Basics Of Remote Cellular Access – Choosing A Modem

These days, we’re blessed with cellular data networks that span great swathes of the Earth. By and large, they’re used to watch TV shows and argue with strangers online. However, they’re also a great tool to use to interact with hardware in remote locations, particularly mobile ones where a wired connection is impractical.

In this series, we’re taking a look at tips and tricks for doing remote cellular admin the right way. First things first, you’ll need a data connection – so let’s look at choosing a modem.

Options Abound

When shopping around for cellular data modems, it can be difficult to wade through the variety of options out there and find something fit for purpose. Modems in this space are often marketed for very specific use cases; at the consumer level, many are designed to be a no-fuss home broadband solution, while in the commercial space, they’re aimed primarily to provide free WiFi for restaurants and cafes. For use in remote admin, the presence of certain features can be critical, so it pays to do your research before spending your hard earned money. We’ve laid out some of the common options below.

Consumer Models

The Sierra Aircard 320U is ancient now, with limited frequency bands available. Its flimsy flexible connector is also a drawback. However, its ease of configuration with Linux systems makes it a dream to use in remote access situations. Unlike many others, it acts as a Direct IP connection, not appearing as a separate router.

Many telecommunications providers around the world sell cheap USB dongles for connecting to the Internet, with these first becoming popular with the rise of 3G. They’re somewhat less common now in the 5G era, with the market shifting more towards WiFi-enabled devices that share internet among several users. These devices can often be had for under $50, and used on prepaid and contract data plans.

These devices are often the first stop for the budding enthusiast building a project that needs remote admin over the cellular network. However, they come with certain caveats that can make them less attractive for this use. Aimed at home users, they are often heavily locked down with firmware that provides minimal configuration options. They’re generally unable to be set up for port forwarding, even if you can convince your telco to give you a real IP instead of carrier-grade NAT. Worse, many appear to the host computer as a router themselves, adding another layer of NAT that can further complicate things. Perhaps most frustratingly, with these telco-delivered modems, the model number printed on the box is often not a great guide as to what you’re getting.

A perfect example is the Huawei E8327. This comes in a huge number of sub-models, with various versions of the modem operating in different routing modes, on different bands, and some even omitting major features like external antenna connectors.  Often, it’s impossible to know exactly what features the device has until you open the box and strip the cover off, at which point you’re unable to return the device for your money back.

All is not lost, however. The use of VPNs can help get around NAT issues, and for the more adventurous, some models even have custom firmware available on the deeper, darker forums on the web. For the truly cash strapped, they’re a viable option for those willing to deal with the inevitable headaches. There are generally some modems that stand out over others in this space for configurability and ease of use. This writer has had great success with a now-aging Sierra Aircard 320U, while others have found luck with the Huawei E3372-607. As per earlier warnings though, you don’t want to accidentally end up with an E3372-608 – thar be dragons.

Continue reading “Basics Of Remote Cellular Access – Choosing A Modem”

TinyPilot Provides KVM-over-IP, With Low Cost And Even Lower Latency

Remote access is great, but if the machine stops booting, ceases to connect to the network, or needs low-level interaction like BIOS settings or boot management, remote access is worthless because it’s only available once the host computer is up and running. The usual solution is to drag a keyboard and monitor to the machine in question for physical access.

Ubuntu laptop (right) being accessed over IP, via web browser on the left.

For most people, swapping cables in this way is an infrequent task at best. But for those who work more closely with managing hardware or developing software, the need to plug and unplug a keyboard and monitor into machines that otherwise run headless can get tiresome. The modern solution is KVM (keyboard, video, mouse) over IP, but commercial options are expensive. [Michael Lynch]’s TinyPilot on the other hand clocks in at roughly $100 of parts, including a Raspberry Pi and USB HDMI capture device. It does have to drop the ‘M’ from KVM (meaning it does not support a mouse yet) but the rest of it hits all the bases, and does it all from a web browser.

What exactly does TinyPilot do? It provides remote access via web browser, but the device is an independent piece of hardware that — from the host computer’s point of view — is no different from a physical keyboard and monitor. That means keyboard and video access works before the host machine even boots, so even changing something like BIOS settings is no problem.

[Michael] demonstrates his design in the video embedded below, but we encourage you to check out the project page for a fascinating exploration of all the challenges that were part of TinyPilot’s development.

Continue reading “TinyPilot Provides KVM-over-IP, With Low Cost And Even Lower Latency”

Print From The ESP8266, Courtesy Of Google

The ESP8266 has become the hacker’s microcontroller of choice because it’s exceptionally easy to get the chip connected to the network and talking to other devices. The fact that it’s also absurdly cheap is just a bonus. Since nearly every piece of electronics you buy today is “smart” enough to include some form of Internet control, that means there’s no shortage of gadgets these MCUs can potentially poke and prod.

In their latest tip, [TecnoProfesor] shows how you can interface the ESP8266 with Google’s Cloud Print, a service that enables simple remote printing over the web without having to worry about having the proper device drivers. Remote printing from the ESP8266 might seem like little more than a gag at first glance, but if you’re the kind of person who likes to have hard copies of data, adding the capability to generate a daily printed report to your weather station could be a nice weekend project.

[TecnoProfesor] provides explanations and source code for printing documents of various sizes from both the ESP8266’s internal flash storage and an SPI-attached SD card. Towards the end of the write-up, there’s even some explanation of how the setPrintDocument() function of the Cloud Print API can be used in more advanced scenarios, such as printing web pages or documents stored in Google Drive.

When we see microcontrollers connected to printers, they’re usually of the small thermal kind. Being able to access “real” printers with such a simple technique offers some interesting possibilities, though like most technology, there’s potential for it to be misused.

[Thanks to Andrew for the tip.]

Set Up A Headless Raspberry Pi, All From Another Computer’s Command Line

There are differences between setting up a Raspberry Pi and installing an OS on any other computer, but one thing in common is that if you do enough of them, you seek to automate the process any way you can. That is the situation [Peter Lorenzen] found himself in, and his solution is a shell script to install and configure the Raspberry Pi for headless operation, with no need to connect either a keyboard or monitor in the process.

[Peter]’s tool is a script called rpido, and with it the process for setting up a new Raspberry Pi for headless operation is super streamlined. To set up a new Pi, all [Peter] needs to do is:

  1. Plug an SD card into his laptop (which happens to be running Ubuntu.)
  2. Run: rpido -w -h myhostname -s which downloads and installs the newest version of Raspbian lite, does some basic setup (such as setting the hostname), configures for headless operation, and launches a root shell.
  3. Use the root shell to do any further tweaks or checks (like launching raspi-config for additional changes.)
  4. Exit the shell, remove the SD card from his laptop, and install the card into the Raspberry Pi.

There are clear benefits to [Peter]’s script compared to stepping through a checklist of OS install and setup tasks, not to mention the advantage of not needing to plug in a keyboard and monitor. Part of the magic is that [Peter] is mounting the SD card’s filesystem in a chroot environment. Given the right tools, the ARM binaries intended for the Pi run on his (Intel) Ubuntu laptop. It’s far more convenient to make changes to the contents of the SD card in this way, before it goes to its new home in a Pi.

Not everything has to revolve around an SD card, however. [Jonathan Bennet] showed that it’s possible to run a Raspberry Pi without an SD card by using the PXE boot feature, allowing it to boot and load its file system from a server on the same network, instead of a memory card.

IOT Startup Bricks Customers Garage Door Intentionally

Internet of Things startup Garadget remotely bricked an unhappy customer’s WiFi garage door for giving a bad Amazon review and being rude to company reps. Garadget device owner [Robert Martin] found out the hard way how quickly the device can turn a door into a wall. After leaving a negative Amazon review, and starting a thread on Garadget’s support forum complaining the device didn’t work with his iPhone, Martin was banned from the forum until December 27, 2019 for his choice of words and was told his comments and bad Amazon review had convinced Garadget staff to ban his device from their servers.

The response was not what you would expect a community-funded startup. “Technically there is no bricking, though,” the rep replied. “No changes are made to the hardware or the firmware of the device, just denied use of company servers.” Tell that to [Robert] who can’t get into his garage.

This caused some discontent amoung other customers wondering if it was just a matter of time before more paying customers are subjected to this outlandish treatment. The Register asked Garadget’s founder [Denis Grisak] about the situation, his response is quoted below.

 It was a Bad PR Move, Martin has now had his server connection restored, and the IOT upstart has posted a public statement on the matter.– Garadget

This whole debacle brings us to the conclusion that the IoT boom has a lot of issues ahead that need to be straightened out especially when it comes to ethics and security. It’s bad enough to have to deal with the vagaries of IoT Security and companies who shut down their products because they’re just not making enough money. Now we have to worry about using “cloud” services because the people who own the little fluffy computers could just be jerks.

Remote Access Programs Are Good Security For Laptops

Don’t be [Gabriel Meija], the criminal pictured above. He stole [Jose Caceres]’ laptop, but didn’t realize that [Caceres] had installed a remote access program to track the activity on the laptop. Although the first few days were frustrating, as [Meija] didn’t seem to be using the laptop for anything but porn, [Caceres]’ luck turned when he noticed that an address was being typed in. [Caceres] turned the information over to police, who were able to find [Meija] and charge him with fourth-degree grand larceny. It’s not the first time that tech-savvy consumers have relied on remote access programs to capture the criminals who’ve stolen their computer equipment, and it certainly won’t be the last, as the technology becomes more readily available to consumers.

[via Obscure Store and Reading Room]