Category Archives: Tip

iOS Captive Portal Problems

Every once in a while, my iPhone 6 running iOS 8.2, refuses to automatically bring up a captive portal authentication page. Bringing up a browser didn’t help, because my phone would automatically route data over the cellular network.

The workaround is as simple as disabling "Auto-Login" for the specified network.

  1. Go to Settings → Wi-Fi → <Network> Info
  2. Disable "Auto-Login"
  3. Open Safari or any other web browser
  4. Go to http://captive.apple.com or other unencrypted page (e.g. http://www.msftncsi.com, http://nist.gov)

If you use LastPass, this also allows you to use the LastPass extension to auto fill captive portal authentication fields.

Securing a T-Mobile Z915 Hotspot

I picked up a T-Mobile Z915 hotspot for international travel. Within the US, I’m sticking with Verizon for their coverage, but the difficulty and cost of international roaming is a bit much.

General Thoughts

The Z915 is made by ZTE. The default configuration is pretty secure as follows:

  • Wi-Fi Security: WAP2 Personal
  • Password: 8 digits (last 8 digits of the IMEI)
  • Network Name (SSID): T-Mobile Broadband<last 2 digits of the IMEI>
  • Admin Interface: http://mobile.hotspot
  • Admin password: admin

While the admin password is weak and the admin interface is unencrypted, it should only be available to users that have already authenticated to the Wi-Fi.

Increasing Security

Fortunately all of the settings are configurable (except encryption of the admin interface) by following these steps:

  1. Connect your computer/tablet/phone to the Wi-Fi network created by the hotspot.
  2. Point your browser to http://mobile.hotspot or http://192.168.0.1
    On many devices, you will need to enter "http://" to prevent them from performing a search.
    You will need to enter the IP address if your device does not get its DNS settings from DHCP.
  3. Login by by entering the password.
  4. Click Settings
  5. Change Wi-Fi SSID to your own custom network name.
  6. (optinal) Disable SSID broadcast. I see this as a courtesy at hotels and airports, not to increase security.
  7. Change Wi-Fi Password. Click Apply.
    I set mine to a 32 character alpha-numeric password.
    You will be disconnected from the network when you apply these settings.
  8. Reconnect to Wi-Fi with the new settings.
  9. Login again.
  10. Click Settings and then click Device Settings.
  11. Change Admin Password. Click Apply.
  12. Set Wi-Fi Performance Settings to Economy mode. Click Apply.
    This should help increase battery life, and I was able to maintain a connection 60 feet away and 2 interior walls between.
  13. (optional) Disable SSID/WEB Password Display.
    By default the hotspot displays its passwords on its screen. Since you should have physical control of the hotspot, this shouldn’t matter either way.

Performance

Internationally, T-Mobile includes free roaming on their postpaid plans. This is limited to 2G/3G speeds, but it’s enough to check email and get directions.

So far, I’ve observed the following speeds:

  • Brussels Airport: 50 kbps
  • London Heathrow Airport: 70 kbps
  • Phoenix Sky Harbor: 12.3 mbps

Complaints

Overall, my complaints are very minor.

I wish the hotspot had a more mobile friendly UI. As it is, it requires a lot of zooming and scrolling to get to the different links.

I also wish the hotspot supported https for the UI. I don’t think most people will allow untrusted clients to connect, so this is a minor security concern.

Free Credit Scores

It’s possible to get a free credit score from every major credit bureau by signing up for a few different free accounts. Sites that offer credit scores from each bureau are listed below. Also remember, you can get your free annual credit report from all three bureaus at annualcreditreport.com without signing up for credit monitoring or other services.

Please note: The links to the credit bureaus are for reference. They do not directly provide free credit scores.

Experian

TransUnion

Equifax

BASH Exit Codes

I’ve been learning a lot about BASH lately and am working on re-writing my Base32 Decoder and HMAC scripts before releasing the full OTP script.

One of the topics that helps with signalling and control flow between BASH functions is exit codes. Understanding the results of calling exit and the exit code that is stored in $?. 

#!/bin/bash

function myFunction {
   echo $1
   exit $1
}

# Call 1
var=$(myFunction 1)
echo "Exit 1: $?"

# Call 2
(myFunction 2)
echo "Exit 2: $?"

# Call 3
(( var += 1 ))
echo "Exit 3: $?"

# Call 4
(( 1 / 0 ))
echo "Exit 4: $?"

# Call 5
myFunction 5
echo 'The last line.'

Call 1 captures the stdout of myFunction in var, captures the exit code, then prints the exit code of myFunction,.

Call 2 prints directly to stdout, captures the exit code, and prints the exit code of myFunction.

Call 3, the exit code of the arithmetic operation is printed.

Call 4, shows that a failed arithmetic operation returns a non-zero exit code. Note: Most operations will succeed, even if invalid parameters are given.

Call 5 shows that when a directly called function (i.e. not in a subshell) exits, it causes the whole script or function to exit (i.e. the last line is never executed).

Running the script produces the following output:

Exit 1: 1
2
Exit 2: 2
Exit 3: 0
./test.sh: line 21: ((: 1 / 0 : division by 0 (error token is " ")
Exit 4: 1
5