Dolavim.us

I guess I’m a nerd and I had 9.5hrs of downtime on my server, but still I’m a little surprised there hasn’t been more press about this network sabotage. I guess because big players have geographic redundancy that makes then less vulnerable to single geography attacks like this.

It’s so easy to do this sort of climbing into manholes stuff though. Plenty of us were surprised by the resulting hit, despite believing our upstreams had redundancy. The specific cuts still aren’t entirely clear and the San Jose and San Carlos cuts just might have combined to kill a fair amount of intended redundancy for things solely located in the Bay Area (like my little machine).

I’m also a little miffed that a lot of news sources are calling it vandalism. Look that and sabotage up in the dictionary…there’s a difference. The real interesting part though will be if/when people are caught and their motivation comes out. Maybe it was just some vandal kids messing around. Or maybe not. UnitedLayer’s 200 Paul facility seems to have been hit hard, coincidentally hosts the Conficker Working Group, and this happened just as Conficker was getting more active. I guess there’s the union thing that’s been in the news, but that’s not as fun to speculate about.

And I find it pretty ironic that the network providers hit are generally not supporters of network neutrality. With a tiered internet, if we have to pay extra at their whim to get the packets we want, I wonder if they’ll start securing their manholes a little so they aren’t so at the whim of random other people to be able to transport packets at all.

My solar panels haven’t quite passed inspection yet (next week?…fingers crossed), but they’re producing and the data collection module for the PVPowered inverter is sending data out to the mvpvpowered.com web site.
I want to be able to push the data to my own site though (along with the weather station data). And in theory PVPowered will let me. The PVM1010 module’s page states:

Communications options: Standard open protocols that work on TCP/IP such as UDP and MODBUS can be supplied for system users on request.

I’ve sent in a request and need to email another because I’m not sure the first request went in correctly.
In the meantime I thought I’d have a look at what the module does. First most obvious step was to point a web browser at the IP my router handed out when I plugged in the module. Nothing. Okay…port scan…nothing! Locked down. So next step was wireshark to watch for packets out of the module. And…after a few minutes I catch the once per fifteen minute squirt of data out to dcgateway.pvpowered.com. Amazingly it’s an SSL encrypted session!
While this doesn’t mean the embedded device is secure, and in theory it shouldn’t much matter if it is just collecting data off the inverter’s serial port and it can’t actually send signals and harm the inverter, it does show that somebody at PV Powered put some proper engineering thought behind this module.
I’m impressed!
Though now I’m really counting on them to hook me up with a way to get at the data from the module.

I find it really humorous that as soon as the iPhone 3G is unshackled ATT starts sending out regular emails and SMS’s with tips for travelling internationally with an iPhone. The email says “Tips to minimize international data charges when travelling outside the U.S.” What more tip does one need than to unlock the phone and use a country-local mobile provider?