hank@tardis:~$ wget -S http://www.ralree.com
--2009-06-30 09:52:13--  http://www.ralree.com/
Resolving www.ralree.com... 74.54.115.108
Connecting to www.ralree.com|74.54.115.108|:80... connected.
HTTP request sent, awaiting response...
 HTTP/1.1 200 OK
 Date: Tue, 30 Jun 2009 13:49:54 GMT
 Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.7a Phusion_Passenger/2.1.3
   mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
 X-Powered-By: PHP/5.2.8
 X-Pingback: http://www.ralree.com/newblog/xmlrpc.php
 Last-Modified: Tue, 30 Jun 2009 13:49:21 GMT
 X-Content-Security-Policy: allow self; img-src *; object-src *.ralree.com
  *.ralree.info; script-src *.ralree.com *.ralree.info pagead2.googlesyndication.com
  friendfeed.com; style-src *.ralree.com *.ralree.info
 Content-Length: 57457
 Keep-Alive: timeout=5, max=100
 Connection: Keep-Alive
 Content-Type: text/html; charset=UTF-8

As you can see, my content security policy is sent as an HTTP header on all HTTP responses from my site.  I basically stole an example from this page.  I’ve attached it in the .htaccess file in my site’s root, before everything else in there, like so:

<IfModule mod_headers.c>
Header set X-Content-Security-Policy "allow self; img-src *; object-src *.ralree.com *.ralree.info; script-src *.ralree.com *.ralree.info pagead2.googlesyndication.com friendfeed.com; style-src *.ralree.com *.ralree.info"
</IfModule>

I highly recommend everyone with commenting activated on their blog enable this, since XSS is a serious pain.  This seems to work very well on Site5, where mod_headers was simply enabled out of the box.

So, I got this heating pad at the store a while back to use as a hedgehog heating pad. I found out that the 2-hour auto-off timer was hardcoded into the circuit, and they didn’t even bother to put a switch on the casing to disable it. Typical overprotection of the consumer – this wouldn’t exist if our country was a bit less litigious…

So, I got this heating pad at the store a while back to use as a hedgehog heating pad. I found out that the 2-hour auto-off timer was hardcoded into the circuit, and they didn’t even bother to put a switch on the casing to disable it. Typical overprotection of the consumer – this wouldn’t exist if our country was a bit less litigious…

African hedgehogs need at least 72F to be happy, so a heating pad under the cage is recommended. I mean, how could you not help this face?:

So, to disable it, I decided to take it apart and find the culprit like this guy did. It’s too bad that for some reason they decided to make it even harder to change this “feature.” Here’s the outer casing:

Here is an overview of the circuit board:

It’s an Eagle LOPP4, and apparently it was made on Christmas of 2006 (2006-12-15)! It also bears a marking of 07.28, and I have no idea what that means.

So, the deal is that after a lot of trial and error, I finally found which single pin on the IC you have to cut. I’ve circled the IC here:

It’s PIN #2!

OK, it actually isn’t #2 on the schematic, but in the picture it makes sense. Just take a soldering iron and a sharp pointy object (I used a thumbtack), melt the solder, and pry the pin from the board. Be careful not to touch pin #1 – if you disconnect it, it will turn off every 5 minutes! Then, put the entire thing back together and celebrate!

I used the datasheet for the IC chip to figure out what pins to screw with. I can’t find the number of the chip right now without tearing the whole thing apart again. Basically, the chip is just a counter, and you cut one of the pins that makes it increment. So simple.

Now I have a happy hedgehog. He’ll never be cold again.

Update (1/2009)

Nick V has modified his Sunbeam Model 836. For those interested, here’s his description of the mod:

The chip is a CD4060 (14 stage ripple counter) on mine. They use it as count up timer to turn the ac to the heater coils off after two hours. I wired in a 10k resistor pullup to Vdd to pin 12 (master reset). This disables the counter function, and voila, no auto off!

I went ahead and found the datasheet for all you kids looking to try this. I extracted the one piece of information you probably need:

Nice job, Nick! Hats off to you!

Do not try this if you don’t know exactly what you’re getting into.

So, last month sometime, BrainSlayer got DD-WRT working on version 8 of the WRT54G. Now this was great news to me when I read it since I’ve been wanting to get rid of the crappy LinkSys management from the beginning. Some of the procedure worked, and some of it didn’t for me.

Do not try this if you don’t know exactly what you’re getting into.

Here’s what I ended up doing:

• Go here and look at the state of things.
• Read flashing.txt. It helped me immensely.
• Download the DD-WRT firmware and the version 8 VXWorks killer and put them in a safe place
• I use Ubuntu, so at this point I installed tftp:

sudo apt-get install tftp

• Go to the flashing dialog and flash the VXWorks killer firmware you got.
• Once the router reboots, get a beer while it warms up. This should take 1 to 2 minutes.
• Unplug the router and plug it back in.
• Wait while it boots (20 seconds).
• Set your ip and default gateway:

# Replace <interface> with whichever network interface you're using.
sudo ifconfig <interface> 192.168.1.100
sudo route add default gw 192.168.1.1

• Ping the router. Hopefully this works…

hank@rofl:~$ ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.792 ms

• Send the new firmware over. Make sure to set your mode to octet! You should see a bunch of blinky lights on the router for a few seconds, then tftp should output the number of bytes transferred.

hank@rofl:~$ tftp 192.168.1.1
tftp> mode octet
tftp> put dd-wrt.v24_micro_wrt54gv8.bin

• Get another beer. While you do that, your firmware is being reflashed and DD-WRT is booting up. You should see the power light go on, then off, then on again, then blink, then stay on.
• You should be able to get DHCP now. Try it:

sudo dhclient <interface>

• If that worked, head over to http://192.168.1.1 to the admin console.
• Change the settings to your liking. The default account is root/admin
• Change the maximum connections to 4096 and the TCP and UDP timeouts to 90 each in the main Administration page.

This should yield you an awesome setup. I’m very happy with mine.

References

Hack Attack: Turn your $60 router into a $600 router

Files

Oh, and just in case DD-WRT’s site goes down in the middle of the procedure (like it did to me), here are the files:

Firmware
VXWorks Killer

Wordpress is a joke!!

Mephisto Wins!

I must say that it’s really funny. Shows how lame Microsoft really is.