Entries from Jari Turkia

Now that OS X El Capitan or version 11 is out, I'll do a refresh for the USB installation instructions.

The thing is ... the upgrade free, but it's big. The amount of downloading needed is easily 6+ GiB. I have 3 Macs to update and I don't want to download the huge package on all of them. So, let's figure out something smarter.

Step 0: Prerequisites

You'll need a bootable USB-stick with capacity of 8 GiB or more. All sticks should boot, but I have encountered some that didn't manage that.

USB-booting a Mac is trickier than a PC. The knowledge base article HT1948 states:
Intel-based Macs support starting from an external USB storage device's volume that:

• Has been formatted with a GUID partition type
• Contains an installation of Mac OS X 10.4.5 or later, or Mac OS X 10.5 or later, which is compatible with (or shipped with) the Mac that the USB device is connected to. Note: You should not use a version of Mac OS X that is earlier ("older") than the version your Mac shipped with.

So, if you just bought an USB-stick, the chances are, that it is MBR-partitioned FAT32. That's my experience of getting new ones. They are incompatible at their current state for USB-booting a Mac. Not to worry, that can be fixed!

If you happen to have a ready-made stick for any previous OS X version, that obviously can be loaded with new installer. You can even skip couple of things during the process as you don't have to reformat the stick.

Step 1: Go download

In your Apple menu (the top left apple-shaped thing at every program's menu), go for Software Update. An alternate is to click the App Store link:

Both options land you on the App Store main screen showing you something like this:

Click the image saying Free Upgrade (free as in beer):

Your Apple ID credentials are required for this free package. They'll keep track of who downloaded and what.

This is the part you'll wait for the download to complete:

When it's all on your machine, the installer will automatically kick in.

Step 2: Go USB

Now that you have the thing in your drive, don't proceed with the upgrade.

When you reach this screen:

do not proceed! You can quit the installer, if you want:

It won't delete the files from your drive. It is also possible to continue installing on that Mac, but don't do it yet. Take a copy of the files first.

Take at least a 8 GiB USB-storage. 4 won't do it, but any larger will. In my case, the USB-stick appeared as /dev/disk3. That may vary on your system. Also it is possible to use some GUI-tools on OS X to format your drives, but as a Linux-nerd I don't know about them.

It is very likely, that the disk is mounted and will display an icon on your desktop, and will appear on your Finder. The diskutil will unmount it automatically on partition, but I wanted to make sure and did:

# sudo diskutil umount /Volumes/MyUSBdrive

Next step is to make sure, the stick is in a Mac-format (this needs to be run as root, that's what the sudo is for). This will partition and format the entire stick into Mac-use:

# sudo /bin/bash
root# diskutil partitionDisk /dev/disk3 1 GPT jhfs+ "OS X El Capitan" 0b

It will say something like this as a result:

Started partitioning on disk3
Unmounting disk
Creating the partition map
Waiting for the disks to reappear
Formatting disk3s2 as Mac OS Extended (Journaled) with name OS X El Capitan
Initialized /dev/rdisk3s2 as a 7 GB case-insensitive HFS Plus volume with a 8192k journal
Mounting disk
Finished partitioning on disk3
/dev/disk3
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *8.0 GB disk3
1: EFI EFI 209.7 MB disk3s1
2: Apple_HFS OS X El Capitan 7.7 GB disk3s2

Next thing is to confirm, that the volume with given name will be mounted:

root# ls -l /Volumes/
total 40
lrwxr-xr-x 1 root admin 1 Aug 29 12:24 Macintosh HD -> /
drwxrwxr-x 7 root wheel 306 Oct 10 12:41 OS X El Capitan

If it does, you're ready to go. Copy the thing into it:

root# cd /Applications/Install\ OS\ X\ El\ Capitan.app/Contents/Resources/
root# ./createinstallmedia --volume /Volumes/OS\ X\ El\ Capitan/ \
--applicationpath /Applications/Install\ OS\ X\ El\ Capitan.app/ \
--nointeraction

It will result in a lengthy process saying:

Erasing Disk: 0%... 10%... 20%... 30%...100%...
Copying installer files to disk...
Copy complete.
Making disk bootable...
Copying boot files...
Copy complete.
Done.

Step 3: Go update

Your stick is ready. This is the part you will be replicating to any of your Macs you want to upgrade.

Reboot the Mac and make sure to boot from the USB. This can be achieved by pressing down option-key during boot:

The official Apple instruction at knowlegebase article HT1948 states:
To start from a USB storage device that meets the above requirements:

1. connect the device
2. restart
3. immediately press and hold the Option key to access Startup Manager

If you successfully followed the steps, you will end up in Mac boot manager:

In that, you pretty much select the drive you want to boot from. In this particular case, making a choice for the recently prepared USB-stick will be a good one. Click the orange "Install OS X El Capitan". Both the gray HD and the network selection are there to confuse you. Ignore them and double click the USB-drive.

Most steps in this upgrade will include lot of waiting. Make sure that you have reserved couple of hours for the upgrade. Screens like this will become familiar to you:

Most time estimates are wild guesses. A 9 minute wait in reality is something like 45 minutes. Eventually the USB-stick finishes booting, and you will end up in a screen saying "To set up the installation of OS X, click Continue". Most screens will refer your upgrade as an install. It is nerve-wrecking thing, because you don't know if it is going to wipe your settings and data, or do a nice upgrade what you'd be expecting. My experience is, that it will upgrade nicely, but it won't say it properly.

Then there is a license screen which you must agree to continue. Then land on OS X Utilities. One thing you can do with a bootable stick is to upgrade or install an OS X:

When you select to go for upgrade or install, there is a welcome to OS X El Capitan screen. Click Continue. Yet another license screen appears. Click Agree and for the confirmation dialog: I have read and agree to the terms of the software license agreement, Agree. Select the install/upgrade destination as the one having a hard drive icon Macintosh HD (typical installations have that), then click Install. As the first thing, the installer/upgrader will prepare for the operation and then go for the real thing:

This is the most time-consuming part. After a minute or so, there will be an not-so-accurate estimate of time remaining for the preparation. When it has run its course, the actual installer will start. So if the screen says 1 minute left, do not believe it for a second. In my iMac, one cup of coffee doesn't do it. You can easily cook and eat a meal and then have the coffee while the installer/upgrader runs. Especially the final phase saying "About a second remaining" will take ages. My hardware isn't especially old or slow, but ... the process is.

Step 4: Finishing touches

After you've done your waiting. A reboot will result. At this point you'll need to login into your precious upgraded Mac with your local user account.

On successful login, you will end up in the OOBE (or out-of-box experience). Apple makes an effort to not allow stolen hardware to be used and they pretty much require you to login to Apple ID during install:

Since I have a 2-factor authentication enabled for my Apple ID, a 2FA-screen will appear during the process:

There are steps about sending your usage data to Apple. Then yet another license screen which you have to agree twice. First on the bottom screen and then on the pop-up that will appear. So if you want to complain later, they'll just say "but you did agree to our terms and conditions". It will look like this:

The last question you'll need to answer is about setting up iCloud Keychain. I choose not to share my passwords into any cloud services, but at this point you'll have the option to enable Keychain:

Little bit of setting up ... this one won't take long. And then you're pretty much done. Finally your upgrade is ready!

Step 5: Done!

Login for the first time:

One of the first things I did, was eject my USB-stick (there were couple other Macs to be updated, too):

At this point, you can continue using your precious Mac.

Aftermath

I updated anyway, as a nerd I like the latest stuff running on my computers. I should yield less problems and there needs to be some progress. I find myself stating the same thing in couple of my blog posts, "it wasn't worth it, but I did it anyway". With computers, it never will result any good to stand still and ignore future.

Epilogue

This story is so unbelievable, I have to share it with all of you. It has Hollywood material in it: it's a story about a hard working man who succeeds and then gets dealt bad cards. As the final good thing he does share his fortune with people he trusts. Then there is the surprising twist in the plot and he bounces back. The real surprise is when the ungrateful people don't want him back. That results in a bitter fight in the court. But as in all Hollywood flicks, there is a happy end.

All this started years ago, but my version starts two days ago when I received an e-mail. I found it from my spam-box and my initial glace was, that it was some kind of 419-scam. Something in the style of the text struck me as a scam, so I was just about to file a report of it into SpamCop, and then I saw the subject of the mail. It had word Storix in it. The mail was sent to one of my ancient addresses, which I had used with Storix. A random bulk spam wouldn't be about Storix, backups aren't that lucrative when compared to regular spam-topics, women, money or medicine.

The e-mail

This is the entire e-mail as I received it:

Subject: Notice of Copyright Infringement by Storix, Inc.
Date: Tue, 6 Oct 2015 16:15:31 -0700

 

Dear Sir or Madam,
This letter is to inform you that you may be in possession of unauthorized and infringing copies of Storix System Backup Administrator (SBAdmin). I am the author of the software, which is protected by US Copyright Registration No. TXu000988741, and expert testimony in the US Southern California District Court case No. 14-cv-1873 H (BLM) has
indisputably determined that I am the owner, have never transferred, nor received any consideration for its license by Storix.

 

I hold none of Storix' customers or business partners accountable, and you may continue using the current software, even if you received an infringing license after it was revoked. However, I must demand that you cease any further payment to Storix in relation to this software and refrain from downloading any further copies.

 

I founded Storix in, Inc in 2003 to sell and support the software I had already been marketing since 1999. In 2011 I was diagnosed with terminal cancer and gifted 60% of the company shares to long term employees before taking my medical leave. Those shareholders then elected themselves as directors and officers of the corporation:

 

David Huffman, President and CEO
Richard Turner, Director of Software Development
Manuel Altamirano, Director of Sales and Marketing
David Kinney, Director of Software Support

 

No new programmers were hired, and the software has now seen little change in over 4 years. After an unlikely recovery, I returned to the company full time in 2013 to continue development of the software, working alone for 9 months on major enhancements to address known security vulnerabilities and increase the network security. After requesting that others assist in the final development and testing, I was harassed by my former employees until I left in May, 2014.

 

After exhausting every effort to negotiate, the board was notified that I would assert my rights to the software if not given a position of control over its development. Instead, they chose to challenge my copyright. Using my remaining 40% stock, I took control of 2 board seats, but not before a 5th seat was added and occupied by David Smilkjovich, the new CEO and personal friend of Mr. Huffman. Every effort since to save the company, its employees and customers from the damages of this litigation has failed in a 3/2 vote.

 

As Storix has been well aware since my departure, I continued development of the software, believing we would eventually work out our differences. I made no effort to disparage or compete with Storix in any way. Yet, as a decision in the copyright case grew near, they filed new action against me for unfair competition and breach of duty as a company director (San Diego County Superior Court No. 37-2017-00028262-CU-BT-CTL). After I warned them in advance of this very notice, they requested, and were denied, a motion for temporary restraining order (San Diego US District Court Court No. 14-cv-1873 H
(BLM)).

 

Although a plaintiff in the copyright case, I'm also a 40% shareholder and a director of the company, and am obligated to do everything possible to put an end to this nonsense before the company is lost. Iwould have preferred the customers and employees remain unaware of this needless battle, but the actions taken by these individuals to protect their majority positions have resulted in the company becoming unprofitable for the first time in its history. They will accept no personal responsibility or compromise, and are now turning to a new employee stock incentive program to cover their losses. This nonsense
cannot continue.

 

The security enhancements to the software have been completed, along with much more. Unfortunately, far too much damage has been done to me personally and financially to allow these greedy individuals to profit from my work any longer. Many of you I had worked with personally for many years, so it pains me to inform you that support for Storix SBAdmin
will very likely end when a ruling is made on the copyright case at the end of the month.

 

Whatever the eventual outcome, I sincerely hope to rebuild your trust as well as the thriving company and innovative product I once had.

 

Best Regards,
Anthony Johnson
Author and Owner of Storix Backup Administrator
Former President/CEO, Storix Inc.

Show me the proof!

Ok, this is all sad and cool at the same time, but how do we know that all this is legit? I don't have any solid proof, but here is what I have:

• My own records indicate, I've been using Storix back in 2004 to 2009 when I did DLT backups. Then the company got greedy and the price of licence went out of my reach. At that point, I stopped doing tape-backups and went for Bacula and USB-drives. Software free and USB-drives are very inexpensive to store backups.
• The e-mail in question may very well be sent to me, because I have a customer account at Storix, Inc.
• In the e-mail Mr. Johnson wants you to: pretty much do nothing, he doesn't want your money, he just says not to pay any more to the software company not owning copyright of his work, but he does not want you to pay him for it. Asking for nothing is not a typical request in spam.
• Motive: What would be the alternate motivation or hidden agenda for doing this? Throwing mud at his own company? Slinging mud at some people he doesn't like (anymore)? I guess, the classic ones: money and power have something to do with this. Depleting Storix, Inc. main source of turnover is the primary motive.
• The origin of the mail is from Google. Yes, there is some Google spam, but no way it can be considered as a major source of crap.
• Google got the mail from a Comcast user located in Miami, Florida. Again, there is no typical source of hijacked computer, it can be any, even from Florida. However, it would be very unlikely scenario for a malware to hijack Google credentials for sending misinformation from a random Comcast user.
• There is a man in Linkedin with name Anthony Johnson claiming to be author of Storix
• There is a man in Linkedin with name David Huffman claiming to be the CEO of Storix, inc. He is registered as the president of the business entity C2494479 in California.
• There is a legal case 3:14-cv-01873-H-BLM in California Southern District Court, it is Johnson v. Storix, Inc.:
  • Lawsuitdata.com
  • RFCExpress.com
  • I don't know which, if any, of the documents contain the judge's ruling.
• If assumed, that the judge ruled as the e-mail explains, it would be obvious for not to pay for a product to somebody who doesn't own it. That would be fraud if anybody else than a legal owner would ask for you money.

When all of this is combined, there are two possible scenarios left: either this is the weirdest scam I've seen, or it is all true. My take here is: after looking, searching and using my own judgement, I believe the above story of a complete stranger. I sympathize all that happened to him. I also believe, that people shouldn't be thrown out of their own companies, that's just wrong.

Pitch in with a comment, if you have some knowledge of this. I'll be waiting for the movie.

Update 9th Oct 2015:

It's given, that I replied to the mail. I sent the link to this article and told that he has my support.
This is what he wrote back: "Wow, quite an endorsement, and no, it's definitely not a scam. Thanks!"

Some of my avid readers have been dropping me comments on some of my posts asking what's going on. Actually couple of persons contacted me outside this blog and asked the same.

On August I wrote:

It's just that new house with lawn, fence, and all other sorts of construction kept me really busy during summer. Not to mention that my motorcycle had problem with carburetor and when I got that fixed, the alternator broke. Darn!

Wait for the bad weather to kick in, I'll be back with computing-projects after that.

To put it briefly, I just had too much to do and as writing here is something I love to do, but only if it doesn't prevent me doing something more important.

Lately I've had more time to concentrate on the computing for more than my work requires. There are some comments, that require my attention to write new code and to fix my old things. So, I'll get back to them.

Thanks for reading!

I've had my run of bad things with Intel soft-RAID earlier. The constant RAID-verify -runs made me want stop using it. As its my Windows-box, I just wanted something that is hardware-based, reasonably fast and affordable. My choice is HighPoint RocketRAID 620.

For a switch-over -project I had a simple plan:

1. Clonezilla the existing RAID into an another drive which I could plug into a motherboard for the duration of the move
2. Un-configure the Intel soft-RAID at the motherboard
3. Plug in the RocketRAID-card
4. Change the hard-drive cables from motherboard RAID-connectors into RocketRAID-card
5. Configure a new RAID-1 mirror wit RocketRAID
6. Clonezilla the data back to the newly created RAID-1 volume
7. Be happy and continue computing

Guess what. Things fell trough at point #6. I was using an USB-bootable Clonezilla live on my first data move and obviously was planning to use it for the second one too. Whichever Linux-distro they use as the base for Clonezilla, they don't have the driver for the RAID-card. Darn!

The next best thing is a commercial distro for Clonezilla, Parted Magic. They used to be free (as in beer and speech), but they went commercial. The price is $9 USD for a single download, so I got it. And guess what again! They don't support Highpoint RocketRAID either.

I did ask about it in their support forums (closed to registered users only, sorry). And they replied:

We do not do "random" out-of-tree drivers because commonly these are supported by their vendors in a haphazard way. E.g. in the HighPoint case the latest driver is 3 versions behind our kernel version.

Luckily the vendor is providing the partial source code for the driver. There is a binary-part of in it and it is kind-of open-source. The biggest problem seems to be, that it doesn't build on any reasonably modern Linux.

By googling, I found that somebody else had the same process of thought and there was a Github project for the upgraded driver. Unfortunately that too was 3 years old and wouldn't build. Also it was for the vendor driver 1.1, and they already had 1.2 out.

In this imperfect world everything that you need to be done properly, you need to do by yourself. So, here it is: https://github.com/HQJaTu/rr62x
You can help yourselves with that one.

This is how it looks on my dmesg:

[ 85.518732] rr62x: module license 'Proprietary' taints kernel.
[ 85.518737] Disabling lock debugging due to kernel taint
[ 85.519709] rr62x:RocketRAID 62x SATA controller driver v1.2 (Jul 1 2012)
[ 85.735773] rr62x:adapter at PCI 3:0:0, IRQ 16
[ 85.950487] rr62x:[0 0 ] start port.
[ 85.950488] rr62x:[0 0 ] start port hard reset (probe 1).
[ 86.150712] rr62x:[0 1 ] start port.
[ 86.150712] rr62x:[0 1 ] start port hard reset (probe 1).
[ 89.093649] rr62x:[0 0 ] start port soft reset (probe 1).
[ 89.841048] rr62x:[0 1 ] start port soft reset (probe 1).
[ 90.501075] rr62x:[0 0 ] port started successfully.
[ 90.501078] rr62x:[0 0 0] device probed successfully.
[ 90.791364] rr62x:[0 1 ] port started successfully.
[ 90.791369] rr62x:[0 1 0] device probed successfully.
[ 90.806570] scsi host13: rr62x
[ 90.806870] scsi 13:0:0:0: Direct-Access HPT DISK_13_0 4.00 PQ: 0 ANSI: 5
[ 90.809711] sd 13:0:0:0: [sdd] 2930114560 512-byte logical blocks: (1.50 TB/1.36 TiB) [ 90.809847] sd 13:0:0:0: [sdd] Write Protect is off
[ 90.809852] sd 13:0:0:0: [sdd] Mode Sense: 2f 00 00 00
[ 90.809909] sd 13:0:0:0: [sdd] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA
[ 90.832339] sdd: unknown partition table
[ 90.832903] sd 13:0:0:0: [sdd] Attached SCSI disk

I've tested that with Linux 4.0.4 and 3.19.3. It builds and works on both. Any comments, Github forks, pull requests, etc. are welcome. I will get back to the actual disk cloning project later, the driver won't  help unless it is used properly in an operating system.

Last year I spent couple of days tinkering PHP-packages that will work on my Parallels Plesk Panel box. To my surprise, my box failed to auto-upgrade itself. The reason was: "Exception: Failed to solve dependencies:
plesk-php54-mysqlnd-5.4.31-1.el6.x86_64 requires plesk-php54-pdo = 5.4.31-1.el6
plesk-php55-mysqlnd-5.5.6-1.el6.x86_64 requires plesk-php55-pdo = 5.5.6-1.el6". I was dumbfounded, as the proper packages were already installed.

A closer inspection revealed, that packages from my own repository weren't good for installation. There were package dependencies, that required packages with exactly the same name, but from somebody else's repository.

Here are some links:

• http://autoinstall.plesk.com/PHP_5.4.40/dist-rpm-CentOS-6-x86_64/packages/
• http://autoinstall.plesk.com/PHP_5.5.24/dist-rpm-CentOS-6-x86_64/packages/
• http://autoinstall.plesk.com/PHP_5.6.8/dist-rpm-CentOS-6-x86_64/packages/

If you need to install new version, do something like this:

yum install --enablerepo PHP_5_6_8-dist plesk-php56-cli

The information for those came from file /etc/yum.repos.d/autoinstaller-sources.repo.

My only conclusion is, that Parallels guys took my source RPMs and created their own. Thanks for ripping me off!
Ok, this is open-source. I put my stuff out there willingly and knowing, that somebody eventually will use it. The sensible thing to do is to give appropriate credit, though. That one the big greedy corporation didn't do.

I had business in San Francisco and stayed out of my other things to do. Here are some pics:

That's Coit Tower in distance. On the other pic the Alcatraz Island is clearly visible in front of Golden Gate Bridge in San Francisco Bay.

In the business center, the Market Street looks like this from 6th floor:

And while having drinks in the 39th floor of San Francisco Marriott Marquis, the night view is something like this:

For those planning to travel to US, my recommendation is to get local SIM-card. The EU-limit of 62,- € will be reached pretty much immediately. The data roaming prices are insane. 1,- € / 50 KiB or similar. The SIMs sold at the airport cost three times more than the going price at the street is. I just went to a local T-Mobile store and got a pay-as-you-go card. Fee for the SIM was $15 and 1 GiB of  LTE transfer was $10, making the total $25. You can charge more gigabytes to the account if you run out.

I've been a hacker pretty much all my life. It has been an exciting ride so far, as computers have improved so much ever since I got my first one. If setting my first computer as a reference point, the processors are almost infinetly more powerful (not infinetly, but a lot!), there is million million times more storage and the most important thing: all computers are capable of connecting to a network. I wouldn't mind having my first computer with it's processing power and store, but with an Internet-connection. Lastly, they cost a fraction of that. As I typically have top-shelf computer at my use, I was happy to see what's bottom shelf material made of.

A Lenovo G50 is your average supermarket "now on sale" -computer. It's target audience is definitely not me, but people who don't want to spend much on a computer, but as everybody, they need one.

After the price point (paid 249,- €), the sales pitch is pretty much this:
You get an 1" thick laptop with easy recovery option, a keyboard and USB 3.0 and Dolby Digital Plus Advanced Audio. Obvious marketing talk, as the parts I do understand are 1" thick machine with USB 3.0. Rest is more or less nonsense. Anyway, it looks like this:

And no, it is not 1" thick:

My measurement shows 26mm + change. But pretty good still. This is the cheapest you can buy.

Connectivity is pretty much what you'd expect:

Analog VGA, HDMi, two USB 2.0s, one USB 3.0, RJ-45 for ethernet and an SD-card reader. All useful and necessary (I'm not so sure about the SD-card reader, who uses those anyway). With the power connector they went for the W700 rectangular one, it suits better with the slim models:

The keyboard has a numpad built-in:

And then there is the cool Dolby-logo:
With this price, I'd by anything with a Dolby-logo in it! I truly don't know what the Dolby stands for here. My only guess is, that its simply a marketing gimmick.

When kicked into action, the computer looks like this:
The operating system is Windows 8.1. One of the first things it needed was the Start-button. My choice has been Classic Shell. With that any Windows 8 -variant will be made useful again.

As you can see, there is lot of un-installing to do. One of the things I did un-install was the handy recovery tool mentioned in the advertisement. It didn't look convincing to me. While doing the un-installs, I saw something familiar in the list:
Oh, this model has the spyware Superfish installed. I went for the removal tool:
It was a PR-disaster for Lenovo. They were clueless what they bundled with people's computers.

The hardware in this laptop is what you'd expect. Cheap.
The problem isn't CPU or GPU in this case. Even 8 GiB of RAM will never run out, when surfing the web. The problem is slow drive. There is a terabyte of space, but the drive is sooo slow. Pretty much everything I use has an SSD, so getting back to the cheapest spinning platter didn't do me any good.

As a conclusion:

Answer to the question "Is it worth anything?" Yes. Definitely it is.

This is not for serious computing needs, but absolutely worth every penny (cent) for not-so-serious computing needs. Also suitable as secondary equipment for more serious nerds.

After poking a s-22 around with an oscilloscope I managed to find a serial signal out of it. However, Mr. Asiantuntijakaveri pointed out, that it isn't especially useful. To him that serial stuff looked like the mobile-side baseband. Couple of hours tinkering with VxWorks prompt didn't result much for me. So, back to the scope ...

This is what I found:

Another 1,8 volt serial signal. RS-232 parameters are alike the other one 115200 bps 8N1. I couldn't confirm the DCE RX-pin. There is one with suitable electrical characteristics, but it looks like the box doesn't offer any input capabilities, not at least with default configuration.

The data on boot time looks like this:

v?l?space?write magic succsse!%x
24680138%s start addr:0x%x size:0x%x
first step
second step
thred step
DDR exam right !!!!!!!!!!!!!!!!!!!!!!!

press space key to enter bootrom:
Start from: vxWorks Kernel.
>>loading: VxWorks ... success.
>>loading: FastBoot ... success.

hw main id:00000400, sub id:00000001activate_fastboot...0x3CD00000
Starting from entry: 0x30004000
[ 0.000000] Linux version 2.6.35.7 (q81003564@MBB-V7R1-CPE) (gcc version 4.5.1 (ctng-1.8.1-FA) ) #1 PREEMPT Mon Jun 3 13:50:16 CST 2013
[ 0.000000] CPU: ARMv7 Processor [413fc090] revision 0 (ARMv7), cr=18c53c7f
[ 0.000000] CPU: VIPT nonaliasing data cache, VIPT nonaliasing instruction cache
[ 0.000000] Machine: Hisilicon Balong
[ 0.000000] Ignoring unrecognised tag 0x4d534d70
[ 0.000000] Memory policy: ECC disabled, Data cache writeback
[000005940ms] Built 1 zonelists in Zone order, mobility grouping on. Total pages: 36576
[000005941ms] Kernel command line: root=/dev/ram0 rw console=ttyAMA0,115200 console=uw_tty0 rdinit=/init mem=144m
[000005941ms] PID hash table entries: 1024 (order: 0, 4096 bytes)
[000005941ms] Dentry cache hash table entries: 32768 (order: 5, 131072 bytes)
[000005942ms] Inode-cache hash table entries: 16384 (order: 4, 65536 bytes)
[000005957ms] Memory: 144MB = 144MB total
[000005957ms] Memory: 133780k/133780k available, 13676k reserved, 0K highmem
[000005957ms] Virtual kernel memory layout:
[000005957ms] vector : 0xffff0000 - 0xffff1000 ( 4 kB)
[000005957ms] fixmap : 0xfff00000 - 0xfffe0000 ( 896 kB)
[000005957ms] DMA : 0xff600000 - 0xffe00000 ( 8 MB)
[000005957ms] vmalloc : 0xc9800000 - 0xf0000000 ( 616 MB)
[000005957ms] lowmem : 0xc0000000 - 0xc9000000 ( 144 MB)
[000005957ms] modules : 0xbf000000 - 0xc0000000 ( 16 MB)
[000005957ms] .init : 0xc0008000 - 0xc0028000 ( 128 kB)
[000005958ms] .text : 0xc0028000 - 0xc06ca000 (6792 kB)
[000005958ms] .data : 0xc06ca000 - 0xc0701520 ( 222 kB)
[000005958ms] SLUB: Genslabs=11, HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[000005958ms] Preemptable hierarchical RCU implementation.
[000005958ms] RCU-based detection of stalled CPUs is disabled.
[000005958ms] Verbose stalled-CPUs detection is disabled.
[000005958ms] NR_IRQS:160
[000005958ms] Console: colour dummy device 80x30
[000005958ms] Calibrating delay loop... 897.84 BogoMIPS (lpj=4489216)
[000006218ms] pid_max: default: 4096 minimum: 301
[000006218ms] Mount-cache hash table entries: 512
[000006218ms] CPU: Testing write buffer coherency: ok
[000006219ms] start log trace.
[000006223ms] NET: Registered protocol family 16
[000006224ms] Serial: BalongV7R1 UART driver
[000006224ms] dev:uart0: ttyAMA0 at MMIO 0x90007000 (irq = 102) is a Balong rev0
[000006435ms] console [ttyAMA0] enabled
[000006461ms] bio: create slab at 0
[000006465ms] hi_gpio_probe:gpio sync in acore.
[000006469ms] hi_gpio_probe:gpio sync over.
[000006474ms] SCSI subsystem initialized
[000006478ms] enter Acpu-softtimer-modeule-init!!!
[000006482ms] softtimer_module_start_success-,1-- >>>>>>>>>>>>>>
[000006488ms] start create the softtimer thread!!!
[000006492ms] end the Acpu_softtimer_init() !!!
[000006497ms] usbcore: registered new interface driver usbfs
[000006503ms] usbcore: registered new interface driver hub
[000006508ms] usbcore: registered new device driver usb
[000006513ms] ***************************************************************
[000006520ms] begin to init mutilcore: 0000
[000006524ms] hw id: main,0x400, sub,0x1
[000006528ms] ===== beg mem usr function =====
[000006532ms] begin to init mutilcore: 222
[000006536ms] start BSP_ICC_Init
[000006539ms] g_pstIccCtrlChan = 0xf2fc02c0
[000007098ms] ##### icc init success!, cnt=1971, connet=1
[000007103ms] end BSP_ICC_Init
[000007106ms] begin to init mutilcore: 333
[000007110ms] begin to init mutilcore: 444
[000007113ms] BSP_MODU_IFCP
IFC Process init success!
[000008606ms] A:start icc cshell...
[000008609ms] cshell_icc_open success,cshell_udi_handle is 5898241
[000008615ms] free_ok
[000008617ms] the lcr_reg is 3
[000008620ms] pTemp is 0xc8a90000
[000008623ms] UDI_BUILD_DEV_ID is 0x300
[000008626ms] start NVM_Init
[000008629ms] MSP_IPC udi_open Start
[000009297ms] MSP_IPC udi_open End Handle = 5a0002
[000009715ms] end NVM_Init
[000009718ms] begin to init mutilcore: 555
[000009721ms] BCM43239_WIFI_Release: Entering...
[000009726ms] DRV_HSIC_Release: Entering ...

Actually there is like 1000 lines more log, but it's just Linux loading. Including in the log there are SSH-passwords for 2 users admin and user. They are exactly what sshusers.cfg will have after boot.

It will take couple of seconds for the bootloader to kick on the Android-side. The bootloader serial-data starts flowing in immediately, but this one sleeps a while and starts after that.

Side buttons exaplained

I have previously touched the subject of WiFi / Reset / WPS -buttons. Also I got a comment about un-bricking a s-22, but that didn't help me much. This is related to serial output in a sense, that pressing the buttons will have effect on the serial output.

Now that I have a clear view of what's happening at the box I'd like to take this opportunity of describing the three buttons' behaviour:

• (device running normally) WiFi button pressed for over 1 second: WiFi on/off
  • no surprises there, you can do this from Web-GUI too
• (device running normally) Reset button pressed for over 2 seconds: Factory reset
• (device running normally) Reset button pressed for less than 2 seconds: no-operation
• (device running normally) WPS button pressed: on/off
  • no surprises there, you can do this from Web-GUI too
• (device running normally) WiFi and WPS buttons pressed: no special functionality, will toggle WiFi and WPS as they would be pressed separately
• (device running normally) WiFi, Reset, WPS buttons pressed: no special functionality
• (device not powered) WiFi button pressed while powering on: baseband (VxWorks) serial console displays Android console briefly and stops
  • Linux-side serial console will be completely silent
• (device not powered) WPS button pressed while powering on: no-operation
• (device not powered) Reset button pressed while powering on: no-operation
• (device not powered) WiFi and WPS buttons pressed while powering on: enter bootloader menu
• (device not powered) WiFi, Reset and WPS buttons pressed while powering on: enter bootloader menu

If you have other suggestions about the buttons, please drop me a comment.

When it comes to unlimited supply of failures, one of my absolute favorites is YLE. Whatever they try, they seem to fail at it.

They have stumbled with their on-line service (Areena) a number of times. It took them years and years, but recently it has been at level, semi-decent service, no major failures, works even on iPad.

As they are having an uphill fight with piracy and people not obeying the country limitations they are forced by distribution agreements, they did the only sensible thing anybody can do: if you're using a HTTP proxy, then you're out! The only natural ruling can be that anybody using a proxy is accessing their service from abroad.

Like this:

The license of this radio show says that they will apply geo IP restrictions to it to limit audience in Finland only "( Kuunneltavissa vain Suomessa )". It will result in sorry-you're-not-in-Finland ("Ohjelma ei ole kuunneltavissa ulkomailla") and a refusal to play. However I am in Finland, I should be allowed access to that.

These guys are known for their inability to think smart. It is impossible to know if somebody abroad is using a Finnish proxy or not. The only possible detection method is checking for X-Forwarded-For HTTP-header.

That should be an easy fix. Let's see:

# host areena.yle.fi
areena.yle.fi has address 91.229.138.2
areena.yle.fi has address 91.229.138.6

Whois information for their IP-block is:

% Information related to '91.229.138.0/23AS57066'

route: 91.229.138.0/23
descr: Yleisradio Oy
origin: AS57066
mnt-by: DATANET-NOC
source: RIPE # Filtered

Adding this to /etc/squid/squid.conf:

# Forwarded-for -stuff off for YLE
acl yle_areena dst 91.229.138.0/23
request_header_access X-Forwarded-For deny yle_areena

... and restart will do the trick! Squid-proxy fully supports this kind of behavior with acl and request_header_access -directives. Now YLE-people are blissfully ignorant about you using a proxy or not.

Update 24th Mar 2015 and 1st Jan 2016:
Also MTV katsomo.fi has gone for this stupidity. The fix is obviously:

acl mtv_katsomo dst 23.54.11.0/24 # Katsomo.fi (Akamai)
acl akamai      dst 23.32.0.0/11  # Akamai

request_header_access X-Forwarded-For deny mtv_katsomo
request_header_access X-Forwarded-For deny akamai

Now they allow you to watch via proxy.

As I told earlier, I bricked one. It was a loaned one, so I really got burned on that. There was not much to do, but pop the hood of the s-22 and hope to find something interesting there. An interesting thing would be serial console (RS-232) or JTAG.

Here goes:

There are 3 Phillips PH-2 screws holding the unit together. One screw always has a thin paper on top of it. It is a "Huawei-thing". If the paper is broken, it will void your warranty. Remove the 3 screws, and you can pry the box open:

Then the front cover is gone, you have the wrong side of the motherboard in front of you. You need to detach the MoBo from the back cover. There are 4 Phillips PH-2 screws holding it:

Now you're seeing the real thing:

Here is a layout of all the good stuff:

Mr. Asiantuntijakaveri gave me a hint to check couple pins near the CPU for serial signal. I attached an oscilloscope into couple of interesting pins and got following:

Definitely an RS-232 signal. Based on the timings, looks like 115200 bps. Just as in B593 u-12. The only thing was about the voltage. My scope said 1,792 volts peak-to-peak. That's way too low for my 3,3 volt TTL to RS-232 converter. I put in a purchase order for more capable (expensive) adapter and eventually UPS-guy brought it to me:

The one I have is Future Technology Devices International TTL-232RG, TTL-232RG-VREG1V8-WE to be specific. Their spec says: VREG1V8 = USB to UART cable with +5 to +1.8V TTL level UART signals and WE = wire end. A Linux sees it as a Bus 005 Device 004: ID 0403:6001 Future Technology Devices International, Ltd FT232 USB-Serial (UART) IC. It is fully working after plugging in both on a Linux and Windows 7.

I put this into a PuTTY (115200 N81, no flow control):

And yes, there are results:

onchip
NF_boot!
UnSec_boo
v?l?space?%s start addr:0x%x size:0x%x
first step
          second step
                     thred step
                               DDR exam right !!!!!!!!!!!!!!!!!!!!!!!

press space key to enter bootrom:
Start from: vxWorks Kernel.
>>loading: VxWorks ... success.
>>loading: FastBoot ... success.

hw main id:00000400, sub id:00000001activate_fastboot...0x3CD00000
Starting from entry: 0x30004000

That's it no more. Not very useful. Then Mr. Asiantuntijakaveri gave me another hint. Try the three-finger-salute, press WiFi, Reset and WPS buttons and then kick on the power. An u-12 will go to some sort of serial-console service mode. And yes, a s-22 does the same. All I have to do is have all three buttons pressed, kick the power on and immediately release all them. Now I have on serial:

first step
second step
thred step
DDR exam right !!!!!!!!!!!!!!!!!!!!!!!

press space key to enter bootrom: 
enter load backup
IMAGE_BOOTROM load from:0x00340000>>loading: BootRom ... try inflate.
image length: 000A412A
ram_inflate_addr: 34F4382E
inflating...
return value: 00000000
inflate success! data check OK!

hw main id:00000400, sub id:00000001Starting from entry: 0x300040Target Name: vxTarget 

Adding 5472 symbols for standalone.
 

 ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]
 ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]
 ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]
      ]]]]]]]]]]]  ]]]]     ]]]]]]]]]]       ]]              ]]]]         (R)
 ]     ]]]]]]]]]  ]]]]]]     ]]]]]]]]       ]]               ]]]]            
 ]]     ]]]]]]]  ]]]]]]]]     ]]]]]] ]     ]]                ]]]]            
 ]]]     ]]]]] ]    ]]]  ]     ]]]] ]]]   ]]]]]]]]]  ]]]] ]] ]]]]  ]]   ]]]]]
 ]]]]     ]]]  ]]    ]  ]]]     ]] ]]]]] ]]]]]]   ]] ]]]]]]] ]]]] ]]   ]]]]  
 ]]]]]     ]  ]]]]     ]]]]]      ]]]]]]]] ]]]]   ]] ]]]]    ]]]]]]]    ]]]] 
 ]]]]]]      ]]]]]     ]]]]]]    ]  ]]]]]  ]]]]   ]] ]]]]    ]]]]]]]]    ]]]]
 ]]]]]]]    ]]]]]  ]    ]]]]]]  ]    ]]]   ]]]]   ]] ]]]]    ]]]] ]]]]    ]]]]
 ]]]]]]]]  ]]]]]  ]]]    ]]]]]]]      ]     ]]]]]]]  ]]]]    ]]]]  ]]]] ]]]]]
 ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]
 ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]       Development System
 ]]]]]]]]]]]]]]]]]]]]]]]]]]]]
 ]]]]]]]]]]]]]]]]]]]]]]]]]]]       VxWorks 6.8
 ]]]]]]]]]]]]]]]]]]]]]]]]]]       KERNEL: WIND version 2.13
 ]]]]]]]]]]]]]]]]]]]]]]]]]       Copyright Wind River Systems, Inc., 1984-2009

 CPU: ARM RealView PBX-A9.  Processor #0.
 Memory Size: 0x4efa000.  BSP version 2.0/0.
 Created: Jun 03 2013, 13:52:34
 ED&R Policy Mode: Deployed

-> GU base addr: 0x3e200000
HIFI base addr: 0x3f800000
===== beg mem usr function =====
Hisilicon NANDC_V4.00 initialize...

NAND device: Manufacturer ID: 0xad, Chip ID: 0xbc (Hynix NAND 512MiB 1,8V 16-bit)
ptable_yaffs_mount: /yaffs0 ...yaffs: Mounting /yaffs0
yaffs: yaffs_GutsInitialise()
yaffs: yaffs_GutsInitialise() done.

OK.

ptable_yaffs_mount: /yaffs1 ...yaffs: Mounting /yaffs1
yaffs: yaffs_GutsInitialise()
yaffs: yaffs_GutsInitialise() done.

OK.

ptable_yaffs_mount: /yaffs2 ...yaffs: Mounting /yaffs2
yaffs: yaffs_GutsInitialise()
Collecting block 1136, in use 39, shrink 0, wholeBlock 0
Collecting block 1136, in use 34, shrink 0, wholeBlock 0
Collecting block 1136, in use 29, shrink 0, wholeBlock 0
Collecting block 1136, in use 24, shrink 0, wholeBlock 0
Collecting block 1136, in use 19, shrink 0, wholeBlock 0
Collecting block 1136, in use 14, shrink 0, wholeBlock 0
Collecting block 1136, in use 9, shrink 0, wholeBlock 0
Collecting block 1136, in use 4, shrink 0, wholeBlock 0
yaffs: yaffs_GutsInitialise() done.

OK.

ptable_yaffs_mount: /yaffs5 ...yaffs: Mounting /yaffs5
yaffs: yaffs_GutsInitialise()
yaffs: yaffs_GutsInitialise() done.

OK.

Collecting block 301, in use 34, shrink 0, wholeBlock 0
Collecting block 301, in use 29, shrink 0, wholeBlock 1
0x34ef9d7c (tRootTask): PMU PWR IRQ1 : 0x0

0x34ef9d7c (tRootTask): PMU PWR IRQ2 : 0x20

0x34ef9d7c (tRootTask): PMU PWR IRQ3 : 0x0

0x34ef9d7c (tRootTask): PMU REG IRQ1 : 0x0

0x34ef9d7c (tRootTask): PMU REG IRQ2 : 0x20

0x34ef9d7c (tRootTask): PMU REG IRQ3 : 0x0

0x34ef9d7c (tRootTask): PMU REG H_N_STATUS(0x43)  : 0x0

0x34ef9d7c (tRootTask): PMU REG H_N_STATUS(0x44)  : 0x0

0x34ef9d7c (tRootTask): PMU FLAG REG 0x4  : 0x0

0x34ef9d7c (tRootTask): PMU FLAG REG 0x5  : 0x0

0x34ef9d7c (tRootTask): PMU FLAG REG 0x6  : 0x0

0x34ef9d7c (tRootTask): PMU FLAG REG 0x7  : 0x5

0x34ef9d7c (tRootTask): PMU FLAG REG 0x8  : 0x0

0x34ef9d7c (tRootTask): hw main id:0x400, sub id:0x1
0x34ef9d7c (tRootTask): PMU NVM_Read ERROR. 
0x34ef9d7c (tRootTask): getFactoryMode:not in factory mode!
0x34ef9d7c (tRootTask): BootRom update_getWebUIUpdateFlag: 0x8B6A7024 
0x34ef9d7c (tRootTask): dloadIsDoBackupUpdate: need to do the backup update!
0x34ef9d7c (tRootTask): getBackupBinState: open file failed!
0x34ef9d7c (): task deadexcutePreBackupUpdate: the backup bin is invalid!
0x34ef9d7c (): task deadclearBkupUpdateFlag: succeed to clear the backup update flag!
0x303c32f0 (tUSBTask): BSP_USB_GetDevDescIdx: MDM+PCUI+DIAG in Bootrom image

0x303c32f0 (tUSBTask): Starting USBware stack, Version 3.4.30.21

Oh yes! I was getting somewhere. On an enter I got a prompt and threw in some commands:

[M]->?
C interp: syntax error.
[M]->help

help                           Print this list
dbgHelp                        Print debugger help info
edrHelp                        Print ED&R help info
ioHelp                         Print I/O utilities help info
nfsHelp                        Print nfs help info
netHelp                        Print network help info
rtpHelp                        Print process help info
spyHelp                        Print task histogrammer help info
timexHelp                      Print execution timer help info
h         [n]                  Print (or set) shell history
i         [task]               Summary of tasks' TCBs
ti        task                 Complete info on TCB for task
sp        adr,args...          Spawn a task, pri=100, opt=0x19, stk=20000
taskSpawn name,pri,opt,stk,adr,args... Spawn a task
tip       "dev=device1#tag=tagStr1", "dev=device2#tag=tagStr2", ...
                               Connect to one or multiple serial lines
td        task                 Delete a task
ts        task                 Suspend a task
tr        task                 Resume a task

Type  to continue, Q or q to stop:  

tw        task                 Print pending task detailed info
w         [task]               Print pending task info
d         [adr[,nunits[,width]]] Display memory
m         adr[,width]          Modify memory
mRegs     [reg[,task]]         Modify a task's registers interactively
pc        [task]               Return task's program counter
iam       "user"[,"passwd"]    Set user name and passwd
whoami                         Print user name
devs                           List devices
ld        [syms[,noAbort][,"name"]] Load stdin, or file, into memory
                               (syms = add symbols to table:
                               -1 = none, 0 = globals, 1 = all)
lkup      ["substr"]           List symbols in system symbol table
lkAddr    address              List symbol table entries near address
checkStack  [task]             List task stack sizes and usage
printErrno  value              Print the name of a status value
period    secs,adr,args...     Spawn task to call function periodically
repeat    n,adr,args...        Spawn task to call function n times (0=forever)
version                        Print VxWorks version info, and boot line
shConfig  ["config"]           Display or set shell configuration variables

Type  to continue, Q or q to stop: 
strFree   [address]            Free strings allocated within the shell (-1=all)

NOTE:  Arguments specifying 'task' can be either task ID or name.

value = 10 = 0xa
[M]-> 

I don't yet know what to do with all that, but ... if I do, I'll tell about it. The part "press space key to enter bootrom" sounds interesting. I don't know if I can un-brick this thing from VxWorks-side.

So, about the pins. First a ground is needed. Typically it's available almos everywhere. There are couple of easy points to get the ground from, especially in the PSU-area. Of all the easily available GND-pins I chose this one:

The choice was made by a simple logic, it was just an easy one to solder. Then the RS-232 DCE pins at the CPU-unit:

The metallic thing is simply a cover, the actual CPU is under that hood. I did check that one out, but I didn't find anything interesting under that one. Also understand about serial signals, that transmit and receive are from the point of the router (DCE), not from your computer (that would be DTE). You can think of it like this: when DCE transmits (TX), it will go to receive (RX) of a DTE.

If you do your own hacks, know that the power system on a s-22 is weird one. Input is 12 VDC, majority of the Vcc pins have 5 VDC, but I seriously doubt that the system would run on that voltage. If you need it, there is one easily accessible pin with 3,3 VDC:

At the time of writing, the box is still bricked. But this time I have something to work with.

Update 24th Mar 2015:
There is more information available about this subject in this article.

As I wrote in my E5186 review, there is a very good API for accessing the box.

All responses start with a <?xml version="1.0" encoding="UTF-8"?>. API-calls have <response> as the root element, config-calls have <config> as the root element. Some of the API-calls can be set (POST) or get (GET). Config cannot be set (POST), only read (GET).

All of the API-calls require a valid session cookie set to respond. Some commands require a logged in user for access, some don't. I won't be able to maintain this list, as I don't own an E5186, but I'll update this if I find something interesting.

Later I will publish a tool to allow full bi-directional access.

As I mentioned earlier, a reader of this blog got a Huawei E5186 and I got to test drive it. The model is still in prototype and the semi-official rumour is, that it will be released Q2/2015. As usual, they are not sold directly by Huawei, but by telcos. The one I had was from Germany, T-mobile. The mobile side is pretty much same as in B593s-22, the exact model I had was in fact E5186s-22. Frequencies and modulations are: LTE FDD DD800/900/1800/2100/2600 and TDD 2600. It is very likely, that inside the box is a HiSilicon Android running on a ARM-chip.

It looks exactly like a B593. Here are the pics:

The first things I noticed, that the Tel1 and Tel2 RJ-11 connectors are missing. Also: no USB!! What! I found information from discussion boards, that this particular T-Mobile version is a "poor man's model". There does exist other E5186 models, which have USB and the Tel-connectors.

As a B593 has, there are dual antenna connectors and they are SMA:

For testing this router I didn't need external antennas, the RF-side is much more sensitive than in a B593. In a location where I normally have one bar (without external antenna), this one got three (out of five). Nice!

If you'd want to pop the hood, it opens like B593 does, from the bottom:

All Huawei-hardware has a thin paper on top of one screw. This is to indicate if that screw was removed to void any warranty. I didn't open it, it wasn't my own box.

The web-GUI is completely new:

Everything looked brand new, so had to port-scan the thing:

PORT   STATE SERVICE
53/tcp open  domain
80/tcp open  http
MAC Address: 38:F8:89:03:1C:36 (Unknown)

What a surprise! Nothing there. Nothing! No SSH, no FTP, no Samba, no HTTPS. A B593 has plenty of ports open, but this beast is closed as a clam.

A cursory check on the HTML and JavaScript prooved, that entire front was re-written. B593 front has issues on security and functionality, this thing is entirely jQuery / AJAX -based thing. All the requests transfer XML. I was expecting JSON, but hey, it works. I guess there is something on back-end, which runs better on XML.

As the stripped-down hardware suggests, the web-GUI has very little options:

No real surprises there. The only thing, that really caught my eye, was the 5GHz WLAN which B593 doesn't have. There must be some new electronics inside.

This is the device information screen:

As it happened, also Finnish magazine happened to review the E5186. I don't have a permission for reprint, but here is a small glimpse what they said:

As a conclusion, the mag loved the box. I don't know which version they had, but this one without USB I don't especially love. It's too pricey without the port. Under the hood, the AJAX-API has a ton of features not available via your web browser. I'll get back to that subject later.

As I test different network equipment regularily, I need SIM-cards and data plans for them. All of these are generally available and affordable, just go to nearest R-Kioski and get one.

Elisa (Saunalahti)

Elisa is the biggest telco with number of customers and market share. Their consumer products are under Saunalahti brand, including their pre-paid data plans.

Pre-paid data plans:

• One day 4G (100 Mbit/s) 1.90 €
• One week (21 Mbit/s) 6.60 €
• One month (0,25 Mbit/s) 6.60 €
• One month (4 Mbit/s) 14.90 €
• One month (21 Mbit/s) 16.90 €
• One month 4G (50 Mbit/s) 19.90 €
• Six months (0,25 Mbit/s) 27.80 €

Incoming access:

None. All pre-paid and post-paid data plans are NATed. Post-paid 3G data plans have the possbility of changing into a non-NATed one, but that options is not available for 4G. This is total crap!

TeliaSonera

TeliaSonera is the 2nd biggest telco in Finland. As they operate also in Sweden, Norway and Estonia in general, it is the biggest corporation of these three.

Pre-paid data plans:

• One week 4G (50 Mbit/s) 12,90 €
• One month 4G (50 Mbit/s) 23,90 €

Incoming access:

None. All pre-paid and post-paid data plans are NATed. Post-paid data plans have possibility of subscribing a service (for small fee), to allow public IP-address. Having a fixed IP instead a dynamically allocated one costs extra.

DNA

DNA is the smallest player (excluding virtual operators). When it comes to telcos, size does not matter. Their coverage is equal to bigger players.

Pre-paid data plans:

• 1 GiB transfer, six months 4G (150 Mbit/s) 9,90 €
• 10 GiB transfer, six months 4G (150 Mbit/s) 19,90 €

Incoming access:

All data plans are allocated a dynamically changing public IP-address.

List of open TCP-ports (IP-protocol 6) found with Nmap scanning my own IPv4-address:

• 500/tcp
• 1024/tcp
• 1723/tcp
• 2222/tcp
• 4002/tcp
• 5001/tcp
• 5800/tcp
• 5900/tcp
• 6001/tcp
• 7001/tcp
• 8001/tcp
• 8081/tcp
• 8082/tcp
• 8083/tcp
• 8088/tcp
• 8090/tcp

I also tested other incoming IP protocols and they seem to pass without limitations. Running VPN or IPv6-tunnels is completely possible.

Conclusion

The obvious winner is DNA. It is affordable, no NAT, incoming access is possible, although limited. The only drawback is for people requiring lot of transfer, there is limit for amount of bytes. If you run out, just add another 6 month package, and you're good to go.

2nd place goes for TeliaSonera post-paid Opengate-connection. It is still affordable (17,- € / month, incl. incoming access 3G/4G), no transfer limits and allows full incoming traffic without filtered ports.

3rd place goes for Saunalahti one day pre-paid. It offers speed, no transfer limits, but I had trouble comprehending their system. As I already had a pre-paid SIM, all I had to do is to add credits to its account, but ... I somehow didn't manage to do it. I did do it before, but ...

I was browsing news feeds and read an article about Danske Bank not using SHA-256 certificate (article in Tivi, in Finnish only) in its online bank. "So what? Big deal, huh. Nobody else does either." was my instant thought. 15 seconds later ... but do they really? Let's investigate.

The reasoning about the article is, that Goole is Gradually sunsetting SHA-1. That is something they announced in September 2014, giving plenty of time for service admins to react. Google's Chrome will display HTTPS using less than SHA-256 signed certificate which is valid past 1st Jan 2017 like this:

Anbody, who takes your security seriously will be displayed like this:

The difference is with the green lock, or lack of it. Most users don't care about the lock anyway, so lot of fuss about nothing.

The bad

The good

The conclusion

Apparently somebody does. As it happens, all the banks having SHA-256 certificates are from same source: Symantec/Verisign. However, most of the institutions haven't had the time to react. There is no point to finger point (pun intended) one of them.

The information was gathered with Gnu TLS command-line tool (gnutls-cli --print-cert).

I had a chance to setup a modern 4G/3G/2G router. Of course I took pics and share the details here!

This is what a ZTE MF910 looks like:

Pretty much the first thing that comes to my mind is: "It's a cell phone!" Yes, indeed. It is. It is an Android phone. My guess is, it is 99% of a cell phone when compared to an Android in your pocket. It is small, it has an USB-charger, runs hours from a battery. It is shiny (pretty difficult to get decent pictures of it). It has a display (no touching or anything expensive). And it costs 99,- €. There is very little differentiating it, except that it doesn't have a speaker and a microphone. I didn't pop the hood of it (that thing isn't mine, I was just helping to set it up), but I'm thinking it has all the chips and electronics a phone would have.

Screen will indicate connection type (2G/3G/4G), bars, Internet status (ok, both arrows up and down), Wi-Fi enabled, how many clients are connected to the Wi-Fi, battery charge level, operator name, cumulative time connected and the cumulative transmitted bytes.

On the back there are out-of-the-box defaults and mandatory IMEI-information. The TAC-code for this one is 86415402 and I couldn't find it from any TAC databases. Must be quite a new one. What I didn't find is how to replace the battery. I guess you cannot, it is like a cell phone. It doesn't feel hot or anything when running, looks like the electronics design is also modern. It puts all the electrons where you'd expect them to go, not to dissipate heat.

Here is a clear difference to a phone:

There are two antenna connectors (TS9) on the sides. As all LTE equipment always has 2 antennas (your phone does, you just won't see them), there needs to be connectors for both of them. The intended purpose for this is to convert cellular connection into Wi-Fi. As sometimes the cell network connection is poor, adding a proper antenna (or two) can make a difference. Power button has one extra feature including the obvious one. If you press it shortly, it will display the default WLAN SSID and password on the screen. Funny thing: if you change them, the screen won't display the new ones. On the as-expected, there is a mini-SIM -slot and mini-A USB for the charger.

The antenna connector is a quirky one:

I couldn't find anything to connect to it. Any typical small appliance (like Huawei USB-sticks) have CRC9-connector, or the bigger routers (like Huawei B593) have SMA-connectors. I guess the new TS9 is suiting better for some reason.

When the SIM-card in inserted, power button pressed and box is up and running, it connects automatically to internet. It distributes an IP-address to any client devices and enables the management web-console. It looks like this:

There is a decent selection of langauges for the GUI:

And the top right corner status indicator is good one:

It provides a lot of information without need to login. This is what it looks like once in:

There is no need to look for Wi-Fi settings. They are right there after a login. In general I really love their approach, lot of useful features and really well thought web-GUI implemented. Also the existence of 5 GHz WLAN tells about a modern design. A while ago only 2,4 GHz existed in routers such as this.

The Internet connection details are:

APN I didn't touch, it just worked. Network mode (2G/3G/4G) may be necessary if reception has issues. The most important thing is, that this box has a built-in freq lock in it. No need of hacking or any quirks. This is by far the most commonly asked question nowadays, how do you lock B593 into a frequency. With this el-cheapo box, setting is right there! Nice.

I also love the status screens:

Lot of relevant information right at your screen! This is exactly what everybody else should be doing. Unfortunately the network status screen is optimized heavily for LTE-connections and on UMTS it won't tell much.

As a conclusion I have to recommend this cheaply built piece of plastic for any router needs. It certainly is worth the money and has just the right features in it. The only thing that worries me is the constant charging: will it survive future years? I don't care if the thing wouldn't run from the battery, but will the charger alone be enough to run it?