Category Archives: ARRL Ohio Section

Related to the ARRL Ohio Section.

Amateur Radio, ARRL Ohio Section, Computing, Ohio Section Journal

Ohio Section Journal – The Technical Coordinator – October 2020 edition

October 25, 2020 Jeffrey Kopcak

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…

Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

October is associated with a number of things: apple cider, fall weather, foliage displays, pumpkins, and Halloween costumes. One thing that might be gruesome, like some Halloween costumes, is most people’s cyber hygiene. Cyber hygiene relates to practices and precautions users take to keep their data safe and secure from outside attacks. October, in addition to the above, is Cybersecurity Awareness Month. It is a way to raise awareness about the importance of cybersecurity and give everyone resources to be more secure online.

First up, web browser. This is the portal and gateway to modern computing. A browser should be current, supported, and one that is updated. Current web browsers are ones like Chrome, Firefox, Microsoft Edge, and Opera. These are constantly being updated to support newer technologies, protect users, and eliminate known vulnerabilities. Don’t use a camera, microphone, or other accessories during browsing interactions? Disable access to them in the browser’s options. I’m not sure the last time I used a MIDI interface. Disabling it hasn’t affected my browsing in Chrome.

Browser extensions (or plugins): Limit the number of installed extensions and make sure they are also current and being updated. The one extension I have on every browser I use, including at work, is uBlock Origin. It is an excellent ad-blocker and does it very effectively. Additional features include ability to block other sources of vulnerabilities, such as scripts, large media items, like videos, and known bad domains. A lot of people love NoScript. It’s even better, security-wise, than uBlock Origin. However, like everything in security, there are tradeoffs. NoScript does what it says, block scrips like JavaScript because they are a major source of security problems. This is great in principle but it basically breaks every site on the Internet. Whitelisting necessary scripts to make a trusted site work, I think, is more effort than it’s worth. Choose the better option for you. For me, it’s uBlock.

Another good browser extension is HTTPS Everywhere. When a site is loaded over an unsecure connection, this extension upgrades it to a secure connection is one is available. Most severs configured by capable admins are now serving up HTTPS by default and redirecting HTTP connections to HTTPS. Finally, PrivacyBadger is good at blocking third-party tracking and browser fingerprinting. Browser fingerprinting is the ability for a site to interrogate the browser about the system it is running on. For example, which browser, is it accepting cookies, plugins installed, time zone, screen size and color depth, system fonts, language, OS and platform, touch device, and device memory. PrivacyBadger blocks sites from accessing many of these properties.

Bad sites: In August, I talked about the Pi-Hole security device. This device provides similar blocking to uBlock Origin but at the network level. Any browser plugins only add protection to sessions in that browser. It doesn’t block tracking, malware, or ads in other applications running on the PC. It doesn’t offer protection for any other device on the network such as phones, tablets, streaming, surveillance, and “smart” devices. That is where Pi-Hole comes in by blocking known bad domains at the network level. It will keep ads off smart TVs, Roku’s, and keep digital footprints to a minimum. A caveat, devices using hardcoded DNS servers (usually IoT, DNS over HTTPS) will bypass any Pi-Hole filtering. Routers that can perform NAT Redirection can re-route requests to Pi-Hole and block DOH.

If you don’t want to add a device like Pi-Hole, changing DNS servers in a home router will offer more protection. I recommend OpenDNS as a security focused DNS service. OpenDNS is free to use and enabled by simply setting Primary DNS and Secondary DNS to these IPs: 208.67.222.222 & 208.67.220.220 – does not matter which goes into primary/secondary. They do offer paid services which can categorically block sites and does require a little more setup. Another good DNS filtering service is “Quad 9” or 9.9.9.9 as the DNS server. These services block access to known infected sites made through DNS requests.

Password managers: sites do a relatively poor job of securing their user and password databases. On the other hand, users do a poor job of choosing strong passwords. We know this because of sites like Have I Been Pwned (pronounced “owned”) which search stolen password databases for associated Email addresses. Showing as ‘pwned’ on that site indicates the Email address was found in a database breach. Searching an old Email address of mine found two services I did not recognize. I suspect the data changed hands through company acquisition but, more likely, my information was sold to the highest bidder.

Lists are published of the most commonly used passwords from these breaches. Many are even easy to guess like 123456, password, qwerty, dragon, baseball, monkey, and letmein. A password manager will generate strong passwords and remember them so you don’t have to. In general, if you can remember passwords for services, you’re doing it wrong. It’s good to know the password for logging on to the computer and the password for your password manager. That’s about it anymore. Being able to remember passwords means they’re probably easy to guess. 55@[hg@owtWF(6eDOXR0 – is not be an easy to guess password, has lots of entropy, and would take around 1.15 thousand trillion trillion centuries to guess using one thousand guesses per second.

LastPass & KeePass will do the job of creating strong passwords and remembering (saving) them. Both of these password managers are considered best-of-breed because of their features, history of responding to issues quickly, and constantly squashing bugs. Other password managers do not have this reputation and most don’t offer adequate protection from attacks. LastPass is an online service. They have a free option but useful features will be found in the $3/month for single user and $4/mo. for families. If you don’t trust “the cloud” or want to manage your own password database(s) offline, KeePass is what you want.

Both have the ability to generate, store passwords, and save notes associated with an account. Largely they’re both available on multiple platforms in multiple browsers. LastPass apps tightly integrate many device types with their service. KeePass relies largely on the community to implement addons and create apps for platforms like Android. LastPass has nice features allowing sharing among family members or sharing banking credentials with a spouse. Another feature I like in LastPass is the ‘dark web’ monitoring and alerting for breached credentials. These alerts let you know it’s time to change that password. To retrieve stored usernames and passwords from a password manager, they’re copied and pasted from the app or automatically filled into a webpage using a browser extension.

Both services require some sort of master password which MUST be remembered. LastPass gets its name from the password used to access their service as the ‘last password’ you’ll ever need. An easy way to generate such as password would be to find a famous speech, song, or lines from a movie. Take the first letter of each word, throw in some numbers, and voila! Strong master password. This method will create a password that is hard to crack but easy for you to remember. As an example, take the first line of the Gettysburg Address:

Four score and seven years ago our fathers brought forth upon this continent, a new nation, conceived in liberty, and dedicated to the proposition that all men are created equal.

Taking the first character of each word: Fsasyaofbfutc – even to the first comma is 14 characters and already on its way to being very strong. Get creative, maybe take the second or third letter of every word. Throw in some random capitalization. Then add maybe parts of an old phone number, an old address, old work address, old dorm room number, kids ages, etc. Then it becomes: FsasyaOfbfuTC219419216 – all of a sudden you have a password that takes 8.75 hundred trillion trillion centuries to guess. Sure, you’ll want to write down this password until its memorized. Destroy the written copy after it’s definitely committed to memory.

All this assumes there is no monitoring of the computer or device, no key logging, no intercepting communications, no monitoring the clipboard, etc. The strongest password does no good if it’s used on a compromised machine or used over an unsecure communication channel such as HTTP, FTP, or Telnet – which all use plain-text passwords.

Should there be a situation where you can’t create a completely random password in a password manager or want to use a password that can be more easily remembered in certain situations (not your master password, that would be bad practice), use the xkpasswd generator. Inspired by an XKCD comic, it uses a method of random numbers and common words to create memorable passwords. The example they give: correcthorsebatterystaple – correct, horse, battery, staple.

Last practice I’ll mention this time around is use multifactor authentication. This is also commonly referred to as 2-factor authentication (2fa) or MFA. MFA uses more than one authentication method to validate identity. Usually consisting of something you know, a password, and something you have – a phone app or hardware token. This approach is an additional layer of authentication with the hope that miscreants don’t have access to one or more of those authentication methods. Good multifactor auth changes or rotates every time it’s used or changes after a set amount of time. Modern multifactor technology has been around for more than 15 years. Many companies are rapidly adopting it for all employees because they see value and it has proven to be a good way of keeping miscreants out of their systems. More and more services are adding two factor authentication.

Multi-factor works by going to site-I-login-to[dot]com. Enter your username and password. Usually after clicking log on, you are presented with a multi-factor prompt. Consisting of a pin that rotates frequently, clicking ‘approve’ in a mobile app, hitting a button on a hardware token, or being sent a unique code via SMS text or Email to enter into the site. A lot of services use SMS text messages and Emails. Those two should not be the primary multi-factor validation. SMS messages can be intercepted by miscreants who could have hijacked or cloned the SIM card from the carrier. If they have your password and hijacked SIM card, they might as well be you. Email is readily accessible to organizations hosting the mail server and often transmitted on the wire in the clear – though progress is being made to encrypt email messages in transit.

I like TOTP (time-based one-time password) solutions such as Google Authenticator on a phone or tablet. The password manager database is on the computer or in the cloud. The app lives on the phone, separate from the database. TOTP is an open standard, supported in nearly all services that offer multi-factor auth, doesn’t need a data connection, and isn’t stored anywhere except in a protected database on the phone. These passwords change every 30 seconds and are 6 digits long. In the case where a phone might get lost, there are “recovery” tokens that are generated at the time TOTP is configured. Where should the recovery tokens should be stored? They can be printed and stored in safe, or use your new password manager to secure them!

Scrap Value of a Hacked PC (krebsonsecurity.com)

It’s a couple years old, but Krebs on Security’s Scrap Value of a Hacked PC takes a look at all the things miscreants could do with information learned from a compromised machine. Things like hostage attacks through ransomware (encrypt files and demand payment to decrypt) and reputation hijacking of the social medias or credit scores. Brian’s site is also entertaining reading for taking a peek into the ‘dark web’ on things criminals do with stolen data and credit cards. Other useful security tools are Security Planner which walks you through creating a customized security plan based on interests and goals. PrivacyTools provides tools and knowledge for protection against mass surveillance. These steps and suggestions from known good resources will greatly improve your cyber hygrine for Cybersecurity Awareness month.

Thanks for reading and 73… de Jeff – K8JTK

Amateur Radio, ARRL Ohio Section, Computing, Ohio Section Journal

Ohio Section Journal – The Technical Coordinator – September 2020 edition

September 27, 2020 Jeffrey Kopcak

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

Now without further ado…

Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

On this month’s edition of “Pi Talk” – just when you thought I couldn’t talk about Pi anymore! I received a question from Chet – K8KIZ who has a laptop used for station operation. He wanted to replace it with a Raspberry Pi. In searching, he found way too many choices and wanted help to set him on the right path. This might be a question that others have or one they are considering. He soon found out it was a lot more complicated than originally thought.

Over the past number of years, I’ve done a lot of integration work which involves making one system or application talk to or replace another. It frequently involves bridging communications with other services such as databases or API’s (application programming interface) and facilitating data flow between them. Sales, Account Managers, and System Engineers for the new vendor will always throw around buzzwords and catch phrases – “setup and integration are easy and seamless,” “automated,” “zero configuration,” “drop-in replacement,” “pays for itself in three days” (not really), “reduce costs.” List goes on and on. It is never any of those things.

They have absolutely no idea about your environment, how involved, and how costly it will be to utilize their services. They just want you to buy them. Soon after comes the nickel-and-dimming: “you want to process how much data? That’s an extra couple thousand dollars” or “that doesn’t come with the license you purchased, that will cost you an extra-large-number with many 0’s!” Internal business units do this too. They weren’t prepared or made it seem like they are in position to handle a situation and were not. Feature requests take an extraordinarily long time to implement or claims of not having enough man-power soon follow.

The FCC is in a situation similar to this or they’re making it seem like they are: ‘oh, our licensing process is all digital and we can eliminate that pesky licensing fee!’ And the peasants rejoice. Reading the latest news about the FCC wanting to reinstate license service fees, “…we propose a nominal application fee of $50 due to automating the processes, routine ULS maintenance, and limited instances where staff input is required.” Wait, isn’t that why they went digital to reduce these costs? Someone sold them a bill-of-goods that didn’t actually reduce their costs or they’re looking to recoup costs elsewhere.

Not wanting the same thing to happen to Chet, where the alternative didn’t actually improve his situation, I took the approach of having him think about his station. What does he use his station for and what he would consider “a success” of replacing his laptop with a Raspberry Pi? Anytime anyone is looking to replace X with Y, an evaluation of this nature. What is X used for and are the pros/cons of Y sustainable?

In Chet’s case, replacing a laptop used for ham radio with a Raspberry Pi, he would need to consider things such as:

Is the current laptop setup Windows or Linux?
If it’s Windows, would he want to climb the Linux learning curve?
Is he using any software apps that are Windows only? Examples would be: RT Systems programmers, Ham Radio Deluxe, N3FJP logging, SmartSDR, N1MM, Wires-X, etc., etc.
Can those Windows only apps be replaced by Linux apps – and are those Linux apps equally as good?
Does he have any hardware requirements (like multiple serial or parallel ports)? The Pi has UART via GPIO pins but two or more serial ports require USB-to-Serial converters.
How many USB ports are required? Pi’s only have 4. 2 ports would be taken up by using a wired keyboard and mouse.
Do all of his hardware devices and interfaces work in Linux? These would be things like radio programming, control (CI-V) or firmware flashing, audio mixers and audio interfaces.

This is not an all-inclusive list especially since I didn’t know anything about his station – though I seem to remember he was into Vibroplex CW key tuning and repair from a local hamfest. I thought through scenarios that might apply to the majority of HF operators and came up with that list.

G4DPZ running GPredict on a Pi (amsat-uk.org)

Some Windows programs can be run under Linux using a compatibility layer program such as WINE or run virtual machines (VMs). That would contribute to the Linux learning curve. Raspberry Pi isn’t powerful enough today to run VMs. VMs or hypervisors maybe an option for some Linux desktop/laptop situations.

Instead of wired keyboards and mice, Bluetooth devices could be a replacement option but are more costly. Wired is preferred to wireless for reducing interference problems. Built-in antennas for Bluetooth or Wi-Fi aren’t going to be as good as laptop antennas. Additionally, monitors without HDMI or mini-HDMI connectors will need adapters, cables, or outright replaced if it doesn’t have compatible connectors. USB hubs are an option for expanding the number of USB ports. I have yet to find a USB hub that is problem free. They don’t work well with some operating systems, attached devices do not fare well with temporary connection interruptions, and they tend to break down after a short time.

Best way to track these considerations and more is to make a list. Start by looking at all connections to the existing laptop, both physical and virtual (like with an SDR). Include any software used during operating (radio control, prediction modeling, packet, digital, etc.). Programming radios? Those tend to be Windows (or DOS) programs along with firmware updaters. If using a Raspberry Pi is still desired, another Windows machine will be needed for programming and firmware updates. Include all of these in the list and evaluate solutions on the Raspberry Pi or Linux platform for alternatives that meet the requirements. Consider splitting non-supported, but essential, functionality to another Windows machine.

Another way to approach evaluation would be to operate with a new “Pi” system, hands-on, but keeping the old system up-and-running nearby. The old system would be used as a reference for program settings, coping or migrating data files (such as export from one and import to the other), and a comparison point when evaluating Linux programs.

Lastly, completely ditching the previous system and entirely starting from scratch is an option. This type of evaluation style is more draconian by ripping and replacing. Most people have their own operating style and rarely want to deviate from their ritual. Rip-and-replace might be needed if they’re fed up with a current setup and want to start over with something else. The operator, in this case, would not care about migrating previous data, starting out anew, and take whatever options are offered by a different platform.

Raspberry Pi 3 projects for Ham Radio with 7-inch touchscreen (qrznow.com)

To future proof, I’d recommend going with the latest version of the Pi. Currently, that would be a Raspberry Pi 4 Model B with at least 4GB RAM ($60), 8GB ($90) if able to spring for the extra RAM. Quality of the power supply and SD card plays a role in stability as I talked about in July. Data corruption possibility is still not zero. Even on a desktop PC. Corruption seems to be more prevalent on Pi’s, likely because of cheap components chosen by the user.

I strongly recommend making frequent data backups. This applies to any system. There should be 3 copies of data: the local copy (on the Pi), another copy on a storage device like a USB Hard Drive or Network Attached Storage (NAS). A third copy, off-site, located at a friend’s house, relative’s house, or a work location. Another off-site storage location would be cloud storage or backup service provider. Think about where you would be if you lost those LOTW logs, FT8 contacts, SSTV images, or Winlink messages. This strategy is known as the 3-2-1 backup strategy and should be used for ANY important data. 3 copies of data, 2 on different medium, and 1 copy off-site.

Starting out, I would consider the “Ham Pi” or “Build a Pi” projects I discussed in August initially. “Ham Pi” has just about every Linux ham radio application pre-installed. That would allow an operator to try different programs, find one that suits their needs or one they prefer. “Build a Pi” can be a little more tailored to operating style. You can also get down and dirty by compiling programs from source, depending on Linux experience or desire to tinker with Linux.

That just about covers broad considerations. Chet realized this was a larger undertaking than finding a plug-and-play option. He appreciated the analysis of the issues at hand. I hope he is able to find a working solution to replace his station laptop. When considering major overhauls such as this, know that for most people, it’s a little more complex and involved than most realize.

A quick note about Winlink. The WINMOR protocol has been deprecated systemwide and will soon be removed from the client software application. First introduced by Rick – KN6KB in 2008, it was the first ‘sound card’ mode offered by Winlink as an alternative to modem hardware needed at the time. Rick and the Winlink Team have moved on to developing robust and speedier protocols such as Amateur Radio Digital Open Protocol (ARDOP) and VERA HF. RMS gateways will only support ARDOP, VARA HF, and Pactor 3 or 4 (where applicable) near term. If you are still using WINMOR, it’s likely been hard to find gateways that support the protocol because sysops have been asked to remove in favor of the other modes. WINMOR had a great run and was the mode I used when I first got on Winlink.

Thanks for reading and 73… de Jeff – K8JTK

Amateur Radio, ARRL Ohio Section, Computing, Ohio Section Journal

Ohio Section Journal – The Technical Coordinator – August 2020 edition

August 30, 2020 Jeffrey Kopcak

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

Now without further ado…

Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

My article last month covered Raspberry Pi and problems users have experienced with the Pi 4 since its release last year. I gave some tips for keeping your Pi running like a top including choosing better power components, SD cards, and having the Pi run cooler despite higher idle temperatures. This month will cover recent projects you can make with the Raspberry Pi to learn about the device, computer programming, or Linux.

Ham Pi – formally the “W3DJS Raspberry Pi for Ham Radio image” is an operating system for the Raspberry Pi with over 80 ham radio applications pre-installed – which include digital modes, APRS clients, antenna programs, SDR, Morse Code, radio programming, and more. Dave wanted to have a Pi image loaded with any ham radio software application he might ever want to use. He initially shared it with a few club members and soon realized there was demand when his image had over 8,000 downloads. Since then, the build process is automated using an Ansible playbook. The playbook is also available on his github which is useful if you want to learn a provisioning technology or build your own customized version. A long time ago, I wrote instructions that just compiled Fldigi and Flmsg on a Pi2 for a go-box. Ham Pi is a definite must for anyone that has a Pi already in their go-box or wants to add one to an existing box.

Build a Pi – wanting a way to have ham radio applications installed on a Pi, Jason – KM4ACK wrote a script that does just that. Having many issues with the first couple implementations, which were mostly copy-and-paste installs, it was not flexible enough to update applications once installed. Version 3 includes an automated way of installing and configuring both ham radio applications and the operating system on a fresh Raspberry Pi OS installation. Differing from Ham Pi in that a stock Raspberry Pi OS download can be used, the user can also pick-and-choose which applications they want to install. A quick tutorial video is available.

Rig Pi Station Server – is a Raspberry Pi that controls your station and on-air activities. With a Station Server install and web browser or smartphone app, you can control a radio, rotor, use CW, operate digital modes, look for spots, and even upload your log. If you don’t want to spend much time learning about the Pi or Linux with the above projects, this is the way to get on the air remotely as quickly as possible. Hackaday did a review on the Rig Pi Remote Server.

“Rig Pi” may sound familiar because it was picked up and packaged by MFJ as the 1234 with a Pi and audio interface HAT. Before I receive complains (I’ve already seen them online), you can download the help and schematics as well as any of the software on the github repository absolutely free. Rig Pi is open-source. Not only that but no one needs to buy the commercial package. It can be installed yourself. People that complain about “selling” open-source projects really don’t understand how that typically works. It is common practice to release an enterprise grade software application as FOSS (free and open-source). A company/individual/whomever will make money on their application by selling licenses, services, or hardware. Same concept here. Assuming the license allows it, a vendor can package the program as part of a device. I’m going to assume the developer is getting a cut or donation as part of MFJ’s sales (but I don’t know this) as the product is promoted on the project page.

Pi-Star – create a digital hotspot or repeater with a Pi and transmitter. Providing complex services and easy configuration via a web interface, Pi-Star solved the problem of fragmentation when different hotspot boards all had their own Pi image. Most didn’t work well if at all. Pi-Star solved that problem by providing an easy to use interface for the beginner and allowing a tinkerer to dig deep into settings. Using the MMDVM suite from G4KLX, it can operate DMR, D-STAR, NXDN, P25, and System Fusion (depending on modem) and use many different protocols. This software is packaged and sold with different hotspot devices such as the ZUMSpot. Another example of software being packaged with hardware and sold commercially.

Ultimate Raspberry Pi Build – Julian – OH8STN from Finland covers topics related to off-the-grid and grid-down operating. He brings us an excellent instructional video on making a very portable QRP digital station using a Raspberry Pi. He set out to build a smaller and, in turn, much more portable setup than is available commercially with other devices. This video details hardware mods, HAT options, and software needed to operate digital, off-grid, from anywhere.

Pi Clocks – a couple of clock projects are available depending on your level of interest. The first one is created by Kevin – N0BEL. It’s not a project specifically for Hams rather for anyone interested in making a nice weather display. His PiClock is a clock (“duh” – as he says) with weather forecast and radar map display. Though it could be used in the shack, it is better suited for a common area in the house, such as the kitchen, with an HDMI monitor. Everyone likes weather information. Emile – KE5QKR from Amateur Logic did a PiClock tutorial.

HamClock project – from Elwood – WB0OEW is geared toward the ham shack. It has clock (again, duh), current temperature and weather conditions, solar conditions, VOCAP predictions, satellites, DX spots and daylight map. His project can be built on any UNIX-like operating system including the Raspberry Pi. It cannot run naively on Windows but can run on a Unix system and displayed on Windows using X server forwarding. This has the appearance of a regular Windows application. Tommy – N5ZNO of Amateur Logic did a segment on setting up the HamClock.

Open Repeater – I lost track of this project. I first heard about it back in 2014 when they didn’t yet have a domain name for the project. Goal is to create an open-source and simple to use repeater controller. Utilized for high-profile repeaters or basic simplex nodes, the software walks the user through setting up a repeater controller. Owners can have traditional Morse IDs or create longer messages at every hour via audio recordings. Having SVXLink at the core allows seamless integration with VoIP modes like Echolink. Additional modules can be added to the core package providing more functionality.

Pi-Hole – not specifically Ham Radio related but a fantastic network appliance. DL6ER, a ham radio operator in Germany, is a Developer and Administrator for the project. Pi-Hole acts as a Domain Name System (DNS) sinkhole (returning a fake value) which blocks devices on a home network from accessing ad sites, trackers, or other malicious websites. Though originally intended for Raspberry Pi devices, it has been expanded to include any Linux operating system or docker container. It doesn’t filter bandwidth or inspect network traffic. The Pi-Hole acts as the DNS server for a home network instead of your ISP. DNS is referred to as the “phone book” of the Internet by looking up names such as arrl-ohio.org and returning the IP address in order for a network device to access the server hosting the Ohio Section website. When a request for a blacklisted website (such as some-malicious-website[dot]com) is requested, Pi-Hole intercepts and returns a different IP address so the access request will never reach the Internet. This is better compared to a web browser plug-in because Pi-Hole is inspecting DNS requests for all network devices.

It’s great to block trackers and ad sites in theory, keeps digital footprints to a minimum and reduces the chance of fraud through scareware-type tactics. In practice, it often blocks couponing and deal websites as well as promotional email links from a favorite restaurant. Those emails are coded to tell the sender which links a recipient clicked and can be used to measure the effectiveness of an advertising campaign. Whitelist exceptions can be granted though the very nice web interface when legitimate sites are blocked. I have a similar application running on my network. After I received complaints about sites being blocked (but they wouldn’t tell me when there were problems to create exceptions), I disabled this blocking all together, effectively opening up the Internet. Within 10 minutes I was asked to turn it back on as pop-up ads immediately started to appear stating ‘your computer is INFECTED.’ Scared the, uh, stuff out of some. Other issues involve in-home advertising and monitoring devices, like Alexa, which freak out when the device can’t reach its severs. These devices flood the local network with hundreds of DNS requests per second. Smart TVs and Rokus often have similar problems when they can’t reach their servers to track what is being watched. Data feeds containing bad sites are aggregated for free, so you get what you pay for. Sites are frequently categorized as bad when they really aren’t. Some are legitimate services. Blocking these sites could cause undesired behavior, for example, using a favorite streaming TV service where you may receive errors.

Windows 10/desktop replacement – with the power and speed of the Raspberry Pi 4, many are finding ways to install traditional operating systems. Windows 10, in its many flavors, has an IoT stripped down version for devices like the Pi. The guide at Tom’s Hardware shows how to get the full desktop version of Windows 10 running on the Pi. It’s a little sluggish and not for the faint of heart but if you screw up, just start over.

There are plenty more ham radio and non-ham projects to do on a Raspberry Pi. Applications listed in the first couple projects can be installed standalone for single use setups such as a Slow Scan TV (SSTV) receiver when the International Space Station is sending images. A friend in Toledo recently used my instructions to setup an APRS RX Igate. DL1GKK’s site has instructions on installing ham radio applications as well. Raspberry Connect contains a list of ham radio applications that can be installed through the apt package manager which simplifies installation. There is no shortage of things to make on a Raspberry Pi.

News missed my article last month, but I wanted to mention the passing of Grant Imahara at 49 years old due to a brain aneurysm. Most probably never heard the name but have undoubtedly seen his work. Not a ham radio licensee that anyone can find, Grant was an electronics genius and maker in the truest sense of the word. Landing jobs at ILM (Industrial Light and Magic), the George Lucas special effects company, he modernized R2D2. He was one of three official domestic operators of the droid for the Star Wars movies. His special effects movie credits also include The Lost World: Jurassic Park, Terminator 3, and Matrix movies. Grant also competed on BattleBots where his robot was often highly ranked. The robotic sidekick on “The Late Late Show with Craig Ferguson” was also Grant’s creation. He was a designer for the animatronic Energizer Bunny seen in commercials. Joining MythBusters in 2005 is where I picked up his career in front of the camera during my college years. The program took on myths, legends, and Hollywood lure to see if they translated to real-life – oh, and they liked to blow stuff up. Grant not only provided technical expertise but participated in experiments and designed machines to take the place of a person for myths that were too dangerous. A tragic loss and he will be missed.

Thanks for reading and 73… de Jeff – K8JTK

Amateur Radio, ARRL Ohio Section, Ohio Section Journal

Ohio Section Journal – The Technical Coordinator – July 2020 edition

July 26, 2020 Jeffrey Kopcak

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

Now without further ado…

Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

Since its release, the Raspberry Pi 4 has had a couple problems. It’s not the first device in the lineup to have hardware problems. Raspberry Pi devices are single-board computers that are about the size of a credit card. The smaller Raspberry Pi Zeros are about the size of a 9-volt battery. Created to foster Computer Science in schools, they have become very popular with robotics, weather monitoring, and even ham radio. Size makes these devices very portable, they draw minimal power, and cost anywhere from $10 – $75 for a high-end model. In addition, they are capable of running Linux which makes them a great substitute for single applications or toying around with Linux – versus using older PC hardware consuming more power.

Raspberry Pi Zero and 9V-battery (lifehacker.com)

Dubbed the Xenon Death Flash, electromagnetic radiation penetrated the wafer-thin packaging of an on-board chip responsible for switching regulation. Taking a flash picture of the Pi would cause the entire board to shut down. A Power over Ethernet (POE) Hardware Attached on Top (HAT) module had major power fluctuations and delivered significantly less power to the USB ports than normal. The POE HAT was delivering 200mA. 500mA is standard through a USB 2.0 port.

This time around, the Pi 4 lineup was released but not all the necessary drivers were made available in the official Raspbian Operating System. A minor annoyance. This is an easy fix in software and corrected shortly after release.

Die resposible for the Xenon Death Flash in the WL-CSP package, enormiously magnified (raspberrypi.org)

The issue that received all the press: USB-C power port on the Pi 4 didn’t follow published specifications. USB-C connector is a symmetrical connector meaning it is reversible. Designed to deliver high power for charging, digital audio, digital video, and high-speed data. Android users are familiar with these connectors as phones in the last 4 years utilize USB-C replacing the Micro USB connector. Popular on PC docking stations as it allows the laptop to be charged while driving multiple HD monitors, including audio, utilize high speed Ethernet, and regular USB connections – all at the same time. E-marked (or electronically marked) cables will connect more of the 24 pins found in the USB-C connector unlocking features like additional power. These cables are found on power supplies of advanced devices such as Apple MacBooks and other laptops. These USB-C E-marked cables were a problem for the Pi. Non-E-marked cables worked fine.

In February, it was officially announced that a fixed model was available for the USB-C problem. How do you tell which board has the fix? That’s a little more complicated. Speculation is that board version 1.2 is the fixed revision. If you feel up to modifying an existing board by hand, that can be done too (insert standard disclaimers here). Best advice was to get a newer board and try it with an E-marked cable. Good going, guys.

That’s it, right? Not so fast. I found a post over at Hackaday that reported cranking up the HDMI resolution jammed the Pi’s own Wi-Fi. Using a display resolution of 2560×1440 (QHD resolution), the Wi-Fi drops out. At that resolution, the Pi emits noise in the range of Wi-Fi channel 1. Using a different channel might work but causing unnecessary RFI to other Wi-Fi users is unacceptable. The Raspberry Pi Foundation acknowledged the issue and issued a firmware update a few weeks later. Update the Pi using: sudo rpi-update at the command line if you haven’t done so in the last number of months.

I get it, designing things is hard especially devices that cost $35 and USB-C specifications running 329 pages. You would think the spec thoroughly covers power delivery but it does not. Consumers hope these issues would come out in testing and be fixed before they make a purchase. Working in the Information Technology field, likely these problems were observed in testing but was shrugged off as an ‘anomaly’ or ‘unable to reproduce’ or ‘affects a limited number of deployments.’ When the problem makes it into production and customers start complaining because everyone can now reproduce the problem, it gives customers a bad feeling about the device and company. Especially repeat offenders.

Unfortunately, the Great Lakes Division Convention and Toledo Hamfest was canceled in March due to the closure of the state. In my Raspberry Pi presentation, I was going to cover general tips when experiencing issues operating your Pi. They often boil-down to: crappie components. Stop buying the cheapest option overseas and expecting grade A+ performance!

90% of the time, problems are power related. “Under-voltage detected!” in the system logs are the result of an under powered 5V power supply, one that cannot deliver consistent voltage, insufficient AWG power lines of the USB cable, or both. Early Pi’s (Pi 1) can get away with a 1A power supply. Pi 2 & 3 really need a 2A. Pi 4 need 3A USB-C. The Pi’s will only draw as much power as needed.

Everyone forgets about the USB/power cable from the supply to the Pi. Not all cables are created equal! Power supplies with wired cables can be assumed to carry the full output of the supply to the device. A power supply can output 2A but the connecting USB cable is likely limiting power delivery due to the wire gauge. For delivery of 2A to the Pi requires a cable rated 28AWG/24AWG. This is printed on the cable itself. The first specification is the data cable wire gauge (28AWG) and doesn’t matter for carrying power. The second specification (24AWG) is the power cable gauge. Unless specifically printed on the cable, cables can be assumed to be a lesser 28/28 specification. A lower number is better in this case.

This is the reason a cell phone will seem to charge slower. I had an OEM cable that came with a new cell phone rated 28/28. The phone would charge for hours. When I upgraded to a 2A power supply and a 28/24 cable, it was charged in under 90 minutes from drained. This only really apples to Android devices because they use standard connectors. Genuine Apple chargers and Lightning cables will meet Apple’s specifications for device charging.

It is hard to find the AWG rating because most sellers don’t list it. One place that does list that spec is Monoprice. This Type-A to Micro Type-B cable will work for a Raspberry Pi (not 4) as a replacement cell phone USB charging cable. Keep the cable as short as needed. Don’t use 15 feet when 6 will do because it will reduce the amperage that reaches the device.

Crashes and SD card corruption problems are often attributed to bad power too. However, the aforementioned quality of the component itself also plays a role. Look for SD cards with lots of positive ratings. Most often recommend are SanDisk SD cards. I’ve had no reliability issues with G.Skill cards either. Quality 32GB MicroSD cards are under $10 these days. Validate the card is at least “class 10” which is usually signified on the card itself by a “C” and a “10” in the middle of the C. They come in classes 2, 4, 6, 8, or 10 – with 10 being the fastest. UHS (Ultra High Speed) cards are on the market and are slightly more expensive at over $20 for a 32GB UHS-3. UHS will have a “U” with a “1” or “3” in the middle. Class 10 and UHS 1 are equivalent in write speeds at 10MB/s.

Raspberry Pi 4 USB-C power port modification (raspberrypi.org)

Pi 4 generates significantly more heat than their predecessors. I’ve heard estimates of 50% more heat is generated while idle compared to the Pi 3. Many cases include a fan which is a moving component that could fail and be a problem if the device is at a hard-to-reach location. Heat sinks are an alternative, assuming decent airflow. The Raspberry Pi Blog includes tips and updates to lessen CPU temperature.

Does your project require the latest and greatest Pi board? Consider the project. Will all that processor power and memory be utilized? An upgrade to a USB-C power supply is required for power and micro-HDMI cables/adapters if you plan to connect a monitor to a Pi 4. It may come down to price. I see many places currently charging more for the Pi 2 and Pi 3 than a 4. Pi 2 is sufficient for headless wired Ethernet applications. Pi 3 if a little more CPU or Wi-Fi/Bluetooth features are needed.

Pi 3 and 4 boards include a 64-bit processor. As of this writing, the Raspberry Pi foundation has not made an official 64-bit Operating System release. Though a beta is available. The Pi 3 boards have been out since February 2016 and the Pi 4 boards since June 2019 – and there’s still no official 64-bit OS? A 32-bit OS can only address 4GB of RAM (4,294,967,296 possible addresses) and no Pi had more than 4GB. Other images for the Pi have taken advantage of the 64-bit processor. The Pi foundation still recommends the 32-bit OS for all Pi devices.

An announcement at the end of May unveiled a new Pi 4 addition, an 8GB RAM version for $75. Some minor improvements were made but the device is basically the same as the other Pi 4 versions. A 64-bit OS will be needed to address all 8GB of RAM though. In the same announcement, the official Raspberry Pi Operating System images are now renamed to “Raspberry Pi OS.” It will no longer be referred to as “Raspbian” though the name will probably stick around out of habit. The name change will likely be gradual over time. A card I burned with the new Raspberry Pi OS still referenced Raspbian in /etc/os-release.

Next time I’ll talk about (mostly) ham radio things you can do with the Raspberry Pi.

Thanks for reading and 73… de Jeff – K8JTK

Amateur Radio, ARRL Ohio Section, Ohio Section Journal

Ohio Section Journal – The Technical Coordinator – June 2020 edition

June 28, 2020 Jeffrey Kopcak

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

Now without further ado…

Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

As Technical Coordinator for the Ohio Section, I oversee the section’s group of Technical Specialists. The Specialists and I are here to promote technical advances and the experimentation side of the hobby. We encourage amateurs in the section to share their technical achievements with others in QST, at club meetings, in club newsletters, hamfests, and conventions. We’re available to assist program committees in finding or providing suitable programs for local club meetings, ARRL hamfests, and conventions in the section. When called upon, serve as advisors in issues of RFI and work with ARRL officials and appointees for technical advice.

The Technical Specialists really make all this happen. In the Ohio Section, there are about 15 qualified and competent Specialists willing to help. They meet the obligation of advancing the radio art bestowed to us by the FCC. The TSes support the section in two main areas of responsibility: Radio Frequency Interference and technical information. EMI/RFI includes harmful interference that seriously degrades, obstructs, or repeatedly interrupts a radio communication service such as ham radio or public service agencies. RFI sources range from bad power insulators, industrial control systems, other transmitters or poorly made transmitters, personal devices like computers, monitors, printers, game consoles, to grow lights and poorly made transformers – including one’s hams brag about getting from China for a few dollars. I die a little inside when I hear this. Our Technical Specialists can help track down interference or locate bozo stations. Technical information is a wide-ranging category including everything from antennas to Zumspots.

How can we help? The knowledge and abilities of YOUR Technical Specialists are really quite impressive. Here are some examples:

Antennas (fixed, portable, and emergency operation type) and feedlines
Antenna systems such as towers, guying, coax, and baluns
RF and tower safety
Grounding
Propagation
Electronics and circuits
Tube technology, aka boat anchors
Digital modes – including D-STAR, DMR, Fusion, P25, APRS, IGates, packet, MT63, FT8/4, Olivia, PSK, and using programs like Fldigi
NBEMS – Narrow Band Emergency Messaging System
Computers, Windows and Linux, Raspberry Pi
Embedded devices
Networking: IP networks, AMPRNet, routers, firewalls, security, mesh, and microwave
Repeater controllers and high-profile systems
Internet and VoIP linking systems – Echolink, AllStar, HamVoIP, DVSwitch, and PBX/Asterisk
RFI detection from power lines and consumer devices including working with governmental agencies to track down interference
Professional certifications such as Motorola Certified Technicians, Certified Journeyman Electronics Technician, General Radiotelephone Operator License (GROL), and Society of Broadcast Engineers (SBE) affiliations

This impressive list of qualifications is an available resource to all in the Ohio Section. Looking for help in one or more of these areas? Need a program for your club? How about a technical talk or forum at your hamfest? Assistance or direction on a project? Feel free to contact myself. My contact info is near my picture and on the arrl-ohio.org website. I’ll assist getting you in touch with an appropriate Technical Specialist. One of the Specialists might hear a plea for help and reach out to you as well.

Over the last month, we gained 3 new Technical Specialists! I would like to welcome Nick – N1TVI who is a Certified Journeyman Electronics Technician and brings experience in commercial radio systems. He is Trustee for the Northern Ohio Digital (N8NOD) repeaters in the northern Ohio area. Other experience includes repeater systems, power, grounding, and antenna systems. Jason – N8EI brings us his experience in repeater building and maintenance for the W8WKY machines in Doylestown and others, supports SHARES organizations, voice and data digital modes, and IP technology. Last, but not least, John – N8CD is co-builder of many multimode repeaters and an AllStar linked repeater system. Both John and Jason maintain a resilient network of 5.8 GHz microwave and Internet links that connect repeaters they and others maintain. They put a lot of work into their network implementation and use AMPRNet (network 44) IP addresses. Welcome to our newest Technical Specialists! Contact them or myself should any of those topics be of interest to your club or hamfest.

Pi-Star Update

Pi-Star 4.0 was released in beta earlier this year and 4.1 available as general release since most of us have been working from home, March 2020. According to the change log, these later versions bring many improvements for cross-mode support. These are YSF2xxx and DMR2xxx options: YSF2NXDN, YSF2P25, YSF2DMR, DMR2NXDN, DMR2YSF. There is no direct way to upgrade from 3.4.x or previous to 4.1.x. You must reflash your existing installation card or flash a new SD card. A new card is preferable in case you have a problem with the new version, pop-in the old SD card and boot. If your hotspot is a Pi-Zero, you should not overwrite your existing install right-away and give the new version a try on a separate card first.

Pi Zero W with ZUMSpot GPIO HAT board, compared to a quarter

Perform a backup in the web interface on the existing device. On the Dashboard, click Configuration, login, then click “Backup/Restore.” This will download a ZIP file with Pi-Star settings to your PC. Boot the new SD card and perform a restore by uploading the same ZIP file. I noticed some settings previously set were defaulted to initial values in the web interface. Do a once over for important settings and re-set them as necessary.

Pi-Star runs on nearly all Raspberry Pi models with a supported digital modem. It solved a problem, 3-4 years ago, when everyone making their own Raspberry Pi digital interface board with their own operating system image. It was anyone’s guess as to which worked and which was the “best” option. None of them worked well or consistently between users. Pi-Star solved that problem by taking the MMDVM software that can “speak” many different digital modes and network types, implemented a web front-end, and supported nearly all digital hardware boards. Once I got the hang of Pi-Star, I became a fan. The site by KE0FHS is probably the most complete documentation “notes” of the Pi-Star in one place. It’s a good read and provides a lot of great information about Pi-Star. I came across it looking up how to do custom host files for private reflectors.

One thing Andy – MW0MWZ, who wrote the Pi-Star web configuration front end, pointed out on the website was the move to Raspbian Buster for version 4.1 has been “painful” – citing missing drivers in releases among other issues. My experience with Pi-Star 4.1 on a Raspberry Pi Zero W was also painful. I’ll preface this by saying I tried 4.1 on a Raspberry Pi 3B and had less problems. I have a ZumSpot GPIO HAT for the Raspberry Pi. On the Pi Zero, after booting the first time, I was frequently greeted with weird errors and timeouts trying to configure the hotspot. Some settings were not remaining after I “applied changes.” Selecting my ZumSpot HAT from the modem list and saving, I would get a subsequent message saying I needed to select my modem from the list. Doing this a handful of times it would finally save. I saw ‘gateway timeout’ messages on both the Pi Zero W and Pi 3 during the first configuration session. I was able to seemingly avoid the timeout and configuration issues if I booted the Pi-Star on the new SD card and didn’t touch or connect for 15 minutes. Plug-it in and walk away for 15 minutes.

Once I figured that out, configuration went smoother. The web interface, though, sluggish is a nice way to put it. On the Pi Zero W with a fully updated Pi-Star 4.1.2 install, making any changes on the configuration page would take (on average) 1:45 to save. That’s right, one minute and 45 seconds. This is unusable. I’m changing modes constantly. Think about a net you forgot about. If you have to turn off one mode and turn on another, that’s 1:45 right there. Needing to make further changes to the newly enabled mode (change previously used reflector or network), you’re looking at 5 minutes before you’re on the net – if you don’t screw up. Some nets are over in that time. In comparison: 3.4.17 is at a somewhat more tolerable 45 seconds to save using a Pi Zero. Running both versions on a Pi 3B was nearly identical at about 25 seconds after clicking apply.

CPU load was much higher using 4.1.2 on the Zero. I suspect the under-powered nature of the Pi-Zero, OS and kernel upgrades in addition to the updated code of MMDVM and associated modules is causing these delays. As popular as the Pi Zero form factor is for addon boards and portability, it’s just waaaaaaay to slow for me to be useful. Not making configuration changes in the dashboard you won’t notice these issues so much because it runs fine otherwise. Stick with 3.4.17 on a Pi Zero or consider moving to a faster Pi like the 3B if you need 4.1.2 features now.

K8JTK Hub – now with P25 & NXDN

A quick update on my interlink system pet project, K8JTK Hub, I was able to add two more modes: NXDN and P25. Both are TG 31983 using hotspots or repeaters running the MMDVM software. If I include Wires-X (because it’s not full-time), that’s 6 digital systems and 3 analog systems – a total of 9 – that can communicate with cross mode interoperability. Being part of the AmateurLogic.TV net on Tuesday evenings, I determined packet loss was causing frequent data drops and disruptions. I moved the system to a new provider and that has remedied the problem. The net right after saw a significant improvement in data stream reliability. Huge thanks to the AmateurLogic guys allowing their net to be a load test of the system. They have a lot of fun with it as participants check into the net multiple times testing different modes. The Hub is open for all to use and for testing setups, all the ways to get connected are available here.

Field Day Bonus Points

Field Day will likely be completed by the time you read this, keep this in mind for next year. Sending 10 messages over RF from your site gets you 100 bonus points – including Winlink messages. I love to receive messages about your setup, stations, operating, or social activities taking place. These can be sent via the National Traffic System (NTS) or Winlink – K8JTK at Winlink.org – to my station. The Field Day rules state messages must leave via RF from the site (7.3.6). It does not state “formal messages” be in any particular format or utilize any particular network. A message to the SM or SEC must be in radiogram format and leave via RF or no credit will be given (7.3.5). If there is any question or problems, send the message using the NTS network or Radiogram form in Winlink.

With July around the corner, if you’re looking to do something while flipping burgers at your 4th of July picnic, my favorite event is the 13 Colonies Special Event which will be on the air July 1 – 7.

Thanks for reading and 73… de Jeff – K8JTK

Amateur Radio, ARRL Ohio Section, Computing, Ohio Section Journal

Ohio Section Journal – The Technical Coordinator – May 2020 edition

May 24, 2020 Jeffrey Kopcak

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

Now without further ado…

Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

Well, this stay at home thing seems to have run its course – beginning week 11 soon. Unless you’ve been under a rock, you know by now Dayton Hamvention was canceled this year. First time ever in its history. Weekend events that had the resources were virtualized such as Contest University. Some vendors and manufactures ran Dayton specials regardless of the lack of a physical showing. Technical Specialist Bob – K8MD pointed out that one of the retailers ran a special on D-STAR repeater components for $299 apiece. That meant a full stack (controller, 2m voice, 440 voice, 1.2G voice, and 1.2G data) could be purchased for about $1,500. Wow. Just ONE of those items cost about that much retail. Is ICOM feeling the pressure from the Yaesu repeater giveaway, DMR, or is D-STAR II around the corner? Hmmm…

Unfortunately, I’m starting to see on-the-air happenings return to previous levels. I guess that means people are returning to work, going out more, and returning to their normal. For me, I knew early on I wanted to utilize the hunker-in-place order to knock out some long-standing projects and “to-dos” of mine. Others had the same idea.

Among my list of annoying issues was a problem with one of my Fedora systems. As I’ve written about in the past, I made the switch to Fedora Linux as the primary operating system on my desktop and laptop. Fedora is a cutting-edge operating system and employs a very aggressive release and end-of-life schedule. The project releases a new version twice a year in April and October. When a new version drops, they mark the version two behind it as end-of-life. Fedora 30 released in April of 2019 means Fedora 28 went end-of-life one month after that date, May 2019. No bug fixes, no package updates, no security enhancements. And everyone complains about Microsoft ending life of a 10-year-old OS. Well, I knew what I was getting into.

Fedora 31 released at the end of October, 2019. I usually wait 2-3 months for the major problems to be ironed out and updates made available before I upgrade. When I tried to update to 31, I ran into a problem. Using the Fedora 31 Live CD or doing the automatic upgrade, the boot process would hang on this line:

A start job is running for Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling

This process neither finished loading nor failed to load after any amount of time. Off to the Internet I went. Searching “Fedora 31” and the message above brought me to a couple bug reports and forum posts about the same message. Unfortunately, none of the suggestions got me past this problem. Due to life and other responsibilities, I put it aside secretly hoping Fedora 32 would have fixed my problem, saying I would upgrade from 30 to 32. I saw Fedora 32 beta was available (now a full release) and downloaded the Live CD. Problem still existed. Darn!

Since this occurred during the boot process of both the Live CD and after upgrading a previous installation, I couldn’t look or pull stored logs easily to see if those provided any clues as to why the process was hanging. Live CD images are the lifeline go-to when the installed OS on the hard drive wont boot. In addition to installing the OS, they are used as a rescue method to repair a borked install. I couldn’t get the Live CD to boot so I was in trouble if this system ever became unbootable because I’ve never *cough* have done something that *cough* *cough* caused my system to become unbootable…

Storage server supporting RAID (Wikipedia)

The forum post above gave me a clue and I started exploring this as being an issue with my RAID array. RAID stands for Redundant Array of Inexpensive (or Independent) Disks. It’s a technology that combines multiple physical disks into logical units for redundancy, performance, or both. I tried messing around in the BIOS disabling other arrays, that didn’t work. I thought maybe something in the RAID information written to the disk was causing a problem. Backed up everything on the array and deleted it. Deleting a RAID array destroys all data on those disks!! When I recreated the array, the Fedora 31 Live CD booted! Problem solved!!? Yeah, no. It would boot successfully once then hang on subsequent reboots or after being installed to the hard drive.

After screwing around with it even more, I finally searched “Fedora 31 Intel RAID array LVM2 dmeventd” and found this bug report and how to work around the exact issue I was having. Whoo Hoo! Problem solved, well workaround provided. It took a while to get there. Simply searching a message, error, or problem may not return the most relevant search results for your issue. You might have to dig at it a bit by gathering other information to determine the real reason or peel back the right layer to discover the correct answer.

Work around involved masking the lvm2-lvmpolld.service via kernel load parameters and at the command line after install. Masking creates a link to the Linux blackhole /dev/null device so the service cannot be started by systemd or dependencies. The service is a polling system for the Logical Volume Manager (LVM). After all that, I was finally able to get Fedora upgraded to 31! Just in time as version 30 was about to go EOL. I noticed the data consistency validation scan no longer automatically occurs on the arrays, which is likely related to disabling the service. I initiate it manually every couple of weeks. The problem of not being able to boot has an active bug report that’s assigned. Hopefully gets attention from a developer and fixed.

Windows 7 Users: Take Heed

It’s become more imperative that you move to another operating system like Windows 10, Linux, or utilize a 3rd party patching service like 0patch. Unlike Windows XP’s end-of-life, there were not too many critical issues shortly after EOL. Microsoft did release patches for ‘really bad’ issues. XP, and any OS, always have an unknown number of undiscovered security problems. We were not so fortunate to run with Windows 7 as long without discovering major problems. There have been a number of significant critical issues each month since Windows 7 went EOL that affect Windows 7, 8, and 10, for which Microsoft has not (and likely will not) patch Windows 7.

My February OSJ article has information about how issues can affect ‘all versions of Windows’ and information on 0patch. March OSJ article covers upgrading to Windows 10 for free and check my Linux information article for choosing a Linux distribution. A reader previously tried to argue that exploits resided in browsers. Since the last official update for Windows 7 in January, these critical exploits are largely operating system based: ActiveX, Windows Installer, Graphics Interface, font rendering, and shortcut handling (.lnk files) with many being 0-day, meaning they are actively exploited in the wild. Could be a result of someone that has physical access to the machine, an application the user thinks are legitimate or an app that comes bundled with crapware/malware, or polled by an infected device on the network.

This month alone, 111 security holes were patched, 16 being critical, in supported Windows operating systems. Makes you wonder why anyone is still using a Microsoft Windows OS. Lack of software support and learning curve are probably the biggest. I have a few uses for Windows, ugh – thank you streaming services and your stupid ‘copy protection.’ Microsoft is looking at ‘containerizing’ the Win10 operating system. The belief being when a software component fails to update or creates a problem, it doesn’t affect other parts or crash the entire operating system – separate containers that only affect themselves. Or maybe Microsoft should focus on getting the operating system stable instead of “feature updates” no one cares about. </end rant>.

AmateurLogic.TV Sound Check Net

One of the nets created since the stay-at-home order is the Amateur Logic Sound Check Net. Amateur Logic.TV is a long-running monthly podcast featuring the latest in ham radio. There have been 5 nets so far. I became involved with the net because they wanted the ability to link D-STAR and DMR users to their EchoLink net. I was able to offer up my Digital Voice Multi-mode Interlink System Hub. Started utilizing only those three modes but quickly expanded to incorporate all. Users have checked in using all the modes each week, including Wires-X.

Previous net announcement with NCS K8JTK!

The AmateurLogic guys are using a local repeater in Mississippi connected to an Echolink node. I connect to their Echolink node and transcode audio to and from other modes: AllStar Link, Hamshack Hotline, D-STAR, DMR, YSF, and Wires-X. It has performed well as it mostly lives in the cloud and has data center level resources. Users and sponsors of the net have been impressed with how well it works and grateful to experiment with many modes to reach the net – one of the few, if not only, taking Hamshack Hotline checkins.

I was net control MC for a couple of their nets. It was my longest and most amount of checkins with about 40 at nearly 2 hours for a net. The net is on Tuesdays at 9pm eastern and should be running for at least a couple more weeks. Net can be reached by connecting to any of my hub nodes or checking ALTV social media for other connections. Everyone is welcome!

Thanks for reading and 73… de Jeff – K8JTK

Amateur Radio, ARRL Ohio Section, Computing, Ohio Section Journal

Ohio Section Journal – The Technical Coordinator – April 2020 edition

April 26, 2020 Jeffrey Kopcak

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

Now without further ado…

Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

Stay at home: day 42. Continuing to work from home. Haven’t seen co-workers or friends in a month and a half. Regular lunch outings and after work happenings have long since terminated. Virtual meetings and conferences have replaced in person interaction. Participation in Ham Radio activities is on the rise! Nets are seeing higher check-in counts than they’ve ever seen. The curve is rising for digital modes and logged contacts.

Are we all having fun yet during Corona Fest 2020?

As people are forced to work from home due to closures, companies are utilizing videoconferencing services to keep in touch with employees and teams. These are now methods for coordinating efforts and relaying the latest to employees about the status of their company. A videoconferencing solution was likely available for employees to interact with remote team members or vendors world-wide. Now, those services are utilized all-day, every day. My company decided to begin the transition from WebEx to Microsoft Teams for meetings. I liked WebEx and it generally worked. MS Teams, well it’s part of Office 365 and that’s probably down again. Corona Fest is forcing usage of these collaboration solutions, not only companies but social organizations that previously met in person. These include popular names like Skype, Google Hangouts, and Zoom.

Those who value open sourced solutions should use Jitsi or Jitsi Meet to hold meetings. The service is completely free and open-source where anyone can look at the source code of the project. The difference between Jitsi and Jitsi Meet: Jitsi is a roll-your-own solution meaning you can download server packages or code and deploy an instance however you want. Jitsi Meet Online is an extremely easy-to-use alternative solution for holding meetings – with no installation required.

Settings up a meeting is easy as visiting the Jitsi Meet Online link, create a name for the meeting, click Go, set a meeting password, then send out the meeting URL or phone numbers to participants. A meeting can be created in a matter of seconds! Yes, POTS phone service is available as part of the meeting for free. Note, plain old telephone service audio options will not be encrypted due to the nature of the technology. There is nothing to download for desktop PCs with a web browser and most smart devices. Smart phone apps are available for iOS and Android including the F-Droid store. Functionally, Jitsi Meet offers the same features as the others: video, audio, chat, and shared desktop.

If I had to pick one thing that I don’t like about Jitsi it is the use of WebRTC. Web Real-Time Communication is also a free and open-source project that provides web browsers and mobile applications with real-time communication (RTC). WebRTC is included in all modern browsers and enabled by default in most. This technology allows audio and video communication to happen without the need

to install additional plugins or apps. Makes it very easy. There are a couple problems with WebRTC in highly privacy focused implementations. One problem is the communication is direct, peer-to-peer. This makes it possible for a skilled individual to learn real Internet Protocol (IP) addresses even while the other is utilizing a VPN. Use of a VPN can allow a user to appear as though their traffic is coming from a different IP and aids in masking actual location. Corporations use VPNs to establish secure communications from their network to their endpoint devices over networks with unknown integrity. Another problem is that end-to-end encryption is not possible with WebRTC. Jitsi addresses this issue in their security document. End-to-end encryption (also abbreviated “E2EE”) is a method where only the communicating users can read messages exchanged, preventing eavesdroppers anywhere along the communication path.

I wish people used better tools such as Jitsi. That’s why there’s choice. I would use this for any meetings I hosted. It seems like a really good open-source alternative to the other solutions.

Zoom became very popular very quickly, almost overnight. It was even recommended right here in last month’s OSJ. Attacks and threats emerge as a result of that popularity and pose risks for users and clubs who are using these services to host meetings. Cyber criminals are crafting email messages to steal logon credentials and packaging malware to look like a Zoom meeting installer.

For most of us, club meetings are not doing anything that’s overly sensitive with Zoom. Some organizations (companies, agencies) banned the use of Zoom citing flaws in the encryption implementation making it easy to exploit and three Chinese companies develop the applications. These should be taken into consideration but there has been no evidence of influence resulting from these issues. Zoom should be commended, though, due to their responsiveness in correcting vulnerabilities and privacy issues that have been discovered in recent weeks.

Free for accounts, everything is managed by the Zoom cloud, including encryption keys. Data is encrypted between the clients and Zoom servers. However, audio is not encrypted if a paid account is using the POTS phone line options.

Shortly after its popularity exploded, so did the number of unwanted participants in meetings leading to the term “Zoombombing.” Having someone crash a meeting is obnoxious and an unwanted disruption. Examples of this have made the rounds where Zoom sessions were hijacked by individuals saying or showing things that are lewd, obscene, racist, or antisemitic in nature where everyone in the session can see or hear. Students themselves conspired to have pranksters harass teachers in their online classes. Others utilized ‘Wardialing’ tools to discover unsecured Zoom sessions. Wardialing is an early hacking term where every number in an area code was dialed to find computers, bulletin board systems, servers, and fax machines. The resulting list would be used to guess login credentials and gain unauthorized access to those systems. One person I know had her yoga session crashed by an individual cursing and displaying symbols associated with the National Socialist German Workers’ Party. I have not heard about any disruption to ham radio club meetings.

There are steps the organizer can take or have someone else follow the directions in the Zoom support articles to prevent these issues. Not all of these configuration recommendations are needed for every meeting, follow ones applicable to that meeting. For example, you may not want to lock a club meeting from participants but instead use a waiting room approach.

Latest version: ensure participants are using the most recent client version. In April alone, there have been three updates to the Windows client.

Meeting password: posting a meeting link to social media will draw attention. Send the event password to known users through a direct message or other means where your participants are known.

Waiting room: virtual staging area for guests and participants until you’re ready for them to join.

Manage participants: remove any participants that should not be in the meeting and set who can share their screen.

Disable video, file transfer, annotations, and private chat: cut down on distractions, unsolicited content, or messages as needed.

Accidental removal of a participant: a booted user cannot rejoin a session using the same email address unless a few settings are changed.

Put participants on hold during breaks: attendees audio and video can be disabled during lunch, bio breaks, or private moments.

Video recordings: exercise discretion when recording content and know where that content is stored. Paid customers have the option to record a meeting to the cloud.

Following these tips can lead to a successful, uninterrupted meeting.

I saw a posting by the developer of the MMDVM software, Jonathan – G4KLX. Digital hotspot and repeater owners should follow these guidelines.

This message contains important information that I want disseminated far and wide please.

I have been approached by the people who run aprs.fi and REF001/REF030 (not the same people) about problems being caused by hotspots. This is down to usage and I hope that people will act on this information:

1. APRS, it is important that when configuring your hotspot, that you ensure that the suffix used for accessing aprs.fi is unique. For example if you use more than one hotspot, then ensure that for every mode and for every hotspot, the aprs.fi access callsign is unique. This is usually done by specifying a unique suffix to the callsign used by the hotspot. If more than one hotspot attempts to access aprs.fi with the same callsign+suffix combination, the first one is thrown off, and the new one connects. In the meantime the original one tries to connect and throw the new one off. This can happen multiple times per second, and is causing problems for them. Please, please, please, look at your configurations and if you have a duplicate, change one of them.

2. REF001/REF030, apparently the network load on these D-Star reflectors is now very high due to the number of hotspots connecting and staying connected. Could you please consider changing your gateway configuration so that you disconnect after a certain period of inactivity (this means local RF activity) so that they aren't overloaded. I know we like to listen out for activity, but we must also realise that D-Star popular reflectors const money to run, and that includes network and processor usage. A quick look at their dashboards will reveal the problem, they're huge.

Jonathan G4KLX

Set unique SSIDs for APRS on different modes and on different hotspots. Finding where APRS information originates isn’t always easy with hotspots. The OpenSPOT 1 has a location information box in settings but it is not transmitted directly by that device, rather Brandmeister pushes that information to the APRS network. Disabling APRS data on the Pi-STAR requires editing the config files and setting priority messages in Brandmeister. The priority message solution should work for OpenSPOT devices too.

ZUMSpot on Raspberry Pi Zero compared to a quarter

Unlink from reflectors, talkgroups, and systems when you’re not using them, especially ones with large numbers of connected users. Users are apparently leaving their devices connected to popular reflectors ting up bandwidth and resources unnecessarily.

To put this into perspective, when I looked at REF001 there were 850 remote/hotspot users connected, about the same on REF030. A mere 12 had transmitted since they were connected. A 5 second transmission is about 9KB worth of Internet traffic. Multiply that by 850 connected devices, that’s 7.6MB of traffic in 5 seconds to connected hotspots, many of which are not being used. That’s an estimated 80 gigabytes or so for an hour-long net. There are ping/heartbeat packets to all connected devices even when the reflector does not have an active radio transmission taking place.

Please check your hotspot APRS configurations and disconnect when not in use.

K8JTK Hub Interlink System

Anyone wanting a place to meet-up for checking on friends and fellow hams or looking for something to do can use a system I’ve been working on the last few months. Currently, it offers 6 full-time ham radio VoIP modes interlinked for interoperability. Ways to access the system:

EchoLink: K8JTK-R 233196
AllStar Link: 50394
Hamshack Hotline: 94026
DMR: Brandmeister TG 31983
D-STAR: DCS/XLX983 A
YSF: K8JTK Hub 17374

Since I’m working from home, I’ve linked up my Wires-X room: K8JTK-ROOM 40680

More information or updates on the system: http://www.k8jtk.org/ham-radio/k8jtk-hub-digital-voip-mutimode-interlink-system/

Thanks for reading and 73… de Jeff – K8JTK

Amateur Radio, ARRL Ohio Section, Computing, Ohio Section Journal

Ohio Section Journal – The Technical Coordinator – March 2020 edition

March 29, 2020 Jeffrey Kopcak

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

Now without further ado…

Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

Now that we’re all sequestered to our homes, what the heck do we do to not go iNsAnE? Idle down time is an opportunity to learn something new, catch up on lingering projects, or improve operating skills – all while staying sane. Improve operating skills can mean getting on the air, making conversation with new friends, checking in on our brethren, or practice being a better operator.

Ideas for learning something new: study for a license or upgrade, learn a new mode or Morse Code, configure your station for digital modes and get on the OHDEN net, make or update a DMR code plug, setup a hot spot, configure a Raspberry Pi to learn Linux or Python, make an APRS RX IGate with an RTL-SDR, setup Hamshack Hotline, make an AllStar node, or learn about MakerSpaces and how we can draw like-minded people into the hobby.

Free time is a good time to tackle the “I’ll get around to it” tasks, aka “the to do list.” That maybe fix/repair/replace a broken antenna, spring cleaning of the shack, selling or getting rid of unused equipment, organize or clean out junk piles, install that new radio, configure the new radio, figure out a lingering problem, clean out old data files and documents on a computer, phone, or cloud storage account, or purge and clean out email messages.

Pirates

While everyone has downtime, not everyone is using it for good. I’ve received reports since the imposed staycation of what can be described as pirate “preppers” appearing on local repeater systems and simplex frequencies. Preppers, as they are often referred, sometimes called survivalists, “is a movement of individuals or groups who actively prepare for emergencies, including possible disruptions in social or political order, on scales from local to international.” Survival preparations range from job loss to stockpiling supplies to building self-sufficient structures. They appear to be “testing” and asking for text message signal reports from their buddies. The have also been holding informal nets on simplex frequencies. It’s funny they want to communicate off-the-grid but are using the grid to receive text messages. Obviously, they don’t present a call sign and do not properly identify. One can only speculate that they obtained a wonderful (read: crappie) BaoFeng radio for a couple bucks, figured out how to program it or are passing around a codeplug someone found or programmed for them.

When these stations appear, first kindly remind them they are using a licensed service and obtaining a license is easy. Provide them resources for obtaining a license through the ARRL study manuals, an online resource like HamExam or Ham Test Online. While they maybe illegally transmitting now, encouraging them to take a license exam will strengthen numbers and get them legal regardless.

If, after repeated attempts of encouragement to become licensed, they continue to appear on frequencies, politely ask them to immediately stop transmitting. Keep calm, cool, and collected on the air. DO NOT become irate. Continuing to transmit in this manner qualifies as willful or malicious interference. Do not engage them further. Contact the repeater owner or control operator and see if disabling the repeater is an option. If shutting the repeater is not desired, see if the owner wants you to document incidents. If they do, you are the repeater owner/control operator, or they are using a simplex frequency, record audio as part of documenting process. The FCC requires specific information that includes dates, times, and frequency(ies). Audio recordings dramatically strengthens the case. A VOX activated recording program with logging, such as Scanner Recorder, and feeding the audio into the computer from the radio’s speaker jack makes this easy. Scanner Recorder automatically logs the date and time of the recordings. Verify the audio is clear and understandable by doing a sample recording.

Locating the offending station will take some work. Contact someone who has access to direction finding equipment. Some of our Technical Specialists have access to this equipment. KerberosSDR is a low-cost direction-finding alternative option which employs four RTL-SDR devices. There are a number of YouTube videos on setting up and using the KerberosSDR on their site. It might be “good enough” but not as good as professional equipment.

Do not indicate to the other station they are being tracked or located as they will likely cease transmissions, preventing an accurate location fix. Multiple readings and triangulation techniques will be utilized to pin-point the origin. If a location is determined, DO NOT engage. Document the findings and file a complaint with the FCC. Local authorities will likely be of little help unless one is active in the ham community and really understands the situation.

Windows 10 Free Upgrade

I ran into my neighbor, John WG8H, who is a long-time friend of my dad, at a local hamfest before they were all canceled. He said ‘I read your article on Windows 7 but couldn’t find anything about taking advantage of the Windows 10 free upgrade.’ I found references online that indicated the upgrade was still active and available but had not gone through the process recently. Figured the ‘out of support’ messages that appeared in Win7 would instruct a user how to do this. They did not.

Officially, the free upgrade program has ended. However, this process gave me an upgraded version of Windows 7 to Windows 10. It’s really in Microsoft’s best interest to have as many machines upgraded as possible. Check this forum post for more details or if you run into issues. As always, backup first! On a Windows 7 machine you wish to upgrade, it must have Internet access.

Go to: https://www.microsoft.com/en-us/software-download/windows10
Under “Create Windows 10 installation media,” click Download tool now
Signed in with an administrator account, run the downloaded Media Creation Tool on the local machine. “Run as administrator” will not work and it will tell you to sign into an administrator account first.
When the tool starts up, accept the license agreement
On the “What do you want to do?” screen, select Upgrade this PC now
Click Next
Follow the rest of the on-screen prompts to completion

I was testing on a machine that had an unsupported Win10 driver. If this message appears where drivers are not supported in Windows 10, I clicked Confirm and it proceeded. Upgrade these afterwards.

When the upgrade to Windows 10 is complete:

Click Start
Click Settings (gear)
Click Update & Security
Click Activation
Confirm the resulting window shows “Activation: Windows is activated with a digital license.” If activation failed, there was not a valid key installed on Windows 7 prior to upgrade.

Click Windows Update and apply updates – including the cumulative optional updates.

To tie the activation to you and the PC requires signing into Windows 10 with a Microsoft account. On the Settings home screen, click Accounts and follow the links to create a Microsoft account or login to an existing account. Otherwise, try following Reactivating Windows 10 after a hardware change if activation fails after a reinstall or hardware change.

It might be possible to update a Win7 machine that does not have Internet access by selecting the Create installation media option when prompted in the Media Creation Tool. Though I did not validate this.

K8JTK Hub Interlink System

EchoLink: K8JTK-R 233196
AllStar Link: 50394
Hamshack Hotline: 94026
DMR: Brandmeister TG 31983
D-STAR: DCS/XLX983 A
YSF: K8JTK Hub 17374

Since I’m working from home, I’ve linked up my Wires-X room: K8JTK-ROOM 40680

More information or updates on the system: http://www.k8jtk.org/ham-radio/k8jtk-hub-digital-voip-mutimode-interlink-system/

Thanks for reading, stay sane, and 73… de Jeff – K8JTK

Amateur Radio, ARRL Ohio Section, Computing, Ohio Section Journal

Ohio Section Journal – The Technical Coordinator – February 2020 edition

February 23, 2020 Jeffrey Kopcak

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

Now without further ado…

Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

Well. Windows 7 reached end-of-life on January 14, 2020. Systems didn’t meltdown. Internet is still running. The world didn’t end. Reaching “end of life” in Information Technology verbiage means the vendor no longer supports the software (or hardware in other cases), won’t provide security updates, and won’t fix bugs or problems. End-of-life (often abbreviated “EOL”) also implies there is a more recent version or iteration that is supported for those things mentioned above. Supported as opposed to the developer throwing in the towel or the company going out of business where there are no updates for other reasons. Windows 7 was my favorite version of Windows – the look and feel was nice, functionally made sense, and it was fast. Reality is that computers running Windows 7 will continue to work as they always have, but start considering alternatives.

No: Windows 7 will not stop working, you don’t need to run out and buy a Windows 10 computer, your files won’t be removed, past Windows 7 updates won’t be pulled from Windows Update, ISPs won’t disconnect you from the Internet for using Windows 7, caches of Windows 7 exploits will not be unleashed.

As with all past Microsoft operating systems, patches and updates will be available on their website and through the Windows Update service for all EOL operating system versions. An install of Windows 2000 can still receive all updates until it went EOL. No updates will be available to implement the latest in encryption enhancements, support newer hardware or protect from newer exploits found in the OS. One thing to note about Windows 7 is there were updates to the Windows Update process during its lifetime. You will run into problems updating a fresh Windows 7 install through the regular Windows Update process.

Your ISP won’t disconnect you for using older versions of Windows. The company you work for will most likely update your machine if it hasn’t been done already. This depends on license and support agreements with Microsoft or reseller. Most companies actively replace equipment to comply with those agreements, replace depreciated assets, and keep equipment current as a way to mitigate exploits that propagate through older operating system configurations.

Yes: you need to stop using Internet Explorer, you can still get the free upgrade from Windows 7 to Windows 10 (for now), you can dismiss the full page Windows 10 update nag screen, you need to patch Windows 7, extended patches from Microsoft are available for a fee, there are third-party alternative patching systems; software, devices, and browsers will continue to work, most programs will still support Windows 7 – at least in the short term.

For the love of all that is holy, stop. using. Internet Explorer. Not only is it riddled with bugs and security flaws, Microsoft keeps flailing round with standards even in Microsoft Edge, which is never a good sign. Chrome is the market leader at over 80% and reports suspected security issues to Google for mitigation or blocking in the browser. However, if you’re not a fan of “the Goog” knowing everything you view on the Internet or heavy-handed implementations in the name of security, alternatives are: Firefox the favorite with Linux users, the privacy focused Brave browser, or Opera if you want to be a one-percenter.

Microsoft offers extended patching (with associated fees) for Windows 7, usually for corporate customers. Consumers can get in on the action but they make it very complicated. Third-party patching is available through companies such as 0patch. The service is free for personal use and non-profit educational use. There are good reviews and many recommendations to use this service. Using these services requires a certain level of trust leaving the responsibility of fixing complex programs to a third-party – because we all know Microsoft has NEVER had problems getting their updates right.

Early Microsoft Windows 10 free update notification aimed at tricking the user into installing software they don’t want, similar tactics are used by spyware authors

The nag screen which recently started (re)appearing for Windows 7 users, reminding them to upgrade, can be dismissed. Click the text that says “Don’t remind me again” – and it actually seems to work as opposed to the weird mind games that were played during the initial push after Windows 10 was launched. Displaying this message raised awareness and reminded users about the impending DOOM of end-of-life. Continuing to offer the free upgrade is an incentive for moving users to a supported OS. Netmarketshare shows Windows 7 utilization is still around 25-30% or about 1-in-3 computers still runs Windows 7.

I was contacted by Jeff – KA8SBI who felt there was a lot of F.U.D. about Windows 7 EOL in the media and he is content using his Windows XP machine. He pointed out “A lot of security flaws have been in the browser.” A small number of browsers still support XP. Anti-malware and anti-virus programs still offer older operating system support as well.

Here’s the argument against running old and outdated crap on the Internet. I am of the school of thought that if you’re connecting any device to a larger network (ie: the Internet), that device (computer, Raspberry Pi, router, switch, server, security camera, TV, printer, DVR, repeater, hotspot, phone, car) must have currently supported operating systems and software. It is each user’s responsibility on the network to be good citizens, follow best practices, and not act as a conduit for spreading malware and exploits. The most effective way to do this is by keeping devices updated and current.

The argument can be made that ‘manufacturers force consumers to buy new devices by not providing any updates.’ Everyone wants their stuff cheap and buying cheap crap leads to these problems. Manufactures barely break-even on most devices let alone leave any extra for updates beyond initial device release. Consumers want to use the device well beyond its serviceable life too. A report released by the Commerce Department outlined things manufactures should do to reduce the number of attacks. It made some good points but was mostly vague [updated link for the report].

Jeff’s point about third-party anti-virus and anti-malware programs that still support XP is a valid one and will help. I stopped and don’t recommend using third-party anti-virus because they were found to downgrade the security of an encrypted session, like ones established during financial transactions, interacting with health care providers, or really almost all Internet communications today.

Remember, though, nothing is ever 100% secure. Secure just means there are no known vulnerabilities – until a researcher or hacker finds one. To Jeff’s point about the flaws being in the browser, the number that exist in the underlying operating system and supporting technologies including OS kernel, .NET framework, Office, database engines, media players, and graphics interpreters are just as important. Microsoft has never completely rebuilt Windows from scratch which is why vulnerabilities often apply across all versions of Windows. It’s the same underlying computer code. Search for stories about important Windows patches. It will often include some verbiage like ‘affects all versions of Windows.’ Some exploits are deemed so bad that Microsoft actually went back and patched some EOL versions, like XP. That does not mean there are no other vulnerabilities because there is no patch. Microsoft is not spending resources on an 18-year-old piece of technology. Non-patched issues still make a system vulnerable and less secure overall.

Ransomware is malware that encrypts files of importance on a system. That is things like downloads, programs, documents, PDFs, spreadsheets, pictures, movies, intellectual property, databases, or public records on local and network attached storage devices. Encryption renders these files unreadable and unusable. The malware then demands a ransom payment to obtain the decryption key and restore files to their usable state. Ransomware is lucrative for the bad guys because no one has effective backups of their data. Various companies, schools, health care, manufacturing, oil and gas, infrastructure, and municipalities have all been infected with ransomware and often pay the ransom. It is an economic trade-off between how much of a payment are the bad guys demanding versus time and effort it would take to restore their systems. Do a search for “ransomware attack” in your favorite search engine and browse the stories to get an idea of the scope and effectiveness of ransomware.

One thing that caused me pause around the details of the ransomware attack on the Georgia Department of Public Safety was a comment about the communication systems being affected. Believe it or not, their old radio system was still functional. This got me thinking about the radio system that covers the state of Ohio or regional systems and how they could easily be taken offline because of this type of attack. I have no knowledge of any instances where these systems were involved in such an attack – this is simply theoretical. As evidenced by the news story, it’s realistic to believe these attacks can take down a state-of-the-art radio communications system. Could be due to a targeted attack, a single computer where someone clicked a malicious link, someone viewed an infected attachment in a dispatch center, or even because of an infected authorized vendor or reseller of radio equipment for the system. Target anyone? It was an HVAC vendor that was compromised which lead to Target’s massive credit card breach. How many public service agencies still have their old/analog communication systems functional to fall back on if something like this took place?

Ransomware infections are utilizing and spreading through the EternalBlue exploit and BlueKeep exploit. EternalBlue, in particular, is present in all versions of Windows (see?) back to Windows 95!! It targets and attacks weak configurations of the SMB (Server Message Block) protocol used for sharing files, printers, and devices between hosts on a network. Microsoft has patched all versions back to Windows XP, even though XP is EOL. Win95, Win98, WinNT, and Win2000 were never patched and won’t be patched. The EternalBlue vulnerability still exists in fully patched systems running those operating systems.

I will keep using Windows 7 in the shack and as my Virtual Machine OS when I need a Windows VM. It will get replaced eventually. The reason I replace it will probably come due to loss of functionality, loss of application or hardware support for a particular program or device I want to use. Firefox was noted for supporting older operating systems. However, after 3 years of extended XP support, Firefox dropped support due to low usage and significant development time being devoted to working around issues in the operating system instead of providing enhancements on supported platforms. Sooner-than-later Windows 7 support will be dropped in favor of more recent and supported platforms.

Don’t have to jump ship on Windows 7 now unless there is a specific reason. Maybe a new computer device purchase is imminent, which will include Windows 10. Or if it’s desired to still use the old machine, maybe consider a move to a supported version of Linux!

Windows 7 is dead, long live Windows 7!

2020 ARRL Great Lakes Convention

The Great Lakes Division Convention and Hamfest 2020 sponsored by the Toledo Mobile Radio Association will be here soon. It is a two-day event with ARRL Great Lakes Convention Forums on Saturday, March 14, 2020 followed by the Toledo Hamfest on the 15th. I’ve been asked to give two presentations back-to-back on Saturday. Tentatively, the first on the Raspberry Pi and how it became a popular device with makers followed by NBEMS philosophy. I’m very proud of both presentations. The NBEMS philosophy has been presented as training in the Ohio Section and adopted by other ARES groups in other Sections. Details, locations, times, and tickets are all available on the convention’s website. Hope to see you there!

Thanks for reading and 73… de Jeff – K8JTK

Amateur Radio, ARRL Ohio Section, Ohio Section Journal

Ohio Section Journal – The Technical Coordinator – January 2020 edition

January 26, 2020 Jeffrey Kopcak

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

Now without further ado…

Read the full edition at:

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

Hey gang,

What the heck is Hamshack Hotline? As you might have guessed by the name, it may have to do with a Ham’s shack and phone calls. Good guess because that is correct! Hamshack Hotline, often abbreviated HH, is a free VoIP telecom phone service put together for the ham radio community by hams. Similar services to Hamshack Hotline offer regular telephone service via VoIP (Voice over IP) but charge monthly, per minute (albeit small) fees and regulatory fees. Hamshack Hotline offers a way to enhance or augment communication between hamshacks, Emergency operation centers, National Weather Service Skywarn spotters, club members, and allow experimentation with VoIP devices and protocols.

John – K1WIZ got together with some ham buddies and decided it would be neat to experiment with an IP PBX service and started Hamshack Hotline in February 2018. An IP PBX service is an Internet based Private Branch Exchange. PBX’s were on-premise solutions used by businesses to provide internal communications. This allowed employees to pick up their desk phone handset, headset, or activate the speakerphone, dial an extension, say 2-4 digits typically, and connect to another employee’s desk phone. This was very useful during times when making outside calls was very costly. There wasn’t always “free calling.” Companies and households would be charged per call or per minute. A local PBX would interface with the public switched telephone network (PSTN) provided by a national, regional, or local telephony carrier allowing employees to make calls to any other phone number. Today, PBX services are almost all IP or packet-based systems and providers are cloud based meaning the Internet provides connectivity. Advantages include cheaper service, more features, and more connection options including mobile phone connectivity with an app.

Built on Asterisk, the same platform used for AllStar Link in Ham Radio and Small-Medium Business (SMB) phone systems, Hamshack Hotline offers traditional telephony functionality like full duplex phone calls, direct extension dialing, voice mail, notifications, Email notifications of voicemails, device flexibility, and FAX. There is no PSTN access through Hamshack Hotline. An amateur radio license is required limiting access only to licensed radio operators. A hard phone (also called a Desk Phone) which interacts with a configured phone service provider or providers and an Internet connection is required. Yes, the Internet is required to use system features and to make calls – as with any IP phone service. Wired is somewhat more reliable when cellular circuits get overloaded, though any Internet IP connection can be used as connectivity. When using Hamshack Hotline over costly bandwidth connections (such as cellular or 4G) during a call, data is always being exchanged at about a rate of 66 KBits/sec each direction, for a total of 120 KBits/sec. This includes quiet periods or when the phone is on mute. Data is constantly flowing during the duration of the call.

Architecture of Hamshack Hotline has changed over the years as popularity has grown. There were around 650 lines two years ago and 850 at the beginning of last year. HH Phone book shows just under 1,400 lines as of this writing. Most are located in the US with 3-5 new lines added per day. All servers are “trunked” together, meaning all can dial extensions on other servers and be connected. Today there are 4 servers: HHUS serves the US and Americas, HHEU for Europe, and HHAP in Hawaii serving Asia Pacific. These servers are for approved and supported devices of the service.

The fourth is HHX run by Jeff – VA3ISP and is the “experimental” server. Experimental requires much more knowledge of PBX and VoIP systems. It offers the ability to integrate unsupported endpoints like Polycom, Grandstream, and softphones using an app called Groundwire on Android and iOS. Credentials to the experimental service are provided and that’s it – no Help Desk or device support. To use the experimental service for a softphone, a hard phone line MUST be established on the network first.

Like traditional phone services, Hamshack Hotline offers Bridges which are similar to round-table conference or web conferencing services. They offer simultaneous full-duplex conversation, as opposed to half-duplex of most ham radio operations. Bridges can be public or private requiring PIN access to an executive board conference, for example. Both Hamshack Hotline and AllStar Link are Asterisk based. Allstar nodes can be connected as an “RF link” using Asterisk dial strings. AllStar can be connected to RF transmitters for ham radio and can act as radio-less hub nodes. A phone user in an EOC or local weather office can connect, listen, and interact with RF connected users through AllStar Link.

… It is Hamshack Hotline you’re looking for

Before we get too far down the road and I start hearing the cries of ‘this is not ham radio.’ Hamshack Hotline does not intend to replace any communication methods. Most hams stop at ‘when something uses the Internet, it’s not ham radio.’ It’s ham radio to me if it’s putting out RF. Hamshack Hotline doesn’t put out RF at its core so it doesn’t fit my definition of ham radio. Intent of this service is to “augment” methods by conserving primary communication channels – keeping them clear, placing back channel and managerial chit-chat offline. Aside from a way to chat with friends, the service is geared toward public service events and incidents where Emcomm is needed (flooding, power outage, weather events) and Internet communications are still possible between two endpoints. Additionally, it can automatically send voicemail blasts or paging instructions for an EOC activation, coordinate Skywarn activities, or simply notify members of regular club meetings. It also benefits those who are restricted from antennas in condos, apartments, or HOAs. Hamshack Hotline works well over ham radio MESH networks if there is an Internet route in and out of the network.

Section Technical Specialist and ARES Data Manager, Jim – W8ERW, has mentioned Hamshack Hotline many times in his OSJ articles. He has encouraged its use across the Sandusky and Seneca county areas. Hamshack Hotlines are installed in both EOCs and a conference bridge setup for event coordination. The phone bridge was used to coordinate events leading up to State Emergency Tests (SET) between team members. A curated list of import Hamshack Hotline extensions and bridge extensions is published and available to members as a quick reference.

Many of your Section Technical Specialists are on Hamshack Hotline: Bob – K8MD (who told me about HH initially), Tracey – W8TWL, Jim – W8ERW, and myself – K8JTK. Extensions can be found in the phonebook.

Ham Shack Hotline setup is easy and reasonably cheap. If you are thinking of joining, create an account on the HHOPS Helpdesk system and read through the Knowledgebase articles. There are some key articles that touch on issues such as satellite-based Internet connections and high latency connections which function poorly or not at all with the service.

First, purchase a supported phone or phone adapter. All can be found used on Ebay. The device must be UNLOCKED and factory reset. This is very important! Sometimes passwords are used to keep users out of messing with the configuration of their deployed phone in a business setting. Clearing those passwords are a low priority, if at all, before the equipment is removed, refreshed and resold. This will result in tracking down the seller for the password or, worst-case, loss of investment if the phone cannot be unlocked. A list of supported devices is listed in the Hamshack Hotline Knowledgebase here. If you don’t have an account, the list as of this writing with recent used pricing:

Cisco SPA-112 – 2 Line Analog Telephone Adaptor – $30-40
Cisco SPA-303 – 3 Line voip desk speakerphone – $30-50
Cisco SPA-504g – 4 Line voip desk speakerphone – $30-60
Cisco SPA-514g – 4 Line voip desk speakerphone – $30-90
Linksys/Cisco SPA941/942 – $20-30
Cisco SPA525G etc – $50-100+

K8JTK Hamshack Hotline – Cisco SPA-514g phone

The Facebook group and Mattermost chat service often have deals from members who want to resell hard phones to hams and is a place to obtain community support. Some phones feature Power over Ethernet (PoE), Gigabit Ethernet passthrough, or a color screen. A little research is required depending on desired features.

When the phone arrives, a ticket requesting provisioning of an extension is required. Open a New Ticket and select “HHUS (USA) New Line Request.” You will need to provide phone model, your call sign, the MAC address of the phone, and your location information for the map. A MAC address is a unique identifier of each network interface device. Technologies used in networking have unique MAC addresses including Ethernet, Wi-Fi, Bluetooth, and 4G interfaces. It’s easiest to take a picture of the MAC address sticker on the phone. If there is no sticker from the manufacturer, the MAC address can be found in the phone’s setup menu. Press the button on the phone that looks like a document, select item 10 Product Info, then 5 MAC Address. The web interface is another way. With the phone connected to the network, in a browser enter: http://<ip-address-of-phone>/ or http://<ip-address-of-phone>/admin/ . These may vary depending on phone model. If all else fails, look at the MAC, IP, or DHCP table in your router when the phone is connected to the network. Submit the ticket and your line will be provisioned with the next available extension number. The Helpdesk system is almost always shutdown during the holidays to give the support staff time off. Plan accordingly.

When the line is provisioned, a TFTP file will be created on their Helpdesk server with your phone’s MAC address. TFTP is an old way of sending a file to a device and often used as a boot configuration file for devices. This file configures the phone for use with Hamshack Hotline. The HHOPS representative will let you know when the file is created and instruct you to follow the provisioning guide for that phone in the Knowledgebase. A URL will be entered into a web browser similar to this:

http://<ip-address-of-phone>/admin/resync?tftp://apps.wizworks.net/spacfg-$MA.cfg

This tells the administrative web interface of the phone to resync phone functionality against the “spacfg-” file found at that Internet address. “$MA” gets expanded by the phone to fill in its own MAC address, that way each file remains unique on the server. It is not recommended to provision a device using TFTP over the Internet because of the lack of encryption and authentication, but it is effective. If the download completes successfully, the phone will reboot and you will be on the Hamshack Hotline system!

In general, you do not need to make configuration changes in your Internet router such as port forwarding. However, if you have more than the basic router/firewall provided by the ISP, you will have to make configuration changes and should have an idea of those changes. The need for changes will become obvious when you enter the URL from the provisioning guide and the phone doesn’t reboot after a couple minutes. A TFTP helper and/or port forwarding may need to be enabled for the incoming configuration connection. Once the phone is configured, these provisions can be disabled as the phone will use the locally stored configuration on subsequent reboots. If you want to re-provision the phone at a later time, the same router/firewall changes will need to be re-enabled. Communication is handled by the phone reaching out and establishing connections with Hamshack Hotline servers. If any outgoing connections are allowed by your firewall, there will be no need for additional router/firewall changes for normal operation.

Once connected to Hamshack Hotline, what can you do? Check the phonebook or map for stations you know and give them a call! Over the air RF Links can be dialed and attempt to make contact over RF. RF Link configurations require *99 to transmit and # to stop transmitting via the phone’s keypad. Extension 94000 connects to Brandmeister DMR talkgroup 31688. A DMR radio or ID is not required to transmit. Your audio will be heard where other users monitoring the talkgroup can respond. Lastly, there are public bridges where you can meet other Hamshack Hotline users. Extensions 300, 302, and 314 are “Public” bridges 1, 2, and 3 respectively.

I purchased a Cisco SPA-514g after Dayton 2018 and have been on the system ever since. My extension is 4293 if you want to test your setup or chat. It’s best to email me for a sked or leave a voicemail. The 514 phone is capable of 4 lines. In addition to Hamshack Hotline, I configured a line to access my AllStar node. It allows me to dial in, monitor, and control my node while freeing up radios to monitor other frequencies.

The Hamshack Hotline service went through growing pains as it became popular rather quickly. In response, they reconfigured and added servers to the network. Since then, I have not noticed any connectivity problems. Instructions in the Knowledgebase are mostly complete, though in some cases there are errors. They don’t seem to be in a hurry to update the documentation. While troubleshooting is a valuable learning process, it’s frustrating assuming the documentation is correct only to find out it is not correct. I try to keep in mind that Hamshack Hotline is a ham radio project. All infrastructure and support are provided by volunteers who have fulltime jobs and families.

The project has a tri-fold brochure to hand out at a club or Emcomm group meeting to drum-up interest in giving Hamshack Hotline a try. Shoot me an email or leave a voicemail at x4293 to test your Hamshack Hotline or to chat!

2020 ARRL Great Lakes Convention

Oh, IRLP…

On the topic of VoIP systems, the Internet Radio Linking Project (otherwise known as IRLP) has been a pay-to-play system. They use a PGP key system to authenticate and allow users on the system. According to their FAQ, there are two ways to obtain PGP keys to the IRLP system: “IRLP PGP keys are only assigned to users that support IRLP, either by purchasing IRLP hardware or by making a donation to the project.” I had some experience with IRLP and felt I could build a node from scratch. I inquired about making a financial donation to the project to obtain a key and was told “no.” O.. OK. Sometime later, I purchased hardware in the form of an SD card from the IRLP website with the approved operating system and my legally assigned PGP key, great! I played around with that for a while but was more intrigued with AllStar. The AllStar distribution I choose offered a way to setup an IRLP node using a legitimate PGP key – though they warned this may not be sanctioned. I setup my IRLP node on the AllStar/HamVoIP distribution and was good for a little over a year. Well, this was “no Bueno” to the IRLP folks and they had enough. Sometime around the first of the year, IRLP removed PGP keys from the system for nodes who were not using approved IRLP hardware, including myself.

Most reasons given for taking such action are outlined in a posting to the IRLP Groups.io Message board. Non-IRLP connections reduced their ‘security policy.’ If the policy is to have a closed network with only approved hardware on the system, mission accomplished. ‘Links were non-RF links.’ Some might have been, mine was an RF link. This one got to me: “HAMvoip also seems to have created an informal network of passing around IRLP Boards so folks could surreptitiously obtain keys without buying the IRLP hardware. Then harvesting the PGP keys for use in an unauthorized software package such as HAMvoip.” I WILL NOT condone, support, or have any remorse for those who fraudulently obtained or generated keys to the system, if this was indeed taking place. No one has yet outlined the details of how these fraudulent keys were generated and installed. From my experience, I obtained my legally generated PGP key when I bought my SD card. It had to be created from administrator who, I’m presuming, authorized that key on the IRLP system because I did not create any key and my private key remains unchanged. If I had to jump through that hoop to be approved by an administrator, how were others getting around that? No details. IRLP was able to revoke my legitimate [public] key system-wide. This argument seems suspicious.

I’m a little more than miffed that I paid their tariff to access the IRLP system and now am blocked until I rebuild my node with only approved hardware. Only then I can obtain a new, valid key to the system. It is true that I did not follow, to the letter, using only approved IRLP hardware and software. That’s their right to revoke my access, as it is their system.

Some replaced old or aging IRLP hardware with other systems or Raspberry Pi computers acting as repeater controllers. Others, like myself, wanted to have more linking flexibility and options. As it turns out, when IRLP removed keys for non-IRLP hardware from the key ring, without ANY advanced notice, they brought down a repeater during an emergency EOC net. Response was basically: you were doing something we didn’t like “So you should not have been surprised” (link, same as above). Showing disregard for emergency communications and banning experimentation – two foundational pillars of the Amateur Radio service – there is no reason to support this type of behavior. I would actively remove IRLP from all communication plans and utilize more open linking systems.

Thanks for reading and 73… de Jeff – K8JTK

Jeffrey Kopcak, MBA – K8JTK

Category Archives: ARRL Ohio Section

Ohio Section Journal – The Technical Coordinator – October 2020 edition

Ohio Section Journal – The Technical Coordinator – September 2020 edition

Ohio Section Journal – The Technical Coordinator – August 2020 edition

Ohio Section Journal – The Technical Coordinator – July 2020 edition

Ohio Section Journal – The Technical Coordinator – June 2020 edition

Pi-Star Update

K8JTK Hub – now with P25 & NXDN

Field Day Bonus Points

Ohio Section Journal – The Technical Coordinator – May 2020 edition

Windows 7 Users: Take Heed

AmateurLogic.TV Sound Check Net

Ohio Section Journal – The Technical Coordinator – April 2020 edition

K8JTK Hub Interlink System

Ohio Section Journal – The Technical Coordinator – March 2020 edition

Pirates

Windows 10 Free Upgrade

K8JTK Hub Interlink System

Ohio Section Journal – The Technical Coordinator – February 2020 edition

2020 ARRL Great Lakes Convention

Ohio Section Journal – The Technical Coordinator – January 2020 edition

2020 ARRL Great Lakes Convention

Oh, IRLP…

Ham radio and tech.