SIDEBAR
»
S
I
D
E
B
A
R
«
Libreboot’ing an X200 using a CH341a based programmer
Jun 4th, 2019 by miki

Here’s a preliminary HOWTO from my recent external flashing of the BIOS ROM on a Lenovo X200 thinkpad (Wikipedia). The particular firmware flashed was a Libreboot build for this machine (instructions for X200 and details of the external flashing procedure) but anything goes (but anything may not be useful, though).

I’ll amend this HOWTO with more detailed instructions and pictures in the following days (warning: a prediction) to hopefully make it more complete and useful for the vary inhabitants of LibreBootLand.

Some parts

A programmer kit was bought on AliExpress for $4.20 containing a USB programmer board and an SOIC-8 clip which ended up not being used as the particular X200 had a SOIC-16 chip so a separately ordered SOIC-16 chip ($3.11)  was used.

“MinProgramment” aka. CH341a Programmer

Buy: https://www.aliexpress.com/item/32898599200.html @ $4.20

The programmer is based on the WCH CH341a chip which is an USB <-> seriel/parallel/uart interface. The manufacturer WCH being  WinChipHead aka. WCH (Nanjing QinHeng Electronics Co.,Ltd) (maybe also aka. WCH-IC (Jiangsu Qinheng Co., Ltd)). There are lots of options for buying board varieties based on the CH341a chip, to get you started here is a BangGood search and an AliExpress search.

Boards like this has also been described by others including a deduced schematic, EEVblog critique of the I/O pin power on similar boards (not yet confirmed whether that is true for this programmer too, I guess so, but at least one flashing done without damage) and a mention on hackaday of other board types.

There are a bunch of downloads from the WCH site regarding the chip including  a Chinese datasheet, no English language documentation seems to be available from the manufacturer however. There are some English editions of the datasheet to be found, of unknown origin. They seem plausible enough to use, though. Somebody has attempted to collect documentation about the chip in a Git repository.

The SOIC-16 Clip (aka. Pomona 5252)

Buy: https://www.aliexpress.com/item/32869145935.html @ $3.11

To attach physically to the Macronix MX25L6405D flash memory chip in a SOIC-16 package present on the X200 in question (words are that this is the norm although the board can be populated with a SOIC-8 too) a clip that matches the pins of the SOIC-16 package is needed. I bought the one mentioned above for $3.11 at random from AliExpress and this worked fine. In the pictures the wiring is hooked up correctly to the programmer to allow for flashing as described below.

 

WARNING: Below is still a draft made from mental notes! Ask me if you need more information or check back soon (I promise).

Connections

6405 <-> CH341a

MISO<->MIOS (label error, should be MISO)

MOSI<->MOSI

CLK <-> CLK

CS <-> SS

GND <-> GND

First tried driving the the flash chip from VDD on ch341a but this was unsuccessful, no chip could be found, so the 6405 was hooked up to external 3.3v power supply with supply GND connected to GND on CH341a to align the ground potential between ch341a I/O supply and 6405 supply (important!).

Preparations

Machine being flashed

Update Embedded Controller

To get the latest ECP (Embedded Controller Program) from Lenovo (no free alternative exists) containing software for the MCU controlling low level hardware like battery charging/keyboard/backlight stuff you need to update the BIOS which also updates the ECP. Most recent version for X200 is “BIOS: 3.22 / ECP: 1.07“. This is not needed if you already have these versions on the machine, check current versions by pressing ThinkVantage during boot and choosing “Enter Setup”.

If your system has a Windows installation download and run the “BIOS Update Utility“executeable. Else you’ll need to get the “BIOS Update Bootable CD” and somehow get it on a CD and find a CD-ROM drive. Alternatively on a Linux system the CD file system can be extracted and added to Grub to be directly bootable. Below was done on an Ubuntu 16.04 system:

$ sudo apt install genisoimage syslinux
$ wget -q https://download.lenovo.com/ibmdl/pub/pc/pccbbs/mobiles/6duj48us.iso
$ geteltorito 6duj48us.iso > 6duj48us.img
Booting catalog starts at sector: 20
Manufacturer of CD: NERO BURNING ROM
Image architecture: x86
Boot media type is: harddisk
El Torito image starts at sector 27 and has 75776 sector(s) of 512 Bytes
Image has been written to stdout ….
$ sudo cp 6duj48us.im /boot
$ sudo cp /usr/lib/syslinux/memdisk /boot
$ sudo nano /etc/grub.d/40_custom
<add lines below to the end of file, preserve the “exec tail…” line>
menuentry “BIOS Update” {
linux16 /memdisk
initrd16 /6duj48us.im
}
$ sudo update-grub

Reboot, press <left shift> key while booting to access Grub, choose BIOS Update menu entry and follow the Lenovo update procedure. To start flashing it requires both a connected power supply and also a working, non-exhausted battery (!) mounted in the machine. This is tiresome for owners of worn out batteries…

Some notes about the flashing process can be found in the documentation of a patch set for the Lenovo BIOS.

Machine doing the programming

Install Flashrom

sudo apt install flashrom

ch341a support in flashrom

LibreBoot

Retrieve

Download the stable LibreBoot firmware: https://www.mirrorservice.org/sites/libreboot.org/release/stable/20160907/rom/grub/libreboot_r20160907_grub_x200_8mb.tar.xz

The brave will of course want to compile it themselves.

$ cd
$ wget https://www.mirrorservice.org/sites/libreboot.org/release/stable/20160907/rom/grub/libreboot_r20160907_grub_x200_8mb.tar.xz
--2019-06-07 07:35:21--  https://www.mirrorservice.org/sites/libreboot.org/release/stable/20160907/rom/grub/libreboot_r20160907_grub_x200_8mb.tar.xz
Resolving www.mirrorservice.org (www.mirrorservice.org)... 212.219.56.184, 2001:630:341:12::184
Connecting to www.mirrorservice.org (www.mirrorservice.org)|212.219.56.184|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1632800 (1,6M) [application/x-xz]
Saving to: ‘libreboot_r20160907_grub_x200_8mb.tar.xz’

libreboot_r20160907_grub_x200_8mb.tar.xz 100%[================================================================================>]   1,56M  --.-KB/s    in 0,1s    

2019-06-07 07:35:21 (13,9 MB/s) - ‘libreboot_r20160907_grub_x200_8mb.tar.xz’ saved [1632800/1632800]
$ tar tf libreboot_r20160907_grub_x200_8mb.tar.xz 
libreboot_r20160907_grub_x200_8mb/
libreboot_r20160907_grub_x200_8mb/x200_8mb_deqwertz_txtmode.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_esqwerty_txtmode.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_frazerty_txtmode.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_frdvbepo_txtmode.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_itqwerty_txtmode.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_svenska_txtmode.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_ukdvorak_txtmode.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_ukqwerty_txtmode.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_usdvorak_txtmode.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_usqwerty_txtmode.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_deqwertz_vesafb.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_esqwerty_vesafb.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_frazerty_vesafb.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_frdvbepo_vesafb.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_itqwerty_vesafb.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_svenska_vesafb.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_ukdvorak_vesafb.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_ukqwerty_vesafb.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_usdvorak_vesafb.rom
libreboot_r20160907_grub_x200_8mb/x200_8mb_usqwerty_vesafb.rom
libreboot_r20160907_grub_x200_8mb/ChangeLog
libreboot_r20160907_grub_x200_8mb/NEWS
libreboot_r20160907_grub_x200_8mb/version
libreboot_r20160907_grub_x200_8mb/versiondate
$

Customise MAC address

As the MAC address of the ethnernet PHY is stored in the flash, yo have your X200 ethernet MAC address correspond to the sticker on the back of the machine, and also avoid a potential but improbable DHCP/ARP conflict, the MAC address from the label/ifconfig from the existing system must be embedded into the flash file that we are going to program into the flash chip.

For this a tool called ich9gen is needed, this is a part of the libreboot repository and we need to build it ourselves.

Build ich9gen

$ git clone https://notabug.org/libreboot/libreboot
Cloning into 'libreboot'...
remote: Counting objects: 29080, done.
remote: Compressing objects: 100% (9855/9855), done.
remote: Total 29080 (delta 18748), reused 27899 (delta 18057)
Receiving objects: 100% (29080/29080), 63.90 MiB | 11.13 MiB/s, done.
Resolving deltas: 100% (18748/18748), done.
Checking connectivity... done.
$ cd libreboot/projects/ich9gen/sources
$ make
gcc -I. -Wall -Wextra -g -std=c99 -c src/ich9deblob.c -o obj/ich9deblob.o
gcc -I. -Wall -Wextra -g -std=c99 -c src/common/descriptor_gbe.c -o obj/common/descriptor_gbe.o
gcc -I. -Wall -Wextra -g -std=c99 -c src/descriptor/descriptor.c -o obj/descriptor/descriptor.o
gcc -I. -Wall -Wextra -g -std=c99 -c src/gbe/gbe.c -o obj/gbe/gbe.o
gcc -I. -Wall -Wextra -g -std=c99 -c src/common/x86compatibility.c -o obj/common/x86compatibility.o
gcc -I. -Wall -Wextra -g -std=c99 obj/ich9deblob.o obj/common/descriptor_gbe.o \
	obj/common/x86compatibility.o obj/descriptor/descriptor.o obj/gbe/gbe.o \
	 -o ich9deblob
gcc -I. -Wall -Wextra -g -std=c99 -c src/ich9gen.c -o obj/ich9gen.o
gcc -I. -Wall -Wextra -g -std=c99 -c src/ich9gen/mkdescriptor.c -o obj/ich9gen/mkdescriptor.o
gcc -I. -Wall -Wextra -g -std=c99 -c src/ich9gen/mkgbe.c -o obj/ich9gen/mkgbe.o
gcc -I. -Wall -Wextra -g -std=c99 obj/ich9gen.o obj/ich9gen/mkdescriptor.o obj/ich9gen/mkgbe.o \
 obj/common/descriptor_gbe.o \
	obj/common/x86compatibility.o obj/descriptor/descriptor.o obj/gbe/gbe.o \
	 -o ich9gen
gcc -I. -Wall -Wextra -g -std=c99 -c src/demefactory.c -o obj/demefactory.o
gcc -I. -Wall -Wextra -g -std=c99 obj/demefactory.o obj/common/descriptor_gbe.o \
	obj/common/x86compatibility.o obj/descriptor/descriptor.o obj/gbe/gbe.o \
	 -o demefactory
$

Run ich9gen

Running ich9gen itself generates the flash descriptor (fd) header including possible configuration section where the MAC address is stored for the gigabit ethernet (gbe) PHY onboard the ICH9 chipset. When run six 12 KiB files for respectively 4, 8 and 16 MiB binary images and chipsets including (gbe) and excluding (nogbe) gigabit ethernet PHY are generated.

“aa:bb:cc:dd:ee:ff” in the commandline should be replaced with the actual 12 hex digits from the label on the machine or by running ifconfig on the machine using the existing Lenovo BIOS.

$ cd ~/libreboot_r20160907_grub_x200_8mb/
$ ~/libreboot/projects/ich9gen/sources/ich9gen --macaddress aa:bb:cc:dd:ee:ff
You selected to change the MAC address in the Gbe section. This has been done.

The modified gbe region has also been dumped as src files: mkgbe.c, mkgbe.h
To use these in ich9gen, place them in src/ich9gen/ and re-build ich9gen.

descriptor and gbe successfully written to the file: ich9fdgbe_4m.bin
Now do: dd if=ich9fdgbe_4m.bin of=libreboot.rom bs=1 count=12k conv=notrunc
(in other words, add the modified descriptor+gbe to your ROM image)

descriptor and gbe successfully written to the file: ich9fdgbe_8m.bin
Now do: dd if=ich9fdgbe_8m.bin of=libreboot.rom bs=1 count=12k conv=notrunc
(in other words, add the modified descriptor+gbe to your ROM image)

descriptor and gbe successfully written to the file: ich9fdgbe_16m.bin
Now do: dd if=ich9fdgbe_16m.bin of=libreboot.rom bs=1 count=12k conv=notrunc
(in other words, add the modified descriptor+gbe to your ROM image)

descriptor successfully written to the file: ich9fdnogbe_4m.bin
Now do: dd if=ich9fdnogbe_4m.bin of=yourrom.rom bs=1 count=4k conv=notrunc
(in other words, add the modified descriptor to your ROM image)

descriptor successfully written to the file: ich9fdnogbe_8m.bin
Now do: dd if=ich9fdnogbe_8m.bin of=yourrom.rom bs=1 count=4k conv=notrunc
(in other words, add the modified descriptor to your ROM image)

descriptor successfully written to the file: ich9fdnogbe_16m.bin
Now do: dd if=ich9fdnogbe_16m.bin of=yourrom.rom bs=1 count=4k conv=notrunc
(in other words, add the modified descriptor to your ROM image)

Apply Flash Descriptor to Binary

$ cd ~/libreboot_r20160907_grub_x200_8mb/
$ cp -v x200_8mb_usqwerty_vesafb{,_customised}.rom
'x200_8mb_usqwerty_vesafb.rom' -> 'x200_8mb_usqwerty_vesafb_customised.rom'
$ dd if=ich9fdgbe_8m.bin of=x200_8mb_usqwerty_vesafb_customised.rom bs=1 count=12k conv=notrunc
12288+0 records in
12288+0 records out
12288 bytes (12 kB, 12 KiB) copied, 0,0299453 s, 410 kB/s
$

Procedure

Programmer Setup Validation / Lenovo BIOS backup

flashrom -p ch341a_spi -c MX25L6405D -r rom1.bin

flashrom -p ch341a_spi -c MX25L6405D -r rom2.bin

flashrom -p ch341a_spi -c MX25L6405D -r rom3.bin

flashrom -p ch341a_spi -c MX25L6405D -r rom4.bin

flashrom -p ch341a_spi -c MX25L6405D -r rom5.bin

cmp rom{1,2}.bin

cmp rom{1,3}.bin

cmp rom{1,4}.bin

cmp rom{1,5}.bin

Flashing

$ sudo flashrom -p ch341a_spi -c MX25L6405D -w ~/libreboot_r20160907_grub_x200_8mb/x200_8mb_usqwerty_vesafb_customised.rom
$

Accounts of LibreBoot Flashing

Embedded Controller (EC) information

[Danish] Webmaster! Skalér nu de billeder!
May 1st, 2019 by miki

Tænk hvor meget trafik, processerings- og ventetid der ville være sparet hvis nogen gad at overveje hvad billeder på en hjemmeside anvendes til og tilpasse de transmitterede data derefter!

Her et enkelt sølle eksempel af mange observerede (ingen særlig grund til at klandre den specifikke afsender her, blev bare trigget af at klikke på et link i et nyhedsbrev just modtaget) fra SDFE‘s nyhedsoversigtsside, hvor det er så åbenlyst tydeligt på billedindlæsningshastigheden at billederne er alt for meget større end nødvendigt.

Inspicering i browseren (f.eks. med Firefox dev-tools: F12->Network) viser da også at billedindholdet fylder 14,85 MiB ud af sidens samlede størrelse på 16,23 MiB (91,5%).

SDFE.dk nyhedsoversigtsside, billederoverførsel

Hvad værre er at billederne på denne side kun anvendes som meget små illustrationer til en række artikler, men hentes som enorme filer i opløsningen 1920×1080. Inspektion af det første billede i browserens DOM-inspektør (Firefox: F12->Inspector) afslører at browseren kun viser billedet i en opløsning på 100×56! Der går altså 1920*1080-100*56=2’068’000 (99,73%) pixels til fuldstændig spilde.

SDFE.dk digebillede, vist størrelse vs. datastørrelse

Et hurtigt forsøg med at nedskalere et enkelt billede (terminal-foo!), uden at gå ind i så avancerede emner som JPG-kompressionskvalitet eller alternative billedformater (for ikke at tale om reel billedoptimering), kan give en ide om hvor meget data der egentlig overføres unødigt ved visning af denne side:

$ wget –quiet https://sdfe.dk/media/2919562/dige-1920×1080.jpg
$ gm convert -resize 100×56 dige-1920×1080.jpg dige-100×56.jpg
$ ls -l dige-*
-rw-rw-r– 1 miki miki 17420 Apr 30 15:54 dige-100×56.jpg
-rw-rw-r– 1 miki miki 1568308 Apr 24 14:54 dige-1920×1080.jpg
$

Billedets størrelse reduceres her fra 1’568’308 bytes (1,60 MiB) til 17’420 bytes (17,01 KiB). Det er relativt en besparelse i overførselsmængden på dette billede på 8903%, vel at mærke med nøjagtigt det samme visuelle udbytte! For ikke at tale om den besparelse i hukommelsesforbrug og processeringstid der også opås ved at sidebeskuerens browser skal forholde sig til en tilsvarende mindre mængde data.

Under antagelse af at tilsvarende reduktioner kan opnås på det samlede sæt af billeder på denne side, vil overførselsbehovet kunne reduceres fra 15’206,40 KiB til 170,80 KiB. Tænk lige over det næste gang, webmaster!

Andre eksempler

[Danish] Stallman til Danmark i Maj 2019!
Apr 7th, 2019 by miki

Update: Jeg mødte Richard i Odense, fik lov at sponsorere FSF og fik en GNU med hjem!

Mikkel & RMS (og GNU)
SDU, Odense

Rygterne har lydt noget tid, men nu er det officielt at formand for og stifter af Free Software Foundation, den ideologiske ophavsmand til GNU-projektet og højlydt fortaler for softwarebrugeres frihed og privatliv i den digitale verden, Richard Stallman besøger Danmark med en række åbne og gratis foredrag dette forår.

Det er Stallmans dedikerede arbejde med fri software og GNU-projektet fra starten af 1980’erne, herunder udformning af softwarelicenser som GNU GPL og udviklingsværktøjer som GNU Compiler Collection (GCC) og GNU Emacs, der er grundlaget for en stor del af det der i offentligheden i dag bedst kendes som “open source”. I Stallmans og GNUs terminologi benævnes det dog retteligt “fri software” (på engelsk: “free software”) for at fremhæve at etablering og bevarelse af softwarens, og slutbrugeren af dens, frihed er det egentlige rationale for at give kildekoden fri.

Kernen Linux er frigivet under GNU GPL og er både inspireret af og anvender GNU-projektets arbejde direkte, og er en vigtig del af et komplet GNU-system (også kendt som GNU/Linux eller en “Linux-distribution”).

Stallman kommer på en veritabel Danmarksturne med start i Aalborg mandag d. 6. maj 2019 og ender i København fredag d. 10.  maj 2019. Foredragsrækken er arrangeret af innovationsnetværket for IT, InfiniIT, som inkluderer de store IT-universiteter i Danmark.

Den samlede foredragsrække er som følger:

Tidspunkt Lokation Begivenhed hos FSF Begivenhed hos InfinIT Anden omtale
Mandag d. 6. maj 2019

16:00-19:00

Aalborg Universitet
Auditoriet, Lokale 1.12
Niels Jernes Vej 8A
9220 Aalborg SØVejviser:

Richard Stallman – “Free software and your freedom” Free Software, Free Society – Richard Stallman og den frie software-bevægelse (AAU)
Tirsdag d. 7. maj 2019

16:00-19:00

Syddansk Universitet
Lokale U170
Bygning 44
Campusvej 55
5230 OdenseVejviser:

Richard Stallman – “The dangers of mass surveillance” A Free Digital Society – Richard Stallman og den frie software-bevægelse
Onsdag d. 8. maj 2019

16:00-19:00

IT-Universitetet i København
Rued Langgaards Vej 7
2300 København SVejviser:

Richard Stallman – “Free software and your freedom in computing” A Free Digital Society – Richard Stallman og den frie software-bevægelse
Torsdag d. 9. maj 2019

16:00-18:00

Københavns Universitet
Københavns Biocenter
Lundbeckfond Auditorium Ole Maaløes Vej 5
2200 København NVejviser

Richard Stallman – “Computing, freedom, and privacy” Free Software, Free Society – Richard Stallman og den frie software-bevægelse (KU)
Fredag d. 10. maj 2019

16:00-18:00

Danmarks Tekniske Universitet
Auditorium 116/81 (bygning 116)
Ved Bygningstorvet på Knuth-Wintherfeldts Allé
2800 Kongens LyngbyVejviser:

Richard Stallman – “Copyright vs Community”

(ændrede lokationsoplysninger ikke opdaterede her)

Copyright vs Community Richard Stallman og den frie software-bevægelse

Kilder: FSF: Where in the world is Richard Stallman?, InfinIT-arrangementer, IDA-søgning, PROSA-arrangementer

Begivenhederne er også tilføjet den åbne kalender GriCal: grical.org/s/?query=%40DK.

Information om Richard/GNU/FSF

De primære kilder er hovedsageligt på engelsk:

Kilder på dansk

Andre

Anden omtale

OSM Use & Attribute: Bisnode Navne & Numre Erhverv website
Mar 28th, 2019 by miki

OSM Use & Attribute?

I regularly stumble upon maps which I cane recognize as derived from OpenStreetMap. Usually by map style, the level of detail or by seeking out details I know is only present in OSM. I usually inspect the attribution and license accompanying the material to assess whether it is prepared by an organisation who understands the needs to and cares about having its chain of copyright somewhat traceable. I’ll attempt to do a small concise writeup of the findings going along this in the future. Maybe I’ll be able to produce a series of “OSM Use & Attribute” posts?

Quite randomly the first one became the Danish company Bisnode.dk using OSM tiles from Mapquest (the ones who fled from an open approach in 2015) to indicate locations in the commercial and subscription-required yellow pages product named Bisnode Navne & Numre® Erhverv (aka. erhverv.nnmarkedsdata.dk).

Attribution Compliance Analysis

For reference: OSM’s Copyright and License page

Below is a screen-shot from within the walled garden, and the actual link leading to the page (accessible to me because I’m the owner of the company in question).

Bisnode obviously uses Mapquest as supplier of their maps. Mapquest do make sure to display a nice and prominent copyright attribution line in the map with text linking to respectively Mapquest’s Mapbox attribution page (“MAPBOX” text), OpenStreetMap’s about page (“OPENSTREETMAP” text) and Mapquest’s TOS (“TERMS” text).

The OSM attribution doesn’t comply exactly with the words of the OSM attribution instructions; to use the text “© OpenStreetMap contributors” and make it clear that data is distributed under the ODbL license (suggested done by linking to the OSM copyright page which only happens indirectly through the about page). This is almost fulfilled on the 3rd Party Notices and Licences which is, however, buried behind the long read of the Mapquest TOS, and where the attribution strangely becomes the rather twisted “© Open Street Map and Contributors”. Who are OSM beyond its contributors? And why doesn’t Mapquest know the correct name of the project? Is it to prevent search engine hits of the more unique concatenation of the three words? That’s a guess.

Strangely an almost similar text but also with a reference to the ODbL is to be found in the “Mapbox Streets” section of the Mapbox attribution page.

Tile Server Compliance Analysis

For reference: OSM/OSMF’s Tile Usage Policy

The tiles are obviously rendered using the Mapquest cartography and thus can be served only by Mapquest.

 

Micro:bit – Official Android mobile application maturity and future
Jan 31st, 2019 by miki

The support request replicated below was posted as ticket #20427 on Micro:bit support on 2019-01-31 22:19 CET spawned by discussion in F-Droid RFP #662 about inclusion of the official Micro:bit Android Companion application in the free software application store F-Droid.

Hi at Micro:bit Educational Foundation.

We are wondering a bit in the F-Droid free software community (https://gitlab.com/fdroid/rfp/issues/662) whether it is worthwhile for us to try to loosen the official Android companion application (https://microbit.org/guide/mobile/#og-app) from its non-free dependencies to make it available in the free software application store F-Droid (https://f-droid.org/).

This leads to a couple of questions you can hopefully help answering;

1) Do you regard the application as alive and supported?

The latest release of the application was v2.0 2017-01-17 (https://play.google.com/store/apps/details?id=com.samsung.microbit) and the publicly available code base (https://github.com/Samsung/microbit/) seems to have been completely abandoned. Only two commits were ever made by Samsung and no involvement with the community has been seen at all.

2) How come the big difference in maturity between the iOS and Android mobile applications?

It seems like the iOS application has received some more attention seeing regular updates through to v3.0.2 released 2018-11-01 (https://itunes.apple.com/gb/app/micro-bit/id1092687276?mt=8). Also it appears to have a much wider fetaureset (https://play.google.com/store/apps/details?id=com.samsung.microbit&reviewId=gp%3AAOqpTOGpgo4CF2qrry4qWqLXyj0TZaEEJcrTB-yZ61o4nJbqhq-2mBojlYQJP7BzdkAzseGaLD1sVO9fBv1R3sY) developed along the way by Insight Resources (http://www.insightresources.co.uk/microbit/index.html).

The Android application appears to have been more of a one-off project from Samsung having all sorts of issues especially with Bluetooth that has never been attended to (http://www.suppertime.co.uk/blogmywiki/2016/04/mobile-microbit/, https://support.microbit.org/support/solutions/articles/19000041104-diagnosing-bluetooth-problems-android).

3) Is there a plan to bring the application in better shape?

Some activity can be seen in repository forks and branches from the original Samsung committer ailrohit (https://github.com/Samsung/microbit/compare/master…ailrohit:school_project) and microbit-sam (https://github.com/Samsung/microbit/compare/master…microbit-sam:partial-flash) identifying as being from the foundation but none of this work seem to be included in releases yet.

4) If a freed fork is made for inclusion in F-Droid would you be willing and able to integrate the changes into the official sources?

F-Droid prefers an upstream source which can be directly built without non-free dependencies using an appropriate set of build options. This greatly simplifies maintenance and build efforts. A forked repository is already in place at the foundation’s Github organization (https://github.com/microbit-foundation/microbit-android) but is at the moment even with the stale Samsung repository.

Thanks for any clarifications you can provide.

Regards,
Mikkel

Rocket launch your calender
Jan 15th, 2019 by miki

If you’re interested in the universe (and who aren’t), outer &/| inner space and its human exploration you can get yourself a nice reminder of everything going on in your favourite calender application (be it mobile, desktop or cloud based) by configuring them to display these iCalendar/CalDAV feeds;

They contain schedules and usually good information (links background information, webcasts etc.) about earthly initiated stuff going on in space focusing on events and launches respectively. See for example the recent Spx-16 release & landing.

They are compiled by a guy called Mario Billiano (aka _starbase_) who announced them at the nasaspaceflight.com forums in August 2017.

He is also present on Twitter and Facebook.

Silent browser redirect on invalid certificate
Nov 15th, 2018 by miki

Hit an odd browser behaviour today.

Trawling through some of those nice and dandy terms for a service (no I won’t tell) I followed a link and suddenly hit an “insecure connection” message from Firefox.

Examining the certificate using the usual “openssl s_client” and “openssl x509” tools surely enough revealed that the served certificate didn’t include the second-level but only on the third-level www sub-domain. Strangely enough I discovered that when entering the same URL directly into the address bar of Firefox the connection was somehow redirected to the www sub-domain and loaded fine without any complaints from Firefox.

Looking into what was happening on the wire using wget directed to not check the certificate (–no-check-certificate) and displaying server responses (–server-response/-S) revealed that the server behind the misconfigured certificate was aiming to issue a HTTP 301 redirect to the valid www sub-domain of the site (actual site replaced by foo.bar and localhost ip);

$ wget –server-response –no-check-certificate –output-document=/dev/null https://foo.bar
–2018-11-15 18:59:14– https://foo.bar/
Resolving foo.bar (foo.bar)… 127.0.0.1
Connecting to foo.bar (foo.bar)|127.0.0.1|:443… connected.
WARNING: no certificate subject alternative name matches
requested host name ‘foo.bar’.
HTTP request sent, awaiting response…
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://www.foo.bar/
Date: Thu, 15 Nov 2018 17:59:13 GMT
Content-Length: 152
Location: https://www.foo.bar/ [following]

Apparently Firefox’s behaviour in this scenario differs depending on the method in which the user is supplying the URL, in some cases silently ignoring the TLS/SSL warning. A little more experimentation revealed that it was actually not the source of the URL, link followed versus one entered in address bar, that made any difference. Instead it is the presence of a trailing slash on the URL that triggers the silent suppression of the serious red flag that the second-level domain asked to be fetched is not present in the served certificate. I was fooled by the fact that when entering URLs in the address bar Firefox suggests ending the URL on a slash (‘/’) if it is not already present. Manually removing this when editing in the address bar also makes Firefox display the security warning. Alas, the link I originally followed was also missing the trailing slash and behaved as expected by throwing me into a security warning.

The whole “feature” of silently ignoring a security issue seemed very odd to me, but a bit of searching revealed that this was apparently championed by Google Chrome a couple of years ago. It is described in this servertastic post which also directs to a discussion on Twitter, with some key points replicated below, about its presence in Chrome and confirmation from a Chrome team member that the behaviour is intended.

The thread ends with a guy who had dug up the source code of the feature in Chromium (on which Chrome is based) known as “SSLCommonNameMismatchHandling” in file browser/ssl/common_name_mismatch_handler.cc (see all mentions across code base).

This has obviously also trickled down into Firefox, however, not much mention of that is to be found. Not even traces of it by some quick searches of the mozilla-central codebase. Some day I promise (really!) to dig through all source of Mozilla and hunt down the implementation, but for now I’ll revert to a bit of practical experimentation showing the behaviour in the different browsers and operating systems I happen to have access to at the moment;

  • Ubuntu 16.04
    • Firefox 62.0.3: warning, with trailing ‘/’: No warning
    • Chromium 69.0.3497.81: no warning, with trailing ‘/’: no warning
  • Windows Server 2016
    • Firefox 62.0.2: warning, with trailing ‘/’: no warning
    • Google Chrome 70.3538.102: no warning, with trailing ‘/’: no warning
    • Internet Explorer 11.2580.14393.0: warning, with trailing ‘/’: warning
  • Windows Server 2008
    • Firefox 59.0.3: warning, with trailing ‘/’: warning
    • Google Chrome 70.3538.102: no warning, with trailing ‘/’: no warning
    • Internet Explorer 11.0.9600.19080: warning, with trailing ‘/’: warning

So somewhere between 59.0.3 and 62.0.2 Firefox also implemented a policy of silently accepting invalid certificates when certain non-obvious criteria is met (is the redirect actually followed and certs checked, or is “www.” just prefixed?), but this happens only when the URL ends on a slash. Go figure…

Havfrue: A Googol-sized Mermaid Facing the Book
Oct 5th, 2018 by miki

2020-11-25 add news item about cable extension to Copenhagen, add Bulk data center blog link
2019-06-04
add details of Bulk data center in Esbjerg and infrastructure, add local news items about construction start
2019-05-08
add system summary from FCC application, elaborate on landing point discrepancies between FCC/cablemap, link to docs describing seg. 5 cable lay schedule
2019-03-06
fix links to submarinecablemap.com and some press, add info from TE Subcom experience doc., some general touch ups
2019-01-22
change “Danish Press Coverage” to “National Press”, add “International Press”, add some National about datacenter prospects & International Press items about contractors choosen
2018-10-05 initial commit

Europe, Denmark and my local neighbourhood of Western Jutland is going to get its connectivity boosted by the Havfrue transatlantic cable system being built by a consortium consisting of Google, Facebook, Aqua Comms and Bulk Infrastructure. To quote the announcement done by Google;

To increase capacity and resiliency in our North Atlantic systems, we’re working with Facebook, Aqua Comms and Bulk Infrastructure to build a direct submarine cable system connecting the U.S. to Denmark and Ireland. This cable, called Havfrue (Danish for “mermaid”), will be built by TE SubCom and is expected to come online by the end of 2019.
Google blog post, 2018-01-16

Digging into the details first reveals the projected trench as illustrated in below by some of the stakeholders;

Havfrue cable, cloud.google.com

Projected trench of the Havfrue cable as illustrated by cloud.google.com.

Havfrue cable, te.com

Projected trench of the Havfrue cable as illustrated by TE SubCom.

Projected layout of the Havfru cable.

Projected trench of the Havfrue cable as illustrated by submarinecablemap.com.

 

EDIT 2020-11-25: Additionally in 2019-06-21 Interxion announced a direct connection between the AEC2 landing site in Blaabjerg to its two datacenters in Ballerup/Copenhagen.

System Details

More digging into the Danish parts reveals that most sources mention Blåbjerg (Blaabjerg) as the Danish landing point for Havfrue (just as TAT-14), although ComputerWorld DK (see National Press below) relays the information that it will land at Endrup (where COBRAcable is terminated). However, a FCC application dated 2018-05-25 SCL-00214S (pdf) refers to it as the “Havfrue system” and specifically states that a new cable landing station will be constructed in Blaabjerg (as well as in Leckanvy, Ireland and Kristiansand, Norway);

The Havfrue system will consist of three segments. (1) The Main Trunk will connect the existing cable landing station at Wall, New Jersey with a new cable landing station to be constructed at Blaabjerg, Denmark. (2) The Ireland Branch will connect a new cable landing station to be constructed at Old Head Beach, Leckanvy, Ireland with a branching unit on the Main Trunk. (3) The Norway Branch will connect a new cable landing station at Kristiansand, Norway with a branching unit on the Main Trunk.
The application also reveals the following distribution of ownership and control of the main trunk (US<->DK);
  1. each 33.333% ownership

    • AEC2
    • Facebook (via Edge USA/Edge Network Services Limited)
  2. each 16.667% ownership

    • Google (via GU Holdings/Google Infrastructure Bermuda Ltd/affiliate)
    • Optibulk
Ownership of the Blaabjerg landing station will be jointly between the above via the corporations America Europe Connect 2 Denmark ApS (for AEC2) and Edge Denmark (for Facebook) but it will be operated by AEC2.
Other facts from the FCC application:
  • Name: Havfrue (maybe “Havfrue system”?)
  • Design capacity per fiber pair: 18 Tbps
  • Main trunk
    • Fiber pairs: 6
    • Capacity: 108 Tbps
    • Length: 7’211 km
  • Ireland branch
    • Fiber pairs: 6
    • Capacity: 108 Tbps
    • Length: 315 km
  •  Norway branch
    • Fiber pairs: 2
    • Capacity: 12 Tbps
    • Length: 199 km
  • Intended commercial operation: 2019-Q4
  • Landing points:
    • Wall, New Jersey
    • Blaabjerg, Denmark
    • Old Head Beach, Leckanvy, Ireland
    • Kristiansand, Norway
As a spin off of Aqua Comms’ involvment in the Havfrue system they are also connecting Esbjerg to the UK via a new cabled dubbed North Sea Connect.

Google is currently also projecting its own private subsea cables, some of the rationale behind their mixed private/consortium/lease approach are disclosed in blog post from 2018-07-17 announcing the Dunant cable, which is the first Google private transatlantic subsea cable projected to connect Virginia Beach and France.

Bulk Infrastructure

Data Center

EDIT: see blog post detailing my visit to the construction site in June 2019

Bulk has announced that the Esbjerg data center location will be referred to as DK01 Campus which is described on the about page (EDIT 2020-11-25: now has its own page with different wording) as follows:

Bulk’s DK01 Campus, Esbjerg, southwest Denmark, will be a scalable Carrier Neutral Colocation data center ready for customers Q4 2019. Esbjerg is becoming a highly strategic data center location with several subsea fiber systems terminating within or nearby. These include Havfrue (US, Ireland, Norway, Denmark), Havhingsten (Ireland, Denmark), Cobra (Holland, Denmark), Skagerrak 4 (Norway Denmark), DANICE (Iceland, Denmark) and TAT-14 (United Kingdom, France, the Netherlands, Germany, and Denmark). Combined with excellent terrestrial connectivity, this will make Esbjerg the main international entry point to the Nordics and enable the Bulk DK01 campus to be the natural traffic exchange point.

An article (translated) in the local newspaper JydskeVestkysten first revealed the exact location of the center and renderings of its visual appearence and construction. The location is in Kjersing industrial area North of Esbjerg.

Infrastructure

A further map of the Bulk connections between Norway, Denmark and Ireland has been revealed in an article of Capacitymedia and on Bulk’s own fiber networks page. Also a partnership with Amazon about delivering both connectivity and datacenter infrastructure for AWS has been announced.

Further Information

News / Press releases

From Stakeholders

Construction Documentation

At Cable Map Sites

National Press

International Press

Other

Project Ember: name of a data center
Aug 20th, 2018 by miki

Taking a deeper look into the meta data of the document containing the Environmental Assessment (Danish: “miljøvurdering” shortened “MV”) and Environmental Impact Assessment (Danish: “miljøkonsekvensvurdering” or “vurdering af virkningerne på miljøet” shortened “VVM”) of the announced data center in Esbjerg reveals an interesting embedded title of the document which has not been carried out into other publicly used references.

The embedded PDF title of the document uses the “Project Ember” term which has not been indicated by other sources than articles in the JydskeVestkysten newspaper. The paper cite municipal sources but the municipality has not used the name directly in any of their communications.

The report authored by consultants COWI contains the following naming:

  • Official in text: “MILJØVURDERING (MV) OG MILJØKONSEKVENSVURDERING (VVM) – ERHVERVSOMRÅDE VED ESBJERG, AFGRÆNSNINGSRAPPORT
  • Filename of distributed PDF: “MV-VVM_afgrænsning.pdf
  • PDF meta data title: “Microsoft Word – Project_Ember_MV-VVM_afgrænsning_v.4.0.docx

Below a dump of the full meta data:

$ pdfinfo MV-VVM_afgr%c3%a6nsning.pdf
Title:          Microsoft Word – Project_Ember_MV-VVM_afgrænsning_v.4.0.docx
Author:         lojo
Creator:        PScript5.dll Version 5.2.2
Producer:       Acrobat Distiller 15.0 (Windows)
CreationDate:   Fri May 25 15:49:44 2018
ModDate:        Fri May 25 15:49:44 2018
Tagged:         no
UserProperties: no
Suspects:       no
Form:           none
JavaScript:     no
Pages:          25
Encrypted:      no
Page size:      595.22 x 842 pts (A4)
Page rot:       0
File size:      234728 bytes
Optimized:      yes
PDF version:    1.5

Hyperscale data center coming to Esbjerg
Jun 13th, 2018 by miki

2019-06-03 add (local|national) press items about bulk data center (follow this in post about Havfrue, no further updates here), minor text fixes
2019-03-07
add local and national press items announcing cancellation of project
2019-02-27
add local press item about property value, environmentalist opposition and local educational initiatives
2019-02-21
add local press item about unsatisfied land owners
2019-01-22 add official approval of plans, fix original chronology of Official Documentation items, add (local|national|international) press items about a.o. announcement of Bulk Infrastructure datacenter
2018-12-19 add documentation and local press items about postponed permit decision from municipality
2018-11-30 add a bunch of local press items, and archaeological section to documentation
2018-10-04 add local and national press item about Amsterdam trip and announcing Facebook as the developer
2018-09-06 add local press item about downscaling and older national press, reorder press items (top=latest)
2018-08-19 add local press item and Official Documentation section about housing abandonment
2018-08-01 add local press item with letter to editor
2018-06-13 updated with 1 new local + 1 new national press, rewrite first paragraphs, mention project name, mention DDI trade association, mention investindk & havfrue cable
2018-06-12 initial commit

Project Ember?

The local media of Western Jutland, JydskeVestkysten, has spearheaded the coverage of an interesting technology related story over the last weeks. The Esbjerg municipality planning departments has started to reveal details of the preparations for the development of an industrial site on a large swath of land just outside of Esbjerg seemingly for the purpose of a hyperscale data center of the proportions employed by FANG sized (Facebook, Amazon, Netflix, Google) organizations. According to the media the project is by some municipal sources referred to as “Project Ember“. I have been unable to confirm this name from official documentation yet released or any other sources.

Neither the newly formed trade association named Danish Data Center Industry (DDI/DanishDCI) (in Danish: “Datacenter Industrien“) or the state’s Invest in Denmark office has brought any more light to the issue. The former has, however, tweeted a couple of times about it when it hit the national media and the latter has brought forward a vague hint that Western Denmark is an “attractive data centre hub“. I’m not in any doubt that this is partly driven by the announcement of the “HAVFRUE consortium“, which includes Facebook, that they intend to install a 108 Tb/s transatlantic cable crossing from New Jersey to Ireland and Esbjerg, as also announced by Invest in Denmark in January.

Below is an outline of the area in question (on an OpenStreetMap based map using the umap project) that I have drawn from the only geographical details yet leaked which is contained in the meeting agenda mentioned below. See also a visualisation of the area on a photo taken by local photographer Christer Holte.

I have collected links to all official documentation I have been able to locate and to press coverage below, and intend to keep updating this post as details is being revealed.

See full screen

Official Documentation

  • 2019-01-21: Notitia Networks ApS was assigned a permit for construction by city council as documented in minutes of the city council meeting at 2019-01-21, item 11, p. 28-35
    • Changes to municipal plan approved with minor changes
      • Addition of passage detailing that an ecological corridor planned in the area should be moved accordingly
      • Explicitly state that land reserved for E20 (European highway) is being removed from plan (I understand this as being used for this project instead of E20, but not quite sure)
      • Corrections to various erroneous references, quoted noise limits and uniformity of maps
    • Area planning
      • National Road Department (Danish: Vejdirektoratet) asked for clarification that signs and other marketing in the open land is prohibited, and that supervision authority for signs that are erected near roads is awarded to the department
      • Clarification of unclear maps showing road outline
      • By citizen request a visualization of the visual consequences from the viewpoint of Nørregårdsparken has been produced and amended to the appendixes
      • Allowed area of buildings for the security facilities at entrance/exit increased from 50 m2 to 75 m2
      • Various references and minor clarifications added
    • Plan & Environment Committee: approved on meeting 2019-01-08 (item 5, p. 11-17)
    • Financial Committe: approved the recommendation from Plan & Environment Comittee on meeting 2019-01-14 (item 13, p. 27-33)
    • Administration recommendation to city council: approve
    • City Council: approved the recommendation from Plan & Environment Comittee and Financial Committe
  • 2018-12-18: An extensive trove of documents totalling 12 appendixes to “case 04” (“sag 04”) pertaining to the municipality hearing has been released as a part of the agenda for 2018-12-18 meeting in Municipal Planning & Environment committee (Plan & Miljø-udvalg), the final decision postponed for January meeting
    • minutes: “Resolution Plan & Environment Committee on 18-12-2018: Postponed for meeting on 8 January 2019 for further investigation.
    • appendix 03: complete environmental assessment
    • appendix 04: supplemental visualisations
    • appendix 06: updated map of area
    • appendix 12: 158 pages of citizen comments and the municipal department’s comments to those
  • 2018-10-11: Sydvestjyske Museer (Museum of Southwest Jutland) has released an article about their preliminary findings (Google Translate’d) of the excavations done in the area.
    • Large parts is old heath without archaeological interest
    • In the eastern part remnants from Stone Age, Iron Age and WWII has been found
    • A complete predecessor of Andrup from around 0-200 AC has been found, parts of a later settlement from 200-800 AC has also been found, these are pending further investigations in 2019
  • 2018-08-07: Area mentioned in agenda/minutes for 2018-08-07 meeting in Municipal Planning & Environment committee (Plan & Miljø-udvalg)
    • Details in item 9 “Demolition of housing – Nordre Tovrupvej 21 and 26, Esbjerg” (Danish: “Nedlæggelse af boliger – Nordre Tovrupvej 21 og 26, Esbjerg”), p. 21-22 (case referred to as “Dok.nr.: 11768”, “Sagsid.: 18/20401”)
    • Requests that the committee approve liquidation and demolition of two current municipality owned rental houses in the area for the possible sale of the area for commercial purposes
    • Current inhabitants are willing to agree to voluntarily leave the rentals, but such formal agreements have not yet been established
    • Technical & Construction Committee assesses that the liquidation and subsequent sale of the aree will have a positive impact and is not outside current statutes
    • Approved by the committee
  • 2018-06-01: Public hearing announced (Google Translate’d) (original) about changed use of the area
    • Hearing closes 2018-06-15 (14 day period)
    • Accompanying report about environmental impact (VVM) discloses even more details
      • Area referred to as used for “establishing of extraordinary space consuming commercial entity near Esbjerg in the form of a data center” (ch. 2, p. 8)
      • Total area: 250 ha = 2’500’000 m2 (1 hectare = 10’000 m2) (ch. 2.2, p. 8)
      • Building area: “Current project entails approx. 250’000 m2 under roof with 200’000 m2 data warehouses and 50’000 m2 administration, logistics and service buildings, in addition to one or two 150 kV high voltage substations, each of approx. 30’000 m2 and diesel emergency power facilities of 6’500 m2” (ch. 2.3, p. 9)
      • Heat surplus: “Planning will leave open the possibility of reusing surplus heat produced at the facility, however no such plan exist at the moment” (ch. 2.3, p. 9)
  • 2018-05-28: Area mentioned in agenda/minutes for 2018-06-01 meeting in Municipal Technical & Construction committee (Teknik & Bygge-udvalg)
    • Details in item 7 “Closure of public and private roads in Andrup” (Danish: “Nedlæggelse af offentlige og private fællesveje ved Andrup”), p. 14-16 (case referred to as “Dok.nr.: 11186”, “Sagsid.: 18/12587”)
    • Area is referred to as “a contiguous area laid out for commercial purposes
    • Includes map with outline of area
    • Suggests public roads being closed for cars, new cycling paths being constructed passing North of area
    • Approved by the committee

Local Press

National Press

International Press

»  Substance:WordPress   »  Style:Ahren Ahimsa
© 2020 Mikkel Kirkgaard Nielsen, contents CC BY-SA 4.0