Tuesday 1 November 2011

[HEA-4] The Power of Android

Making my smartphone the main controller
PC control (esp. with tv used as monitor):- You can make user of various applications that makes it possible to control your PC with your   Android smartphone from anywhere in the world.
I will list here a few of these android apps and you can go through their features on their app pages.
Unified Remote (power control, YouTube, spotify, keyboard and mouse)
DLNA (play media in your phone, on your telly or control how you stream media from dlna source, to your telly)
Connected media (HTC Sense dlna implementation)
Skifta (android app that lets you choose source (either your phone, computer (Media player etc), Picasa, flicker etc, etc AND choose player (either your phone or your telly) and then play the media irregardless for where you are.
There are also loads of SamGo Extensions that let you do cool things with your telly from your Android smartphone like the SamyGo Remote  as discusses in "Playing with my Samsung TV"
If you have newer TV models Samsung Remote will cut it.
Teamviewer is available on Android, and it let you control any windows PC from your Android phone with all the actions being visible on the computer screen itself. So this can be great tool for remote user support.
If you only want remote access to your computer, using your phone, then PocketCloud is a good remote deskstop app for you.
If you want to turn on (boot) your computer from anywhere in the world, you need WOL together with necessary setups on your home router connected to your computer. If you need details, can provide in upcoming series.
Imagine that you are watching a Movie and playing music video on your Telly. If the volume is very high and your phone is on the coffee table, you might miss those important calls or text messages. You wont need to worry about that if you have TVCallNotify. or SamsungTV Messenger (for samsung tvs) All the calls and msgs alerts will pop right on your big screen.
If you have home automation gear setup(X10 stuff), especially the CM15Pro (discussed in "Power of Android Part 2" you can use your Android smartphone to control the lights around your house, control garage door, gates, window blinds etc etc. The appropriate app for that would be X10Commander
If you happen to have the UK Virgin Media TV service  (V+ or Tivo) you can utilise thier offiffial app Virgin Media TV Guide to set programmes to record using your android phone even when you are abroad (provided your box is on or in standby mode)
Further more, you can use the Tivo Commander app to control your Virgin Media Tivo box using your phone. you just connect your Tivo's ethernet port to your home network. With the Tivo Commander app, you can browse shows, record, play, change channels, etc etc in the comfort of your couch, only with your android smartphone.


Other Android Apps that may be of interest are:
VLC remote / VLC Direct
WIN - Remote
Vlingo (better than iPhone's Siri)
etc
etc

[HEA-3] Playing with my TV

      
TV Evolution
Almost all TV nowadays come with some king of a software system inside that controls the TV. This is the software that interacts with the remote controls. This software is called the Firmware. TV firmwares have undergone massive changes over time. Primarily because of advancement in hardware capability, Nowadays this firmware is similar in capability to most computer operating systems that are available. This makes TVs some kind of computers in themselves. As you will realise, Actually Samsung TV run Linux as their firmware. This means most of the things that you can do with a Linux box, you can do with a sumsung TV alone (i.e. if you are a geek of course)
However, latest firmwares from Sammy have all been ring fenced and you might not have better lucky playing with them.

Playing with my Samsung TV
Inorder for me to play with my Samsung TV, I needed to gain root access to the Linux system inside. I had to install a previous version of the firmware so that I could have  ssh access enabled. If someone is not computer savvy, they can simply follow instructions given on the SamyGo project
 It is very easy to install SamyGo Extensions on your TV. One of the primary reasons I wanted to install them in this case, was that I wanted to be able to control my TV with my Android phone. I hacked my firmware and installed the following extensions.
RemoteLAN - For TV Remote control via android phone. (however, you if you have a 2010/2011 model you may not need to do all this and android market app is just sufficient to setup a smartphone remote control)
New Internet widgets
DTS audio encoders so that I can play .mkv HD Video files with dts audio
etc, etc, etc.
I also wanted to use my TV as a samba client (to mount shares on PC) so that i can easily mount my computer folder with pics, music and movies and play them on TV.
Other cool stuff  include installing a Web browser on your TV so that you can browse the Internet without the need for any computer. There is also an extension for keyboard and mouse input/output, that enables you to just connect your wireless keyboard and mouse to your TV.
All this makes your Telly a perfect computer.

Tuesday 27 September 2011

[HEA-2] Networked Media

Networked Media
I will assume that most of the media files (Movies/Videos, Music/Audio etc) will be organised within a computer which acts as the media server. Media HadrdDiskDrives portbale or dektop, flash/usb sticks etc are also alternative ways of storing home media files.

PC and TV audio output connected to home theater system
With your meadia PC connected to your sound system, you benefit from the superior sound perfomance whilist playing the filses from your computer. Most TVs have optical outputs you can use that to connect TV audio output to your sound system.

DLNA/Samsung PC Share Manager
Now that you have your TV connected to the network (wireless/ethernet wired), you also have you computer connceted to the same network, you can utilise various dlna utilities or software to play you media files directly on the TV. As for Samsung TVs, you can use the Samsung PC Share Manager software, that comes with the telly. Once you fire it up in your computer, your shared folders will be browsable on your TV. The  are a multitude of other tools/softwares to set up dlna for your TV, check here


Use TV as PC monitor
If your media server/computer is located close to the telly, you can use a vga cable (if your telly has vga/pc input) or hdmi to use yoor telly as a computer monitor. This gives you an advantage whre you dont need to have a separate monitor for your media server. after all theis computer is primarily a media server, so you probably dont use it while watching telly. In any case most tellys nowadays have the PIP feature where you can have split screens, so you can split the screen briefly when you want to check something on the computer whilist watching a channel.
 As for the keyboard and mouse for your computer, using the telly as the monitor, thats where your android phone comes in handy. This is dicussed later, so check back on details of Android apps to use your smartphone as your computer keyboard and mouse.
 
Youtube, Spotify,Web Browsing
With the setup described above, you will be able to watch youtube videos, play spotify music or other flash based web content with the sound coming off your super sound system, and images coming off your telly.
You can control all these using your smartphone. There is an Android App called 'Unified Remote'
Just conncet your phone to the your home wireless network and install the server version of unified remote on the computer. You will be able to browse on the big screen from the comfort of your sofa.

TV remote control
Most new tv's can be controlled using your Android smartphone. If you have latest (2010 or later) Samsung TV's you can install this android app  or this one to control your tv. If both your TV and smartphone are Samsung brand, you can use this app
If you have an old Samsung TV, you can follow the 3rd instalment of this series to see how I played with a 2009 model Samsung TV.

[HEA-1] Components of a Home Entertainment Nework

Components of a Home Entertainment Nework
Broadband conection
You need to have an internet connection, so that you can be able to pull content from the internet. Many providers will give you a modem/ or piece of equipment that connects to the internet be it via DSL, Cable, or FTTH.
Wired/Wireless home newtork
Most nternet service providers in the UK will provide a wireless router (in somecases eg BT, the wireless router and DSL modem are all built into a single hardware device) You connecet the modem to the wireless router. The wireless router will most likely have a few ethernet port, you can use these if you want to connect any other device eg TV or computer to your home network using ethernet cables. There are perfomance and reliability(qos) benefits of using a wired connection over a wireless connection. However, if you devices are not located in close proximity, wireless will inevitably be the best solution.
Home PC/Laptop/Media server
You can use any computer with any operating system provided it performs good enough to be able to sream media files.
Digital Set-top box/PVR/DVR
You may already have digital video recoders, If these can be connected to you home network, the better. Samsung recoders, blu-ray discs etc all are capable of connecting to other Samsung devices wirelessly (Anynet+) However, these kind of devices may not be necessary for an internet enabled home entertainment network since you can be able to record your freeview or other broadcast to your computer.
Network capable TV
A lot of TVs nowadays are internet enabled. This means they can be connected to your home entwork via either an ethernet port (if it comes with one) or wifi. There are some models which have USB ports that can be used to connect a wifi dongle, and they can then be connceted to your wifi using that dongle. You would need to examine your TV to check for whether it has an ethernet port or a usb port. Also you have to check in its manual for the internet functionality it can do. Most HD TVs from 2009 onwards are network enabled.
Smartphone
You will need a good performing smartphone. Needs to be able to run processor and ram intensive apps decently. In terms of currently available appls and tools, this is an area where Android phones outshine the iPhone.

Thursday 25 August 2011

[HEA-5] The Power of Android 2 - Complete DIY Home Automation

How to control Home Entertainment devices, Lighting, Heating, Blinds, Doors etc. using your Android Phone.

The following devices/software/links offer some practical, but easy/cheap ways of controlling a long list of devices using your Android phone. I have used a number of these
X10
RedEye
LightwaveRF
Heatmiser Wifi boilder thermostats
Other home automation devices

Tuesday 23 August 2011

[HEA-0] Home Entertainment Automation (DIY) - Introduction

I have recently been playing around with my TV. In this series of postings, I will be discussing various exploits that I have been doing in my home. I will outline various tools and accessories that I have utilised in achieving HEA. The following is a list of the headings that I will assign to this series.

Components of a Home Entertainment Nework
Networked Media
Playing with my TV
Taking advantage of Android to achieve home entertainement automation

Friday 15 July 2011

Google+ invites available

I've got a few Google+ invites, anyone who wants one?
Just comment, including your email and I will send you the invite.
Cheers all!

Monday 25 April 2011

My SELinux Quick Reference

tested for RHEL/Centos 5

Check status of selinux
sestatus

List security context of file and/or directories
ls -Z /dir

List security context of a/processes
ps axZ | proc

Change security context for a file/dir
chcon -Rv --type=proc_sys_content_t /dir (reboot persistent)
semanage fcontext -a -t proc_sys_content_t "/dir(/.*)?" (filesystem relable persistent)

Restore security contect of a file/dir
restorecon -Rv /dir/subdir

Allow access to a port, eg.
semanage port -a -t http_port_t -p tcp 81

Toggling SELinux policies with boolean commands;
see this wiki


When you are hitting a security restriction in your server that's being enforced by SELinux (in enforcing mode) You can troubleshoot such issues by first setting selinux to permissive and check the audited security context breaches.
setenforce 0

If SELinux (in permissive mode) is complaining about a specific process' access to files(/var/log/audit/audit.log), we can resolve these issues by reviewing what SELinux would have wanted inorder to allow access. e.g for snmpd:
grep snmpd_t /var/log/audit/audit.log | audit2allow -r

If the results look reasonable, then make custom policy module to allow the actions;
grep snmpd_t /var/log/audit/audit.log | audit2allow -M snmpdlocal

and then load the module
semodule -i snmpdlocal.pp

then check if module is loaded correctly
semodule -l

Monitor the audit.log to see if issue is resolved. If all looks ok, then revert your SELinux to enforcing
setenforce 1

Tuesday 1 February 2011

Configuring squid proxy for ldap authentication

This article is intended for someone with prior knowledge of how squid proxy server works. It seeks to summarise and simplify the process of configuring squid to authenticate against an ldap directory and possibly setup access controls to web resources against ldap groups.

Note that you probably need kernel-devel openldap-devel packages on your system.

Make sure that your squid is compiled with ldap support. If not already so, you can reconfigure your squid by re-running './configure' as follows:

]# ./configure --sysconfdir=/etc/squid --bindir=/usr/sbin --includedir=/usr/include --localstatedir=/var --with-logdir=/var/log/squid --datadir=/usr/share --libexecdir=/usr/lib/squid --enable-basic-auth-helpers="LDAP MSNT NCSA" --enable-external-acl-helpers="ip_user ldap_group unix_group wbinfo_group"


Then in your squid.conf you should configure authentication by modifying the auth paragraph/directives

auth_param basic program /usr/lib/squid/squid_ldap_auth -b "ou=yourou,o=yourorg" -f "uid=%s" -h your_ldap_server.domain.com
auth_param basic children 10
auth_param basic realm "Domain.Org Proxy-Cache"
auth_param basic credentialsttl 5 minutes


To be able to filter users with ldap groups, you need to configure external acl like:

external_acl_type ldap_groups %LOGIN /usr/lib/squid/squid_ldap_group -b "ou=your_ou,o=your_org" -f "(&(cn=%g)(memberUid=%u))" -h your_ldap_server.domain.com


On the acls, you specify the handle for your auth

acl ldap_authenticated proxy_auth REQUIRED
acl allowed_groups external ldap_groups mygroup
acl subnet1 src 10.0.0.0/255.255.0.0


Then finally on the http_access section:

http_access allow subnet1 ldap_authenticated allowed_groups


Here, you should remember that squid access rules are read sequencially top-down and when a match is found, processing stops. so the order of your access/deny directives matter very much.
The above statement matches all users in subnet1 who are successfully authenticated and belong to ldap group 'mygroup'

Test your setup to see if auth is working ok, On the command prompt run:
/usr/lib/squid/squid_ldap_auth -b "ou=yourou,o=yourorg" -f "uid=%s" -h your_ldap_server.domain.com

and supply a username 'space' password
If it returns 'OK' then your auth is setup ok. Make sure there is only a single space between username and password

As a bonus: you may consider immunising your squid conf
]# chattr +i /etc/squid/squid.conf


This has been tested against Centos 5.3 squid-3.0.STABLE12 installed from source.