Nighttime excursions

Posted on Wed 15 August 2018 in random notes • Tagged with Graz

It was late. It usually is, given I’m much more comfortable at night than during the day, when there is less noise. I was listening to music with my headphones on, deciding on some ideas for songs I wanted to recommend to friends. I remember it being a hot day - that was contributing to me not wanting to go to bed earlier.

Between the music, I heard a noise as if metal was clanging to metal. Suddenly I was wide awake, taking off my headphones as I’m often enough a cautious person. As I heard the chuckling it was clear to me what was happening.

I switched off the lights and closed the open and tilted windows. Then I waited a bit, looking out of the center window. It didn’t take long for a young man - probably in his teens - to appear and look in.

And I was looking out. I didn’t say anything and neither did he. I don’t think he expected anyone to be looking out of the window at 01:30 AM, when he had just climbed the scaffolding some construction workers had put up a few days before and looked through the window into the third floor.

After a moment he left. I didn’t sleep well that night. I’m not sure what to think. I have an apartment that’s not on the ground floor in order to prevent exactly this kind of situation from ever happening, but it still did. I don’t think he’ll return, but given this is a large city, others might get the same idea. I reckon this was a more of a dare or a drunk stunt than an attempted burglary.

I’ve been asked if I wasn’t afraid. Afraid? No. The thought that I might be in danger never entered my mind. It might’ve been the giggling that made this seem so harmless. I was a bit annoyed that the situation I had gone to extra lengths to avoid had still occurred. I was also surprised how far people are willing to go for an adrenaline kick.

I wonder though how it would’ve played out, had I taken a strong flashlight and pointed it towards the man.


Nighttime excursions is part 1 of From the inner city:

  1. Nighttime excursions

Reading recommendations (2018-08-13)

Posted on Mon 13 August 2018 in reading recommendations

It’s been a while since the last post because I’m still busy handling all the paperwork that comes with changes in lifestyle. Meanwhile I’ve watched some new anime on Crunchyroll: Caligula, Phantom in the Twilight, How not to summon a demon lord, Isekai Izakaya: Japanese Food From Another World and Bungo Stray Dogs. Of these, BSD and PitT were the truly great ones, whereas C felt like a plagiarized version of The World Ends With You. Not a bad thing, it just leaves a strange aftertaste.

I’ve also checked out Stories: Path of Destinies since I got it for free a while back and it’s fun. There could be a little more depth to it since I unlocked the true ending in 8 hours while still missing more than 2/3 of the other dead ends.


The A1 Internet Odyssey

Posted on Sat 14 July 2018 in random notes

Let’s start with some context. I have moved recently. After a period of searching I have found an apartment that I liked and that was within my budget. Fast forward a bit to the point after I had moved in and was in the process of organizing an Internet connection. That’s how I arrived at this post.

Update: 2018-08-07 - added new information, updated timeline, added table

Intel gathering

I called UPC since I had a running contract there for the previous apartment. I was excited to order their 125Mb/s package for ~ €31/month. Sadly, the helpful operator told me that this is not available at the specified address. I was floored, but after a short time of sulking I was reconsidering my options.

A1 – a fusion of a mobile phone provider and one of our oldest Internet service providers in Austria – had a tempting offer. Theoretical 150Mb/s using both DSL (which goes to a maximum of about 40Mb/s via telephone cable) augmented by LTE, in the same box, using a technique called Bonding which is also used for servers. My first encounter with it was when reading about the networking that is done for the yearly CCC meetings in Germany. This offer is for ~ €60/month though. Considerably harder to argue, but still tempting.

Contract signing

It happens that I ventured to one of their stores on Saturday to sign the contract. For reasons I’ll explain later, that might not have been the best idea. I was told that I’ll receive a box with everything I need to set up the connection myself within 3 working days. With that said and the contract in my bag, I left. What was strange though was the employee’s reaction upon me asking the following question: “What do I do if I am not satisfied with the quality of the product? What do I do if it doesn’t work?” He looked at my as if I was an alien. Apparently their equipment and network not living up to the full expectation of the customer is not part of the training the shopkeepers receive. Or is it and I didn’t realize?

Installation

Of course, if a company says “It will be there after 3 working days” what they really mean is “There’s a slight chance that it will be there after 3 working days, but 5 is more likely”. After the postman woke me up in the morning I opened the package, connected everything, waited the recommended amount of time and nothing. So, I called the support hotline even though I strongly dislike calling support for any reason. After a bit of to and fro the person on the other side of the line said “but you had a technician connect the line for you”.
My answer: “No.”
Him: “But it says here that an appointment for the technician was arranged for [date 3 days in the past], that he was there and everything was handled properly.”
Me: “I assure you, I had no appointment and nobody was ever at my place. Your colleague in the shop also failed to mention that I need an appointment for a technician.”
Him: “Alright, please stay on the line, I need to clear this internally.”

After some waiting time, he assured me that a technician would contact me for an appointment. I got a call in the afternoon and we fixed an appointment for the morning of the next day.

The next day, the technician arrived, did their job in a few minutes and left. Again, I waited for a while and then tried if I had a connection. I had working Internet! However, I was far from the theoretical 150 Mb/s I paid for, getting only ~ 35 Mb/s. That is less than the physical limit of the DSL connection (that being around 40-42 Mb/s according to my research), never mind the possible augmentation through LTE.

Since I didn’t get the full speed I paid for even after an hour of waiting, I called support again. They told me that the modem needs about 24 hours of searching for cellphone towers to be properly configured. To be honest, this came with an immediate feeling of disbelief to me. I mean, this is based on cellphone technology and we surely don’t need to wait a full day before we can use our mobile Internet connection after moving a few kilometers. However, I was running out of time as well as patience and went to work. On the way there I checked my postbox and found an advertisement by UPC which offers great cheap Internet, except that they didn’t offer the product on the flyer at my address so I felt just a little taunted. Just a lil’.

However, I didn’t have time to look into this after 24 hours because by then I was traveling.

The Waiting Game

So, rather, I gave it more than 48 hours and checked upon returning on Sunday. Of course, no significant changes had happened. I called support and the technician ran tests, then acknowledged there was a problem. She understood that I would be paying too much for the performance provided and wanted to send me an antenna which functions as accessory for the device to improve cellphone reception. However, A1 had internal IT issues on that weekend. She asked me to call again the next day and ask to specifically be connected to her so I wouldn’t have to explain the issue another time. What she, for some reason, didn’t realize is that with their system it is technically impossible to reach a certain individual inside their support group.

The next day, I did as told and called support asking for the technician in question. I was told that it’s not possible to connect me directly and they would leave a note for her to call me back.

After some time, I received a call from another person saying the technician in question was sick on that day and they would take over. I was told that yes, I did need an antenna and they could send it to me. It would take several days – to which I replied that I could just pick it up at the store since it’s nearby. I would not need to pay the €35 for shipping.

I headed over to the store. The customer representative told me that they had an antenna, but they could only send them via mail, else I would have to buy one and that would be €60. I was told I should call support again.

I returned home and called support again. Support assured me that the treatment I received was very unfortunate and they were working on it. They would call me back.

I received another call from support. They were still working on the issue and just wanted to let me know that I had not been forgotten. I would receive another call.

Meanwhile I found out that I would’ve been able to cut down the minimum contract length from the brazen 24 months to a mere 6 months had I told them that I was a student. I swore and felt another pang of buyer’s remorse.

Later, I did in fact receive another call. They told me that the antenna has already been deducted from my bill and it would cost those €35 in the store. They would not be billed but deducted from the overall bill instead. I still needed to get the antenna. I got a more detailed description of what I was to ask for at the store.

I ventured to the store again, hopeful of finally getting what I need to achieve the Internet performance I paid for. Another clerk told me they knew what I needed but they sold the last one mere minutes ago. I was getting frustrated at that point and lost my cool in the shop. After some very cynical remarks, I left and went home. The clerk had told me that there was no delivery with new antennas until the coming week.

Having arrived at home, I was on the phone with support again. That time, they apologized even more sincerely. The technician checked every avenue he could think of, even checking the inventories of surrounding stores whether any had antennas left. He was also out of antennas in their warehouse. I was told that I would have to wait until Wednesday the following week until they received new antennas. Starting from then it would take three more business days for the antenna to arrive at my place.

Now, if I were a cynical man, I’d suggest that this company is playing the long game hoping that I’m willing to stick with their bullshit until I can’t cancel the contract. However, the joke’s already on me because I signed the contract at their store, which means I don’t have the usual 14 days of cancellation rights you get when ordering online.

I was assured that A1 would arrange for an antenna for me since I have one of their most expensive consumer products. They would decide whether my payments might be reduced due to reduced service, but really it didn’t make a difference. I mean, all their products of this line cost the same amount during the initial 3 months phase.

Research & more calls

Understandably, my patience was wearing extremely thin at that point. I vented my frustration via chat to a friend. She did a bit of research and found out that T-Mobile, another mobile service provider, had a similar offer with the same theoretical speed for €15 less per month. I was even more frustrated and checkout out the product page. I considered canceling right then and there, but opened the customer chat instead. I received the following information.

  • no technician is necessary to switch if there already is a working DSL connection
  • no antenna is shipped with the device
  • they offer a testing phase which starts with the DSL connection
  • their product retrieves its configuration via LTE (whereas the A1 modem does so via DSL and disables its LTE completely without DSL as I have seen during testing)
  • they can cancel my service with another company for me
  • when I cancel such a contract, the service ends immediately but one still needs to pay the full sum of all remaining payments. (remainining_months * monthly_payments). From a customer’s point of view, this is insane. From any ISPs point of view, this is standard procedure. Can you tell I dislike ISPs and MSPs?

Angrily, I called another friend who has a background in law and asked for her opinion. She replied that there was little I could do. I needed to give the company the chance to fulfill the contract and wait. Then, if things did still not improve I could talk to them again about either completely canceling it or working out a possible downgrade to an option which is technically possible at my address.

Now I know why the sales rep at the store looked at me as if I were mad when I asked what to do in case I’m not satisfied. If this is how everyone’s experience with A1 is, I’m not sure they even have satisfied customers.

By the time of me publishing this, I have given them ample time to send me an antenna and nothing happened. So I’ll pester A1 again. Until they fix my Internet or openly admit that they can’t give me what I pay them for.

Update: 2018-08-06, more calls and no changes

In the afternoon of the same day I initially published this article, I had yet another phone call with support. They agreed to send me the external antenna and some cables.

Four days later I picked up the boxes at my local post office, went home, installed them and nothing. It should not even be technically possible, but connecting the antenna changed nothing at all. So I called support again, had them provide instructions, checked the box. We did the remote measurements again, I took more notes and detailed measurements. At least in the second call, since the first one abruptly ended. Then, I was told that “yes, measuring via a WLAN device versus a cable connected device makes a difference” which annoys me since I had several dozen measurements that prove that it hardly makes one. However, I agreed and the difference in speed was negligible (around 5 Mb/s when I’m about ten times that amount).

Additionally, their competitor just so happened to mail me a survey about satisfaction with mobile phone providers the same day. I love how cynical all of this is without me twisting something to fit the narrative.

After which they told me that this is all they can do. Then they found out there’s a damaged cellphone tower in my vicinity and argue this might be the problem. I inquired since when the tower has been damaged and after I got a day, I informed them that my problem has been going back a lot longer, so that is not the issue.

I was enraged and the next day I called the Konsumentenschutz what to do. I’m still incapable of believing they can’t offer one of their flagship products in the city center of Austria’s second largest city. The nice lady told me that there might be a way to cancel the contract if they are clearly not able to offer the performance I’m paying for but I need to get that in writing.

This post will be updated accordingly.

Timeline

  • 2018-06-16, Saturday - signed contract
  • 2018-06-21, Thursday - received router, call #1, call #2
  • 2018-06-22, Friday - DSL enabled by technician, call #3; got shitty ad from competitor
  • 2018-06-24, Sunday - call #4, antenna is promised but not sent
  • 2018-06-25, Monday - call #5, call #6, store does not give out antenna, call #7, call #8, call #9, store does give out antenna but does not have any left, call #10
  • 2018-07-14, Saturday - article is published, no improvement, no antenna, call #11
  • 2018-07-18, Wednesday - call #12, call #13, got survey from competitor
  • 2018-07-19, Thursday - call to Konsumentenschutz
  • 2018-08-07, Tuesday - article is updated to reflect the current state

Measurements

IP_ADDRESS TEST_DATE TIME_ZONE DOWNLOAD_MEGABITS UPLOAD_MEGABITS LATENCY_MS SERVER_NAME DISTANCE_MILES
194.118.72.xxx 6/22/2018 8:03 AM GMT 36.76 9.12 13 Graz 100
194.118.82.xxx 6/22/2018 8:33 AM GMT 35.71 9.29 12 Graz 100
194.118.82.xxx 6/22/2018 8:42 AM GMT 35.17 9.49 12 Graz 100
194.118.120.xxx 6/22/2018 8:57 AM GMT 44.30 11.11 13 Graz 100
194.118.120.xxx 6/22/2018 9:00 AM GMT 35.17 9.56 12 Graz 100
91.113.127.xxx 6/22/2018 9:07 AM GMT 36.57 9.64 13 Graz 100
91.113.127.xxx 6/22/2018 9:10 AM GMT 37.94 9.72 12 Graz 100
91.113.127.xxx 6/22/2018 9:12 AM GMT 35.59 9.51 14 Graz 100
91.113.127.xxx 6/22/2018 9:15 AM GMT 34.23 9.91 13 Graz 100
91.113.127.xxx 6/22/2018 9:23 AM GMT 33.17 9.68 15 Graz 100
91.113.127.xxx 6/22/2018 10:00 AM GMT 33.33 9.09 14 Graz 100
91.113.127.xxx 6/22/2018 1:01 PM GMT 17.12 12.17 14 Graz 100
91.113.127.xxx 6/22/2018 1:02 PM GMT 49.14 14.94 14 Graz 100
91.113.127.xxx 6/24/2018 3:53 PM GMT 7.96 7.99 22 Vienna 0
91.113.127.xxx 6/24/2018 3:53 PM GMT 16.73 6.18 13 Vienna 0
91.113.127.xxx 6/24/2018 3:54 PM GMT 3.05 7.76 20 Vienna 0
91.113.127.xxx 6/24/2018 3:55 PM GMT 20.65 5.20 20 Vienna 0
91.113.127.xxx 6/24/2018 3:57 PM GMT 17.31 5.83 28 Vienna 0
91.113.127.xxx 6/24/2018 4:00 PM GMT 12.23 8.07 12 Vienna 0
91.113.127.xxx 6/24/2018 4:02 PM GMT 18.73 6.68 12 Vienna 0
91.113.127.xxx 6/24/2018 4:03 PM GMT 31.96 7.41 23 Vienna 0
91.113.127.xxx 6/24/2018 4:04 PM GMT 33.91 9.51 9 Vienna 0
91.113.127.xxx 6/25/2018 11:10 AM GMT 63.10 22.54 9 Vienna 0
91.113.127.xxx 6/25/2018 11:50 AM GMT 65.69 23.26 10 Vienna 0
91.113.127.xxx 6/25/2018 12:13 PM GMT 62.78 24.52 10 Vienna 0
193.80.90.xxx 6/25/2018 3:53 PM GMT 35.24 9.08 11 Vienna 0
193.80.90.xxx 6/25/2018 3:55 PM GMT 55.65 24.46 12 Vienna 0
193.80.90.xxx 6/25/2018 4:06 PM GMT 55.07 21.74 10 Vienna 0
193.80.90.xxx 6/26/2018 8:35 PM GMT 60.55 24.92 10 Vienna 0
193.80.90.xxx 6/29/2018 6:53 AM GMT 55.18 23.65 12 Vienna 0
193.83.141.xxx 7/18/2018 4:09 PM GMT 35.41 9.63 8 Vienna 0
193.83.141.xxx 7/18/2018 4:11 PM GMT 34.28 9.35 10 Vienna 0
193.83.140.xxx 7/18/2018 4:18 PM GMT 35.15 9.70 11 Vienna 0
193.83.140.xxx 7/18/2018 4:20 PM GMT 35.42 9.67 10 Vienna 0
193.83.140.xxx 7/18/2018 4:22 PM GMT 57.43 25.04 10 Vienna 0
193.83.140.xxx 7/18/2018 4:23 PM GMT 62.88 23.82 10 Vienna 0
193.83.140.xxx 7/18/2018 4:24 PM GMT 64.72 25.53 11 Vienna 0
193.83.140.xxx 7/18/2018 4:26 PM GMT 64.06 24.64 10 Vienna 0
193.83.140.xxx 7/18/2018 4:30 PM GMT 56.46 24.93 10 Vienna 0
193.83.140.xxx 7/18/2018 4:32 PM GMT 61.14 22.91 10 Vienna 0
193.83.140.xxx 7/18/2018 4:33 PM GMT 35.44 9.61 8 Vienna 0
193.83.136.xxx 7/18/2018 4:37 PM GMT 56.96 24.67 9 Vienna 0
193.83.136.xxx 7/18/2018 4:38 PM GMT 18.65 17.02 17 Vienna 0
193.83.136.xxx 7/18/2018 4:45 PM GMT 17.96 17.27 16 Vienna 0
193.83.136.xxx 7/18/2018 5:16 PM GMT 20.98 16.14 18 Vienna 0
193.83.136.xxx 7/18/2018 5:48 PM GMT 31.39 25.36 10 Vienna 0
193.83.136.xxx 7/18/2018 5:49 PM GMT 46.84 24.70 10 Vienna 0
194.118.74.xxx 8/6/2018 10:54 PM GMT 72.98 24.79 13 Linz 100

Reading recommendations (2018-05-18)

Posted on Fri 18 May 2018 in reading recommendations

Recently I’ve spent a lot of time playing Ni No Kuni 2: Revenant Kingdom and some Tomb Raider, in addition to one of my classics, Cook, Serve, Delicious! 2. I’ve also taken some time to revisit Final Fantasy Tactics Advance 2: Grimoire of the Rift, my favorite title for the DS.

I’ve also discovered Crunchyroll which is an awesome service which lets you stream licensed anime for free, legally. I’ll happily disable my adblocker for that service — though I do find it curious that the ads I get are so strange. Sometimes they don’t load at all. Sometimes I get the same clip six times in a row. So far I’ve checked out Black Clover, Darling in the FRANXX, Restaurant to Another World and Interviews with Monster Girls. Sadly, some series are not available in my region.


Interviewing for a successor

Posted on Fri 11 May 2018 in work • Tagged with Institute for Computer Vision and Computer Graphics

I left my job at the ICG in March 2018. One of my last tasks there was helping in searching for a successor for my position whom I could hand over my responsibilities with as little worries as possible. I updated the same job posting that had been used to announce the opening when I applied and updated it with new phrasing. I wanted to emphasize that a lot of learning can be done on the job. Experience in the comprehensive list of open source technologies the institute uses was a definite plus but I was certain that a minimum of understanding of Linux, good written and spoken English as well as the willingness to learn were enough to grow into the job. After all, usually people apply who do not have all qualifications matching your list but some that are not on the list and help them anyway.

I wanted to make sure that we had as much of an objective method to judge the applicants as possible — therefor I put together a questionnaire containing two real life scenarios as well as a short list of bonus points. These questions were discussed with the applicants and I decided which topics were sufficiently answered. I held the entire technical part of each interview.

I want to point out that my goal was not — as some of my colleagues joked — to create a test which one could “pass” or “fail”. I simply wanted to measure applicants by a more meaningful measure than “they were good” or “they were ok”. I had the hope that my scenarios would give us a heads-up whose technical knowledge was better if applicants were subjectively close to each other.

Section 1 - VM diagnosis & rescue

You have a physical machine running a Hypervisor (e.g. Xen) and a virtual machine running a Debian based Linux distribution (e.g. Ubuntu). You notice that the VM has stopped checking in with your monitoring solution. What do you do?

- contact via SSH
- check if the machine is listening (e.g. `ping`, `nmap`)
- check if the machine is running (e.g. `xl list`, `xl top`)
- send out notice that you're working on said machine (*bonus*)

The initial step of the diagnosis is for steps one can take really quickly. I accepted solutions that did not name command line utilities suggested if they served a similar purpose (e.g. VBoxManage would be fine). Bonus questions give additional points that can raise the score above the maximum points of a given question.

You have established that the machine is indeed not running. When you tried to restart the machine via the hypervisor, it is showing activity in the hypervisor output but it is neither accessible remotely (via SSH) nor does it show up in the monitoring solution. What are your next steps?

- check log files
  - host logs => there is nothing relevant in them
  - guest logs
  - centralized logging solution (*bonus*)
- try starting the machine with more verbose output from the hypervisor (*bonus*)
- check with some tool that displays screen of VM (e.g. VNC with SSH forwarding, `virt-manager`)

The second step is trying to figure out the cause of the issue after having verified the issue in step one.

You realize that the machine is not booting. It looks like a problem with GRUB but you are not entirely sure. You’d like to access the guest logs, just to be sure. The guest’s entire disk is a LVM logical volume mounted directly into the VM by the hypervisor. How do you proceed?

- find a tool to mount the logical volume on the host
  - read-only (*bonus*)
  - `kpartx` (*bonus*)
- check the logs in `/var/log/syslog` and similars in `/var/log`. Check `/var/log/dpkg.log`.

Step number 3 is to make reasonably sure it is a problem that has surfaced due to a problem with GRUB and has not been triggered by something else entirely.

The chance that it is a GRUB problem is more likely than ever. How do you proceed to try and fix the VM?

- boot from ISO (or remount read-write on host)
- `boot-repair` (*bonus*)
- reinstall GRUB

The last step of the first scenario deals with an actual attempt at fixing the VM. The infrastructure at ICG is built in a way that makes repairs more feasible than spinning up and configuring new machines without data loss.

Open question: What do you think could be the cause of such an issue?

No points were given for this question, but I noted down what the applicants came up with and commented on the likeliness of their thoughts, so they had some immediate feedback.

Section 2 - Server best practices

You have a service that you need to provide to the whole internet (or rather, your colleagues who are currently abroad). It has at least one component accessible by a web browser and one more component (e.g. SSH, IMAP, POP) that needs to be protected. How would you make reasonably sure that things are protected?

- protect the web service with a TLS certificate [and encryption]
- redirect port 80 to 445 to always enforce encryption
- implement a rate limit against brute force attacks (e.g. `fail2ban`, builtin software)
- have the server update the software on its on (or have a way to be notified of updates, e.g. mail, RSS)
- implement a backup strategy [and test it]
- provide VPN access or suggest using TU VPN and restrict firewall settings (*bonus*)
- **set up monitoring for aforementioned things**

The server best practices section was my attempt to get a feel for what the applicant knows about operations. While the previous scenario revolved around troubleshooting, this one is focused on knowledge and understanding of running servers in production. This was a question where I almost always received additional answers to the ones I hoped for.

Section 3 - Short questions

Do you have any experience with:

- Git
- Continuous integration (e.g. GitLab CI, Jenkins)
- Configuration management (e.g. Puppet, Chef, Salt)
- standard monitoring tools (e.g. Nagios, Sensu, Elastic products)
- NFS and auto-mounting
- web servers (e.g. Apache, Nginx)
- debugging software not written by you (e.g. Python code that shipped with your distribution)

This last section of questions aims to establish which topics the applicant might need training in order to fully understand and utilize existing ICG infrastructure.

Conclusion

After careful review of all applicants and their technical skills and demonstrated understanding of systems in use I gave an informed recommendation on whom to hire. I had the — very short — opportunity to introduce my successor to the most critical systems. For everything else they will have to rely on the documentation I wrote, their team members and their own skillset.

I certainly wish them all the best.