Post Syndicated from Alex Bate original https://www.raspberrypi.org/blog/the-carputer/

Meet Benjamin, a trainee air traffic controller from the southeast of France.

Benjamin was bored of the simple radio setup in his Peugeot 207. Instead of investing in a new system, he decided to build a carputer using a Raspberry Pi.


Seriously, you lot: we love your imagination!

He started with a Raspberry Pi 3. As the build would require wireless connectivity to allow the screen to connect to the Pi, this model’s built-in functionality did away with the need for an additional dongle. 

Benjamin invested in the X400 Expansion Board, which acts as a sound card. The board’s ability to handle a variety of voltage inputs was crucial when it came to hooking the carputer up to the car engine.

Car engine fuse box

Under the hood

As Benjamin advises, be sure to unplug the fusebox before attempting to wire anything into your car. If you don’t… well, you’ll be frazzled. It won’t be pleasant.

Though many touchscreens are available on the market, Benjamin chose to use his Samsung tablet for the carputer’s display. Using the tablet meant he was able to remove it with ease when he left the vehicle, which is a clever idea if you don’t want to leave your onboard gear vulnerable to light-fingered types while the car is unattended.

To hook the Pi up to the car’s antenna, he settled on using an RTL SDR, overcoming connection issues with an adaptor to allow the car’s Fakra socket to access MCX via SMA (are you with us?). 


Fakra -> SMA -> MCX.

Benjamin set the Raspberry Pi up as a web server, enabling it as a wireless hotspot. This allows the tablet to connect wirelessly, displaying roadmaps and the media centre on his carputer dashboard, and accessing his music library via a USB flashdrive. The added benefit of using the tablet is that it includes GPS functionality: Benjamin plans to incorporate a 3G dongle to improve navigation by including real-time events such as road works and accidents.


The carputer control desk

The carputer build is a neat, clean setup, but it would be interesting to see what else could be added to increase functionality while on the road. As an aviation fanatic, Benjamin might choose to incorporate an ADS-B receiver, as demonstrated in this recent tutorial. Maybe some voice controls using Alexa? Or how about multiple tablets with the ability to access video or RetroPie, to keep his passengers entertained? What would you add?

Carputer with raspberry pi first test

For more details go to http://abartben.wordpress.com/


The post The Carputer appeared first on Raspberry Pi.

Software, the unsung hero

Post Syndicated from Matt Richardson original https://www.raspberrypi.org/blog/software-the-unsung-hero/

This column is from The MagPi issue 48. You can download a PDF of the full issue for free or subscribe to receive the print edition in your mailbox or the digital edition on your tablet. All proceeds from the print and digital editions help the Raspberry Pi Foundation achieve its charitable goals. The MagPi 48

As Raspberry Pi enthusiasts, we tend to focus a lot on hardware. When a new or updated board is released, it garners a lot of attention and excitement. On one hand, that’s sensible because Raspberry Pi is a leader in pushing the boundaries of affordable hardware. On the other hand, it tends to overshadow the fact that strong software support makes an enormous contribution to Raspberry Pi’s success in education, hobby, and industrial markets.

Because of that, I want to take the opportunity this month to highlight how important software is for Raspberry Pi. Whether you’re using our computer as a desktop replacement, a project platform, or a learning tool, you depend on an enormous amount of software built on top of the hardware. From the foundation of the Linux kernel, all the way up to the graphical user interface of the application you’re using, you rely on the work of many people who have spent countless hours designing, developing, and testing software.


The look and feel of the desktop environment in Raspbian serves as a good signal of the progress being made to the software made specifically for Raspberry Pi. I encourage you to compare the early versions of Raspbian’s desktop environment to what you get when you download Raspbian today. Many little tweaks are made with each release, and they’ve really built up to make a huge difference in the user experience.

Skin deep

And keep in mind that’s only considering the desktop interface of Raspbian. The improvements to the operating system under the hood go well beyond what you might notice on screen. For Raspberry Pi, there’s been updates for firmware, more functionality, and improved hardware drivers. All of this is in addition to the ongoing improvements to the Linux kernel for all supported platforms.

For those of us who are hobbyists, we have access to so many code libraries contributed by developers, so that we can create things easily with Raspberry Pi in a ton of different programming languages. As you probably know, the power of Raspberry Pi lies in its GPIO pins which make it perfect for physical computing projects, much like the ones you find in the pages of The MagPi. New Python libraries like GPIO Zero make it even easier than ever to explore physical computing. What used to take four lines of code is boiled down to just LED.blink(), for example.


Not all software that helps us was made to run on Raspberry Pi directly. Take, for instance, Etcher, a wonderful program from the team at Resin.io. Etcher is the easiest SD card flasher I have ever used, and takes a lot of guesswork out of flashing SD cards with Raspbian or any other operating system. Those of us who write tutorials are especially happy about this; since Etcher is cross-platform, you don’t need to have a separate set of instructions for people running Windows, Mac, and Linux. In addition, its well-designed graphical interface is a sight for sore eyes, especially for those of us who have been using command line tools for SD card flashing.

The list of amazing software that supports Raspberry Pi could go on for pages, but I only have limited space here. So I’ll leave you with my favourite point about Raspberry Pi’s strong software support. When you get a Raspberry Pi today and download Raspbian, you can rest assured that, because of the rapidly improving software support, it will only get better with age. You certainly can’t say that about everything you buy.

The post Software, the unsung hero appeared first on Raspberry Pi.

Human Sensor

Post Syndicated from Alex Bate original https://www.raspberrypi.org/blog/human-sensor/

In collaboration with Professor Frank Kelly and the environmental scientists of King’s College London, artist Kasia Molga has created Human Sensor – a collection of hi-tech costumes that react to air pollution within the wearer’s environment.

Commissioned by Invisible Dust, an organisation supporting artists and scientists to create pieces that explore environmental and climate change, Molga took to the streets of Manchester with her army of Human Sensors to promote the invisible threat of air pollution in the industrial city.

Human Sensor

Angry little clouds of air pollution

Each suit is equipped with a small aerosol monitor that links to a Raspberry Pi and GPS watch. These components work together to collect pollution data from their location. Eventually, the suits will relay data back in real time to a publicly accessible website; for now, information is stored and submitted at a later date.

The Pi also works to control the LEDs within the suit, causing them to flash, pulse, and produce patterns and colours that morph in reaction to air conditions as they are read by the monitor.

Human Sensor

All of the lights…

The suit’s LED system responds to the presence of pollutant particles in the air, changing the colour of the white suit to reflect the positive or negative effect of the air around it. Walk past the grassy clearing of a local park, and the suit will turn green to match it. Stand behind the exhaust of a car, and you’ll find yourself pulsating red.

It’s unsurprising that the presence of the suits in Manchester was both well received and a shock to the system for the city’s residents. While articles are beginning to surface regarding the impact of air pollution on children’s mental health, and other aspects of the detrimental health effects of pollution have long been known, it’s a constant struggle for scientists to remind society of the importance of this invisible threat. By building a physical reminder, using the simple warning colour system of red and green, it’s hard not to take the threat seriously.

“The big challenge we have is that air pollution is mostly invisible. Art helps to makes it visible. We are trying to bring air pollution into the public realm. Scientific papers in journals work on one level, but this is a way to bring it into the street where the public are.” – Andrew Grieve, Senior Air Quality Analyst, King’s College


Human Sensor

23-29 July 2016 in Manchester Performers in hi tech illuminated costumes reveal changes in urban air pollution. Catch the extraordinary performances created by media artist Kasia Molga with Professor Frank Kelly from King’s College London. The hi-tech illuminated costumes reflect the air pollution you are breathing on your daily commute.

Human Sensor is supported by the Wellcome Trust’s Sustaining Excellence Award and by Arts Council England; Invisible Dust is working in partnership with Manchester, European City of Science.

The post Human Sensor appeared first on Raspberry Pi.

Road Warriors: Beware of ‘Video Jacking’

Post Syndicated from BrianKrebs original https://krebsonsecurity.com/2016/08/road-warriors-beware-of-video-jacking/

A little-known feature of many modern smartphones is their ability to duplicate video on the device’s screen so that it also shows up on a much larger display — like a TV. However, new research shows that this feature may quietly expose users to a simple and cheap new form of digital eavesdropping.

Dubbed “video jacking” by its masterminds, the attack uses custom electronics hidden inside what appears to be a USB charging station. As soon as you connect a vulnerable phone to the appropriate USB charging cord, the spy machine splits the phone’s video display and records a video of everything you tap, type or view on it as long as it’s plugged in — including PINs, passwords, account numbers, emails, texts, pictures and videos.

The part of the "video jacking" demonstration at the DEF CON security conference last week in Las Vegas.

Some of the equipment used in the “video jacking” demonstration at the DEF CON security conference last week in Las Vegas. Source: Brian Markus.

[Click here if you’re the TL;DR type and just want to know if your phone is at risk from this attack.]

Demonstrations of this simple but effective mobile spying technique were on full display at the DEF CON security conference in Las Vegas last week. I was busy chasing a story at DEF CON unrelated to the conference this year, so I missed many people and talks that I wanted to see. But I’m glad I caught up with the team behind DEF CON’s annual and infamous “Wall of Sheep,” a public shaming exercise aimed at educating people about the dangers of sending email and other plain text online communications over open wireless networks.

Brian Markus, co-founder and chief executive officer for Aries Security, said he and fellow researchers Joseph Mlodzianowski and Robert Rowley came up with the idea for video jacking when they were brainstorming about ways to expand on their “juice jacking” experiments at DEF CON in 2011.

“Juice jacking” refers to the ability to hijack stored data when the user unwittingly plugs his phone into a custom USB charging station filled with computers that are ready to suck down and record said data (both Android and iOS phones now ask users whether they trust the computer before allowing data transfers).

In contrast, video jacking lets the attacker record every key and finger stroke the user makes on the phone, so that the owner of the evil charging station can later replay the videos and see any numbers or keys pressed on the smart phone.

That’s because those numbers or keys will be raised briefly on the victim’s screen with each key press. Here’s an example: While the user may have enabled a special PIN that needs to be entered before the phone unlocks to the home screen, this method captures even that PIN as long as the device is vulnerable and plugged in before the phone is unlocked.


Most of the phones vulnerable to video jacking are Android or other HDMI-ready smartphones from Asus, Blackberry, HTC, LG, Samsung, and ZTE. This page of HDMI enabled smartphones at phonerated.com should not be considered all-inclusive. Here’s another list. When in doubt, search online for your phone’s make and model to find out if it is HDMI or MHL ready.

Video jacking is a problem for users of HDMI-ready phones mainly because it’s very difficult to tell a USB cord that merely charges the phone versus one that also taps the phone’s video-out capability. Also, there’s generally no warning on the phone to alert the user that the device’s video is being piped to another source, Markus said.

“All of those phones have an HDMI access feature that is turned on by default,” he said. “A few HDMI-ready phones will briefly flash something like ‘HDMI Connected’ whenever they’re plugged into a power connection that is also drawing on the HDMI feature, but most will display no warning at all. This worked on all the phones we tested with no prompting.”

Both Markus and Rowley said they did not test the attack against Apple iPhones prior to DEF CON, but today Markus said he tested it at an Apple store and the video of the iPhone 6’s home screen popped up on the display in the store without any prompt. Getting it to work on the display required a special lightning digital AV adapter from Apple, which could easily be hidden inside an evil charging station and fed an extension adapter and then a regular lightning cable in front of that.


Markus had to explain to curious DEF CON attendees who wandered near the Wall of Sheep this year exactly what would happen if they plugged their phone into his phony charging station. As you can imagine, not a ton of people volunteered but there were enough to prove a point, Markus said.

The demonstration unit that Markus and his team showed at DEF CON (pictured above) was fairly crude. Behind a $40 monitor purchased at a local Vegas pawn shop is a simple device that takes HDMI output from a video splitter. That splitter is connected to two micro USB to HDMI cables that are cheaply available in electronics stores.

Those two cords were connected to standard USB charging cables for mobiles — including the universal micro USB to HDMI adapter (a.k.a. Mobile High Definition Link or MHL connector), and a slimport HDMI adapter. Both look very similar to standard USB charging cables. The raw video files are recorded by a simple inline recording device to a small USB storage device taped to the back of the monitor.

Markus said the entire rig (minus the TV monitor) cost about $220, and that the parts could be bought at hundreds of places online.

Although it's hard to tell the difference at this angle, the USB connector on the left has a set of six extra pins that enable it to read HDMI video and whatever is being viewed on the user's screen. Both cords will charge the same phone.

Although it may be difficult to tell the difference at this angle, the Mobile High Definition Link (MHL) USB connector on the left has a set of six extra pins that enable it to read HDMI video and whatever is being viewed on the user’s screen. Both cords will charge the same phone.


My take on video jacking? It’s an interesting and very real threat — particularly if you own an HDMI ready phone and are in the habit of connecting it to any old USB port. Do I consider it likely that any of us will have to worry about this in real life? The answer may have a lot to do with what line of work you’re in and how paranoid you are, but it doesn’t strike me as very likely that most mere mortals would have reason to worry about video jacking.

On the other hand, it would be a fairly cheap and reasonably effective (if random) way to gather secrets from a group of otherwise unsuspecting people in a specific location, such as a hotel, airport, pub, or even a workplace.

An evil mobile charging station would be far more powerful when paired with a camera (hidden or not) trained on the charger. Imagine how much data one could hoover up with a fake charging station used to gather intellectual property or trade secrets from, say….attendees of a niche trade show or convention.

Now that I think about it, since access to electric power is not a constraint with these fake charging stations, there’s no reason it couldn’t just beam all of its video wirelessly. That way, the people who planted the spying equipment could retrieve or record the victim videos in real time and never have to return to the scene of the crime to collect any of it. Okay, I’ll stop now.

What can vulnerable users do to protect themselves from video jacking?

Hopefully, your phone came with a 2-prong charging cord that plugs straight into a standard wall jack. If not, look into using a USB phone charger adapter that has a regular AC/DC power plug on one end and a female USB port on the other (just make sure you don’t buy this keystroke logger disguised as a USB phone charger). Carry an extra charging dock for your mobile device when you travel.

Also, check the settings of your mobile and see if it allows you to disable screen mirroring. Note that even if you do this, the mirroring capability might not actually turn off.

What should mobile device makers do to minimize the threat from video jacking? 

“The problem here is that device manufacturers continue to add features and not give us prompting,” Markus said. “With this feature, it automatically connects no matter what. HDMI-out should be off by default, and if turned on it should require prompting the user.”

Update: 4:52 p.m. ET: Updated paragraph about Apple iPhones to clarify that this same attack works against the latest iPhone 6.

Got Microsoft? Time to Patch Your Windows

Post Syndicated from BrianKrebs original https://krebsonsecurity.com/2016/08/got-microsoft-time-to-patch-your-windows/

Microsoft churned out a bunch of software updates today fix some serious security problems with Windows and other Microsoft products like Internet Explorer (IE), Edge and Office. If you use Microsoft, here are some details about what needs fixing.

brokenwindowsAs usual, patches for IE and for Edge address the largest number of “critical” vulnerabilities. Critical bugs refer to flaws Microsoft deems serious enough that crooks can exploit them to remotely compromise a vulnerable computer without any help from the user, save for the user visiting some hacked but otherwise legitimate site.

Another bundle of critical bugs targets at least three issues with the way Windows, Office and Skype handle certain types of fonts. Microsoft said attackers could exploit this flaw to take over computers just by getting the victim to view files with specially crafted fonts — either in an Office file like Word or Excel (including via the preview pane), or visiting a hacked/malicious Web site.

Microsoft Office got its own critical patch that fixed at least seven vulnerabilities — including another one exploitable through the preview pane. Microsoft PDF also received a critical patch thanks to a bug that’s exploitable just by getting Edge users to view specially-crafted PDF content in the browser.

For the record, Adobe says it has no plans to issue a Flash Player update today (as per usual) or anytime this month. As always, if you experience any issues downloading or installing any of the Microsoft updates from this month, please don’t hesitate to leave a comment below.

For more information on these and other Microsoft security updates released today, check out the blogs at security vendors Qualys and Shavlik.

Pi 3 booting part I: USB mass storage boot beta

Post Syndicated from Gordon Hollingworth original https://www.raspberrypi.org/blog/pi-3-booting-part-i-usb-mass-storage-boot/

When we originally announced the Raspberry Pi 3, we announced that we’d implemented several new boot modes. The first of these is the USB mass storage boot mode, and we’ll explain a little bit about it in this post; stay tuned for the next part on booting over Ethernet tomorrow. We’ve also supplied a boot modes tutorial over on the Raspberry Pi documentation pages.

Note: the new boot modes are still in beta testing and use the “next” branch of the firmware. If you’re unsure about using the new boot modes, it’s probably best to wait until we release it fully.

How did we do this?

Inside the 2835/6/7 devices there’s a small boot ROM, which is an unchanging bit of code used to boot the device. It’s the boot ROM that can read files from SD cards and execute them. Previously, there were two boot modes: SD boot and USB device boot (used for booting the Compute Module). When the Pi is powered up or rebooted, it tries to talk to an attached SD card and looks for a file called bootcode.bin; if it finds it, then it loads it into memory and jumps to it. This piece of code then continues to load up the rest of the Pi system, such as the firmware and ARM kernel.

While squeezing in the Quad A53 processors, I spent a fair amount of time writing some new boot modes. If you’d like to get into a little more detail, there’s more information in the documentation. Needless to say, it’s not easy squeezing SD boot, eMMC boot, SPI boot, NAND flash, FAT filesystem, GUID and MBR partitions, USB device, USB host, Ethernet device, and mass storage device support into a mere 32kB.

What is a mass storage device?

The USB specification allows for a mass storage class which many devices implement, from the humble flash drive to USB attached hard drives. This includes micro SD readers, but generally it refers to anything you can plug into a computer’s USB port and use for file storage.

I’ve tried plugging in a flash drive before and it didn’t do anything. What’s wrong? 

We haven’t enabled this boot mode by default, because we first wanted to check that it worked as expected. The boot modes are enabled in One-Time Programmable (OTP) memory, so you have to enable the boot mode on your Pi 3 first. This is done using a config.txt parameter.

Instructions for implementing the mass storage boot mode, and changing a suitable Raspbian image to boot from a flash drive, can be found here.

Are there any bugs / problems?

There are a couple of known issues:

  1. Some flash drives power up too slowly. There are many spinning disk drives that don’t respond within the allotted two seconds. It’s possible to extend this timeout to five seconds, but there are devices that fail to respond within this period as well, such as the Verbatim PinStripe 64GB.
  2. Some flash drives have a very specific protocol requirement that we don’t handle; as a result of this, we can’t talk to these drives correctly. An example of such a drive would be the Kingston Data Traveller 100 G3 32G.

These bugs exist due to the method used to develop the boot code and squeeze it into 32kB. It simply wasn’t possible to run comprehensive tests.

However, thanks to a thorough search of eBay and some rigorous testing by our awesome work experience student Henry Budden, we’ve found the following devices work perfectly well:

  • Sandisk Cruzer Fit 16GB
  • Sandisk Cruzer Blade 16Gb
  • Samsung 32GB USB 3.0 drive
  • MeCo 16GB USB 3.0

If you find some devices we haven’t been able to test, we’d be grateful if you’d let us know your results in the comments.

Will it be possible to boot a Pi 1 or Pi 2 using MSD?

Unfortunately not. The boot code is stored in the BCM2837 device only, so the Pi 1, Pi 2, and Pi Zero will all require SD cards.

However, I have been able to boot a Pi 1 and Pi 2 using a very special SD card that only contains the single file bootcode.bin. This is useful if you want to boot a Pi from USB, but don’t want the possible unreliability of an SD card. Don’t mount the SD card from Linux, and it will never get corrupted!

My MSD doesn’t work. Is there something else I can do to get it working?

If you can’t boot from the MSD, then there are some steps that you can take to diagnose the problem. Please note, though, this is very much still a work in progress:

  • Format an SD card as FAT32
  • Copy the current next branch bootcode.bin from GitHub onto the SD card
  • Plug it into the Pi and try again

If this still doesn’t work, please open an issue in the firmware repository.



The post Pi 3 booting part I: USB mass storage boot beta appeared first on Raspberry Pi.

Batinator – spot bats in flight

Post Syndicated from Liz Upton original https://www.raspberrypi.org/blog/batinator-spot-bats/

Even you live somewhere heavily endowed with bats, you’ve probably never had a good look at one on the wing. Bats fly so fast – in poor lighting conditions – that if you’re lucky you’ll get a glimpse of something flashing by out of the corner of your eye, but usually you won’t even notice they’re there.

Enter the Batinator.


The Batinator is a portable Raspberry Pi device with an Pi NoIR camera board and a big array of IR lights to illuminate the subject, which means it can see in the infra-red spectrum. Martin Mander has set it up to record at 90 frames per second – enough to capture the very fast flappings of your neighbourhood bats in slow-mo. And it’s powered by a recycled 12v rechargeable drill bat-tery, which makes it look like some sort of police hand-held radar bat scanner. (Which it is not.)


Here’s the Batinator in action (bats start doing bat stuff at about 2:40):

The Raspberry Pi Batinator

The Batinator is a portable Raspberry Pi that uses a PinoIR (No Infrared Filter) camera module to record video in the dark at 90 frames per second, 640×480 resolution. It features a 48 LED illuminator lamp on top and the power is provided by a 12v rechargeable drill battery.

Martin’s made a full writeup available on Instructables so you can make your own, along with some video he’s taken with the same setup of a lightning storm – it turns out that the same technology that’s great for bat-spotting is also great for storm-filming. He’ll walk you through the equipment he’s built, as well as through building your own bat lure, which involves soaking your socks in beer and hanging them from a line to attract tasty, tasty moths.

sad bat

Thanks Martin – let us know if you take more footage!


The post Batinator – spot bats in flight appeared first on Raspberry Pi.

My Raspeberry Pi cluster

Post Syndicated from Robert Graham original http://blog.erratasec.com/2016/07/my-raspeberry-pi-cluster.html

So I accidentally ordered too many Raspberry Pi’s. Therefore, I built a small cluster out of them. I thought I’d write up a parts list for others wanting to build a cluster.

To start with is some pics of the cluster What you see is a stack of 7 RPis. At the bottom of the stack is a USB multiport charger and also an Ethernet hub. You see USB cables coming out of the charger to power the RPis, and out the other side you see Ethernet cables connecting the RPis to a network. I’ve including the mouse and keyboard in the picture to give you a sense of perspective.

Here is the same stack turn around, seeing it from the other side. Out the bottom left you see three external cables, one Ethernet to my main network and power cables for the USB charger and Ethernet hub. You can see that the USB hub is nicely tied down to the frame, but that the Ethernet hub is just sort jammed in there somehow.

The concept is to get things as cheap as possible, on per unit basis. Otherwise, one might as well just buy more expensive computers. My parts list for a 7x Pi cluster are:

$35.00/unit Raspberry Pi
 $6.50/unit stacking case from Amazon
 $5.99/unit micro SD flash from Newegg
 $4.30/unit power supply from Amazon
 $1.41/unit Ethernet hub from Newegg
 $0.89/unit 6 inch and 1-foot micro USB cable from Monoprice
 $0.57/unit 1 foot Ethernet cable from Monoprice

…or $54.65 per unit (or $383 for entire cluster), or around 50% more than the base Raspberry Pis alone. This is getting a bit expensive, as Newegg. always has cheap Android tablets on closeout for $30 to $50.

So here’s a discussion of the parts.

Raspberry Pi 2

These are old boards I’d ordered a while back. They are up to RPi3 now with slightly faster processors and WiFi/Bluetooth on board, neither of which are useful for a cluster. It has four CPUs each running at 900 MHz as opposed to the RPi3 which has four 1.2 GHz processors. If you order a Raspberry Pi now, it’ll be the newer, better one.

The case

You’ll notice that the RPi’s are mounted on acrylic sheets, which are in turn held together with standoffs/spaces. This is a relatively expensive option.

A cheaper solution would be just to buy the spaces/standoffs yourself. They are a little hard to find, because the screws need to fit the 2.9mm holes, where are unusually tiny. Such spaces/standoffs are usually made of brass, but you can also find nylon ones. For the ends, you need some washers and screws. This will bring the price down to about $2/unit — or a lot cheaper if you are buying in bulk for a lot of units.

The micro-SD

The absolute cheapest micro SD’s I could find were $2.95/unit for 4gb, or half the price than the ones I bought. But the ones I chose are 4x the size and 2x the speed. RPi distros are getting large enough that they no longer fit well on 4gig cards, and are even approaching 8gigs. Thus, 16gigs are the best choice, especially when I could get hen for $6/unit. By the time you read this, the price of flash will have changed up or down. I search on Newegg, because that’s the easiest way to focus on the cheapest. Most cards should work, but check http://elinux.org/RPi_SD_cards to avoid any known bad chips.

Note that different cards have different speeds, which can have a major impact on performance. You probably don’t care for a cluster, but if you are buying a card for a development system, get the faster ones. The Samsung EVO cards are a good choice for something fast.

USB Charging Hub

What we want here is a charger not a hub. Both can work, but the charger works better.

A normal hub is about connecting all your USB devices to your desktop/laptop. That doesn’t work for this RPi — the connector is just for power. It’s just leveraging the fact that there’s already lots of USB power cables/chargers out there, so that it doesn’t have to invite a custom one.

USB hubs an supply some power to the RPi, enough to boot it. However, under load, or when you connect further USB devices to the RPi, there may not be enough power available. You might be able to run a couple RPis from a normal hub, but when you’ve got all seven running (as in this stack), there might not be enough power. Power problems can outright crash the devices, but worse, it can lead to things like corrupt writes to the flash drives, slowly corrupting the system until it fails.

Luckily, in the last couple years we’ve seen suppliers of multiport chargers. These are designed for families (and workplaces) that have a lot of phones and tablets to charge. They can charge high-capacity batteries on all ports — supplying much more power than your RPi will ever need.

If want to go ultra cheaper, then cheap hubs at $1/port may be adequate. Chargers cost around $4/port.

The charger I chose in particular is the Bolse 60W 7-port charger. I only need exactly 7 ports. More ports would be nicer, in case I needed to power something else along with the stack, but this Bolse unit has the nice property that it fits snugly within the stack. The frame came with extra spacers which I could screw together to provide room. I then used zip ties to hold it firmly in place.

Ethernet hub

The RPis only have 100mbps Ethernet. Therefore, you don’t need a gigabit hub, which you’d normally get, but can choose a 100mbps hub instead: it’s cheaper, smaller, and lower power. The downside is that while each RPi only does 100-mbps, combined they will do 700-mbps, which the hub can’t handle.

I got a $10 hub from Newegg. As you can see, it fits within the frame, though not well. Every gigabit hub I’ve seen is bigger and could not fit this way.

Note that I have a couple extra RPis, but I only built a 7-high stack, because of the Ethernet hub. Hubs have only 8 ports, one of which is needed for the uplink. That leaves 7 devices. I’d have to upgrade to an unwieldy 16-port hub if I wanted more ports, which wouldn’t fit the nice clean case I’ve got.

For a gigabit option, Ethernet switches will cost between $23 and $35 dollars. That $35 option is a “smart” switch that supports not only gigabit, but also a web-based configuration tool, VLANs, and some other high-end features. If I paid more for a switch, I’d probably go with the smart/managed one.

Cables (Ethernet, USB)

Buying cables is expensive, as everyone knows whose bought an Apple cable for $30. But buying in bulk from specialty sellers can reduce the price to under $1/cable.

The chief buy factor is length. We want short cables that will just barely be long enough. in the pictures above, the Ethernet cables are 1-foot, as are two of the USB cables. The colored USB cables are 6-inches. I got these off Amazon because they looked cool, but now I’m regretting it.

The easiest, cheapest, and highest quality place to buy cables is Monoprice.com. It allows you to easily select the length and color.

To reach everything in this stack, you’ll need 1-foot cables. Though, 6-inch cables will work for some (but not all) of the USB devices. Although, instead of putting the hubs on the bottom, I could’ve put them in the middle of the stack, then 6-inch cables would’ve worked better — but I didn’t think that’d look as pretty. (I chose these colored cables because somebody suggested them, but they won’t work for the full seven-high tower).

Power consumption

The power consumption of the entire stack is 13.3 watts while it’s idle. The Ethernet hub by itself was 1.3 watts (so low because it’s 100-mbps instead of gigabit).

So, round it up, that’s 2-watts per RPi while idle.

In previous power tests, it’s an extra 2 to 3 watts while doing heavy computations, so for the entire stack, that can start consuming a significant amount of power. I mention this because people think terms of a low-power alternative to Intel’s big CPUs, but in truth, once you’ve gotten enough RPis in a cluster to equal the computational power of an Intel processor, you’ll probably be consuming more electricity.

The operating system

I grabbed the lasted Raspbian image and installed it on one of the RPis. I then removed it, copied the files off (cp -a), reformatted it to use the f2fs flash file system, then copied the files back on. I then made an image of the card (using dd), then wrote that image to 6 other cards. I then I logged into each one ad renamed them rpi-a1, …, rpi-a7. (Security note: this means they all have the same SSH private key, but I don’t care).

About flash file systems

The micro SD flash has a bit of wear leveling, but not enough. A lot of RPi servers I’ve installed in the past have failed after a few months with corrupt drives. I don’t know why, I suspect it’s because the flash is getting corrupted.

Thus, I installed f2fs, a wear leveling file system designed especially for this sort of situation. We’ll see if that helps at all.

One big thing is to make sure atime is disabled, a massively brain dead feature inherited from 1980s Unix that writes to the disk every time you read from a file.

I notice that the green LED on the RPi, indicating disk activity, flashes very briefly once per second, (so quick you’ll miss it unless you look closely at the light). I used iotop -a to find out what it is. I think it’s just a hardware feature and not related to disk activity. On the other hand, it’s worth tracking down what writes might be happening in the background that will affect flash lifetime.

What I found was that there is some kernel thread that writes rarely to the disk, and a “f2fs garbage collector” that’s cleaning up the disk for wear leveling. I saw nothing that looked like it was writing regularly to the disk.

What to use it for?

So here’s the thing about an RPi cluster — it’s technically useless. If you run the numbers, it’s got less compute power and higher power consumption than a normal desktop/laptop computer. Thus, an entire cluster of them will still perform slower than laptops/desktops.

Thus, the point of a cluster is to have something to play with, to experiment with, not that it’s the best form of computation. The point of individual RPis is not that they have better performance/watt — but that you don’t need as much performance but want a package with very low watts.

With that said, I should do some password cracking benchmarks with them, compared across CPUs and GPUs, measuring power consumption. That’ll be a topic for a later post.

With that said, I will be using these, though as individual computers rather than as a “cluster”. There’s lots of services I want to run, but I don’t want to run a full desktop running VMware. I’d rather control individual devices.


I’m not sure what I’m going to do with my little RPi stack/cluster, but I wanted to document everything about it so that others can replicate it if they want to.

Smedberg: Reducing Adobe Flash Usage in Firefox

Post Syndicated from corbet original http://lwn.net/Articles/694972/rss

Benjamin Smedberg writes
that the Firefox browser will soon start taking a more active approach to
the elimination of Flash content. “Starting in August, Firefox will
block certain Flash content that is not essential to the user experience,
while continuing to support legacy Flash content. These and future changes
will bring Firefox users enhanced security, improved battery life, faster
page load, and better browser responsiveness.

Security updates for Wednesday

Post Syndicated from ris original http://lwn.net/Articles/694956/rss

Debian has updated apache2 (HTTP redirect).

Debian-LTS has updated apache2 (HTTP redirect).

Fedora has updated ecryptfs-utils
(F24: two vulnerabilities), kernel (F24; F23:
multiple vulnerabilities), php-doctrine-orm (F24; F23:
privilege escalation), and spice (F24: two vulnerabilities).

Gentoo has updated ansible (code
execution), arpwatch (privilege escalation
from 2012), bugzilla (multiple
vulnerabilities from 2014), commons-beanutils (code execution from 2014),
dropbear (information disclosure), exim (code execution from 2014), libbsd (denial of service), ntp (many vulnerabilities), and varnish (access control bypass).

openSUSE has updated ImageMagick
(Leap42.1: many vulnerabilities), nodejs
(Leap42.1, 13.2: buffer overflow), and samba (13.2: crypto downgrade).

Red Hat has updated java-1.8.0-openjdk (RHEL6,7: multiple vulnerabilities).

SUSE has updated flash-player
(SLE12-SP1: multiple vulnerabilities).

Ubuntu has updated python-django
(16.04: cross-site scripting).

Rocket Man

Post Syndicated from Alex Bate original https://www.raspberrypi.org/blog/rocket-man/

James Dougherty, co-founder and owner of Real Flight Systems, was looking at how to increase the performance of his high-altitude rockets…

Rocket Pi High Altitude Rocket

These types of rockets… yeah…

James’s goal was to build a ‘plug and run’ video system within a rocket, allowing high-definition video to be captured throughout the entirety of the flight. He also required a fully functioning Linux system that would allow for the recording of in-flight telemetry.

You can totally see the direction he’s headed in, right?

This requirement called for long battery life, high storage to accommodate up to 1080p video, and a lightweight processor, allowing the rocket to be robust and reliable while in flight.

Unsurprisingly, James decided to use the Raspberry Pi for his build, settling for the model B.

Before starting the build, James removed the HDMI port, composite video output, USB post, audio jack, and Microchip LAN9512. Not only did this lessen the weight of the Pi, but these modifications also lowered the power needed to run the setup, thus decreasing the size of battery needed. This shrunken unit, completed with the addition of a Pi camera, meant the Pi could run for 8-10 hours with the recording quality lowered to 720p60 and no audio captured.

Rocket PI High Altitude Rocket

Slimline Pi, now with 40% less Pi.

Sadly, the first launch had its issues: the rocket suffered a system failure that resulted in the destruction of the micro SD during the Pegasus flight at BALLS 23, an experimental rocket launch event in the Blackrock desert, USA.

Rocket Pi High Altitude Rocket

Ruh-roh, Raggy…

Rockets Magazine managed to record the launch which shows the highlights mid-flight.

ROCKETS Mag Balls 23 James Dougherty Pegasus

James Dougherty Pegasus flight at Balls 23

However, the next launch was far more successful, with close friend Jimmy Franco launching Rocket-Pi within a Dominator 4 to record the following footage.

(This clip comes with a motion sickness warning!)

Dominator 4 L1355 – TCC 02/21/15

Jimmy Franco flies Dominator-4 at TCC’s February Launch (02/21/15 on an L1355.

So what was next?

Aside from a few issues with Windows when trying to upload the footage post-flight, the main gripe was the lack of audio.

Investing in a new Raspberry Pi, making sure to keep more of the original components intact, James also updated the board with a USB microphone, added a USB flash drive to eliminate the Windows issues, and replaced the SD card with a lower storage option, as the footage was now stored in the flash drive.

1/3 Scale Nike L3150 – TCC Nike Smoke Drag Race 06/20/15

Launch and recovery of 1/3 Scale Nike Smoke at Tripoli Central Californias June 20th Launch. The vehicle flight-ready weighed 30 lbs, L3150 produces 800lbs initial thrust so we had about 26.6 G’s (burnt time 1.1440 seconds). Max speed: Mach 1.2; Max Altitude, 8,837′ AGL (GPS).

In the meantime, as James has continued to work on the Rocket-Pi, updating the hardware and code, he’s managed to put the Pi through some vigorous testing. During the most recent flight in Blackrock, the Pi reached 48K MSL (48000 feet above sea level… wow), at a speed of up to Mach 1.8 (1381 miles per hour… double wow).

Rocket Pi High Altitude Rocket

But I AM flying! And from way up here you all look like little ants.

Moving on from the build, James aims to upgrade various features. One of the most exciting upgrades looks to be the migration of Rocket-Pi to the Pi Zero, the smaller size allowing for multiple units in one rocket… creating 360-degree coverage of the flight (yes please!).

More of the build information, coding, and flight documentation can be found at the RFS website.

The post Rocket Man appeared first on Raspberry Pi.

Security advisories for Monday

Post Syndicated from ris original http://lwn.net/Articles/694780/rss

Arch Linux has updated flashplugin (multiple vulnerabilities), gimp (use-after-free), and lib32-flashplugin (multiple vulnerabilities).

Debian has updated libgd2 (multiple vulnerabilities) and pidgin (multiple vulnerabilities).

Debian-LTS has updated binutils (multiple vulnerabilities), phpmyadmin (multiple vulnerabilities), and ruby-eventmachine (denial of service).

Fedora has updated gimp (F22:
use-after-free), httpd (F23: authentication
bypass), openjpeg2 (F23: multiple
vulnerabilities), perl (F22: code
execution), python (F23: denial of
service), python3 (F23: denial of service),
samba (F23: crypto downgrade), and sudo (F23; F22: race condition).

Gentoo has updated cacti
(multiple vulnerabilities), chromium
(multiple vulnerabilities), cups (code
execution), and gd (multiple vulnerabilities).

Friday’s security updates

Post Syndicated from n8willis original http://lwn.net/Articles/694622/rss

Debian has updated php5
(multiple vulnerabilities).

Debian-LTS has updated clamav (fix for previously released update) and drupal7 (privilege escalation).

Fedora has updated openjpeg2
(F24: multiple vulnerabilities) and sqlite (F24: information leak).

Mageia has updated graphicsmagick (M5: multiple vulnerabilities), pdfbox (M5: XML External Entity (XEE) attack), sqlite3 (M5: information leak:), thunderbird (M5: multiple vulnerabilities), and util-linux (M5: denial of service).

openSUSE has updated flash-player (13.1: multiple vulnerabilities), LibreOffice (Leap 42.1: multiple vulnerabilities), libvirt (13.2; Leap 42.1:
authentication bypass),
and xerces-c (13.2: multiple vulnerabilities).

Red Hat has updated atomic-openshift (RHOSE 3.2: information leak).

Ubuntu has updated ecryptfs-utils (15.10, 16.04: information
leak), kernel (14.04; 15.10: denial of service),
libarchive (12.04, 14.04, 15.10, 16.04: code execution), linux-lts-trusty (12.04: denial of service), linux-lts-utopic (14.04: denial of service), linux-lts-vivid (14.04: denial of service), linux-lts-wily (14.04: denial of service), and linux-raspi2 (15.10: denial of service).

Security advisories for Thursday

Post Syndicated from jake original http://lwn.net/Articles/694513/rss

Fedora has updated gnutls (F23:
certificate verification botch).

Gentoo has updated flash (many vulnerabilities).

openSUSE has updated flash-player
(13.2: many vulnerabilities) and kernel (42.1:
multiple vulnerabilities).

Red Hat has updated flash-plugin
(RHEL 5↦6: many vulnerabilities) and rh-nginx18-nginx (RHSC: multiple vulnerabilities).

SUSE has updated MozillaFirefox,
MozillaFirefox-branding-SLE, mozilla-nss
(SLE11: multiple vulnerabilities).

Security updates for Wednesday

Post Syndicated from ris original http://lwn.net/Articles/694371/rss

CentOS has updated kernel (C6:
privilege escalation).

Fedora has updated python (F24:
heap corruption), python3 (F24: heap corruption), and squid (F24; F23: multiple vulnerabilities).

Mageia has updated flash-player-plugin (multiple vulnerabilities).

Oracle has updated kernel (OL6: privilege escalation).

Red Hat has updated kernel
(RHEL7: denial of service) and kernel
(RHEL6: privilege escalation).

Scientific Linux has updated thunderbird (SL5,6,7: code execution).

Ubuntu has updated pidgin (15.10,
14.04, 12.04: multiple vulnerabilities).

Adobe, Microsoft Patch Critical Security Bugs

Post Syndicated from BrianKrebs original https://krebsonsecurity.com/2016/07/adobe-microsoft-patch-critical-security-bugs/

Adobe has pushed out a critical update to plug at least 52 security holes in its widely-used Flash Player browser plugin, and another update to patch holes in Adobe Reader. Separately, Microsoft released 11 security updates to fix vulnerabilities more than 40 flaws in Windows and related software.

brokenflash-aFirst off, if you have Adobe Flash Player installed and haven’t yet hobbled this insecure program so that it runs only when you want it to, you are playing with fire. It’s bad enough that hackers are constantly finding and exploiting zero-day flaws in Flash Player before Adobe even knows about the bugs.

The bigger issue is that Flash is an extremely powerful program that runs inside the browser, which means users can compromise their computer just by browsing to a hacked or malicious site that targets unpatched Flash flaws.

The smartest option is probably to ditch this insecure program once and for all and significantly increase the security of your system in the process. I’ve got more on that approach — as well as slightly less radical solutions — in A Month Without Adobe Flash Player.

If you choose to update, please do it today. The most recent versions of Flash should be available from this Flash distribution page or the Flash home page. Windows users who browse the Web with anything other than Internet Explorer may need to apply this patch twice, once with IE and again using the alternative browser (Firefox, Opera, e.g.). Chrome and IE should auto-install the latest Flash version on browser restart.

Happily, Adobe has delayed plans to stop distributing direct download links to its Flash Player program. The company had said it would decommission the direct download page on June 30, 2016, but the latest, patched Flash version for Windows and Mac systems is still available there. The wording on the site has been changed to indicate the download links will be decommissioned “soon.”

Adobe’s advisory on the Flash flaws is here. The company also released a security update that addresses at least 30 security holes in Adobe Reader. The latest version of Reader for most Windows and Mac users is v. 15.017.20050.

brokenwindowsSix of the 11 patches Microsoft issued this month earned its most dire “critical” rating, which Microsoft assigns to software bugs that can be exploited to remotely commandeer vulnerable machines with little to no help from users, save from perhaps browsing to a hacked or malicious site.

In fact, most of the vulnerabilities Microsoft fixed this Patch Tuesday are in the company’s Web browsers — i.e., Internet Explorer (15 vulnerabilities) and its newer Edge browser (13 flaws). Both patches address numerous browse-and-get-owned issues.

Another critical patch from Redmond tackles problems in Microsoft Office that could be exploited through poisoned Office documents.

For further breakdown on the patches this month from Adobe and Microsoft, check out these blog posts from security vendors Qualys and Shavlik. And as ever, if you encounter any problems downloading or installing any of the updates mentioned above please leave a note about your experience in the comments below.

Programming your Pi Zero over USB

Post Syndicated from Liz Upton original https://www.raspberrypi.org/blog/programming-pi-zero-usb/

Here’s a really neat solution from the inestimable Dan “PiGlove, mind where you put the capitals” Aldred. If you’re not able to get to another screen or monitor, or if you’re on the move, this is a very tidy way to get set up.

Programming the Pi over USB

A comprehensive video covering how to set up your Raspberry Pi Zero so that you can access it via the USB port. Yes, plug it in to a USB port and you can use the command line or with a few tweaks a full graphical desktop.

This is a really comprehensive guide, taking you all the way from flashing an SD card, accessing your Pi Zero via Putty, installing VNC and setting up a graphical user interface, to running Minecraft. Dan’s a teacher, and this video is perfect for beginners; if you find it helpful, please let us know in the comments!



The post Programming your Pi Zero over USB appeared first on Raspberry Pi.

How Una Got Her Stolen Laptop Back

Post Syndicated from Andy Klein original https://www.backblaze.com/blog/how-una-found-her-stolen-laptop/

Lost Laptop World Map

Reading Peter’s post on getting your data ready for vacation travels, reminded me of a story we recently received from a Backblaze customer. Una’s laptop was stolen and then traveled the over multiple continents over the next year. Here’s Una’s story, in her own words, on how she got her laptop back. Enjoy.

Pulse Incident Number 10028192
(or: How Playing Computer Games Can Help You In Adulthood)

One day when I was eleven, my father arrived home with an object that looked like a briefcase made out of beige plastic. Upon lifting it, one realized it had the weight of, oh, around two elephants. It was an Ericsson ‘portable’ computer, one of the earliest prototypes of laptop. All my classmates had really cool and fashionable computer game consoles with amazing names like “Atari” and “Commodore”, beautifully vibrant colour displays, and joysticks. Our Ericsson had a display with two colours (orange and … dark orange), it used floppy discs that were actually floppy (remember those?), ran on DOS and had no hard drive (you had to load the operating system every single time you turned on the computer. Took around 10 minutes). I dearly loved this machine, however, and played each of the 6 games on it incessantly. One of these was “Where In The World Is Carmen Sandiego?” an educational game where a detective has to chase an archvillain around the world, using geographical and cultural references as clues to get to the next destination. Fast forward twenty years and…

It’s June 2013, I’m thirty years old, and I still love laptops. I live in Galway, Ireland; I’m a self-employed musician who works in a non-profit music school so the cash is tight, but I’ve splashed out on a Macbook Pro and I LOVE IT. I’m on a flight from Dublin to Dubai with a transfer in Turkey. I talk to the guy next to me, who has an Australian accent and mentions he’s going to Asia to research natural energy. A total hippy, I’m interested; we chat until the convo dwindles, I do some work on my laptop, and then I fall asleep.

At 11pm the plane lands in Turkey and we’re called off to transfer to a different flight. Groggy, I pick up my stuff and stumble down the stairs onto the tarmac. In the half-light beside the plane, in the queue for the bus to the terminal, I suddenly realize that I don’t have my laptop in my bag. Panicking, I immediately seek out the nearest staff member. “Please! I’ve left my laptop on the plane – I have to go back and get it!”

The guy says: “No. It’s not allowed. You must get on the bus, madam. The cabin crew will find it and put it in “Lost and Found” and send it to you.” I protest but I can tell he’s immovable. So I get on the bus, go into the terminal, get on another plane and fly to Dubai. The second I land I ring Turkish Air to confirm they’ve found my laptop. They haven’t. I pretty much stalk Turkish Air for the next two weeks to see if the laptop turns up, but to no avail. I travel back via the same airport (Ataturk International), and go around all three Lost and Found offices in the airport, but my laptop isn’t there amongst the hundreds of Kindles and iPads. I don’t understand.

As time drags on, the laptop doesn’t turn up. I report the theft in my local Garda station. The young Garda on duty is really lovely to me and gives me lots of empathy, but the fact that the laptop was stolen in airspace, in a foreign, non-EU country, does not bode well. I continue to stalk Turkish Airlines; they continue to stonewall me, so I get in touch with the Turkish Department for Consumer Affairs. I find a champion amongst them called Ece, who contacts Turkish Airlines and pleads on my behalf. Unfortunately they seem to have more stone walls in Turkey than there are in the entire of Co. Galway, and his pleas fall on deaf ears. Ece advises me I’ll have to bring Turkish Airlines to court to get any compensation, which I suspect will cost more time and money than the laptop is realistically worth. In a firstworld way, I’m devastated – this object was a massive financial outlay for me, a really valuable tool for my work. I try to appreciate the good things – Ece and the Garda Sharon have done their absolute best to help me, my pal Jerry has loaned me a laptop to tide me over the interim – and then I suck it up, say goodbye to the last of my savings, and buy a new computer.

I start installing the applications and files I need for my business. I subscribe to an online backup service, Backblaze, whereby every time I’m online my files are uploaded to the cloud. I’m logging in to Backblaze to recover all my files when I see a button I’ve never noticed before labelled “Locate My Computer”. I catch a breath. Not even daring to hope, I click on it… and it tells me that Backblaze keeps a record of my computer’s location every time it’s online, and can give me the IP address my laptop has been using to get online. The records show my laptop has been online since the theft!! Not only that, but Backblaze has continued to back up files, so I can see all files the thief has created on my computer. My laptop has last been online in, of all the places, Thailand. And when I look at the new files saved on my computer, I find Word documents about solar power. It all clicks. It was the plane passenger beside me who had stolen my laptop, and he is so clueless he’s continued to use it under my login, not realizing this makes him trackable every time he connects to the internet.

I keep the ‘Locate My Computer” function turned on, so I’m consistently monitoring the thief’s whereabouts, and start the chapter of my life titled “The Sleep Deprivation and The Phonebill”. I try ringing the police service in Thailand (GMT +7 hours) multiple times. To say this is ineffective is an understatement; the language barrier is insurmountable. I contact the Irish embassy in Bangkok – oh, wait, that doesn’t exist. I try a consulate, who is lovely but has very limited powers, and while waiting for them to get back to me I email two Malaysian buddies asking them if they know anyone who can help me navigate the language barrier. I’m just put in touch with this lovely pal-of-a-pal called Tupps who’s going to help me when… I check Backblaze and find out that my laptop had started going online in East Timor. Bye bye, Thailand.

I’m so wrecked trying to communicate with the Thai bureaucracy I decide to play the waiting game for a while. I suspect East Timor will be even more of an international diplomacy challenge, so let’s see if the thief is going to stay there for a while before I attempt a move, right? I check Backblaze around once a week for a month, but then the thief stops all activity – I’m worried. I think he’s realized I can track him and has stopped using my login, or has just thrown the laptop away. Reason kicks in, and I begin to talk myself into stopping my crazy international stalking project. But then, when I least expect it, I strike informational GOLD. In December, the thief checks in for a flight from Bali to Perth and saves his online check-in to the computer desktop. I get his name, address, phone number, and email address, plus flight number and flight time and date.

I have numerous fantasies about my next move. How about I ring up the police in Australia, they immediately believe my story and do my every bidding, and then the thief is met at Arrivals by the police, put into handcuffs and marched immediately to jail? Or maybe I should somehow use the media to tell the truth about this guy’s behaviour and give him a good dose of public humiliation? Should I try my own version of restorative justice, contact the thief directly and appeal to his better nature? Or, the most tempting of all, should I get my Australian-dwelling cousin to call on him and bash his face in? … This last option, to be honest, is the outcome I want the most, but Emmett’s actually on the other side of the Australian continent, so it’s a big ask, not to mention the ever-so-slightly scary consequences for both Emmett and myself if we’re convicted… ! (And, my conscience cries weakly from the depths, it’s just the teensiest bit immoral.) Christmas is nuts, and I’m just so torn and ignorant about course of action to take I … do nothing.

One morning in the grey light of early February I finally decide what to do. Although it’s the longest shot in the history of long shots, I will ring the Australian police force about a laptop belonging to a girl from the other side of the world, which was stolen in airspace, in yet another country in the world. I use Google to figure out the nearest Australian police station to the thief’s address. I set my alarm for 4am Irish time, I ring Rockhampton Station, Queensland, and explain the situation to a lovely lady called Danielle. Danielle is very kind and understanding but, unsurprisingly, doesn’t hold out much hope that they can do anything. I’m not Australian, the crime didn’t happen in Australia, there’s questions of jurisdiction, etc. etc. I follow up, out of sheer irrational compulsion rather than with the real hope of an answer, with an email 6 weeks later. There’s no response. I finally admit to myself the laptop is gone. Ever since he’s gone to Australia the thief has copped on and stopped using my login, anyway. I unsubscribe my stolen laptop from Backblaze and try to console myself with the thought that at least I did my best.

And then, completely out of the blue, on May 28th 2014, I get an email from a Senior Constable called Kain Brown. Kain tells me that he has executed a search warrant at a residence in Rockhampton and has my laptop!! He has found it!!! I am stunned. He quickly gets to brass tacks and explains my two options: I can press charges, but it’s extremely unlikely to result in a conviction, and even if it did, the thief would probably only be charged with a $200 fine – and in this situation, it could take years to get my laptop back. If I don’t press charges, the laptop will be kept for 3 months as unclaimed property, and then returned to me. It’s a no-brainer; I decide not to press charges. I wait, and wait, and three months later, on the 22nd September 2014, I get an email from Kain telling me that he can finally release the laptop to me.

Naively, I think my tale is at the “Happy Ever After” stage. I dance a jig around the kitchen table, and read my subsequent email from a “Property Officer” of Rockhampton Station, John Broszat. He has researched how to send the laptop back to me … and my jig is suddenly halted. My particular model of laptop has a lithium battery built into the casing which can only be removed by an expert, and it’s illegal to transport a lithium battery by air freight. So the only option for getting the laptop back, whole and functioning, is via “Sea Mail” – which takes three to four months to get to Ireland. This blows my mind. I can’t quite believe that in this day and age, we can send people to space, a media file across the world in an instant, but that transporting a physical object from one side of the globe to another still takes … a third of a year! It’s been almost a year and a half since my laptop was stolen. I shudder to think of what will happen on its final journey via Sea Mail – knowing my luck, the ship will probably be blown off course and it’ll arrive in the Bahamas.

Fortunately, John is empathetic, and willing to think outside the box. Do I know anyone who will be travelling from Australia to Ireland via plane who would take my laptop in their hand luggage? Well, there’s one tiny silver lining to the recession: half of Craughwell village has a child living in Australia. I ask around on Facebook and find out that my neighbour’s daughter is living in Australia and coming home for Christmas. John Broszat is wonderfully cooperative and mails my laptop to Maroubra Police Station for collection by the gorgeous Laura Gibbons. Laura collects it and brings it home in her flight hand luggage, and finally, FINALLY, on the 23rd of December 2014, 19 months after it’s been stolen, I get my hands on my precious laptop again.

I gingerly take the laptop out of the fashionable paper carrier bag in which Laura has transported it. I set the laptop on the table, and examine it. The casing is slightly more dented than it was, but except for that it’s in one piece. Hoping against hope, I open up the screen, press the ‘on’ button and… the lights flash and the computer turns on!!! The casing is dented, there’s a couple of insalubrious pictures on the hard drive I won’t mention, but it has been dragged from Turkey to Thailand to East Timor to Indonesia to Australia, and IT STILL WORKS. It even still has the original charger accompanying it. Still in shock that this machine is on, I begin to go through the hard drive. Of course, it’s radically different – the thief has deleted all my files, changed the display picture, downloaded his own files and applications. I’m curious: What sort of person steals other people’s laptops? How do they think, organize their lives, what’s going through their minds? I’ve seen most of the thief’s files before from stalking him via the Backblaze back-up service, and they’re not particularly interesting or informative about the guy on a personal level. But then I see a file I haven’t seen before, “ free ebook.pdf ”. I click on it, and it opens. I shake my head in disbelief. The one new file that the thief has downloaded onto my computer is the book “How To Win Friends And Influence People”.

A few weeks later, a new friend and I kiss for the first time. He’s a graphic designer from London. Five months later, he moves over to Ireland to be with me. We’re talking about what stuff he needs to bring when he’s moving and he says “I’m really worried; my desktop computer is huge. I mean, I have no idea how I’m going to bring it over.” Smiling, I say “I have a spare laptop that might suit you…”

[Editor: The moral of the story is make sure your data is backed up before you go on vacation.]

The post How Una Got Her Stolen Laptop Back appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

How to Backup Your Data on Vacation

Post Syndicated from Peter Cohen original https://www.backblaze.com/blog/backup-data-vacation/


With Independence Day weekend now in our rear view mirrors, it’s high summer in the United States and time for many of us to take well-deserved vacation time. These days, we take our work with us when we’re out of the office, and that’s often when catastrophe strikes. How can you make sure that your most essential information is backed up when you’re traveling? Let’s take a look.

Backup before you leave

An ounce of prevention is worth a pound of cure, and nowhere is that more true than when it comes to backing up your gear before you hit the road. Before you take off for your vacation, take some time to run a local backup on whatever devices you’ll be taking with you. If you’re planning to take a Mac or PC laptop on the road while you’re vacationing, make sure to backup the contents of their hard drives before you take off.

Worst case, you’ll only lose what you’ve worked on since you went on vacation. Backing up provides you with a baseline to recover from in the event of a catastrophe, so you’ll only need to rebuild or restore the files you worked on while you were on the road – certainly better than starting from square one again.

You should back up your mobile devices, too, whether it’s using built-in features like iCloud Backup on the iPhone, third-party apps, or using your computer to back up the contents of a tethered phone or tablet. If anything happens to the device while you’re away, you’ll be able to restore the data.

If you haven’t given your computer’s backup much thought, we’d suggest starting with what we call the 3-2-1 Backup Strategy. This calls for three copies of your data, in all: The original and a backup you keep locally are the two you have on-hand. Then there’s an offsite backup that keeps your data safe even if something happens to both the computer and the local backup. It’s the best way we know of to make sure your data is safe. (Three copies, two local, one remote – 3-2-1!)

Use the Cloud

Of course, we’ll tell you that Backblaze should be an essential part of your backup strategy when you’re on the road. If you’re connected to the Internet using the Wi-Fi at your hotel or hotspot, Backblaze will automatically backup your computer securely to our data center.

If you’re concerned about bandwidth usage while you’re traveling and you don’t want your laptop to run down its battery backing up, you can pause your Backblaze backup. What’s more, you can customize Backblaze’s performance settings (we provide separate instructions for Mac and Windows users), including a checkbox that keeps Backblaze from running down your battery.


There are lots of cloud storage and sync services that can help you keep copies of essential data regardless of where you are. Dropbox is enormously popular, as are services like iCloud Drive, Google Drive and Microsoft OneDrive.

As long as you take appropriate precautions, like encrypting or password-protecting particularly sensitive documents (Backblaze handles encryption for you), putting copies of these documents in trusted cloud services will provide you with another route to access your information if you need it. Just make sure to keep these documents up to date so they remain useful to you.

Backup to removable storage

Some computers come equipped with built-in SD card readers that you can use to offload files. Apple’s MacBook Pro is a great example. What’s more, many companies make USB-based SD card readers. Then there are USB thumbdrives, which you can get for free at some trade shows, at drug stores, dollar stores, and various bargain bins around the Internet. Either of these solutions are helpful if you want to back up files from your computer or “sneakernet” them somewhere really quickly.

I wouldn’t depend on removable flash storage as your only backup (remember, 3-2-1). But USB thumbdrives and SD cards have taken the place of the old floppy disk and other removable storage systems. We at Backblaze even offer USB thumbdrives as a way to physically restore files when you can’t or don’t want to download them, and a hard drive is just too big.

Android devices support the use of removable flash storage. Many Android phones come with microSD card slots built in, which can be used to backup or transfer files. Others can be made to work with regular USB thumbdrives using the right connector cable.

If you’re an iPhone user, your options are a bit more limited, but you’re not stuck without a way to backup or move files when the phone gets full.


There are a few specialized devices for iOS users that can help. Take the iXpand Flash Drive from SanDisk, for example: This Lightning interface-equipped gadget plugs into your iPhone. With the help of a free app you can download from the App Store the iXpand backs up your iOS device’s photos and lets you transfer to a Mac or PC. You can delete images from your iPhone once they’re backed up to make more space. Leef’s iBridge, the Hyper iStick, and the Adam iKlips work similarly.

Hopefully we’ve given you some helpful suggestions to back up your info before you hit the road this summer. Keeping your data safe means one less thing to worry about when you’re trying to have a good time!

The post How to Backup Your Data on Vacation appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.