I completed a fun project over the holidays – a program that reads a file out loud to Amazon Alexa, byte-for-byte, to upload it to a remote host. Read about it here: https://articles.hotelexistence.ca/posts/voiceassistantfiletransferprotocol/

I completed a fun project over the holidays – a program that reads a file out loud to Amazon Alexa, byte-for-byte, to upload it to a remote host. Read about it here: https://articles.hotelexistence.ca/posts/voiceassistantfiletransferprotocol/
I created a service that website operators can deploy on AWS to check if their users are using passwords known to be breached, comparing them against Troy Hunt’s ihavebeenpwned database of ~600M breached passwords. Read about it out here: https://articles.hotelexistence.ca/posts/protectuserscredentialstuffing/
I got an email from Amazon today. I’m automatically opted-in to “Amazon Sidewalk”, unless I choose to opt out. Amazon Sidewalk allows devices participating their Sidewalk program to connect to the Internet through Amazon devices, like the Amazon Echo.
Amazon Sidewalk – a mesh network for Amazon devices to connect to the Internet:
https://www.amazon.com/Amazon-Sidewalk/b?ie=UTF8&node=21328123011
Not exactly how I’d envisioned a neighborhood mesh, but their “read the fine print to opt out” strategy will probably work better than my asking neighbors to build a network.
I was recently presented with a situation where I would have to regularly enter a 48 random character password for a month or more to log in to a computer that was assigned to me. Given that I couldn’t possibly memorize this string, and the computer is reasonably physically secure, I decided to build a device to do this for me.
I had previously used an Arduino to emulate a gamepad for a homemade Dance Dance Revolution mat. This time, I needed to emulate a keyboard. A search for “HID Arduino” returned the Arduino HID page, which suggested an Arduino with an Atmel 32u4 microcontroller. A search for Arduino 32u4 on Amazon returned the KeeYees Pro Micro clone, which I ordered.
It came in, I soldered a button to I/O 4, and uploaded the following code:
include "Keyboard.h"
include "Bounce2.h"
const int buttonPin = 4;
Bounce bounceTrigger = Bounce();
void setup() {
bounceTrigger.attach(buttonPin, INPUT_PULLUP );
Keyboard.begin();
}
void loop() {
bounceTrigger.update();
if ( bounceTrigger.rose() ) {
Keyboard.println("I put my password here");
}
}
Now, every morning, instead of copying 48 characters from a Post-it, I just click the button.
It should be said, this defeats the purpose of the password, and the password isn’t stored in a secure way on the microcontroller. But this technique is great for any time you need to automate a sequence of keystrokes.
I’m building a Node application hosted on a Raspberry Pi, that will not be connected to the internet. A user will interface with the application through the browser on their phone. The application calls the browser for its GPS coordinates using the HTML Geolocation API.
In iOS, the HTML Geolocation API only works for HTTPS sites. I found an excellent post on Stackoverflow for creating a self signed cert that works in most browsers. I created the cert, added it to my desktop and phone. HTTPS worked great.
I first tried the Node ws websocket library, and the Node application would call out to the browser to fetch GPS coordinates when it needed them.
The application worked great in Firefox and Chrome, but it would not work in the iOS browser. If I dropped to HTTP (vs HTTPS) and WS (vs WSS), it worked fine. For some reason, the iOS browser accepted the cert for HTTPS, but not WSS. Unfortunately, I needed HTTPS to use Geolocation.
I couldn’t get it to work. I ended up moving my application to Socket.IO, which has a fallback method to HTTPS polling if a websocket connection cannot be established. This worked for my scenario. If you need a websocket like capability and have to use self signed certificates on iOS, try Socket.IO.
In 2018, after reading an article on Hackaday, I picked up an Amazon Echo Dot to experiment with building voice interfaces. It was surprisingly easy, and with no experience, I got something up and running in a couple hours.
I haven’t looked at this in a while, and had another project in mind. Looking at the Alexa development documentation today, all the examples leverage Amazon’s Lambda’s compute service. For my project, I didn’t want to use Lambda, I just wanted to use Express on Node JS. Amazon has NPM library for this, ask-sdk-express-adapter, but I couldn’t find ANY end-to-end example, and I struggled for a bit to get it to work. I think it took me longer the 2nd time around!
SO – here’s a simple example, hopefully it’s got the right keywords for anyone who’s stumbling on the same problem. Keywords:
const express = require('express');
const { ExpressAdapter } = require('ask-sdk-express-adapter');
const Alexa = require('ask-sdk-core');
const app = express();
const skillBuilder = Alexa.SkillBuilders.custom();
var PORT = process.env.port || 8080;
const LaunchRequestHandler = {
canHandle(handlerInput) {
return handlerInput.requestEnvelope.request.type === 'LaunchRequest';
},
handle(handlerInput) {
const speechText = 'Hello World - Your skill has launched';
return handlerInput.responseBuilder
.speak(speechText)
.reprompt(speechText)
.withSimpleCard('Hello World', speechText)
.getResponse();
}
};
skillBuilder.addRequestHandlers(
LaunchRequestHandler
)
const skill = skillBuilder.create();
const adapter = new ExpressAdapter(skill, false, false);
app.post('/', adapter.getRequestHandlers());
app.listen(PORT);
Hope that helps!
When I initially built out this blog, I:
So, I built out a tiny VM on AWS I can deploy services on, and it costs next to nothing.
But my content is static. It really makes more sense to host the files on S3, and use a static content generator. It’s much more secure, I don’t have to worry about keeping OSs and applications patched, and it could scale if ever required.
So over Christmas break, I built https://articles.hotelexistence.ca/ with Hugo, hosted on S3, fronted by CloudFront, which seemed to be the only way to host content from S3 on my domain with HTTPS. With Hugo (and any other static site generator), you create your content, it applies a template, and creates the links – it reminds me of working with Fog Creek Software’s defunct CityDesk almost 20 years ago. This AWS Hugo Hosting article was really helpful for the AWS setup. I still can’t figure out how to use Hugo’s Image Processing features, but I didn’t need them. The new site is accessible from the ‘Articles’ section up top. I’m not sure if I’ll move everything over or what I’ll do that moving forward.
I was listening to the Darknet Diaries Magecart episode before the holidays and was thinking, “Magecart attacks should be pretty easy to detect with web automation”, so I wrote up how I would do it. If you run a web property that processes sensitive data, it might be of interest. Check it out here: https://articles.hotelexistence.ca/posts/browserautomationtodetectwebskimming/
I have been thinking about changing how I host this site, and decided to try it out for this article – more on this later.
My Epson XP-830 started dropping black ink globs on my prints, which would smudge and wreck photos. As I had recently installed $150 worth of ink, I didn’t want to just go out and get a new printer. I also liked the compact format of this printer, and wouldn’t just buy the same one, as this was starting to look like a doorstop after its 2nd set of cartridges. I wasn’t concerned about breaking the printer at this point, because I was ready to throw it out.
I managed to resolve the issue – I’ve decided to write about what I did, and perhaps some will find this article and I’ll save a few printers from an early trip to the landfill. I expect this will work for any Epson XP printer.
First, I ordered a print head cleaning kit from Amazon (kit, Amazon link). In hindsight, I don’t actually think this was an issue with my print heads, but I did a number of things all at once, so I don’t know exactly which step resolved my issue. I recommend watching their video before ordering the kit.
The first step was getting the print head out of its right-side dock. Go to the menu, click maintenance, and then click Ink Cartridge Replacement.
Click proceed.
At this point, the print head will have moved to its change cartridge position. Disconnect the power.
At this point, I took out the cartridges, and I wrapped them in plastic wrap, following the guidance of the Print Head Hospital.
I did clean the heads, as instructed in the Print Head Hospital video, but I think what really made the difference for the black ink globs was the following: using cheap papertowels and cardstock, I cleaned up all the ink in the areas highlighted by arrows in the above image. I cleaned under the print head by cutting a ~1″ piece of cardstock, wrapping it with a paper towel, and running it underneath the assembly as shown at the 3:40 mark in the Print Head Hospital video, and repeated until the paper towel would come out clean.
I plugged the printer back in, re-installed the cartridges, ran the regular print head cleaning cycle 3 times (until the test page came out fine), and am now getting perfect prints.
Good luck – hope this helps.
In my primary school years, I’d read my Dad’s “Compute!” magazines. Recently, I discovered they’ve been published on Archive.org https://archive.org/details/compute-magazine , and I browsed through a few issues.
I came across this ad in a 1981 issue:
It’s a sorting algorithm, written in assembler, distributed on an EPROM chip, mounted on a circuit board, that you’d plug into your Commodore PET or Apple II computer and call from your BASIC program.
I few things I find interesting about this ad:
I actually found documentation for this product online:
http://mikenaberezny.com/wp-content/uploads/2013/10/sort-installation.pdf
http://mikenaberezny.com/wp-content/uploads/2013/10/sort-user-instructions.pdf
http://mikenaberezny.com/wp-content/uploads/2013/10/sort-review-compute-dec-1981.pdf