Dan Bradbury

Oregon Duck Software Engineer / Breaker of things / Player of Games

Connecting to Wifi on Amtrak

I wrote this post a few months ago when I was stuck on a train and figured I’d publish it before it gets lost forever.

Today I bring you the pain in the ass process I went through to get a really shitty connection on my Amtrak ride

Connecting to the wifi network yields a proper connection (ip assigned & network-manager is happy)… but once you try to go to any page you are stopped..

1
2
3
4
5
dan@dan-MacBookPro:~/Documents$ ping google.com
PING google.com (172.217.6.78) 56(84) bytes of data.
^C
--- google.com ping statistics ---
19 packets transmitted, 0 received, 100% packet loss, time 18143ms

If we go to http://172.217.6.78:80 we will magically be redirected to www.amtrakconnect.com! The login page that failed to popup when the connection was established.

Even if we manually go to the URL your browser may get tripped up and timeout over and over again. While waiting for the browser why not curl that beezy?

A quick curl amtrakconnect.com will yield content so WTF is going on Mr. Browser? You must be getting stuck somewhere

Lets save the contents of that page to a file (!! > weblogin.html) and update any links to be absolute paths so all the php files load properly when we open it locally (we dont care about getting images/stylesheets to load).

To the source!! On first glance it should be pretty obvious that an ajax call is happening and we just need to click on an accept link to verify ourselves after its successful.

And voila we click on the link and are able to use the trash connection for the rest of the train ride.

Turbolinks: Leaving the Abyss

Just trying to do things like

<a href=”#” onclick=”alert(1)”>ZZZ</a>

Expected behavior here?.. Scroll to top of the page right? Not if turbolinks is doing its thang.

From my previous write-ups on Turbolinks (1 2) I was pretty understanding about the inherent behavioural differences for all things links.

If I wasn’t aware of Turbolinks I’d be incredibly confused by this incredibly simple bit of code. This time I was lucky enough to spot the Turbolinks loarder bar attempting to do unnecessary work and knew what the issue was

On top of initial confusion the fact that something like href=”#” doesn’t work according to spec is pretty frustrating and difficult to understand.

If we really want a link what do we do

<button> is your friend. Include Bootstrap and link style that SOB if you really want that link feel.. a bit annoying but easy enough to add to a project and remember class="btn btn-link"

The reason that works is because by default Turbolinks is only looking for <a href> links pointing to the current domain (of course we can turn this off w/ data-no-turbolinks='true'

All this additional knowledge for such little gain is not worth it. I don’t care to remember or reason about how Turbolinks will be handling history or trying to optimize potential page loads. Unless I’m building a single page app that has the same feel across all browsers and devices I’m not interested in the additional complexities.

No disrespect or hating on the idea for Rails 5 to include turbolinks by default; it’s understandable that to remain relevant in the app academy days of development folks are looking to build single page apps that will become the next hot thing.

I am officially on the rails new my_app --skip-turbolinks 🚂 now

Horse’s Hoofs: Sagely Errors

Associated reading: Zhuangzi - Horse’s hoofs

TLDRBWPIKWG; The natural order is pretty chill but some “sagely dudes” threw a wrench in that real quick

## 1: Blindly Following “sagely” advice

Horses can with their hoofs tread on the hoarfrost and snow, and with their hair withstand the wind and cold; they feed on the grass and drink water; they prance with their legs and leap: this is the true nature of horses. Though there were made for them grand towers and large dormitories, they would prefer not to use them. But when Bo-le (arose and) said, ‘I know well how to manage horses,’ (men proceeded) to singe and mark them, to clip their hair, to pare their hoofs, to halter their heads, to bridle them and hobble them, and to confine them in stables and corrals. (When subjected to this treatment), two or three in every ten of them died.

Bo-Mi didn’t actually know shit about horses but he wanted to be the horse master so bad that he continually told plebs that he knew how to take care of these powerful beasts. People saw Mr. Mi riding around town and were like “fuck me I dont care if a few die, as long as I can do that” and naturally pushed the limits and soon 4|5/10 of the horses died but “dude I’m riding a horse” is logic that can’t be argued against..

And yet age after age men have praised Bo-le, saying, ‘He knew well how to manage horses,’ and also the (first) potter and carpenter, saying, ‘They knew well how to deal with clay and wood.’ This is just the error committed by the governors of the world.

What they are saying is we let this happen..

If only humanity had held onto the simplicity of Di for a little while longer

2: The section that’s better than Avatar

..Therefore in the age of perfect virtue men walked along with slow and grave step, and with their looks steadily directed forwards. At that time, on the hills there were no foot-paths, nor excavated passages; on the lakes there were no boats nor dams; all creatures lived in companies; and the places of their settlement were made close to one another. Birds and beasts multiplied to flocks and herds; the grass and trees grew luxuriant and long. In this condition the birds and beasts might be led about without feeling the constraint; the nest of the magpie might be climbed to, and peeped into. Yes, in the age of perfect virtue, men lived in common with birds and beasts, and were on terms of equality with all creatures, as forming one family - how could they know among themselves the distinctions of superior and inferior beings?

Damn Avatar was some deep shit huh? Equality of all creatures existing in nature seems like a pretty reasonable idea but always remember our favorite section from Matthew.. and remember this is a beloved early passage for the youngsters..

Matthew 6:26 Behold the fowls of the air: for they sow not, neither do they reap, nor gather into barns; yet your heavenly Father feedeth them. Are ye not much better than they?

Can’t say I Matthew’s sagely advice sits too well with me

Back to Zhuangzi..This idealistic view of the world of course has to be destroyed by a few sagely guys that think they know whats up..

In that state of pure simplicity, the nature of the people was what it ought to be. But when the sagely men appeared, limping and wheeling about in (the exercise of) benevolence, pressing along and standing on tiptoe in the doing of righteousness, then men universally began to be perplexed. … The cutting and hacking of the raw materials to form vessels was the crime of the skilful workman; the injury done to the characteristics of the Dao in order to the practice of benevolence and righteousness was the error of the sagely men.

When men began to live outside of their natural way they destroyed the Dao in order to pursue less noble goals. Zhuang Zhou recognizes that the damage has already been done and we can’t live in the natural ideal but a pursuit of wu wei is still worth the struggle.

3: Controlling lead to Unforseen Negatives

Horses, when living in the open country, eat the grass, and drink water; when pleased, they intertwine their necks and rub one another; when enraged, they turn back to back and kick one another - this is all that they know to do. But if we put the yoke on their necks, with the moonlike frontlet displayed on all their foreheads, then they know to look slily askance, to curve their necks, to rush viciously, trying to get the bit out of their mouths, and to filch the reins (from their driver); this knowledge of the horse and its ability thus to act the part of a thief is the crime of [the sagely men].

Zhuang Zhou wants us to really think about the natural horse. Where do many negative horse behaviors come from? Do they truly originate from humanity’s attempt manage and control the horses raw power? By controlling the horse has man created more problems? Does the advice of former sages lead to the problems of the world today?

But when the sagely men appeared, with their bendings and stoppings in ceremonies and music to adjust the persons of all, and hanging up their benevolence and righteousness to excite the endeavours of all to reach them, in order to comfort their minds, then the people began to stump and limp about in their love of knowledge, and strove with one another in their pursuit of gain, so that there was no stopping them: this was the error of those sagely men.

While this is a definite over simplification of the creeping in of evils into the world, the importance and danger of false truths about known unknowns should not be underemphasized. Throughout time we should expect more sagely men to appear with answers that greatly simplify and “improve” things; a little skepticism and pursuit of what is most natural is paramount.

Takeaway: The Daoist Natural Ideal

Somethings like the horse’s hoof should be left in its natural state rather than shoed to conform to the unnatural existance we have created and forced on it.

Intercepting iOS Network Traffic on Mac

For the most part you are probably fine just using a solution like mitmproxy (shown here) and sniffing HTTP/S traffic but sometimes there’s a need to go deeper..

When testing an application you may notice something like an in-game chat server “not sending any requests” (w/ mitmproxy) when we are posting a new message to the server / getting messages from other players. Luckily for us we have some better tools to dig into all network activity on the device!

At some point Apple introduced a dev tool called rvictl (Remote Virtual Interface Tool) that allows us to create a seperate network interface for a connected device by providing its UDID. This allows us to use our favorite sniffing tool on the given device :D

Find UDID

Connect your device Open up iTunes, select the device, and copy the UDID (might have to click on serial number to get to it)

Create new interface

1
rvictl -s YOUR_UDID

The command should SUCCEED and you will see your new interface (eg. rvi0)

Sniff away

tcpdump or Wireshark away w/ the new interface and have fun with the extra requests on strange ports :rocket:

Trying to Make Sense of PG&E’s Marketing Campaigns

We are getting close to baseball season and since I try to catch the majority of games that means I get to watch a ton more local advertising!

yay ads!

Last season I was lucky enough to return to Norcal and got to watch the Giants on CSN-Bay Area for the majority of televised games. While watching the the season I saw a ton of PG&E ads; ranging from some lady telling I’m the reason my bill keeps going up and a PG&E rep will come out to help me buy more new enery effiencient appliances to 3 latina high school girls who turned off lights to save the school money. Meaning, they are spending money by the boatload to make a wide range of ads in hopes of propagating the message that PG&E cares about its customers (and employeesRich, and Jannis).

Coincidence that they did this ad push while they were in the final stages of the 2010 San Bruno pipe explosion?

So.. Why is PG&E spending so much(assumed) on marketing focused on employees and community? (we can’t be about the exact budget without tricking someone for the information. But we can get a good sense that its somewhere under the earnings from selling stocks since all ads contain This communication paid for by PG&E shareholders., but I’m no expert so maybe its all free..)

The announcement of that they will be cutting ~450 IT jobs was the big fuck you that explains it all. It may not seem too strange for a large, publically traded company to move jobs overseas to save money but let’s take a look at exactly what PG&E is doing here to move the jobs over.

They (PGE) has hired a consulting firm based out of India called Tata Consultancy Services to manage the replacement of these workers. In order to replace these IT folks Tata is using H1B visas to bring folks over to the states to be trained on how to perform the tasks they will be doing within months. That should be alarming to you

If you don’t know too much about H1B Visas its ok not to be shocked. The idea is that we need a way to keep / allow skilled workers to enter the country and work legally to help push forward innovation where the current US workforce is inadequate. The issue with using these visas is that they are of limited supply and are given out based on lottery. With companies like Tata hoarding H1Bs to use for IT training and job relocation we are effectively removing work from the job pool while using a system designed to strengthen the job marketplace.

PG&E knows what they are doing and calculated that they could do this and minimize the damage by running a PR campaign in the lead up to this event. Expect the $300 million a year in savings to be poured into more marketing campaigns to continue the monopoly that they have going.

Bad actors like PG&E and Tata need to be dealt with before they ruin the entire system for deserving individuals who rely on the program

‘Mediocrity in Movies (Part 1)’

I’ve been trying to make sense of the wave of mediocore movies, games, and music that has been dumped on us lately. This will be part 1 of a series of rants dedicated to mediocrity.

The Question

Why the hell are studios making these trash movies with famous actors and no substance?

Obviously good movies are going to make money, think defining films/classic movies (Dirty Harry, Fast Times at Ridgemont High, insert any movie that you’ll never forget here). But what happens when bad movies start to make money and become repeatable successes in the eyes of the studio execs. Whether you are making a modern classic or a pile of trash like Piranhas 3D it takes money to give the project life (and various degrees of effort).

Since the studio is so powerful in the production of films I want to take a look at a failry young studio that caught my eye while watching the playoffs this weekend. CBS Films. For some reason I was unaware that the monster that is CBS ever had a movie studio that was actively producing films and it took a stupid movie like Partiots Day to alert me to the fact. Since I was watching football on CBS and saw an ad for CBS Films something smelled fishy and I decided to do some wiki-researching

follow the money

CBS Films was founded in 2007 with the goal of producing 4-6 movies, each with a budget of $50 million (big boss says you have a yearly budget of $300 million). If you want to read a more detailed year-by-year summary for the studio the wiki#CompanyHistory does a good job. The TLDR; is they aren’t the best movie studio out there and are looking for help from others who have lead successful ventures like Lionsgate.

Before I get ahead of myself, it’s important to review history and understand that CBS tried out film production before with Cinema Center Films(1967-172). They released films like With Six You Get Eggroll (this is 1968 so you best believe that is a derogatory reference an Asian character who is in a single scene). They did hit a few winners with Snoopy, Come Home (people who love Peanuts do enjoy it) + others like Scrooge and Little Big Man w/ Dustin Hoffman. Checkout the full filmography and see if you recognize any before they closed up shop

Alright now that we know that CBS has been interested in owning a studio for some time we can start to understand why they are making such shitty films every year. I’m fully convinced that CBS is not in the business of making good movies but in it to make profitable films which tends to translates to the sub-par movies they continuously release. For a studio like this with multiple TV networks marketting seems like a sure-fire way to get people to pay up for tickets. This is apparent to anyone who had to watch TV while they were advertising Patriots Day. If this movie makes money it will be an instant-success and the studio will look to repeat the action with another close-to-home act of terror

Even a broken clock is right 2 times a day.

In the case of film studios they occassionally will put out a good movie (not because thats what they do but by being in the right place at the right time + having funds to allow a talented director make a film). So let’s take a look at the full list of movies they’ve made over the past 9 years

Release Date Title Budget Gross(worldwide)
Jan 22, 2010 Extraordinary Measures $30 million $15.1 million
April 23, 2010 The Back-up Plan $35 million $77.5 million
November 24, 2010 Faster $24 million $35.5 million
January 28, 2011 The Mechanic $40 million $51 million
March 4, 2011 Beastly $17 million $28.8 million
February 3, 2012 The Woman in Black $13 million $127.7 million
March 9, 2012 Salmon Fishin in the Yemen $14.5 million $34.6 million
September 7, 2012 The Words $6 million $13.2 million
October 12, 2012 Seven Psychopaths $15 million $23.5 million
March 1, 2013 The Last Exorcism Part II $5 million $15.2 million
May 31, 2013 The Kings of Summer unknown $1.3 million
July 26, 2013 The To Do List $1.5 million $3.9 million
November 1, 2013 Las Vegas $28 million $134.4 million
December 6, 2013 Inside Llewyn Davis $11 million $13 million
April 4, 2014 Afflicted $318,000 $121,200
April 25, 2014 Gambit unknown $14.2 million
August 15, 2014 What If $11 million $7.8 million
September 26, 2014 Pride unknown $16.7 million
February 20, 2015 The Duff $8.5 million $43.5 million
November 13, 2015 Love the Coopers $24 million $41.1 million
March 25, 2016 Get a Job unknown unknown
April 12, 2016 Flight 7500 unknown $2.8 million
August 12, 2016 Hell or High Water $12 million $31 million
October 7, 2016 Middle School: The Worst Years of My Life $8.5 million $20.7 million
December 21, 2016 Patriots Day $45 million We shall see

16/24 movies being profitable seems like they have hit their mark but the remaining were either flops or the studio decided not to release how much the movie cost to make. I assume this is because they spent so much and the movie did so poorly; take a look at Flight 7500, a Sci-Fi/Horror movie with Amy Smart that was barely passable and only made $2.8 million. It was planned for release in 2013 but was pulled and later turned into a on-demand release in 2016. The studios won’t say how much they spent on the film which makes me believe they spent a pretty penny to make a pile of shit. Luckily for CBS Films, any flop that they haven’t over marketted can be turned into a release on Showtime or one of their other movie networks.

pile of trash that CBS fumbled with for 4 years before dumping to on-demand

The most profitable film for the Studio was The Woman in Black which had Daniel Radcliffe in it so every Harry Potter fanboy who could stand a horror film ran to see it around the world. For anyone who saw the movie it wasn’t anything amazing but definitely not a bad movie. A beefy marketing campaign focused on showing Radcliffe’s face as many places as possible helped push a mediocore film into a money making machine for the studio.

After that successful movie the studio remained focused on having recognizable actors in lead rolls for the majority of films they were willing to put their money behind (with the exception of a few failed experiments). For the most part the formula makes money and they continue to make movies with a deep investment in the stars they hire + marketing campaigns to make sure everyone knows Actor X and Y are in Movie ZZZZZZ and the trailer looks good. This exact formula is the rational for making a movie like Patriots Day; it ticks all the boxes of human interest, actor is very recognizable, and its easy to market. So I guess this makes sense for a studio thats all about the money.

My hope is this movie is a complete flop and the studio eventually caves like its predecessor Cinema Center Films. I know its unrealistic to hope for a future where money doesn’t control what gets made but Im optimistic as a consumers we can start sending clear messages that we are tired of this shit storm. I’m hopefull we can get more movies like Fast Time at Ridgemont High that are truly excellent at what they are trying to do. Otherwise we should brace ourselves for the onslaught of mediocraty and be ready for more iterations of Final Destination and whatever marketers know will sell to the general popluation

Exploiting P2P Game Hosting in Dead by Daylight

Any gamer will tell you dedicated servers are prefered to someone being selected as the host and having an unfair advantage with much better latency. P2P online gaming is just awful for anyone who wants a true competetive environment; clients must maintain a connection with the host and if the host leaves the game ends? graceful transfer? (who knows until it happens) + bullshit like the following POC is too damn easy to pull off for anyone who has basic Python abilities.

If you haven’t heard about DbD I’d actually highly recommend the game + give props to the creators for making a fun and original multi-player survival horror game (Steam link). The basic idea of the game is that 4 players are Survivors, responsible for repairing generators and escaping from the graps of the Killer (another player whos goal is to hunt and kill as many Survivors as they can before they all run to safety). Simple idea but really enjoyable if you can get a group of friends and try to survive together / enjoy messing with folks as a killer.

Since the game was made by a very small team there was a wave of complaints and issues in the early days. Once more and more networking issues were being reported/experienced I had to pop open Wireshark and see what was going on.

I joined a game and waited for the load screen to start the Wireshark capture. As soon as the game started you could see the flood of UDP packets + our trusty friend STUN (in this case CLASSIC-STUN but the ideas are the same) and I knew we’d be able to have a little fun

For those of you who might not be familiar with the STUN protocol here’s a quick review:

Session Traversal Utilities for NAT (STUN) is a protocol that serves as a tool for other protocols in dealing with Network Address Translator (NAT) traversal. It can be used by an endpoint to determine the IP address and port allocated to it by a NAT. It can also be used to check connectivity between two endpoints, and as a keep-alive protocol to maintain NAT bindings.

Who is sending / receiving these packets?

STUN Client: A STUN client is an entity that sends STUN requests and receives STUN responses. A STUN client can also send indications. In this specification, the terms STUN client and client are synonymous.

What info do we care about in the packet?

1
2
3
4
MAPPED-ADDRESS:
  - Protocol Family: IPv4
  - IP: 192.168.0.1
  - Port: 53199

This is all you have to know about to follow along but if you are interested in knowing more about STUN check out RFC 5389

Each player is acting as a client and is handling both requests and responses to maintain a connection to the other players in the game. If we listen to the traffic we have access to a public IP and port that is open for communication (to confirm just watch UDP packets transportation either way)

Imagine a simple script that listens STUN headers and generates a list of victims and runs a simple UDP flood

1
2
3
4
5
6
7
8
9
10
11
12
13
14
import socket
import random
client = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
bytes = random._urandom(1024)

victim = input('Target >')
vport = int(input('Port >'))

packets_sent = 0
while 1:
  client.sendto(bytes, (victim, vport))
  packets_sent += 1
  if packets_sent % 100 == 0:
      print('.', end=' ')

and the victim is pwnd.. 🎉

In the case of DbD the victim is flooded out of the game and points are given to the killer.

As the killer (hosting the game) you can target players with a simple test flood (watch them skip and shut it off before they are out of the game) and then D/C them if they are near escaping (giving the player 0 points and rewarding the killer for a successful kill).

As the survivor you can periodically flood the killer when he is chasing to make sure he cant hit you while you juke / escape his grasp (why not flood and wiggle at the same time?) or you can lag out your fellow survivors to pick up a particularly nice item they are running that game (too funny to lag out a friend who is bragging about some sick item he is going to run this game).

The main point I’m trying to make is that this is a simple simple attack that can be pulled off by any jobber with minimal skill.

In my testing a simple UDP flood like the one shown above using the STUN response results was 100% effective no matter when the flood was run (port remained open for entirety of game and then some..). I ran tests for hours at a time and spaced it out over months of gameplay to see if EAC was every going to pick up on this obivous attack… they never did. In fact EasyAntiCheat will not detect attacks like this (tested in other games they “secure”) + is generally a shit given waht they promise.

TLDR; Networking is difficult and gets messed up often. If something feels poorly implemented chances are it is and there could be some fun to be had understanding whats going on under the covers.

Unnecessary Noise in the Programming Community

Growing up on the internet I’ve always been aware of trolling and general BM that are associated with competetive gaming and message boards. Unfortunately I’ve been noticing similar behavior in more and more projects & programming community sites. It seems too common to run into a SO post with a comment section like this

The example code is a bit tricky to digest on first pass + is written in bad vimL (see his answer + my correction if interested). Even if the question was dumb and pointless there is no reason to be a dick for no reason. It just creates unnecessary noise that does nothing but deter from the goal at hand. We should look to previous failures like rubyspec and try not to bring whatever shit is going on in our lives into the project. If you really need to blow off steam none of us mind if you go play some Overwatch and chill out a little bit before working on the next issue.

For those of you who didnt follow along at home with the drama around rubyspec here are a few links + a running repo of github drama links - HN on MRI and RubySpec issues - Some #rubinius BM - github-drama

Rule 97: Don’t be a dick

Turbolinks and Anchors

So far my journey with turbolinks hasn’t been too bad; I write my slop and things work as I’d expect them to. I knew this streak of good luck was bound to come to an end at some point and today is the day.

I had the misfortune of attempting to implement simple anchor tags. At first I thought I had made a typo but upon checking my code everything was fine. Another test and I noticed the damned .turbolinks-progress-bar appearing onclick. It was clear turbolinks had mistook my anchor link and was intercepting the click like it should be doing with other links. Things got strange when adding data-no-turbolinks yielded the same results..

After googling I found a closed issue that had apparently been resolved. Checked my turbolinks version and we’ve got the latest and greatest. Hastily closed issue back in 2014 leads us to the same issue in present day. There’s a bit of discussion on the issue but doesn’t look like anyone has offered a PR to resolve the issue :(

There are a few snippets to override the default behavior that could prove useful but this is something that I’d expect the turbolinks to have ironed out.

Because I don’t mind writing an onclick for the links I’ll probably implement something like this for a similar effect

1
$('html, body').animate({scrollTop: $('#anchor').offset().top}, 'slow')

I’m definitely disappointed in turbolinks for failing me on this instance but will continue on this less travelled mysterious path DHH wants me to believe in.

Vim Tricks - Googling With Keywordprg

Most vim users are familiar with the man page lookup; K under the cursor or on visual selection. For anyone who needs a quick refrersher lets take a look at the help docs (help :K)

1
2
3
4
5
6
7
8
9
          *K*
K     Run a program to lookup the keyword under the
  cursor.  The name of the program is given with the
  'keywordprg' (kp) option (default is "man").  The
  keyword is formed of letters, numbers and the
  characters in 'iskeyword'.  The keyword under or
  right of the cursor is used.  The same can be done
  with the command
    :!{program} {keyword}

So we can see that the default program (keywordprg / kp) is defaulted to “man” and the keyword is determined by what is right under the cursor when it is used. The other important thing to not is the fact we could invoke man or whatever program we want using :!program_name but that’s not as fun as reconfiguring the default behavior to do what we want.

Let’s imagine that for some reason we find ourselves copying sections of text and searching google for the results. Rather than doing this over and over why not just change the keywordprg to a custom bash script to do what we want. First thing’s first lets write a simple bash script to open up the browser (I assume every OS has some way to open a browers with a given URL; This is written on an Ubuntu machine but if I were on a Mac I’d use open and test / google to make sure the syntax works as expected)

1
2
#!/bin/bash
firefox "https://www.google.com/serach?q=$1"

Give it a handy name like googleShit, move it into your PATH and and pop open that ~/.vimrc to change your default keywordprg

1
set keywordprg=googleShit

And now when you use K inside a new vim session you will be googling contents rather than looking up the man pages! If you find yourself repeating a task under the cursor or in visual mode pretty handy trick to have in the utility belt. Use a little imagination and you can come up with something to improve your daily workflow.