Looks like I've been nice, as Santa Claus brought me a nice present. A Mini Arcade Machine!

By the looks of it, it must be some sort of Android device placed into an arcade cabinet.

There are 240 games to play, but none of them are well-known titles. Obviously, they didn't want to pay any royalties for using the names. However, all the games are classic ones which I've played couple decades ago.

What I was expecting to see is a HDMI-output, but there is none. All the gaming needs to be done on a tiny screen.

Problem

My gaming PC got the fall update quite late and after that it wouldn't stay in sleep. Something got broken in the update and I had to shut it down every single time I didn't want to use it. Annoying!

Debugging - The Reason

The reason it popped back on wasn't big of a mystery. There is a simple command to query the wake reason:

PS C:\WINDOWS\system32> .\powercfg.exe /waketimers
Timer set by [SERVICE] \Device\HarddiskVolume4\Windows\System32\svchost.exe (SystemEventsBroker) expires at 21:46:29 on 15.12.2017.
Reason: Windows will execute 'NT TASK\Microsoft\Windows\UpdateOrchestrator\Reboot' scheduled task that requested waking the computer.

There are number of articles about How to disable wake timers?, but it doesn't fix this.

A peek into Windows Task Scheduler reveals the ugly fact:

There is a hourly scheduled task, that indeed does run every hour and every goddamn hour it will wake my computer from the sleep to see if it needs to reboot it! Who having half a brain made that engineering decision at Microsoft?!

Attempt 1 - Disable the task - FAIL!

Ok, easy thing, let's disable the task. Or ... let's not. It is impossible! The permissions prevent regular human beings from doing that.

After a while, I bumped into somebody else having this same particular problem. Computer is waking up and: Can't modify task “Reboot” in win10 home. Basically, the idea is to go get Sysinternals PStools. It contains a tool called PSexec, which can do the modification for you.

Like this:

First run a cmd.exe with the PSexec 64-bit version:

PS D:\Users\Downloads> .\PsExec64.exe /s cmd.exe

Now, that permission-barrier is fixed, then:

C:\WINDOWS\system32>schtasks /change /tn "\Microsoft\Windows\UpdateOrchestrator\Reboot" /disable
SUCCESS: The parameters of scheduled task "\Microsoft\Windows\UpdateOrchestrator\Reboot" have been changed.

Now the stupid scheduled task is running hourly as expected, but NOT when your computer is sleeping. But ... guess what! Yes! There is something in Windows 10 internals, that keeps that particular task enabled. It will stay disabled for half an hour or so, but ultimately just using the computer makes the task enabled again, and the problem persists.

Attempt 2 - Remove the allow wake setting - FAIL!

By using the PsExec64.exe-trick, it is possible to get an XML-representation of the task, by running:
schtasks /tn "\Microsoft\Windows\UpdateOrchestrator\Reboot" /xml
in the XML-data there is:
<WakeToRun>true</WakeToRun>
... but I don't know how to change a task from XML-file. You can create a new one, but changing seems impossible.

So, ultimately I had to find something else

Attempt 3 - Powershell - FAIL!

Instead of spawning a new cmd.exe, going for PowerShell has benefits - it can actually edit an existing task. There is a built-in applet Get-ScheduledTask, with appropriate counterpart for setting the properties.

Spawn a nice PowerShell-session with appropriate permissions:

.\PsExec64.exe /s powershell.exe

The shell is kinda dead, for example output is garbled and input editing has issues, but if you know what to run, it will do it given the correct permissions.

As suggested in use powershell to find scheduled tasks set to wake the computer, now it is possible to get a list of Scheduled Tasks which have permission to wake the computer:

PS C:\WINDOWS\system32> Get-ScheduledTask | where {$_.settings.waketorun}

My computer will output a list like:

TaskPath                               TaskName
--------                               --------
\Microsoft\Windows\.NET Framework\     .NET Framework NGEN v4.0.3031...
\Microsoft\Windows\.NET Framework\     .NET Framework NGEN v4.0.3031...
\Microsoft\Windows\SharedPC\           Account Cleanup
\Microsoft\Windows\UpdateOrchestrator\ Reboot

A simple(?) one-liner will edit the task (backtick is the word-wrap operator):

Get-ScheduledTask `
  -TaskPath \Microsoft\Windows\UpdateOrchestrator\ `
  -TaskName Reboot |
  %{ $_.Settings.WakeToRun = $false ; `
  Set-ScheduledTask -TaskName $_.TaskName -TaskPath $_.TaskPath -Settings $_.Settings }

Yes, now the task is enabled, but has the appropriate condition setting for allow wake the computer from sleep disabled.

... aaaand it doesn't work. The same thing altering the enabled-state also resets this setting. Darn!

Attempt 4 - Revoke permissions - Success!

This was driving me mad!

It worked perfectly before the stupid update!

Finally, I found an article from Reddit: Is there ANY way to stop UpdateOrchestrator for turning 'wake the computer to run this task' back on after every cumulative update?

That guy suggested to revoke all permissions from the file. Now the automator which keeps resetting the settings fails to touch the file.

The command I ran in PowerShell is:

icacls $env:windir"\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot" `
  /inheritance:r `
  /deny "Everyone:F" `
  /deny "SYSTEM:F" `
  /deny "Local Service:F" `
  /deny "Administrators:F"

That simply puts everybody and everything into deny-list for the file-access. AND IT WORKS!

So, looks like ultimately whatever the mechanism is restoring the setting, somebody loves writing to the file, but it doesn't know how to reset the permissions. Which is nice!

I chose to keep the task enabled, but unset the allow wake -setting. So, when my computer is running, the task is ran every hour as expected, but when my computer is sleeping, my computer is sleeping and doesn't wake for nobody.

Microsoft:
Suggestion, eat your own dog food! If anybody at the Windows-team doing power management/task scheduler would run this at home they would know the annoyance instantly.

A month ago my ISP sent information that they're upgrading my connection speed without increasing the monthly cost! Nice. Totally unexpected from them.

Couple weeks ago my internet connection had dropped during night and I just flicked the switch on the cable router and it all came back. What I didn't initially realize, that I had an IPv6-address! WHOA!

Given zero public information about this on their public website, customer portal or anywhere, I just saw that on my network interface while investigating an another issue. They are broadcasting router advertisements and allocating a /64 from 2A04:AE00::/26 (SE-COMHEM-20140210). It looks like this on radvdump:

interface enp1s0 {
   AdvSendAdvert on;
   # Note: (Min,Max)RtrAdvInterval cannot be obtained with radvdump
   AdvManagedFlag on;
   AdvOtherConfigFlag on;
   AdvReachableTime 600000;
   AdvRetransTimer 0;
   AdvCurHopLimit 64;
   AdvDefaultLifetime 9000;
   AdvHomeAgentFlag off;
   AdvDefaultPreference high;
   AdvSourceLLAddress on;
   AdvLinkMTU 1500;
}; # End of interface definition

Since the O-bit for "other" (AdvOtherConfigFlag on) is enabled, it means that a DHCPv6-request will get more usable information. A DHCPv6 lease will look like this:

lease6 {   interface "enp1s0";
  ia-na xx:xx:xx:xx {
    starts 1512476381;
    renew 302400;
    rebind 483840;
    iaaddr 2a04:ae07:yyyy:yy::yyyy {
      starts 1512476381;
      preferred-life 604800;
      max-life 2592000;
  }
  option dhcp6.status-code success;
  }
  option dhcp6.client-id 0:1:2:3:4:5:6:7:8:9:a:b:c:d:e:f:10:11;
  option dhcp6.server-id 0:1:0:1:53:f:97:74:0:50:56:a8:22:a4;
  option dhcp6.name-servers 2a04:ae3a:ae3a::1,2a04:ae3a:ae3a::2;
}

It works and is fast and all, but ... (there's always the but part). Given SLAAC, they issue only a /64 prefix. Why is that a problem you ask. Well, to be able to issue an IPv6 address to all devices in my LAN, that's not enough.

I tried sending a Prefix Delegation -request via DHCPv6, but no. They didn't honor that request. Should that worked, I'd be happy. I'd have my own /48 prefix for my LAN-devices.

In the current form Com Hem's IPv6 is mostly useless as none of my actual devices have IPv6 addresses in them. I'm investigating this and if/when I find a solution for this, I'll post something about it. Meanwhile, if you know how to get a prefix out of them, please inform!

Today, 6th of December 2017, Finland celebrates its 100 years of independency. That's very convenient, as I'm not there to celebrate with my fellow Finns!

Since somebody lured lot of other states to celebrate with them, lot of the world-known objects were light Finnish-blue. One location from the list is Globen ("-95 nevö föget!"), which is conveniently a brief tunnelbana ride away from my home. For some reason, there are no published pictures of Globen in it's celebratory lighting. So, here goes:

Ok. In reality, the place is called Ericsson Globe, but nobody calls it that. It's just Globen.

The fail

On a peaceful Sunday, I was just minding my own business and BOOM! Internet connection was gone. After a quick debugging session, restarting the router and eyeballing the LEDs, it was evident: something with my ISP Com Hem was down:

Ok, ISP down, what next?
I whipped up the iPhone and went for any possible service announcements. And yes, the above announcement was placed on my user account information. I was stunned by this, it was so cool to have:

• confirmation, that something was down with ISP: Yup, it's broken.
• that information tailored with the geographical location of my subscription: Yup, that fail affects you.

No Finnish ISP or telco has that. I was very impressed with such detail (and still am).

The fix

There is no way I'm sitting on my thumbs on such an event. I was just about to start playing Need for Speed and now Origin wouldn't even log me in, so, no Internet, no gaming.

I have an el-cheapo Huawei Android lying around somewhere, with a Swedish SIM-card in it. My dirt cheap subscription has couple of gigs data transfer per month in it, which I never use. I came up with a plan to temporarily use the cell phone as an Internet connection. The idea would be to hook it up into my Linux router with an USB-cable, make sure the Android pops up as a network interface and then configure the Linux to use that network interface as primary connection.

Thethering

I found tons of information about Android-tethering from Arch Linux wiki. It basically says:

1. Make sure your Android is newer than 2.2
2. Connect the phone to a Linux
3. Enable USB-tethering from the phone's connection sharing -menu
4. Confirm the new network interface's existence on the Linux end

On my phone, there was two settings for personal hotspot. Wifi/Bluetooth and USB:

Connection

New phones have USB-C, but its such a new connector type, that anything older than couple years, has most likely micro-USB -connector:

Hooking it up to a Linux will output tons of dmesg and and ultimately result in a brand new network interface:

# ip addr show
5: enp0s20u4u3:
    link/ether 82:49:a8:b4:96:c9 brd ff:ff:ff:ff:f
    inet 192.168.42.90/24 brd 192.168.42.255 scope
       valid_lft 3595sec preferred_lft 3595sec
    inet6 fe80::7762:e1a9:9fa:69f5/64 scope link
       valid_lft forever preferred_lft forever

Routing configuration

Now that there was a new connection, I tried pinging something in the wild world:
ping -I enp0s20u4u3 193.166.3.2

Nope. Didn't work.
I confirmed, that the default network gateway was still set up into the broken link:
# ip route show
default via 192.168.100.1 dev enp1s0 proto static metric 100

That needs to go to enable some functionality. But what to replace the bad gateway with?
Since the connection had IP-address from Telco DHCP, there is a lease-file with all the necessary information:
# cat /var/lib/NetworkManager/dhclient-*-enp0s20u4u3.lease
lease {
  interface "enp0s20u4u3";
  fixed-address 192.168.42.90;
  option subnet-mask 255.255.255.0;
  option routers 192.168.42.129;

The fixed-address in the file matches the above ip addr show -information. Required information was gathered, and the idea was to ditch the original gateway and replace it with a one from the Android phone's telco:
# ip route del default via 192.168.100.1
# ip route add default via 192.168.42.129 dev enp0s20u4u3
# ip route show
default via 192.168.42.129 dev enp0s20u4u3 proto static metric 101

Now it started cooking:
# ping -c 5 ftp.funet.fi
PING ftp.funet.fi (193.166.3.2) 56(84) bytes of data.
64 bytes from ftp.funet.fi (193.166.3.2): icmp_seq=1 ttl=242 time=35.6 ms
64 bytes from ftp.funet.fi (193.166.3.2): icmp_seq=2 ttl=242 time=31.7 ms

To finalize the access from my LAN, I ran following firewall-cmd --direct commands:
 --remove-rule ipv4 nat POSTROUTING 0 -o enp1s0 -j MASQUERADE
 --add-rule ipv4 nat POSTROUTING 0 -o enp0s20u4u3 -j MASQUERADE
 --add-rule ipv4 filter FORWARD 0 -i enp3s0 -o enp0s20u4u3 -j ACCEPT
 --add-rule ipv4 filter FORWARD 0 -i enp0s20u4u3 -o enp3s0 \
    -m state --state RELATED,ESTABLISHED -j ACCEPT

There is no firewall-cmd --permanent on purpose. I don't intend those to stick too long. I just wanted to play the darn game!

Done!

Now my gaming PC would connect to The Big Net. I could suft the web, read mail and even Origin logged me in.

That's it! Day saved!

Update 25th June 2019: EBN scammers bankrupt

Roughly an year ago I posted about EBN European Business Number scam. Now, an year later, it is one of the most commented article on my blog. At the time of posting, I was just pissed off about that stupid scam and wanted to inform and educate my readers about this and warn them for NOT to agree on their terms, nor pay anybody any money for it.

Then something that I didn't foresee or expect to happen happened: The article took off and thousands of people read it and dozens commented it. Looks like I stumbled into something big. The upcoming months proved, that this scamming corporation was operating all over Europe and doing their less-than-honest "business" of selling nothingness to unwary business owners.

Given the flood of comments, recently I found out that Raivo Laanemets, an Estonian software consultant, wrote about EBN scam back on 2015, over year before I did. Go read his blog post here. For the pointer, I'd like to thank Mr. Vaidas, who copy/pasted the comment from Mr. Laanemets' blog to mine.

This is the comment from June 2017 and contains following by Mr.(?) Gorila:

The critical claims made are:

1. Person behind all this is Adrian Wittmer
   • My comment: I'm not sure how to confirm this
2. Mentioned Adrian Wittmer is actively involved in two companies: Credit Business Resolution s.r.o. and CCF Credit Collection Factoring s.r.o.
   • My comment: I have not seen the threatening debt collector's letters, but in my previous EBN post comments, people have said, that the company doing the debt collecting is indeed Credit Collection Factoring s.r.o. from the Czech Republic
3. Czech Republic legislation is more tolerant towards fraudsters
   • My comment: I barely know parts of Finnish law, gaining understanding difference between German or Czech laws is way beyond me.
4. Regulation (EC) No 1896/2006 of the European Parliament and of the Council of 12 December 2006 creating a European order for payment procedure
   • My comment: The above mentioned regulation directs how payments of "low value" between companies. (16) says: "This would allow the court to examine prima facie the merits of the claim and inter alia to exclude clearly unfounded claims or inadmissible applications."
     Article 7 (d) and (e) define, that EBN debt collectors need to establish basis for their claim and appropriate evidence.
     Shortly: If EBN-scam can be proven as unfounded claim based on fraud, you don't have to pay.
5. Mr. Wittmer has created a money-making-machine. First he sells a non-existing "service" for European Business Number, then he acts as an enforcer to collect his own debt from customers refusing to pay.
   • My comment: Again, I'm not sure how to confirm this, but it sure looks like that!

What I found out to corroborate Mr.(?) Gorila's claims made is:

• A variation of EBN-scam has been running in Czech Republic since 1998. There is an article about the scam written in 2006.
• Articles about Intercable Verlag AG can be found back in 2003 in Swizerland.
• Intercable Verlag AG was raided by Swiss police in 2006 and placed in liquidation in 2009
• I found a ton of claims, that Mr. Wittmer was the managing director of Intercable Verlag, but was unable to verify that. I guess, I just have to assume, that the claim is true.
• Croatian authorities issued a warning against EBN scam in 2017. That binds Swiss Intercable Verlag AG into Dutch EU Business Register and German DAD Deutscher Adressdienst GmbH. That could be a proof, that same persons operate the scam.
• In September 2014 European Parliament issued a notice about on misleading offers from Deutsche Adressdienst GmbH (DAD). That document clearly states that all petitions against the DAD Gmbh have been "declared admissible".
  Shortly: You don't have to pay!

There seems to be a lot of truth in his(?) comment.

Do not pay!

When going gets tough for you, just refer to European Parliament Petition 1176/2013, Petition 1180/2013 and Petition 1556/2013 to the judge. That should make things bouncing your way.