Disclaimer: I’m not an expert in networking, so the instructions below may be flawed. Be warned and proceed with caution! Corrections are highly welcome.

DNS leaks are nasty. ISPs may tamper with DNS for purposes of censorship or eavesdropping. Luckily, there are public DNS servers, e. g. Google (8.8.8.8), Cisco OpenDNS (208.67.222.222) and Quad9 (9.9.9.10) which may behave better.

I’ve set up my router to use public DNS servers instead of provider’s. In LEDE (OpenWrt) router firmware this can be done in GUI: go to Network → Interfaces → WAN → Edit → Advanced Settings, uncheck ‘Use DNS servers advertised by peer’ and add custom server IPs below.

The trouble is that LEDE runs its own DNS server and advertises its address (e. g. 192.168.0.1) to clients via DHCP. When NetworkManager connects to OpenVPN it keeps this address as one of DNS resolvers (even if you add push "dhcp-option DNS 9.9.9.10" to OpenVPN server config). You can check it with

cat /etc/resolv.conf
> 9.9.9.10
> 208.67.222.222
> 192.168.0.1

This way, DNS requests may occasionally be sent to the router which forwards them to configured servers skipping VPN tunnel and making them visible to the ISP (unless you’ve set up DNSCrypt, of course).

Read more

I’ve upgraded my Manjaro kernel from 4.9.65 to 4.14.2 today and suddenly my bluetooth mouse stopped working. The adapter is Intel Wireless 8260 on Lenovo T460s laptop. After some searching I stumbled upon this kernel bug, but fiddling with firmware didn’t seem like an exciting prospect.

Thankfully, I’ve found solution in this thread on Manjaro Forums. Seems like the bug is there at least since kernel 4.13.2:

sudo nano /etc/modprobe.d/iwlwifi.conf

options iwlwifi bt_coex_active=0

After reboot the mouse is working fine with Wi-Fi turned on, audio receiver is yet to be tested.

UPD: bluetooth audio receiver is working fine too.

Here’s a little Greasemonkey script which changes the default font on Startpage.com and Ixquick.eu. The default one (Arimo) lacks Cyrillic glyphs so I changed it to default “Sans Serif” which is mapped to Cantarell on the screenshot.

 Startpage_Font.user.js

For those who don’t know, these search engines claim to respect user privacy. Startpage displays results from Google Search but doesn’t relay or store your IP address or cookies.

Recently I was struggling to make tab close icons look closer to Breeze theme. Now I managed to make tabs look Breeze-ish too! The icon rules are also better now, opacity works without superposition problems:

Firefox tabs a-la Breeze

Firefox tabs a-la Breeze - circular icon

Read more

UPD: See this post for better icons and Breeze tab style.

I was upset that close tab (×) and new tab (+) buttons in Firefox didn’t match my current icon theme (Breeze). Thankfully, a workaround is still possible in v.48.

Breeze tab icons in Firefox

Read more

openHAB site openHAB chart

In this post I want to share some details about my simple low budget smart home system based on 433.92 MHz receiver/transmitter controlled by Arduino. It can be easily extended with many cheap wireless devices, such as door bells, remote sockets, smoke alarms, leak detectors, etc. I’ll describe how to control remote socket, receive alarms from wireless smoke detector and draw a plot of room temperature obtained from regular wired sensor.

Read more

Viona container ship in the distance

Recently I’ve visited Kanonersky island. While it’s located close to the centre of St. Petersburg, it’s mostly industrial and a huge chunk of it is pretty much a wasteland with occasional garbage piles here and there.

Before Peter the Great decided to build a city here the Finns called it Kissasaari (“cats’ island”). Later it became Kanonersky island after the word “cannoneer”: there was gunpowder storage and training grounds there.

Read more

Ever since I’ve learned about alternative router firmware I wanted to give it a try. With bugs and security holes being found in vendor firmware every now and then it was becoming even more relevant. Being an open source software advocate, I was mostly looking into OpenWrt. Unfortunately, my hardware was either not supported (ZyXEL P660 ADSL router) or in some early alpha stage (D-Link DIR-300). But then I learned about a reasonably cheap TP-LINK TL-WR841N[D] router which has good OpenWrt support. So I bought it (for ~18 €, got version 9.2) and immediately flashed OpenWrt on it — which was super easy: I just uploaded .bin file and waited for reboot.

Read more

My old trusty hardtail is still in good shape (with many components changed or upgraded during these 8 years). Yet “M” sized frame seems a little too small for me (I’m 183 cm high) and the promised wonders of full suspension are hard to resist. So I smashed my piggy bank and bought me a Norco Fluid 9.2 (2015).

Norco Fluid 9.2

The weirdest thing about it for me is that it’s a 29er. I was very skeptical about this standard but now that the prices are pretty much the same it’s not an issue any more. Anyway, if there’s any advantage of 29er over 26er, it’s probably too subtle for me to feel.

Which is not the case with rear suspension. It’s amazing and makes a lot of difference, especially on rooty forest trails. The fork (120 mm RockShox XC-32) is a bit of a disappointment though, not feeling any better than coil XC-30 I have on my old bike.

The plan now is to turn my old bike into more city-oriented commuter. Another issue to deal with is dirt. While I pretty much solved the problem on my old bike, it’s a mess on a new one, even with SKS Shockblade II/X-Blade II combo. The rear shock, the bottom bracket, my shoes and feet are covered with dirt after getting into the smallest puddle, and we don’t have many dry days around here.

Bitcoin Core, the “full” Bitcoin client, uses a lot of disk space to store the blockchain. I use GdMap to clean up my SSD and was recently shocked to see how many GBs are occupied by those files. So I decided to join the dark side and switch to a lightweight wallet. There are several of them around of which I chose Electrum. The only trouble I had were my old (donation) addresses that are too much of a hassle to change. I seem to have solved this problem by creating a second wallet in Electrum and here’s how I made it:

First, I imported private keys for all needed addresses from Bitcoin Core. In Debug Console I typed dumpprivkey "<address>" for every address I wanted to keep.

Then, I started up Electrum, selected File — New/Restore and entered all the keys I obtained in previous step. If you do that, pay attention to all warnings and remember to backup this wallet — you won’t be able to recover it with your seed.

After that I was able to use my old addresses to receive and send Bitcoins in Electrum. Minus the gigabytes of blockchain data.