Skip to content

A fake USB3 hub

I recently bought a 7-port USB3 hub from eBay. That’s a somewhat interesting experience. It turns out that’s it’s not a 7-port USB3 hub. It’s a four port USB3 hub, and a three port USB2-hub, which happens to be mounted on the same board.

Inside, it contains two major IC’s:

VLI VL815 Chip


One of them, the VL815, appears to be a USB3 hub chip, from VIA. The other chip, SL2.1 is a obscure USB2 hub chip, with a datasheet only in chinese – but at least clearly marked as USB2, both on the chip, and in the datasheet.

This is clearly not some accident in manufacturing; they’re making a fraudulent product, with some USB3 ports, and some USB2 ports – and hope that their customers won’t be able to tell the difference. The physical ports are all USB3, with the five extra contacts – just not connected to anything…

It amazes me that anyone goes to this length to shave of cents on a design – and it clearly works in the majority of the cases, otherwise they’d stop selling it quickly…

Update: After contacting the seller, I got this fantastic reply:

Sorry I think it is a faulty one, may be the packing colleague did not check carefully before packing, we will make a full refund for you,please check your paypal later, thanks.

So, they accidentally didn’t check that their design was a design that was totally wrong… Sorry, this defies belief. It’s not a mistake, it’s a deliberate design choice. At least they gave a full refund…

Install Apache2 on Ubuntu 16.04

I assume that you have a running Ubuntu installation. This is written with 16.04 in mind but should work with some adaptions on other versions as well. is used as an example (D’oh) in this post, and should be changed to suit your installation.

Installing Apache2, PHP, MariaDB and so forth

$ sudo apt install apache2 libapache2-mod-php mariadb-server php-mysql

This will install Apache2, PHP, MariaDB, and some dependencies, in addition to PHP bindings for accessing mysql.

At this stage, you should be able to access, and see a default page: Default page

Setting up a vhost

Vhosts are virtual hosts, which is used to serve different content for different domain names.

Start editing a new file called /etc/apache2/sites-available/ in your favorite editor:

$ sudo editor /etc/apache2/sites-available/ 

Enter the following configuration:

<VirtualHost *:80>
        DocumentRoot /var/www/html/
        ErrorLog ${APACHE_LOG_DIR}/
        CustomLog ${APACHE_LOG_DIR}/ combined

First, we define the primary ServerName. This is the domain used to access the site. Only one can be defined per vhost. In addition, we define a ServerAlias, in case someone enters in their browser. This ensures that Apache replies to both names. Both names has to point to your server, either in DNS, or in /etc/hosts for local testing.

Any number of server aliases can be specified, and they do not have to contain parts of the ServerName. Thus, ServerAlias would be valid.

Create the new DocumentRoot

I’ve placed the new documentroot in /var/www/html/ This is a location that is allowed to be served by Apache in Ubuntu. If I, for instance, placed it in /srv/, I would have to include a Directory stanza for it. For now, create the webroot, fill it with some content, and activate the new config:

$ sudo mkdir /var/www/html/
$ echo "This is a test" | sudo tee /var/www/html/
$ sudo a2ensite
$ sudo service apache2 reload

If you now visit, you should see the output *This is a test”. Congratulations! Your first vhost is running!

Install letsencrypt and grab certificates

To receive certificates from Let’s Encrypt, we need a client. The letsencrypt package included with 16.04 is ancient, so we need a ppa for this.

$ echo "deb xenial main" | sudo tee /etc/apt/sources.list.d/01-certbot.list
$ sudo add-apt-key -k 8C47BE8E75BCA694
$ sudo apt update && sudo apt install certbot python3-certbot-apache 

Run certbot as root:

$ sudo certbot

Select the domain you want to get a certificate for and follow the on-screen instructions by certbot. When asked if you want to redirect, select redirect if you want https only, and no redirect if you want both http and https. Today, there’s almost no reason to not redirect.

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 

Try visiting again – it should change to show that it is secure.

Congratulations, you have not set up apache2 with a valid TLS certificate that ensures traffic is encrypted!

Install WordPress

Next step is to install some application. I’ve picked WordPress as example to install.

First become root by entering sudo -i. Next, change directory to your webroot, and download, unpack and change ownership to Apache’s user:

$ sudo -i
# cd /var/www/html/
# wget
# tar -zxf latest.tar.gz && rm latest.tar.gz
# chown -R www-data.www-data wordpress/

You will now have a WordPress instance at – let’s go there.

The wizard tells you that you need a MySQL table, user, and password. Let’s make them!

By default, Ubuntu will use unix socket authentication for MariaDB. Thus, to log in to MariaDB as root, you have to use

sudo mysql -u root

or run the command in a root shell (for instance sudo -i). This will log you in without entering any password

# mysql -u root
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 32
Server version: 10.0.33-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04
Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE wordpress_db;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON `wordpress_db`.* TO 'wordpress_user'@'localhost' IDENTIFIED BY 'passw0rd';
Query OK, 0 rows affected (0.01 sec)
MariaDB [(none)]> exit

Fill in the username wordpress_user, databasename wordpress_db and password passw0rd in WordPress’ configuration. That’s basically it; the rest is about following WordPress’ installation guidelines.

To add more vhosts, simply start from “Setting up a vhost”.

Further reading

COAP endpoints on IKEA Trådfri

So, I’m talking to the Trådfri GW. It turns out that my initial research was correct. It is talking coaps. I used to talk to it, requesting coaps:// It actually seems to implement the standard rather well 🙂 I had to use -psk and enter the security key, printed on a label under the gw itself.
UPDATE: Leave PSK identity blank.

==[ CoAP Response ]============================================
MID : 115
Token : 170a801bb0362002
Type : ACK
Status : 2.05
Options: {"Content-Format":"application/link-format"}
Payload: 560 Bytes
Time elapsed (ms): 1251

Querying each of the endpoints yielded the following:


{"9054":0,"9001":"Remote","5750":0,"9002":1490983329,"9020":1490985746,"9003":65536,"15009":[{"9003":0}],"9019":0,"3":{"1":"TRADFRI remote control","0":"IKEA of Sweden","2":"","3":"","6":3,"9":100}}

This is obviously the remote control unit.


{"9054":0,"9001":"K","5750":2,"9002":1490992930,"9020":1491052948,"9003":65538,"9019":0,"3":{"1":"TRADFRI bulb E27 WS opal 980lm","0":"IKEA of Sweden","2":"","3":"","6":1},"3311":[{"9003":0}]}

This is one of the bulbs. I believe it is the one named “K” in the IKEA app… 🙂


{"9054":0,"9001":"LR","5750":2,"9002":1490983446,"9020":1491055861,"9003":65537,"9019":1,"3":{"1":"TRADFRI bulb E27 WS opal 980lm","0":"IKEA of Sweden","2":"","3":"","6":1},"3311":[{"5850":1,"5851":254,"5707":0,"5708":0,"5709":33135,"5710":27211,"9003":0,"5711":0,"5706":"efd275"}]}

Another of the bulbs – I currently have two. This is obviously the one in the living room – LR. This is powered on, whilst the other one has main power removed. The powered on one (this) returns more data than the one that is powered down.


{"9001":"TRADFRI group","9039":203361,"9002":1490983341,"9003":139121,"5850":0,"5851":0,"9018":{"15002":{"9003":[65536,65537,65538]}}}

I have defined one group, containing both bulbs. The 9003 array contains the devices in this group (remote control and two bulbs).


This is information about ntp server.


You can change to your own ntp-server by issuing a set request, with replaced by your own. Quite neat actually.



This is one of the presets for mood lightning in the app. Reddish with low intensity.

Oookay, that’s enough about the endpoints. The rest is mostly a continuation. Let’s go back to the kitchen light, which I’ve now powered on, put to max level and bright white (highest color temperature). As expected it now replies with more data:

{"9054":0,"9001":"K","5750":2,"9002":1490992930,"9020":1491052948,"9003":65538,"9019":1,"3":{"1":"TRADFRI bulb E27 WS opal 980lm","0":"IKEA of Sweden","2":"","3":"","6":1},"3311":[{"5850":1,"5851":254,"5707":0,"5708":0,"5709":24930,"5710":24694,"9003":0,"5711":250,"5706":"f5faf6"}]}

Dimmed to minimum:

{"9054":0,"9001":"K","5750":2,"9002":1490992930,"9020":1491052948,"9003":65538,"9019":1,"3":{"1":"TRADFRI bulb E27 WS opal 980lm","0":"IKEA of Sweden","2":"","3":"","6":1},"3311":[{"5850":1,"5851":12,"5707":0,"5708":0,"5709":24930,"5710":24694,"9003":0,"5711":250,"5706":"f5faf6"}]}

Here, the parameter 5851 changed from 254 to 12. This is likely to be the light level output. Let’s try again, with the bulb set to 50%:


Yep, 5851 is the dimming level.

And now, repeat with different colour temperature (middle setting from app):


The intensity is still 127, but three other parameters, 5709-5711. In addition 5706 changed – which it did not for the previous changes. Let’s try a put, changing the 127 to 254:

java -jar cf-client-1.1.0-APSHOT.jar -psk PUT coaps:// '{"9054":0,"9001":"K","5750":2,"9002":1490992930,"9020":1491052948,"9003":65538,"9019":1,"3":{"1":"TRADFRI bulb E27 WS opal 980lm","0":"IKEA of Sweden","2":"","3":"","6":1},"3311":[{"5850":1,"5851":254,"5707":0,"5708":0,"5709":30140,"5710":26909,"9003":0,"5711":0,"5706":"f1e0b5"}]}'
==[ CoAP Response ]============================================
MID : 190
Token : 4bde3ee89d815913
Type : ACK
Status : 2.04
Options: {}
Payload: 0 Bytes
Time elapsed (ms): 1487

Yup, promptly dimmed up. Sending only the 3311 did nothing – it appears I have to send the entire thing back to the bulb for some reason.

That’s it for now. Some pointers on how to talk to the lights.

Update: There’s some discussion at ha-bridge’s github about this topic. Also note the first comment – I didn’t include this information, but yes – the PSK identity should be left blank, and the key is the one printed on the label of the gw.

Tagged , , ,

Ikea Trådfri zigbee lights

Ikea Trådfri gateway

Ikea Trådfri gateway

So, Ikea has released Trådfri seemingly worldwide. This is a series of Zigbee enabled lights, which looks quite neat. I bought the starter kit, with a gateway, two bulbs, and a remote control.

First a couple of sentences about the remote control. It has on/off, dim up and down, and change color temperature. Nothing too exciting. If it is paired with two bulbs, and one is on and other is off, they will swap when on/off is pressed… It appears to have the advertised range of 10m, and certainly is a neat addition.

The bulbs gives the amount of light I expect – and they’re quite cheap. But the gateway is the most interesting thing. It’s a cylinder, containing ~95% air. The circuit board is imaged at left. The biggest comonent is the ethernet jack, mounted on the other side of the board:

Ethernet jack side of board

Ethernet jack side of board

There’s not many components there… Notably two buttons: one reset, and one pair button.

I fired up the android application, which appears to be using multicast ( to find the gateway, and then communicates using encrypted coap (coaps). A tcpdump can be found here. Not really interesting tho, except that I’m a little bit surprised that they bothered to include encryption. Also, it does not look like it attempts to talk to the Internet. I’ve not set up logging, but I’ve checked a few times, and the device has no outgoing connections – which is a good sign in my book.

The included app is fairly basic – you can create schedules for turning on and off, and you can control lights and create zones, and control zones. That’s it – so far. In short it does what it says on the box, but not much more. I’m looking at coap libraries for python now, but sadly dTLS support seems to be missing from most of them. Same goes for node.js coap libraries…

Tagged , , , , , , ,

Installing Debian on x86 readyNAS.

The Netgear readynas is essentially a x86 computer, with a handy Serial TTL interface at the back.

However, it’s not entirely straight forward. Unetbootin-created usb-media did not boot, but the debian netboot iso appears to boot. However, it doesn’t support serial console out of the box.

After remastering the netboot image with settings for console, I was ready to try again – holding the ‘backup’ button on front while powering up. And presto – a debian boot menu appeared. From thereon it was pretty straight forward. If you want, you can grab the image here – debian-8.2-serial.iso. It can we written to CD with your favourite recording software, or written to a usb stick with dd. For the Netgear, use a usb stick.

The performance went from 450Mbps to 950Mbps, so clearly the way outdated software that Netgear shipped it with was inadequate for the hardware.

So now I have a Debian computer, which can do anyting – not limited to what Netgear wanted me to do. And as a bonus it even performs better!

AIS reception with RTL-SDR

Some of you may have heard about rtl-sdr, which is basically a software defined radio framework, for cheap USB sticks. The USB sticks can be picked up for 10-20$.

They’re not excellent. They have limited bandwith (~2MHz), they have noticeable noise, and they don’t have that good sensitivity. But for the price? It’s a extremely good offer.

AIS reception has been covered by the guys at I found this quite lacking, and it didn’t explain some of the stuff, like why resample the audio to 12kHz.

After fiddling around for some days, I found rtl-ais which is a modified version of rtl-sdr, with direct support for AIS decoding. It worked! Just specifying the tuner error, and it was outputting AIS messages.

However, the decoder was not that elegant, and GNUAIS had interesting features, like the ability to feed data directly to mysql.

AIS is transmitted at 161.975 and 162.025MHz, which is within the 2MHz bandwidth of the RTL-SDR sticks, so both channels can be received at once. The rtl_ais software is a modified version of rtl_fm, which can do exactly this. Feeding the output audio to a named pipe, and setting gnuais up to read from that named pipe, instead of audio card, worked just perfectly!

Raspberry Pi as cheap media player.

CC-BY-SA 3.0 - by Jwrodgers

CC-BY-SA 3.0 – by Jwrodgers

As you may’ve guessed from some previous blog posts, I have been expirementing with Raspberry Pi as media player.

The setup was not entirely straight forward, as it was to be located at my girlfriends place, with access to the media I have at home.

I was looking at OpenVPN as solution, tying the networks together. She has ample down link (16Mb/s), and I have ample uplink (12Mb/s) to make this viable.

I started testing with my laptop as media player, and 720p played just fine from a NFS volume mounted over OpenVPN. A few glitches during playback if the connection was used for anything else whilst playing, but quite smooth and usable.

1080p, however, was no go. Low BW 1080p might work, but probably not. The solution for this was Plex, with a suitable plugin in XBMC. Plex handles on-the-fly transcoding to a more suitable bandwidth profile.

After testing a bit, my conclusion was that the solution was not performing well enough. Throughput was 2-3Mb/s over the OpenVPN-link. Originally I believed this was due to the limited CPU power of the Pi, but it turned out that the Edimax Wireless USB adapter was the culprit. When testing at home, it was placed 50cm from the antennas of my access point; not the setup at my girlfriends place. There it was 5 meters…

Changing to cabled gave a throughput of roughly what the link should be able to carry (11.5Mb/s according to Samknows), minus overhead. So actual throughput was 10.5-11Mb/s downstream, and 4.5-5Mb/s upstream, tested with iperf/.
Plex setting at 8Mb/s was working nice – if connection was not used for other stuff at same time. Right now it’s set to 4Mb/s, which leaves quite a bit of headroom for other stuff.

I run the OpenVPN in a bridged setup, to avoid routing or any such things – easier to integrate the two LAN’s in bridged mode. Performance is acceptable enough, and the added benefit is that I can use everything as if at home no matter where I am 🙂

Right now, it’s running on cable, and I’m looking for a cheap and good wireless stick, well supported by Linux…

(Oh. OpenVPN setup looks difficult, but it’s rather easy once you actually grok it. The client config file can be as short as this:

proto udp
dev tap0
ca ca.crt
cert client2.crt
key client2.key
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

Tagged , , , ,

Xbian vs. Raspbmc

CC-BY-SA 3.0 - by Jwrodgers

CC-BY-SA 3.0 – by Jwrodgers

I’ve recently tested Xbian and Raspbmc. Xbian seems to be based of raspbmc, with a few changes, for example a quite sleek setup plugin.

Raspbmc, in turn, are based on Debian, the well known Linux-distro, with apt and all the snacks.

Both are painless to setup, and works quite fine for playing media files. However, I wanted a bit of a special setup with openvpn connectivity to the NFS / Plex server. This was fairly easy to set up, apt-getting the openvpn and resolvconf packages. But with Xbian it stopped there. They use 7 year old dhcp-scripts, which has no concept of resolvconf. Why? I don’t quite understand, as Raspbmc does not. On Raspbmc the openvpn + resolvconf setup just worked.

Same goes for other things – Xbian does not show the correct time in xbmc, even though system time is set correctly. Raspbmc handled this just fine.

I’m aware that Xbian is in a beta, but they seem to have made some very strange decisions in the transition from Raspbmc…

Also Raspbmc uses less cpu for xbmc, with approx 15-16% cpu load for idle, and 80% with running full screen music visualiser. RAM usage? 150MB used with Raspbmc, 300MB+ with Xbian.

I have not checked why those differences are there. But they are, and they’re irritating enough…

Tagged , , , , ,

The M570 Trackball

The Logitech M570 trackball is good. If I use a normal mouse, I’ll get a stiff shoulder after a couple of days. What I can use is an clitoris or trackball. My x220 has a clitoris, which I don’t like in games.

The trackball, however, works fine in openTTD.

I’ve used various trackballs before, but the wireless of M570 is good. It meens I can sit in the sofa, without having to care about the wire. The performance is the same as previous trackballs, and I don’t really understand why a LASER is important on a trackball – the surface is known… But what goes with the territoriy…

At least – I happen to love my trackball, and it’s totally worth the price of ~100$.


bitcoin-logo-1000_0Ok, so we have a couple of cryptocurrencies out there, bitcoin, litecoin and so on. I had a look, trying to buy some litecoins, but was utterly turned away by the hoops I have to jump…:

  • First transfer money in EUR/USD/RUR or other national valuates.
  • Buy the coins.
  • Send them.

In addition, the credit card interface was in russian, with quite a lot of options to select from – and wanted me to create a user at a separate website from the trading site. And of course there was a 3% fee, or more, involved, plus the 1.75% VISA charges for foreign valuates.

I consider myself more technologically advanced than the average – by far. Yet I’m not able to get my hands on those cryptocurrencies in an easy way.

So how do you ever expect it to be for someone not speculating, criminal or enthusiastic about it? If you’re a criminal, it offers clear benefits. If you’re speculating, their rise has been spectacular…

But as means of purchasing something? Sorry. With Paypal I enter my username and password, and press enter two times. Convenience are more important than the high ideals about anonymous, untraceable currencies. For I’m all for the latter one, but not with this horrible user experience.

And then I’ve not even mentioned the litecoin client, which downloads at least a few hundred megabytes of data, taking long time, providing little or no feedback…

It’s utterly useless as a currency or mean of payment to me right now, and I bet I’m not the only one with the same feeling…


Tagged ,