This post explains the procedure to disable TR069 on a Youhua PT926G fiber optic modem, to prevent China Telecom from pushing config/firmware updates, and void your change of switching to bridging mode or setting port-forward rules.In the WAN settings of the management portal of this modem, the TR069 connection can neither be modified nor removed. But with a simple patch on the management portal's code, you can break the limitation on the modem.First, you should follow my previous post: Hacking a Youhua PT926G Fiber Optic Modem, to obtain the Telnet Root password.Then Telnet in, run su, and type in the password to get to Root Shell. When you do that correctly, the command-line will prompt #.Then follow these steps:Type cp /home/httpd/web/net_eth_links.asp /var/ and hit Enter....

On the modern Internet, most websites already support HTTPS. The SSL/TLS encryption protocol will encrypt users' requests and the website's responses so that malicious users along the way cannot steal or tamper with the information. One important component of SSL/TLS protocol is asymmetric cryptographic algorithms. For these algorithms, the key separates into a public key and a private key, with the public key being public and the private key protected carefully.Accessing an HTTPS website usually follows these procedures:The website sends its public key (as a certificate) to the browser.The browser will verify the public key in case that a man-in-the-middle modified the key in order to block or tap into the communication.The browser (or the operating system)...

With the scale of conflict between China and the United States increasing, on some social media websites in China, some users started expressing concerns for the United States cutting China's access to DNS root servers or removing China's domains in the root servers in order to break China's Internet.By now, there is much analysis on the matter that states that this is unlikely to happen. Most of them focus on the following two points:DNS root servers use Anycast to broadcast their IPs, and there are root servers present in China that won't be affected by the network cut;For the United States, shutting down root servers cause more trouble than benefit, both economically and politically.Yet today, I'm going to present another point:...

This post explains the procedure to obtain such privileges from a Youhua PT926G fiber optic modem, without disassembling the device or using serial port converters.Super Admin users on Web UI (telecomadmin)Telnet's root user accessFTP accessFYI I obtained the device from China Telecom, Guangdong Shenzhen.Log on as Super AdminIf you directly access the modem's IP (http://192.168.1,1), you will see such a login page to the modem:Here you can log in with account name useradmin and the password labeled on the back of the modem, but there's not much you can do once logged in. The only useful thing seems to be Wi-Fi setting.But a Nmap scan reveals much more:$ nmap -v 192.168.1....

This post is about a meme in China that may require some cultural background to understand.Since the content is related to the specific language used, there are minor differences between the Chinese and English versions.What's "Scripture of Safety"?The Scripture of Safety (平安经) is a book written by He Dian, the (now former) official of Jilin Public Security Department, China. The content in the book is simply a repetition of the phrase "Wish XXX safe" (XXX 平安), yet the book is sold at a high price. The public speculates that publishing and purchase of the book serves as a mean of bribe.The content of The Scripture of Safety is formatted as: (from Wikipedia (Chinese))「眼平安，耳平安，鼻平安」"Wish eyes safe, ears safe,...

Changelog2022-07-21: Add starting GVT-g on startup. Thanks to comment from Owsmyf (on Chinese version of this post).2022-01-22: Revisions on NVIDIA driver updates and comments.I successfully passed through an Optimus MUXed GPU on my new laptop.Abstract (Spoiler Alert!)I successfully passed through Intel's GVT-g virtual GPU, as well as the dedicated NVIDIA GPU itself, into a virtual machine on Lenovo R720 gaming laptop.However, due to the limitation of the architecture itself, this GPU passthrough scheme is severely limited. For example, the dGPU is unusable in many games, and the performance is still relatively worse despite the complicated setup it needs.Therefore, you may attempt the passthrough purely for the fun of tinkering, but I don't recommend using it for anything important....

Welcome to my third development log. In the two previous logs, I discussed the pitfalls I met in the RoboMaster competition and FPGA course final project.This time I will be talking about my graduate design project, an air quality sensor network built by a 3-person group. The whole project is structured as follow:Obtain data from installed sensor modules and upload them to InfluxDB running on a serverSensors we used:MiCS6814, measures NO2, CO, and NH3Analog outputBME680, measures temperature, humidity, atmospheric pressure, and TVOCI2C interfacePMS5003, measures particle mattersUART serial outputExtra modules:ATGM336H, global positioning module with GPS+BeiDou supportUART serial outputESP8266, a widely used Wi-Fi moduleUART serial outputMH-CD42,...

Changelog2020-10-01: Add warning to not filter private ASNs within the internal network2020-06-07: Add limitations of Bird confederation and a way to simulate confederation2020-05-17: Initial versionComparison of BGP Interconnection Schemes within an ISPMost ISPs, or Internet Service Providers, use the BGP protocol to exchange their route information. Each ISP will obtain an ASN (Autonomous System Number) from the regional NIC (Network Information Center, e.g., APNIC, RIPE), like China Telecom's ASN is 4134 for example. Then, ISPs connect their boundary routers via physical links (copper line, fiber, satellite link, etc.), and configure BGP protocol on the boundary routers, so they will tell the other part that: "I'm AS4134, and I can provide access to the IP block of 202.101.0.0/18"....

History of x86 & x86_64, and x32 ABIMost of the personal computers and servers we use nowadays use the x86_64 architecture, whose specification was released by AMD in 2000 and the first processor released in 2003. Since x86_64 is a 64-bit architecture, in x86_64, each register in the CPU can hold 64 bits of data (or 8 bytes). Before x86_64 went popular, most computers used Intel processors, and the corresponding x86 architecture / ISA, a 32-bit architecture whose registers hold 32 bit of data (or 4 bytes).One significant improvement of the 64-bit architecture is the improved memory addressing ability. Computers usually follow such a routine while accessing the memory: write the memory address to be accessed into a register,...

Based on the requests of DN42 Telegram Group members, I plan to add Telegram Bot support to my Bird Looking Glass, so it is easier for them to look up whois information, testing networks and finding sources of route leaks. The bot is supposed to recognize commands starting with /, and respond to the message.My Looking Glass is written in Go, so at the beginning, I looked for Telegram Bot APIs in the Go language. However, those popular API libraries all use the same scheme for handling requests:Telegram server sends a callback to my own server;My program handles the request and may send multiple requests actively to the Telegram server, authenticated with a locally configured Token;Finally, the program actively sends a request to the Telegram server to send the response.While powerful,...