Monthly Archives: May 2024

#weeklyreview 21/24

Posted on by
Reply

finally handing out this very late review because … life 🤷‍♂️

Anker USB hub Ethernet Port

I had bought the Anker 565 11-in1 USB-C hub because it’s got a good review from a German tech magazine. But at some point it stopped working with its Ethernet port. The LEDs lit up briefly but the network interface didn’t show up in the OS. I tried debugging it for a while and initially thought it is a problem with Apple Silicon Macs because the adapter was working on an older Intel Mac at home. I even contacted Anker support but there were only semi-helpful. At least they were asking for some debugging information and had recommendations on cross checking etc. The adapter normally doesn’t need any drivers to be installed as macOS does contain all needed drivers already.

Eventually I narrowed it down to be an issue with my own machine as the adapter was also working on my son’s M1 MacBook Air. So no problem with the Apple Silicons.

Eventually I found a Reddit entry where people were discussing about Broadcom ethernet chipsets and their drivers. Then it came to me that I also had a specific driver package installed for an older USB-C adapter with ethernet chipset. This one was needed for that particular chip. Apparently that driver captured the device when the Anker USB-C hub was connected and crashed, rendering the ethernet port unusable.

After I deinstalled that driver the Anke USB-C Hub was working fine again with its Ethernet port … 🤷‍♂️

Token2 keys

Finally got my Token2 T2F2-PIN+ Release2 Type-C FIDO2, U2F and TOTP Security Key with PIN complexity feature keys delivered and started playing around with them. These are special in the way that each can store up to 300 passkeys. I’ve got two models: one just USB-C and NFC, the other a Dual Port USB-C/USB-A and NFC. They both also work on the iPhone.

First task was to set the PIN on both. on macOS that’s the only use case where I need Google Chrome. This can configure the PIN for security keys via Settings -> Privacy & Security -> Security -> Manage Security Keys -> Create a PIN

One can also manage the individual entries on the security key via that method.

I’m using these hardware keys for Passkey authentication now. To add that physical layer of security over just storing the passkeys in my macOS/iOS Keychain or 1Password.

I use two keys and create all passkeys on both for redundancy in case I’m loosing one of them or they eventually break.

sequence diagram showing a Passkey login with presence verification

Debian BookWorm override DNS for DHCP Pihole

I’m running a bit of a convoluted network setup on my MacBook because I hate online advertisement. The best ad-blocker I’ve seen seems to be Pi-Hole. This blocks advertisement on DNS level. Means all the ad-sites just don’t resolve in the browser and rather getting a DNS error message rather quickly. That way pages load quickly without the ad and tracking parts and this solution works on all applications. Even non-browsers.

For this to work PiHole has to be your default DNS Resolver. Usually you’d get your DNS resolver via DHCP from your router. And I bet in most cases the router itself is acting as the DNS resolver as it’s the case for most FritzBox routers in Germany.

Now if you roam with your laptop between different networks you’re also switching the DNS resolver frequently. Changing your home DNS resolver to a PiHole in the home network doesn’t help when you’re in the office network or other locations.

So I opted for a Debian linux virtual machine running on my Laptop to do the blocking. I’m using UTM for virtualisation and running the Debian ARM version for performance. However I had to tell the Debian that it should get a DHCP address from hosts network stack but ignore the DNS resolver and instead use its loopback interface for DNS. This is where the PiHole software would run the DNS resolver.

Debian 12 (Bookwyrm) is using the systemd network manager. That’s why just changing the file /etc/resolv.conf doesn’t solve the problem. One has to create a file in /etc/systemd/network/ and name it like <interfacename>.network (e.q. enp0s1.network) with the following contents

[Match]
Name=enp*

[Network]
DHCP=yes
DNS=127.0.0.1

As you can guess … these settings apply for all interfaces matching the Name pattern, telling systemd to do DHCP but use 127.0.0.1 as the DNS resolver and ignore the DHCP provided resolvers.

My macOS then got a special network location profile which is also using DHCP in general, but overriding the DNS resolver (I don’t know why it’s always called “DNS Server” in most settings… thats not a DNS Server but a DNS Resolver!!! ) to point to the PiHole virtual machine (which is always getting the same IP address from UTM)

#weeklyreview 20/24

Posted on by
2

On Monday the daughter of a colleague joined us in the office for a day of “Schülerpraktikum”. She was bright and curious and tried to follow us into the depth and breadth of working in a digital map making company. Hope she took something away for her

On Tuesday my personal trainer examined my exercise posture in the gym … and of course I did it all wrong. All power, no control. She tortured and lectured me for about 1 hour before we got to our weekly run.

I guess I have some homework to do now 😉

a fox casually strolling along in our backyard among the townhouses

On Wednesday I met with an old friend over beers. He was my first mentor in my first commercial job about 24 years ago. On my way back late in the evening I saw a fox casually striding along between the people “Strasse des 17. Juni”. A rather large and busy road crossing one of the many large parks in Berlin.

Thursday morning Leo and me met in Treptower Park to enjoy the good weather and work a bit outside. We both had online meetings that we took from there and I guess the colleagues on the other side of the screen where a little envious about or open office 😉

Mandarin ducks with little ducklings in the Treptower Park

On Saturday we took a trip through the countryside again to visit some plant share market, get new soap from Naturseifenmanufaktur Thoma and ended up having ice cream in Prenzlau and a visit atop the Marienkirche.

#weeklyreview 19/24

Posted on by
Reply

Almost time for the 20/24 already. But I felt lazy this week 🤷‍♂️

Finally moved to a new department which was in the works for some weeks now. Take on the duty to bring back program management in our organisation to gather with a team to establish more formal business planning and operations again.

We had all this in the past and let go of it at some point. Now apparently it turned out there was value in this kind of work. Now let’s see whether we can make this more sustainable and visible this time.

The week was short due to some public holidays. Nevertheless worked on Friday which most people probably took as bridge day.

Of course there is still woodworking to do. “Convinced” (gave the choice of either one 4h session or 2 x 2hr sessions) the kid to help with the wood splitting. Almost done with the splitting now. I think another 2-3h session and we should be done with the splitting at least. Just the stacking remains. Will try to get this done over the next couple of weekends.

3D Printing

attempted one more model of a charging stand for Apple iPhone and Watch. It looks nice, but turned out to be totally unstable. My phone (iPhone 12 Pro Max) is too heavy for this stand. It always tips over, no matter which angle I mount the phone.

#weeklyreview 18/24

Posted on by
Reply

Party Time

We are approaching to make our “Walpurgisnacht” party a tradition. This year it was a little spontaneous but nevertheless a very lovely evening with our friends from countryside. We had a small buffet, some drinks and two camp fires (and our guests doubled as mosquito buffet 🙈).

Beach Cleaning

Also a tradition already: the yearly cleaning of the local beach by the village community. We meet with rakes and wheel barrows to clean up the beach on the lake from last year’s leaves and possible trash and branches from the winter. This is a really nice tradition which brings the people together for some activity that everyone benefits from. Of course there is self-made cake and beverages after the work. We were around 20 people and work was done in less than an hour. Now everyone can enjoy a clean beach. The weather was perfect. Not too warm yet, but sunny with a fresh breeze.

Good bye Gittea – Hello Forgejo

I was running my own Git Repo site based on GitTea so far. But apparently there are some discrepancies in transparency that caused a decision by the soft fork Forgejo to consider becoming a hard fork and go their own way in the future. Forgejo seems to be more committed to stay a truly independent and community driven project. So I’ve decided to switch to Forgejo as well. Especially as the migration currently is rather seamless as the codebases hardly differ.

Open Studio weekend

On the weekend it was the annual “open studio” weekend in Brandenburg. Local artist opened their studios and galleries for visitors all across the country. We visited the wonderful site of Silke Schmidt and even bought some pictures of her.

Action Sampler

Her place is an old GDR kids holiday camp (Ferienlager) and had wonderful vibes of the past. Had to take a picture of the famous GDR F70 compass that I used to own.

Action Sampler

Another quite magical place was the garden of local artist Siegfried Haase. Beside this being an awesome garden (wonderfully planned and maintained by his wife) there is so much stuff to discover: sculptures he made from scraps and old gear he found around in the area. The whole property is like a large “Wimmelbild“.

And last, not least we attended a session of the Daumenkino of Volker Gerling. We had seen this before two years ago and it’s still magic. One would think ‘how magic can a mere flip book be?’. But what Volker does from it is truly marvellous. Time seems to stop and you listen to his stories and watch the pictures come to life when he presents them. Go check his schedule of exhibits!