<?xml version="1.0" encoding="UTF-8"?><rss xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom" version="2.0" xmlns:media="http://search.yahoo.com/mrss/"><channel><title><![CDATA[niems' Ramblings]]></title><description><![CDATA[Thoughts, Rants and other Ramblings of an annoyed IT Guy | All posts modulo spelling and grammar mistakes]]></description><link>https://blog.niemalsnever.de/</link><image><url>https://blog.niemalsnever.de/favicon.png</url><title>niems&apos; Ramblings</title><link>https://blog.niemalsnever.de/</link></image><generator>Ghost 4.8</generator><lastBuildDate>Thu, 16 Jul 2026 03:10:38 GMT</lastBuildDate><atom:link href="https://blog.niemalsnever.de/rss/" rel="self" type="application/rss+xml"/><ttl>60</ttl><item><title><![CDATA[SCCM Detection Script (PowerShell) for the Visual C++ Redistributable(s)]]></title><description><![CDATA[As of writing this, I am working as an apprentice in IT and one of my duties is administering our SCCM server, taking care mostly of application and operating system deployments.
One of the things we've previously had a lot of trouble with, is deploying the Visual C++ Redistributables.]]></description><link>https://blog.niemalsnever.de/sccm-detection-script-for-the-visual-c-redistributable-s/</link><guid isPermaLink="false">5d62e2147c752e3f0133ccae</guid><category><![CDATA[SCCM]]></category><category><![CDATA[Scripts]]></category><dc:creator><![CDATA[niemalsnever]]></dc:creator><pubDate>Sun, 25 Aug 2019 21:59:47 GMT</pubDate><media:content url="https://images.unsplash.com/photo-1558494949-ef010cbdcc31?ixlib=rb-1.2.1&amp;q=80&amp;fm=jpg&amp;crop=entropy&amp;cs=tinysrgb&amp;w=1080&amp;fit=max&amp;ixid=eyJhcHBfaWQiOjExNzczfQ" medium="image"/><content:encoded><![CDATA[<img src="https://images.unsplash.com/photo-1558494949-ef010cbdcc31?ixlib=rb-1.2.1&amp;q=80&amp;fm=jpg&amp;crop=entropy&amp;cs=tinysrgb&amp;w=1080&amp;fit=max&amp;ixid=eyJhcHBfaWQiOjExNzczfQ" alt="SCCM Detection Script (PowerShell) for the Visual C++ Redistributable(s)"><p>As of writing this, I am working as an apprentice in IT and one of my duties is administering our System Center Configuration Manager (SCCM) server, taking care mostly of application and operating system deployments.</p><p>SCCM is a device management software by Microsoft, used to automatically install operating systems, provision applications and keeping computers (and the installed software) up to date on a large scale.</p><p>One of the things we&apos;ve previously had a lot of trouble with, is deploying the Redistributable(s) of the Microsoft Visual C++ runtime. As many will know, there are quite a lot of these things, and different applications will use different versions of this runtime, so it&apos;s rarely sufficient to install just one of them. So to solve this issue, we&apos;ve opted to install all currently available packages on our computers.</p><p>To deploy an application, SCCM needs a way to detect if that application is already installed, or whether a deployment initiated through SCCM succeeded. There&apos;s several different ways to that, three of them being rather simple, the last one not so much:</p><!--kg-card-begin: markdown--><ol>
<li><strong>Windows Installer</strong>: For applications that utilize MSI packages to install, the SCCM client can use the integrated Windows Installer database to detect if an application deployment succeeded. For that you will need to provide the MSI&apos;s so called product code.</li>
<li><strong>Windows Registry</strong>: Most if not all applications leave some entries in the Windows registry, therefore the SCCM client can check for a specific key and value, and optionally even check if that entry conforms to certain requirements the SCCM administrator specified.</li>
<li><strong>Files</strong>: Likewise to the Windows Registry method, the SCCM client can check for the existance of a specific file in the local file system (and again optionally for certain requirements on that file).</li>
</ol>
<!--kg-card-end: markdown--><p>The last method and the one I&apos;ve employed for detecting this specific application, is using a custom script. This can be a PowerShell script, a VBScript or a JScript script. I&apos;m using a PowerShell script both because it&apos;s the most modern one, and because it&apos;s the language I know best of the three:</p><!--kg-card-begin: markdown--><pre><code class="language-PowerShell"># Collection of all versions of the runtime the script should check for,
# adjust to fit your needs. In its current state it will detect all
# Visual C++ Redistributables from 2005 to 2019 in both x86 and x64 flavors.

$PackagesFound = @{
    &quot;2005&quot; = $False;
    &quot;2008x86&quot; = $False;
    &quot;2010x86&quot; = $False;
    &quot;2012x86&quot; = $False;
    &quot;2013x86&quot; = $False;
    &quot;2015-2019x86&quot; = $False;
    
    &quot;2005x64&quot; = $False;
    &quot;2008x64&quot; = $False;
    &quot;2010x64&quot; = $False;
    &quot;2012x64&quot; = $False;
    &quot;2013x64&quot; = $False;
    &quot;2015-2019x64&quot; = $False;
}

# Variable initialization
$Year = &quot;&quot;
$Architecture = &quot;&quot;

# Iterate through below mentioned registry keys
&amp; {
    Get-ChildItem HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*
    Get-ChildItem HKLM:\SOFTWARE\WoW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*
} | ForEach-Object { 
    $CurDisplayName = $_.GetValue(&quot;DisplayName&quot;) # Get DisplayName
    # Check if Display Name begins with &quot;Microsoft Visual C++&quot; and if so extract the year.
    if( $CurDisplayName -match &quot;^Microsoft Visual C\+\+\D*(?&lt;Year&gt;(\d|-){4,9}).*Redistributable.*&quot; ) {
        $Year = $Matches.Year
        [Void] ($CurDisplayName -match &quot;(?&lt;Arch&gt;(x86|x64))&quot;) # Extract Architecture
        $Architecture = $Matches.Arch
        $PackagesFound[ &apos;&apos;+$Year+$Architecture ] = $True
    }
}


# Report result back to SCCM
If ( $PackagesFound.Values -notcontains $False) {
    &quot;All required versions of Microsoft Visual C++ were found&quot;
    $PackagesFound
} Else {
    ### DO NOT OUTPUT ANYTHING HERE ###
}
</code></pre>
<!--kg-card-end: markdown--><p>If you look at the last few lines of the code, you will see that this script doesn&apos;t use exit codes to convey its result. This is because SCCM in the end doesn&apos;t care about those. What it does care about is if there is any output from the detection script. If there is, SCCM considers the application detected. I&apos;ve combined this script with a script (utilizing the excellent <a href="https://psappdeploytoolkit.com">PowerShell App Deployment Toolkit</a>) that executes each of the 12 Visual C++ Redistributable installers, one after another. With this I have finally managed to properly deploy this runtime for good. If in the future a new version of the runtime is released, it will be easy to adjust the script to accompany it.</p><p>This script is free to use and adapt to your own needs, though providing a link to this page would be appreciated. Likewise I&apos;m grateful for any sort of feedback on this script, as this is my first dabble into writing application detection scripts for SCCM. Just reach out to me on Twitter <a href="https://twitter.com/niemalsnever">@niemalsnever</a>. Huge thanks go out to my buddy M., who helped me a great deal to come up with this script!</p>]]></content:encoded></item><item><title><![CDATA[Smile, You're on CCTV]]></title><description><![CDATA[Against better knowledge, I recently spent a week in England and Scotland. While I was there, I noticed the decidedly pleasant and subtle way of the British in both surveilling their citizens and warning them of terrorism…]]></description><link>https://blog.niemalsnever.de/smile-youre-on-cctv/</link><guid isPermaLink="false">5c704a2cbbf6606b4469e4a0</guid><category><![CDATA[Surveillance]]></category><dc:creator><![CDATA[niemalsnever]]></dc:creator><pubDate>Mon, 19 Dec 2016 08:30:00 GMT</pubDate><media:content url="https://blog.niemalsnever.de/content/images/2019/02/camera-712122_1920.jpg" medium="image"/><content:encoded><![CDATA[<!--kg-card-begin: markdown--><img src="https://blog.niemalsnever.de/content/images/2019/02/camera-712122_1920.jpg" alt="Smile, You&apos;re on CCTV"><p><small><center><mark>This Post has first been published (in <a href="https://web.archive.org/web/20131026073159/http://niemalsnever.pcs1990.net/2013/10/smile-youre-on-cctv/">German</a>) in October of 2013, but given the current situation, it seems more topical than ever before. That is why I chose to translate it.</mark></center></small><br>
<small><center><mark>This might serve as the start to a series on the topic of surveillance, though I&apos;m not promising anything.</mark></center></small></p>

<p>Hi,</p>
<p>against better knowledge, I recently spent a week in England and Scotland. During my stay, I noticed the <strong>decidedly pleasant and subtle</strong> way of the British in both surveilling their citizens and warning them of terrorism.</p>
<p><em>Smile, you&apos;re on CCTV</em> &#x2013; this funny slogan boasted at the door of every store even back in 2007 when I last visited England, and informed people that this business employed video surveillance. This time it was much worse&#x2026;</p>
<p>Whether you&apos;re on public transport, walking in the streets, in a museum, at a train station, or at the airport &#x2013; no matter where you are, you are constantly reminded of the surveillance. Not only via a poster, or a sign, but even acoustically. No 10 minutes pass in which you don&apos;t hear this announcement at a station or an airport: &quot;For your safety and security CCTV is in operation!&quot;. No 5 minutes in which you don&apos;t see a poster, that reminds you to watch your belongings and report any suspicious behaviour to the authorities.</p>
<p><em>It&apos;s probably nothing, but&#x2026;</em> &#x2013; with this beautiful saying the major security authorities encourage the common British to increased attention. Everybody watches everybody else permanently on every step. I&apos;d like to emphasize two key experiences which made me think. Both of them cover an everyday problem, I wanted to get rid of some garbage:</p>
<h2 id="1edinburghwaverlystation">1. Edinburgh Waverly Station</h2>
<p>As I previously mentioned, I wanted to get rid of some garbage and was looking for a litter bin at Edinburgh Central Station (Edinburgh Waverly). When I was unable to find a single litter bin even after an extensive search, I asked the station staff, who told me that there were no garbage bins at the station, due to the risk of terror attacks&#x2026;</p>
<h2 id="2londonstpancrasinternationalstation">2. London St. Pancras International Station</h2>
<p>At London St. Pancras International, I was faced with the same problem, I wanted to throw away some trash, so I asked another passenger waiting at the station to watch my backpack, while I look for a trash bin. He responded politely but firmly that he would like to do that, but he didn&apos;t expect the security personal to believe him, that he was just watching the stuff for me, so he refused.</p>
<p>I think these two experiences show on one hand the &quot;paranoia&quot; of the security organisations in the UK, and on the other hand the lack of trust of the public in the authorities.</p>
<p>In retrospective I must say I felt the same. This kind and this omnipresence of surveillance is too much. I didn&apos;t feel safe, I felt restricted, watched and even patronized. And looking at the current development I doubt things will change in the forseeable future&#x2026;</p>
<p>It saddens me. deeply.</p>
<!--kg-card-end: markdown-->]]></content:encoded></item><item><title><![CDATA[(An Update on) Unitymedia – The Odyssey Continues]]></title><description><![CDATA[In a [not so] recent post, I wrote about my ISP Unitymedia and the problems I had with them. In the weeks after I wrote my blogpost, everything seemed fine. Until two weeks ago...]]></description><link>https://blog.niemalsnever.de/unitymedia-the-odyssey-continues/</link><guid isPermaLink="false">5c7048a8bbf6606b4469e48f</guid><category><![CDATA[Telecommunications]]></category><category><![CDATA[Unitymedia]]></category><dc:creator><![CDATA[niemalsnever]]></dc:creator><pubDate>Sun, 18 Dec 2016 07:00:00 GMT</pubDate><media:content url="https://blog.niemalsnever.de/content/images/2019/02/telephone-1541396_1920.jpg" medium="image"/><content:encoded><![CDATA[<!--kg-card-begin: markdown--><img src="https://blog.niemalsnever.de/content/images/2019/02/telephone-1541396_1920.jpg" alt="(An Update on) Unitymedia &#x2013; The Odyssey Continues"><p><small><center><mark>Never got around to publish this. This article is about half a year old by now. But as the old saying goes: Better late than never.</mark></center></small></p>
<p>In a <small>[not so]</small> recent <a href="https://blog.pcs1990.net/unitymedia-disrespecting-your-customers-one-letter-at-a-time/">post</a>, I wrote about my Internet Service Provider (ISP) <em><a href="https://www.unitymedia.de">Unitymedia</a></em> and the problems I had with them. In the weeks after I wrote my blogpost, everything seemed fine. Until two weeks ago, when M&#xFC;nster (and the rest of Germany) was hit by quite a few thunderstorms. During one of them my modem (Technicolor TC7200) rebooted. At first I did not notice a change, but a few days later, I tried to connect to my home network from work, and realized it didn&apos;t work.</p>
<h2 id="thereturnofipv6">The Return of IPv6</h2>
<p>When I returned home, I restarted my Raspberry Pi thinking it had crashed. Still no incoming connectivity from outside my home network. I rebooted my router to be sure it didn&apos;t crash. I checked my router&apos;s config, because sometimes the TC7200 gives it a wrong IP address, not this time. Then I went to check on the DMZ (De-Militarized Zone) configuration of my modem and it hit me. The DMZ configuration menu was gone, I checked on the IP information screen and saw my modem acquired an IPv6 address and switched back to IPv6 mode &#x2013; the one utilizing my provider&apos;s CGN (Carrier Grade NAT, see my older <a href="https://blog.pcs1990.net/unitymedia-disrespecting-your-customers-one-letter-at-a-time/">post</a>). Fed up about my ISP&#x2019;s incompetence I sent them an e-mail describing my problem.</p>
<p>The next day I got an e-mail from Unitymedia telling me they tried to call me (at home, in the middle of the day). Back home I dialed the telephone number I was told to call in the e-mail and sure thing I reached the main support hotline. I was told that all their systems showed my modem still received an IPv4 address, but my modem disagreed. They told me to disconnect my modem from power for a few minutes to reset it and then reconnect it. Guess what, it didn&#x2019;t work. Also since my landline telephone connects through my modem, restarting my modem means hanging up on the support hotline. Before hanging up, their support agent told me he was forwarding my ticket to the tech department. Then nothing happened... for about a week.</p>
<h2 id="theissuegetsannoying">The issue gets annoying</h2>
<p>Not only that my devices were not available from the internet, but also certain services weren&#x2019;t usable from inside my network. The most annoying thing was Netflix. Somehow, and I don&#x2019;t know who is to blame, Netflix is only available via the IPv4 Unitymedia network, IPv6 won&#x2019;t load at all &#x2013; at least the apps. Netflix seems to have major problems with IPv6 in general and their recommendation is basically &#x201C;switch off IPv6&#x201D; to which my answer usually would be &#x201C;switch off Netflix&#x201D;.</p>
<p>After that week I called the support hotline again, asking what happened with my ticket, they told me they sent a text message to my mobile, but I didn&#x2019;t receive anything&#x2026; So they told me to disconnect and reconnect my modem again, that didn&#x2019;t work either.<br>
The next evening I called them yet again,  and was told I needed to disconnect and reconnect my modem once more for ten minutes, because otherwise their support software wouldn&#x2019;t let them initiate the next step &#x2013; great customer experience :-/<br>
I did that, didn&#x2019;t help. So I called them yet again &#x2013; each time having to describe my issue from scratch &#x2013; when I finally got a competent support agent who understood my problem, documented it properly and also wrote down that this connection was also used for business purposes. The next day I got a text message apologizing for taking so long to resolve the issue and telling me it might take a bit longer. Next morning I got another text message telling me the issue would be resolved shortly. Ten minutes later my connection died because my modem suddenly rebooted &#x2013; great if your provider suddenly has more control about a device on your network than you do, isn&#x2019;t it?</p>
<p>After the reboot my modem suddenly had proper IPv4 connectivity again &#x2013; yet it is still unclear to me what caused the problem.</p>
<!--kg-card-end: markdown-->]]></content:encoded></item><item><title><![CDATA[Installing GitHub's Atom in an Enterprise Environment]]></title><description><![CDATA[<p><em><a href="https://atom.io">Atom</a></em> is a modern, hackable text editor developed by <a href="https://github.com">GitHub</a>. It&apos;s based on modern web technologies like NodeJS and is quite popular in the web developer community. Recently I had to come up with a way to automatically install it on multiple computers at work. Unfortunately that&apos;</p>]]></description><link>https://blog.niemalsnever.de/installing-githubs-atom-in-an-enterprise-environment/</link><guid isPermaLink="false">5d62e4467c752e3f0133ccd4</guid><dc:creator><![CDATA[niemalsnever]]></dc:creator><pubDate>Wed, 01 Jun 2016 22:59:00 GMT</pubDate><media:content url="https://images.unsplash.com/photo-1555532538-dcdbd01d373d?ixlib=rb-1.2.1&amp;q=80&amp;fm=jpg&amp;crop=entropy&amp;cs=tinysrgb&amp;w=1080&amp;fit=max&amp;ixid=eyJhcHBfaWQiOjExNzczfQ" medium="image"/><content:encoded><![CDATA[<img src="https://images.unsplash.com/photo-1555532538-dcdbd01d373d?ixlib=rb-1.2.1&amp;q=80&amp;fm=jpg&amp;crop=entropy&amp;cs=tinysrgb&amp;w=1080&amp;fit=max&amp;ixid=eyJhcHBfaWQiOjExNzczfQ" alt="Installing GitHub&apos;s Atom in an Enterprise Environment"><p><em><a href="https://atom.io">Atom</a></em> is a modern, hackable text editor developed by <a href="https://github.com">GitHub</a>. It&apos;s based on modern web technologies like NodeJS and is quite popular in the web developer community. Recently I had to come up with a way to automatically install it on multiple computers at work. Unfortunately that&apos;s a use case that probably was overlooked by the Atom development team.</p><p>As I&apos;ve said, Atom uses modern technology, unfortunately that also goes for its installer. Atom uses <em><a href="https://github.com/Squirrel/Squirrel.Windows">Squirrel.Windows</a></em>, a framework for packaging Windows applications. Squirrel&apos;s and therefore Atom&apos;s philosophy is:</p><blockquote>No UAC elevation needed</blockquote><p>meaning applications packaged with Squirrel will only ever install in the user context. This is needed for automatic updates and is basically a good idea, the only problem is, it renders those applications almost unusable for enterprises. I don&apos;t want my users to install applications on their computers only for themselves, and I&apos;m even less eager to have that happen on semi-public computers, like in a computer lab. In our case we reset the user profiles on those machines once every week.<br>We use Microsoft System Center Configuration Manager 2012 (SCCM) for our automatic software deployments. The easiest way to deploy software with SCCM is providing a Windows Installer Package (.msi), but other methods like batch scripts are supported too.</p><p>After some fiddling with the setup executable the Atom developers provide, I finally realised it wasn&apos;t feasible. The installer even provides a machine-wide-installation switch (<code>--machine</code>) &#x2013; don&apos;t use that! Using this switch installs Atom for the current user, and &#x2013; this is the perfidious thing &#x2013; creates a key in the Windows registry under <code>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run</code>, causing the installer to be called for every user on every logon. This is an absolute nogo, and also a horrible way to do a machine wide installation. Even worse is that the installer does not provide a switch to get rid of this registry key, so you have to look through the registry yourself to find and delete it. The <code>--machine</code> switch has been deprecated by the Squirrel.Windows team and replaced by an .msi that probably does the same thing, but the Atom developers team didn&apos;t update their releases yet, and even if they did, it doesn&apos;t do anything to solve the problems the <code>--machine</code>-switch had in the first place.</p><p>Thankfully GitHub also provides a ZIP-archive, which does not feature automatic updates and can therefore be used to install Atom in an enterprise context. When I found out about that, I wrote a quick and dirty batch script, which copies the folder to the &quot;Program Files&quot;-folder and creates shortcuts in the Start menu for all users and on the desktop:</p><pre><code class="language-batch">
@echo off
REM This script installs Atom on a computer and creates shortcuts in the start menu and desktop for all users.
REM Copy program files
if not exist &quot;%programfiles%\Atom\&quot; ( 
  xcopy &quot;.\Atom&quot; &quot;%programfiles%\Atom\&quot; /s /h /q /y
)
REM Create shortcuts
xcopy &quot;.\Atom.lnk&quot; &quot;C:\Users\Public\Desktop\&quot; /q /y
xcopy &quot;.\Atom.lnk&quot; &quot;C:\ProgramData\Microsoft\Windows\Start Menu\Programs\&quot; /q /y
</code></pre><p>With this script I was finally able to deploy atom to our computer labs, and also make it available for installation for the whole department. This script expects to be placed next to &#xA0;the extracted contents of the ZIP-archive, in a folder called &quot;Atom&quot;. Next to the folder and the script I placed a shortcut I created pointing to <code>%programfiles%\Atom\Atom.exe</code>, which will be copied by my script. I didn&apos;t feel like fiddling around with a script to create the shortcuts, so I chose the cheaty route. Using the ZIP has the additional advantage that we as the IT department have an eye on which version of Atom is installed on our computers, because it won&apos;t auto-update. It&apos;s unfortunate that the Atom developers didn&apos;t really think about this use case, but I&apos;m glad I found a way to do it anyways &#x2013; even if it&apos;s a bit dirty and cheaty.</p>]]></content:encoded></item><item><title><![CDATA[Unitymedia – Disrespecting your Customers, One Letter at a Time]]></title><description><![CDATA[<p>This story began in February of 2015 and I was hoping it would be over by now, but unfortunately it still isn&apos;t. My Internet Service Provider (ISP) is <em>Unitymedia Germany</em> and has been for the last three-and-a-half years. When I first ordered their service everything was great. The</p>]]></description><link>https://blog.niemalsnever.de/unitymedia-disrespecting-your-customers-one-letter-at-a-time/</link><guid isPermaLink="false">5c7047c7bbf6606b4469e47d</guid><category><![CDATA[Unitymedia]]></category><category><![CDATA[Telecommunications]]></category><dc:creator><![CDATA[niemalsnever]]></dc:creator><pubDate>Wed, 11 May 2016 20:30:00 GMT</pubDate><media:content url="https://blog.niemalsnever.de/content/images/2019/02/network-cables-494648_1920.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://blog.niemalsnever.de/content/images/2019/02/network-cables-494648_1920.jpg" alt="Unitymedia &#x2013; Disrespecting your Customers, One Letter at a Time"><p>This story began in February of 2015 and I was hoping it would be over by now, but unfortunately it still isn&apos;t. My Internet Service Provider (ISP) is <em>Unitymedia Germany</em> and has been for the last three-and-a-half years. When I first ordered their service everything was great. The technician who had to come to set up my internet connection came within two days after I signed the contract, the monthly fee was reasonable, and the internet speed I got was supremely fast. I rarely had any problems with that connection, until one day in 2013 my internet connection went dead.</p><p>After calling the support hotline, they sent out a technician who found the issue. Apparently Unitymedia had sent out one of their employees to cut the connection for someone who hadn&apos;t payed their bill, but they cut my connection by mistake. That was easily fixed and there were no more big issues until the aforementioned February of 2015.</p><h2 id="upgrading-my-contract">Upgrading my Contract</h2><p>In February of 2015 I decided to upgrade my contract with Unitymedia to a higher tier because that would more than double the speed I got before, while only paying about one Euro more. Little did I know that I would spend at least one day per week on Unitymedia&apos;s support hotline for the next two months. First they sent me a new cable modem, it&apos;s a Technicolor TC7200, easily the worst piece of hardware I&apos;ve ever had to connect to my network. This thing ready-to-go support for Wi-Fi connectivity (in both the 2.4 and 5 GHz ranges), but it is disabled by default and Unitymedia <s>demands</s> demanded paying a one-time 30&#x20AC; fee to enable that functionality. Thankfully I don&apos;t need this feature, as I have my own Wi-Fi-router, so I thought I could safely ignore the matter. But then I saw that the Wi-Fi LED was inexplicably lit on the TC7200, and also I was able to see and join the networks the TC7200 was said to provide. So I tried to use the config page of the router to switch them off. Unfortunately the software didn&apos;t let me do this, because you can&apos;t access the Wi-Fi settings page, if you didn&apos;t pay that 30&#x20AC; fee.</p><p>So I called Unitymedia, to have the issue fixed, because it bothered me having two Wi-Fi connections on my network, outside of my control.</p><h2 id="let-the-odyssey-begin">Let the Odyssey begin</h2><p>The first time I called, I was told that the Wi-Fi could not be switched-on, and that it would deactivate after restarting my modem. (Which of course I can&apos;t do while I&apos;m on the phone with them). Next time I called, they told me the Wi-Fi was on to demo the function and it would deactivate within the next two weeks. Obviously... it didn&apos;t.</p><p>Next time I called them, I told the employee on the other end about the alleged demo mode. They told me it didn&apos;t exist and reputedly regenerate my cable modem&apos;s config file. Spoiler: That didn&apos;t work either. I had to call 3 more times until they finally agreed to enable the Wi-Fi function for me for free, so that I could finally disable that annoying Wi-Fi feature. We have reached April of 2015 by now and I generally want get rid of Unitymedia as soon as possible. But, I signed a two-year contract.</p><p>All in all this minor annoyance led to me spending about 3-5 hours in the Unitymedia support hotline, which was not free at the time, also due to that unusual free booking of the Wi-Fi-function, they somehow messed up things so badly, they had to give me a new phone number.</p><h2 id="ipv6-or-not">IPv6... or not</h2><p>One more reason I wanted to upgrade was that I finally wanted to get IPv6. Unfortunately this led to another chain of problems. We all know that IPv4 addresses have run out for good, that is why we need to make the switch to IPv6. Unitymedia chose the most dickish approach for switching to IPv6, called Dualstack-Lite (DS-Lite). Everybody knows the joy of NAT, that pesky little thing some people mistake for a firewall. NAT enables you to have different devices behind the same one public IPv4 address by mapping services on different computers to TCP/UPD ports in the router. This works more or less great, so Unitymedia thought:</p><p>&quot;Well, darn, we don&apos;t have enough public IPv4 addresses to give everyone of our clients their own address. Let&apos;s use another layer of NAT to map several clients to one public IPv4 address.&quot;</p><p>This approach is called Carrier Grade NAT (CGN) and is generally a horrible idea. CGNs cause many problems for more technically affine users. This means you can&apos;t reach your computer from anywhere in the world, because it doesn&apos;t have a public IPv4 address. DS-Lite combines CGN for IPv4 with IPv6 for all other connections. IPv6 would fix the problem of not having a public address to connect to your own computer, but unfortunately IPv6 is not yet widely available, so it cannot yet serve as an alternative.</p><p>Since I need to connect to my home network quite frequently using DS-Lite was not an alternative for me, so I had them switch it back, which I could because I had an IPv4 address from them before. Unfortunately doing so meant that I lost my IPv6 connectivity again.</p><h2 id="return-of-the-wi-fi">Return of the Wi-Fi</h2><p>About three weeks ago, I received an e-mail from Unitymedia which sparked quite some rage in me. It reads something like this:</p><p>Dear Mr. &lt;blank&gt;,</p><p>did you notice? We have enabled Wi-Fi for free on your Technicolor TC7200. Maybe you surfed the internet wirelessly using it already in the last couple of months.</p><p><strong>Security of your data is important to us!</strong> That is why we&apos;ve already informed you on January 15 that the factory set Wi-Fi passwords in your router are not safe enough. They may be recovered and used by unauthorized individuals using specialized software.</p><p>Translated from German, no liability assumed, <a href="https://images.pcs1990.net/blog/unitymedia_mail_wifi.jpg">Source*</a></p><figure class="kg-card kg-image-card"><img src="https://images.pcs1990.net/blog/unitymedia_mail_wifi.jpg" class="kg-image" alt="Unitymedia &#x2013; Disrespecting your Customers, One Letter at a Time" loading="lazy"></figure><p>As you can see, Unitymedia has the guts to enable a feature on devices in their clients&apos; home, many of these clients don&apos;t want and they announce it in the same e-mail in which they admit this feature might harm the security of their clients&apos; network and data.</p><p>I called the support hotline about 10 minutes after receiving this e-mail, and the employee on the other end of the line told me all hell broke loose in the wake of this e-mail. The support department was not briefed before this measure and generally I have great doubts whether anyone so much as thought for even a second before pushing the roll-out button for this function.</p><p>I also wrote an e-mail to the complaint management department of Unitymedia and got a very cocky answer back. In the first few lines I feel like they thought I was a child, then they somehow claim to be a &quot;Wi-Fi company&quot; whatever that&apos;s supposed to mean. They also told me that this was an automatic rollout - d&apos;uh - so that individual cases could not be respected. They did however not elaborate on my most important point: The boldness it takes to announce such an update while at the same time admitting it&apos;s a possibly security flaw.</p><h2 id="utilizing-your-customers">Utilizing your Customers</h2><p>Just a few days ago I&apos;ve received another letter from Unitymedia, announcing a new feature to be included in every internet contract with them... They call it <strong>WiFiSpot</strong>, and as you probably guessed, it&apos;s a Wi-Fi hotspot... with a slight quirk.</p><p>Unitymedia plans to enable a seperate Wi-Fi network on every single one of their customers&apos; cable modems, which can be used by other Unitymedia clients to surf for free when they are in reach. Sounds like a good idea, until you think about what hardware you got from them. As said before, the TC7200 is at best a toy. Customers have rather no control over this thing and every single setting can be read and (re-)set by Unitymedia at will. When you try to put it in a mode that Unitymedia doesn&apos;t want you to use, it reboots, and if &#xA0;you are really lucky resets all your settings. This thing can for example not be put into a simple bridge mode, where it acts like just a cable modem but not like a router. If you try that, it reboots. This is probably due to DS-Lite, but I don&apos;t use that, which is why I don&apos;t see any reason for this limitation &#x2013; except for the obvious one of course: They want to force you to use the device they provided, so that they can have control.</p><p>At least with this feature they gave an easy method to opt out, even though that it means you won&apos;t be able to use the WiFiSpots. I think this is fair, but I still think utilizing your clients is bad.</p><!--kg-card-begin: html--><small>* This picture does not originate from pixabay.com</small><!--kg-card-end: html-->]]></content:encoded></item><item><title><![CDATA[SWUpdate.exe – or how Samsung failed to provide a working Downgrade Path for the NP355-E7C Laptop]]></title><description><![CDATA[In early 2014 I was asked to downgrade a laptop to Windows 7. Here I will show you, how that went. Spoiler: Not well…]]></description><link>https://blog.niemalsnever.de/swupdate-exe-or-how-samsung-failed-to-provide-a-working-downgrade-path/</link><guid isPermaLink="false">5c7044b9bbf6606b4469e45e</guid><category><![CDATA[oldblog]]></category><dc:creator><![CDATA[niemalsnever]]></dc:creator><pubDate>Mon, 02 May 2016 16:30:00 GMT</pubDate><media:content url="https://blog.niemalsnever.de/content/images/2019/02/keyboard-70506_1920.jpg" medium="image"/><content:encoded><![CDATA[<!--kg-card-begin: html--><span style="background-color:rgb(253, 255, 182)"><small><center>This post was first published in my blog in February of 2014.</center></small></span><!--kg-card-end: html--><img src="https://blog.niemalsnever.de/content/images/2019/02/keyboard-70506_1920.jpg" alt="SWUpdate.exe &#x2013; or how Samsung failed to provide a working Downgrade Path for the NP355-E7C Laptop"><p>Last weekend I was asked to downgrade the Samsung NP355-E7C of a family member to Windows 7. Even though this wasn&apos;t the first time I had to do such a thing and though Samsung provides quite detailed instructions on how to get this done, it took me about 4 hours to get this done. This does not include any backing up of data, any personal setup or anything similar.</p><p>The instructions start with telling you, how to go to the BIOS to set the boot order and also, as this notebook comes with a UEFI-system rather than a BIOS, you need to tell it, that the upcoming OS doesn&apos;t feature a native UEFI support.</p><p>Then you can start the normal Windows 7 Setup routine using a DVD or an USB-stick. That routine runs through just like expected, the only problem is, you need to delete ALL preconfigured partitions, this includes the recovery partitions. Next up, configuring the main user account, everything works as expected, until you get to the first boot.</p><h2 id="the-first-boot">The first boot</h2><p>When the system first starts up, you will be greeted by a message that says:</p><blockquote>&quot;Some drivers could not be installed&quot;.</blockquote><p>Well <em>Some</em> drivers is an understatement as in fact Windows is unable to find drivers for almost any of the main components, except the graphics chip. I connected an ethernet-cable to the laptop, yet it told me, it didn&apos;t have any network connectivity.</p><h3 id="next-step-opening-the-device-manager">Next step: Opening the Device Manager</h3><p>Opening the Device Manager is even more deflating, as Windows blatantly shows you that you won&apos;t have any possibility to get data in and out of this laptop except optical media.</p><p>That is:</p><ul><li>No USB</li><li>No Ethernet</li><li>No WiFi</li></ul><p>But thankfully I had a device to create optical discs at my disposal.</p><h2 id="the-odyssey-begins">The odyssey begins</h2><p>Okay, I thought, no drivers, great, well thankfully I can get them from the Samsung website. So I navigated to the support page for the laptop, went to the download section and was presented with lots and lots of manuals. Not a chance to find any drivers wherever I looked. But then I saw the link to SWUpdate.exe, the downloader Samsung provides to get drivers for their laptops, not great I thought, but okay, I&apos;ll give it a chance. No sooner said than done, I downloaded the software, burned it to a CD, hoping it came with a basic set of drivers for the laptop, installed it, but no such luck, still no connectivity whatsoever and the software won&apos;t work without an internet connection.</p><p>Okay, more websearching, seemingly the problem was quite known across the web. After some time I found a tip on a web forum telling me, where I could find the wifi-driver for the laptop. So I downloaded that, burned it to a disc, installed it and was suddenly sitting in front of the first PC I know which had WiFi before it understood USB.</p><p>Then I started up the downloader again, and oh wonder, it works but here come the next disappointment, I looked through the software they offered and there was every single piece of junkware Samsung puts on their laptops before delivery. But hey, I got my drivers and I could continue setting up the laptop.</p><h2 id="how-all-this-could-have-been-prevented">How all this could have been prevented</h2><ul><li>Samsung provides a downgrade path, on their website, and it starts with &quot;Go to the BIOS and change this and that setting&quot;. Okay, but the whole thing (containing about 14 steps) does not mention the fact, that you need to backup the drivers using the &quot;Create a recovery disc&quot;-assistent. That was the first mistake.</li><li>The second mistake was not providing the drivers on the Samsung website, or just mentioning, which components were used in the device in the first place.</li><li>The third mistake, though that is kind of understandable, was not including a basic version of the drivers with the SWUpdate.exe-setup.</li><li>And the fourth mistake was integrating components that don&apos;t work with the basic drivers Microsoft provides with every version of Windows.</li></ul>]]></content:encoded></item><item><title><![CDATA[Podcasts on Android (in 2014)]]></title><description><![CDATA[In 2013, I wrote a short blog post regarding podcatchers on Android. This is an update from February 2014.]]></description><link>https://blog.niemalsnever.de/podcasts-on-android/</link><guid isPermaLink="false">5c7040ddbbf6606b4469e449</guid><category><![CDATA[oldblog]]></category><dc:creator><![CDATA[niemalsnever]]></dc:creator><pubDate>Sun, 01 May 2016 21:15:00 GMT</pubDate><media:content url="https://blog.niemalsnever.de/content/images/2019/02/headphones-690685_1920.jpg" medium="image"/><content:encoded><![CDATA[<!--kg-card-begin: html--><span style="background-color:rgb(253, 255, 182)"><small><center>This Post has first been published in February of 2014, and generally is not up to date anymore. 
    A revision of this post will be posted on this blog in the near future.</center></small></span><!--kg-card-end: html--><hr><img src="https://blog.niemalsnever.de/content/images/2019/02/headphones-690685_1920.jpg" alt="Podcasts on Android (in 2014)"><p>A bit less than one year ago, I wrote a short blogpost about the devastating situation regarding podcatchers on Android. Today I want to give an update on this topic. As you might remember, I have very high standards considering podcatchers. For those of you, who did not read the aforementioned post, I will start by repeating the criteria I have for a good, usable podcatcher.</p><h2 id="criteria">Criteria</h2><h3 id="critical">Critical</h3><ul><li>Stability - A podcatcher I want to use needs to be stable and should not crash every five minutes.</li><li>Usability - No lags, no heavily nested menus, no hidden functions</li><li>Clarity - A podcatcher needs to have a clear and simple UI.</li><li>OPML-Import and Export - A podcast-directory, however good it may be, I don&apos;t want to use it on a smartphone. So I want to have the possibility to import a list of podcasts in a standardized format, like OPML.</li><li>Adjustable Playback-Speed - I&apos;ve been hearing podcasts with a higher playback-speed for some years now, so I&apos;m used to high playback-speeds.</li><li>Shownotes - Shownotes need to be reachable at any time and need to be displayed properly and unshorted.</li><li>Full-Reloads of Podcast-Feeds - Podcast-feeds tend to be broken, therefore a method to COMPLETELY reload a feed, without deleting and re-adding the podcast to my subscribed feeds.</li></ul><h3 id="nice-to-have">Nice-to-have</h3><ul><li>Podlove-Simple-Chapters - Chapters in podcast-files</li><li><a href="http://www.flattr.com">Flattr</a>-Integration</li><li>Podcast-Streaming</li><li>Sync</li><li>Categories for Feeds</li><li>Support for <a href="http://podlove.org/paged-feeds/">Paged Feeds</a> [<a href="http://tools.ietf.org/html/rfc5005">RFC5005</a>]</li></ul><h3 id="bonus-points">Bonus Points</h3><ul><li>Open Source</li><li><a href="http://www.podlove.org">Podlove</a> aware</li><li>Interest in open standards</li></ul><h2 id="the-continuation">The Continuation</h2><p>Eventhough I said, I&apos;d cancel the experiment, I continued testing and ended up using <a href="http://www.beyondpod.com/Android/">BeyondPod</a> for the last months. BeyondPod is not too bad to use, but it has some issues which are quite annoying. It fulfills most of my critical criteria, but fails to comply with nearly every item on my nice-to-have-list. Additionally BeyondPod isn&apos;t open source and the developer showed little interest in continuing the pursuit to open standards.</p><h2 id="the-solution">The Solution</h2><p>In my previous blogpost I mentioned <a href="http://www.antennapod.com">AntennaPod</a>, which through a recent update manages to fulfill nearly all of my critical criteria, especially the adjustable playback-speed one. AntennaPod is Open Source Software <a href="https://github.com/danieloeh/AntennaPod">hosted on GitHub</a> which gives some bonus points. It has a clean, plain, simple interface with almost no nested menus and the shownotes viewer is simple and fast. The app features a <a href="http://flattr.com/thing/745609">flattr-integration</a> with optional auto-flattring of heard episodes. Unfortunately the app doesn&apos;t yet support paged feeds.</p><h2 id="what-s-missing">What&apos;s Missing?</h2><p>Since I&apos;ve been using BeyondPod recently, I&apos;ve been spoiled a little, so I&apos;m missing some features BeyondPod has, in AntennaPod. First of all, what I&apos;m missing is a list of the downloaded, already played episodes, so I have a chance to manually delete episodes I do not want to hear again, or get rid of all downloaded, played episodes at once. Secondly I&apos;ve been using BeyondPod&apos;s category feature quite a bit, so I kind of miss having that possibility in AntennaPod. Thirdly, I&apos;d love to have support for paged feeds in the app, to access complete archives of my favourite podcasts. Last but not least I should mention that AntennaPod is unfortunately missing a syncing feature at the moment. But since I only have one Android device I use, it doesn&apos;t matter too much for me.</p><p>In conclusion I want you to start up Google Play and download AntennaPod. The app is available for free on <a href="https://play.google.com/store/apps/details?id=de.danoeh.antennapod">Google Play</a>, if you like it, please flattr the developer.<br>Have fun and enjoy testing this great app.</p><!--kg-card-begin: html--><table>
    <tr>
        <th> Name: </th>
        <td> AntennaPod </td>
    </tr>
    <tr>
        <th> Platform: </th>
        <td> Android </td>
    </tr>
    <tr>
        <th> Price: </th>
        <td> Free </td>
    </tr>
    <tr>
        <th> License: </th>
        <td> Open Source </td>
    </tr>
    <tr>
        <th> Download: </th>
        <td> <a href="https://play.google.com/store/apps/details?id=de.danoeh.antennapod">Play Store</a> </td>
    </tr>
    <tr>
        <th> Flattr: </th>
        <td> <a href="https://flattr.com/thing/745609">Flattr!</a> </td>
    </tr>
    <tr>
        <th> GitHub: </th>
        <td> <a href="https://github.com/danieloeh/AntennaPod">GitHub</a> </td>
    </tr>
</table><!--kg-card-end: html-->]]></content:encoded></item></channel></rss>