<?xml version="1.0" encoding="utf-8"?><feedxmlns="http://www.w3.org/2005/Atom"><generatoruri="https://jekyllrb.com/"version="4.2.0">Jekyll</generator><linkhref="/feed.xml"rel="self"type="application/atom+xml"/><linkhref="/"rel="alternate"type="text/html"/><updated>2021-10-04T19:50:20-06:00</updated><id>/feed.xml</id><entry><titletype="html">How To Produce Semantically Correct MathML From XaTeX/LaTeX (and other accessibility ideas)</title><linkhref="/2021/09/18/how-to-generate-proper-content-mathml-from-katex-or-latex/"rel="alternate"type="text/html"title="How To Produce Semantically Correct MathML From XaTeX/LaTeX (and other accessibility ideas)"/><published>2021-09-18T00:00:00-06:00</published><updated>2021-09-18T00:00:00-06:00</updated><id>/2021/09/18/how-to-generate-proper-content-mathml-from-katex-or-latex</id><contenttype="html"xml:base="/2021/09/18/how-to-generate-proper-content-mathml-from-katex-or-latex/">During a recent run-in with the Simon Fraser Fraser University accessibility department,
> A diagram showing a stack. It starts with the operation "Push A", and now the stack contains the variable "A"; now the stack pushes "B", which displays now "B" on top of "A"...
It is hard to explain this correctly and accurately without being extremely verbose and frankly, confusing---this defeats the whole purpose of describing the image.
Things which have a one to one correspondence of any kind can usually be represented as a table, even if it's only "aligned" on the slide or note.
And this is generous, as the sigma sign, bullet point, equal sign and minus sign were for some reason not UTF-8 encoded so it displayed as a chat sign emoji, down arrow, video camera and book sign respectively.
Not sure about you, but I certainly can't get the equation out of that mess.
1. It's not difficult. You can learn the vast majority of LaTeX math syntax in an afternoon.
2. It's easier for *everyone* to read. Especially with KaTeX. KaTeX is able to convert the formula to both MathML for screenreader users and HTML markup for people who just want to see those fancy math expressions.
Presenting information in plain text, or at least having alternates forms of images, diagrams and math formulas makes education better for everyone, not just blind students.
It makes it better for people running on cheaper devices which may not handle running heavy software like Microsoft PowerPoint;
it makes it better for people who use operating systems other than MacOS and Windows (this is especially important in the technology sector, where Linux/BSD users make up a sizeable minority of users);
Running a `pdftotext` program, or simply transcribing handwritten notes is not enough to properly describe slides and notes---handwritten or not.
Every diagram, math equation, annotation, piece of code or output---every single thing must be transcribed to plain text, or some alternate format like MathML.
Big sad.</content><author><name></name></author><summarytype="html">During a recent run-in with the Simon Fraser Fraser University accessibility department, I learned that they’re writers are so well-trained as to write “image” where a simple diagram is shown, and “print out picture of output” where a piece of code lies. I figure the geniuses over there could use some help creating files for the visually impaired. Here’s a quick guide!</summary></entry><entry><titletype="html">Idea For A VPN Service</title><linkhref="/2021/08/31/vpns-api/"rel="alternate"type="text/html"title="Idea For A VPN Service"/><published>2021-08-31T00:00:00-06:00</published><updated>2021-08-31T00:00:00-06:00</updated><id>/2021/08/31/vpns-api</id><contenttype="html"xml:base="/2021/08/31/vpns-api/">Recently I've been thinking about starting a VPN service.
This service has some interesting requirements that I have never seen a VPN service do before, so I'd like to put down my thoughts as to what might be sensible for a centralized yet encrypted\* VPN service.
I would license all the code and scripts under the AGPLv3.
This creates an environment where I could allow my company to use this code, and any other company for that matter. However, no company would be allowed to take it into their own hands and use it without contributing back to the project.
I've decided for now that the best thing to do is to target the Linux nerd.
Target the user who is familiar with these advanced security practices, then make them available to the general public as the layers on top of the robust security are refined.
End-to-end encryption is necessary in a country like Canada, where I may be sent a subpoena to provide customer data.
This is the case especially in the [Five Eyes](https://en.wikipedia.org/wiki/Five_Eyes) anglophone group of countries, who essentially spy on each others' citizens for eachother.
In essence, any data in the hand of one government agency in the "Eyes Countries" may be shared between the Five, Nine, and 14 Eyes countries.
In practice, the U.S. government especially, uses its authority to spy on its own citizens who are simply minding their own business. ~~Bulk data collection~~ mass surveillance is not a freedom respecting characteristic of modern western democracies.
The other option is to use a standard "username" field that uses a modern hash function like [SHA512](https://en.wikipedia.org/wiki/Secure_Hash_Algorithms) to store it in the database.
A *non-unique, universal* [salt](https://en.wikipedia.org/wiki/Salt_(cryptography)) will also be used on each username before storing it in the database to make it more secure.
This decreases the possibility of an advanced attacker being able to find usernames in a leaked database using [rainbow tables](https://en.wikipedia.org/wiki/Rainbow_table).
It would be fairly easy, if they have access to the active salt, to migrate to a new salt every few days/months, or perhaps every time a server upgrade/maintenance happens.
This does run the possibility of larger issues if the server is shut down or hangs during a migration and needs to be restarted.
In the end, the *application* would need a backup of this salt, otherwise login times would become linear to the number of users as the database checks every user's salt to see if it matches the hash made with the username input.
Note that the *database* does not store the salt, so finding it will be very hard, even in the case of a leaked database.
When a new account is generated, you will be taken to a password reset screen where you will set your password to whatever your want, using your own secure system to handle it.
For example: if a "month" (30 days) costs ten dollars, then a payment of fifteen dollars would add 45 days to an account. So essentially 33 cents per day, {% katex %} \frac{10}{30 \times 24}=0.0138{% endkatex %} dollars per hour, or {% katex %}\frac{10}{30 \times 24 \times 60}=0.00023\overline{148}{% endkatex %} dollars per minute.
This is the second biggest threat to the users' data privacy, as this, by definition, cannot be encrypted as my server needs access to this data to decide whether a user should be allowed to: view a list of VPN nodes available to them or connect to a VPN.
The best I can think of in this case is:
1. Use a system similar to the username: use a common salt and hash algorithm to store them in the database.
2. Use full-disk and full-database encryption to keep the data secure to outside attackers.
This necessitates that the *physical* infrastructure hosting the central database server must by physically owned and operated by the VPN operator and not any third party.
In addition, it means top security root passwords, tamper resistant cases (in the case of a co-hosting or server room environment), sensors to indicate it has been opened or touched.
If you thought this was bad, wait until the next part.
### Active Connections
In order to stop a user from simply using the entire bandwidth of all the VPN nodes available to them, there must be a way to know how many active connections the user has.
This is *by far* the biggest issue in terms of user privacy.
There are a few options here:
1. Do not have a limit on the number of connections a user may have. This is dangerous from a [DDoS (distributed denial-of-service)](https://en.wikipedia.org/wiki/Denial-of-service_attack) perspective.
This also makes the VPN provider vulnerable to be used as a DDoS distribution method by putting all their traffic through the VPN provider, and them not having any logs---the bad guys could use the distributed nature of VPN nodes to attack whoever they see fit.
This is not a viable option.
2. Have a list of connected users sent to the central server every 15 to 30 seconds. This is fairly efficient, but more privacy invasive.
3. When a user connects, log an explicit "connect" message.
When a user disconnects, send an explicit "disconnect".
Have the VPN server report an *implicit* "disconnect" after an amount of time, say 15 minutes, then send an implicit "connect" message once traffic continues. This is all in RAM under temporary storage and is lost upon restart of the server.
The best method (used currently by [Mullvad VPN](https://mullvad.net)) is number 3.
## Panel
The admin panel will have some broad info about the nodes:
* Active connections
* Server load (held and reported every minute by the nodes themselves. Not sure how to do this yet.)
* Location
* IP Address
* Failed connections in last X amount of time (i.e. invalid credentials)
* Physical server status (i.e. owned by the hoster vs. contracted out to another hosting company in the area)
This panel would also have options to stop, start or soft stop the VPN service on each node for maintenance.
A soft stop will stop new connections and remove it from the list of available servers for the end-user. Users will disconnect whenever they feel like it---eventually winding down to zero connections.
This allows maintenance without service disruption.
Best I can think of right now is have an admin login, then have the server have a key in each node machine.
This completely compromises the SSH key system though.
Now every node is secured with nothing but a password. Maybe the console will require connecting to a local instance on a machine through an encrypted connection which will require a key.
Another way to approach this, security-wise is to make a shell script (or locally running flask app) which reads info about the servers from a sqlite database.
Then, it uses the local computer to connect to the servers---assuming the local machine has all the keys necessary to do so.
It fixes the single point of failure in the cloud. This *massively* reduces the attack surface to intentionally stealing physical hardware from trusted parties, or software-hacking these same trusted people.
But, if the key is lost by the host... The entire service is kaput. No maintenance may be performed, no checks, bans, addition of servers can be done whatsoever.
Doesn't really matter which one, unless you're a nerd---for your average person you can just pick whatever the best deal is at the time and you're off to the races.
Happy VPN hacking :D</content><author><name></name></author><summarytype="html">Recently I’ve been thinking about starting a VPN service. This service has some interesting requirements that I have never seen a VPN service do before, so I’d like to put down my thoughts as to what might be sensible for a centralized yet encrypted* VPN service.</summary></entry><entry><titletype="html">UEFI Audio Protocol &amp; UEFI BIOS Accessibility</title><linkhref="/2021/06/21/uefi-audio/"rel="alternate"type="text/html"title="UEFI Audio Protocol &amp; UEFI BIOS Accessibility"/><published>2021-06-21T00:00:00-06:00</published><updated>2021-06-21T00:00:00-06:00</updated><id>/2021/06/21/uefi-audio</id><contenttype="html"xml:base="/2021/06/21/uefi-audio/">Good news about the state of accessibility in the BIOS!
These menus---which let you edit your boot order, RAM timings, CPU and GPU overclocking and sometimes even fan speed---they were completely inaccessible to those who could not see them.
Well, until... soon. I had a talk with one of the big bois working on EDK2, the UEFI implementation which is used by most motherboard vendors to create their firmware.
I thought I would share the info I understand, and the conversation in full.
1. This year, the GSoC (Google Summer of Code) project had [a submission of Ethin Probst](https://summerofcode.withgoogle.com/projects/#6499615798460416) to implement VirtIO audio drivers for EDK2.
2. [QEMU](https://qemu.org), the emulator that was chosen to test for this project does not have VirtIO support (yet). I haven't found info on when this will be done.
3. Because of 2, Ethin and his mentors for his project, Ray Ni and Leif Lindholm decided to first implement USB-dongle audio support first, as this is a) supported in QEMU, and b) is good enough to start squashing bugs at the audio level.
4. Because GSoC is usually over around September, there will likely be some more news coming soon!
tait_dot_tech: Hello there, I'm new to IRC so just checking my messages are coming through.
tait_dot_tech: Looks light it's alright. Ok so I have a question: does anyone know of an active project looking at making UEFI accessible to the blind (i.e. speec) [sic] from within the UEFI environment? Main concern is having blind users be able to boot Linux USBs (I know, very niche thing), but depending on how good it is, could potentially be used to allow blind individuals to change their overclocking,
tait_dot_tech: hardware RAID, boot order, RAM timings, etc. all on their own. Just wondering if there is any project doing this? I have tried my best to find anything, and am just trying not to duplicate effort. Thanks :)
leiflindholm: tait_dot_tech: we have a google summer of code project running this year, prototyping a standard for audio output. To hopefully be added to the UEFI specification in the future.
leiflindholm: once we have a standard for audio output, we can work on adding support for audio output to the Human Interface Infrastructure
leiflindholm: which is the thing that lets menus be loaded and displayed independent of specific graphical implementation
tait_dot_tech: Oh wow! Glad to hear there is progress on this! Is there a link to the Google summer of code project, or anything else where I can keep tabs?
leiflindholm: tait_dot_tech: there isn't much yet, we're only on week 3 of GSoC.
leiflindholm: https://summerofcode.withgoogle.com/projects/#6499615798460416 is the link if it's something you want to point others to, but any discussion/reporting is likely to hapen [sic] on our mailing lists
leiflindholm: When we have anything interesting to say, we'll also post to edk2-discuss/edk2-announce
tait_dot_tech: Sweet! I'll join that one just in case! I'd be happy to test anything in beta-ish state and report back with any device I can get my hands on. Is that the right list to watch for hepling test it out?
leiflindholm: I'd say so.
leiflindholm: The original plan was to start with wirtio [sic] audio support, so anyone could help out anywhere, but that support is not yet upstream in qemu. So for now we're working on an [sic] USB audio class driver. That will certainly be useful to have more people testing with different equipment once we have something working.
tait_dot_tech: Ahh! So if I want to test, I should get a USB audio dongle. Gotcha! Thank you so much! You've been super helpful!
Happy UEFI hacking :)</content><author><name></name></author><summarytype="html">Good news about the state of accessibility in the BIOS!</summary></entry><entry><titletype="html">Pinebook Pro, The Ultimate ARM Laptop</title><linkhref="/2021/06/02/pinebook-pro/"rel="alternate"type="text/html"title="Pinebook Pro, The Ultimate ARM Laptop"/><published>2021-06-02T00:00:00-06:00</published><updated>2021-06-02T00:00:00-06:00</updated><id>/2021/06/02/pinebook-pro</id><contenttype="html"xml:base="/2021/06/02/pinebook-pro/">I recently got my Pinebook Pro.
The shell is aluminium and doesn't feel *too* cheap, but I should note that it sure doesn't feel like a Macbook if that's what you're expecting.
The screen is bright enough and has anti-glare applied to it. I can use it with moderate light behind me, but not a sunset. Decent, and I can't even use my phone with a sunset right on it, so that's not a huge loss at all as I think my phone costs more than this haha!
1. Reboot did not work. The display would glitch out and show horizontal lines. It would only work after a full shutdown.
2. Booting would sometimes not work at all. My SD card would sometimes boot, sometimes not. eMMC would sometimes work and sometimes not. Sometimes I would even get to the login screen, or fully logged in before it decided to freeze/hang. I could "drop to console" (Ctrl+Alt+Fx), but it only made my mouse stop showing, it would not actually display a console. This problem was worse when not plugged in.
3. Performance was not stellar, even for the RK3399.
4. I don't like the Manjaro logo that displays during boot.
The `dd` instructions are printed out after installing the `uboot-pinebookpro-bsp` package, so make sure to follow what is printed there if it is different that what I have provided.
I would also be interested in the other batteries they have available.
Even though it comes with a battery, and I also don't think you can install a second one, I would be interested to see if I could get more life out of it with an improved battery.
If this is a standard battery (Pine64 tends to use standard parts), then I would consider getting it from a supplier as well.
Happy ARM hacking :)</content><author><name></name></author><summarytype="html">I recently got my Pinebook Pro. It was more expensive than I was expecting, coming in at (including shipping and handling) C$335. I always forget the exchange rate and assume it’s similar to the U.S. dollar, but it never is, haha! Anyway, this is just my first impressions and what I did to fix a few issues.</summary></entry><entry><titletype="html">UEFI Development On x86 With EDK2</title><linkhref="/2021/04/18/uefi-development-environment/"rel="alternate"type="text/html"title="UEFI Development On x86 With EDK2"/><published>2021-04-18T00:00:00-06:00</published><updated>2021-04-18T00:00:00-06:00</updated><id>/2021/04/18/uefi-development-environment</id><contenttype="html"xml:base="/2021/04/18/uefi-development-environment/">I made this blog so I could remember how to do stuff that had instructions spread around the internet.
So here is how I setup my environment for developing EFI applications.
Notice we source a file with `.` before continuing. This is needed to load some tools and options into our shell for later. The environment variable `EDK_TOOLS_PATH` is set so that EDK knows where to find itself later. Now that everything is loaded up, we can modify a config file located at `Conf/target.txt`.
Third, add the `EFI Shell` option to your grub boot file.
Substitute hdX with the right hard drive (I did it with trial and error) as when it doesn't work I would hit 'e' on grub and add the `ls` GRUB command.
Happy UEFI hacking :)</content><author><name></name></author><summarytype="html">I made this blog so I could remember how to do stuff that had instructions spread around the internet. So here is how I setup my environment for developing EFI applications.</summary></entry><entry><titletype="html">The “Quiz Your Friends” XSS Exploit</title><linkhref="/2021/04/04/quiz-your-friends-xss/"rel="alternate"type="text/html"title="The “Quiz Your Friends” XSS Exploit"/><published>2021-04-04T00:00:00-06:00</published><updated>2021-04-04T00:00:00-06:00</updated><id>/2021/04/04/quiz-your-friends-xss</id><contenttype="html"xml:base="/2021/04/04/quiz-your-friends-xss/">Note: I have alerted the administrators of this site multiple times about this vulnerability.
One email was sent many years ago, which is more than enough time for [responsible disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure).
In early 2014, when my "programming" skills consisted of editing web pages with inspect element, I was sent a link from an old friend in a town about 3 hours away.
In the following weeks this quiz website became quite a trend amongst my friend group as we all started making quizes to see how well we all knew eachother.
A few weeks into this trend, I was staying at a friends' place and told him about this site,
so he goes and creates his own quiz and sends it to all his friends, group chats, Google Plus groups, et cetera.
<p><span class="mono">&lt;b&gt;Steve&lt;/b&gt;</span> displaying in the leaderboard as bold text: <b>Steve</b></p>
<img src="/assets/img/qyf-xss/5-maxlength.png" alt='An image of the Quiz Your Friends name input field with inspect element. THe code reads: <font class="style6"><input class="inputbutton" name="takername" type="text" id="takername" maxlength="20" width="425" placeholder="Your First Name" style="text-align: center; text-decoration:inherit; font-size:38px;" tabindex="-1"></font>'>
Happy Hacking, literally :)</content><author><name></name></author><summarytype="html">Note: I have alerted the administrators of this site multiple times about this vulnerability. One email was sent many years ago, which is more than enough time for responsible disclosure.</summary></entry><entry><titletype="html">Lichess Accessibility</title><linkhref="/2021/01/31/lichess/"rel="alternate"type="text/html"title="Lichess Accessibility"/><published>2021-01-31T00:00:00-07:00</published><updated>2021-01-31T00:00:00-07:00</updated><id>/2021/01/31/lichess</id><contenttype="html"xml:base="/2021/01/31/lichess/">I wanted to play chess with somebody who used a screen reader, without requiring a screen reader myself;
some sites, like QuintenC's Playroom have a rather poor visual interface for anyone who would like the play the game visually.
[Lichess](https://lichess.org) is an free and open-source website for chess players;
it bridges this gap by having two "modes" on the site:
In my quest to play chess with visual and non-visual players with both having optimal experiences, I tried Lichess with my friend from [melly.tech](https://melly.tech/).
This is because it required an "enter" at the end of each command and the commands tended to read out a row or column of a chessboard not just an individual square.
For the inexperienced player, it seems to be more convenient to bind some keys and have the user bounce to various buttons, which they can push to say "I want to move this piece".
Therefore, all the other keys still work on other square, but if you are on the destination square of a promotion q/r/b/n will promote your piece, not jump you to the next/previous one.
If you are a screen reader user or know about accessibility and want to help make Lichess an awesome chess site for sighted and unsighted players alike,
then send me an email at <a href="mailto:tait@tait.tech">tait@tait.tech</a> and I'll BCC you once I start testing the analysis board.
Happy hacking, y'all!</content><author><name></name></author><summarytype="html">I wanted to play chess with somebody who used a screen reader, without requiring a screen reader myself; some sites, like QuintenC’s Playroom have a rather poor visual interface for anyone who would like the play the game visually. Lichess is an free and open-source website for chess players; it bridges this gap by having two “modes” on the site: standard mode and accessibility mode.</summary></entry><entry><titletype="html">How to Deploy Lichess’s Lila With Nginx</title><linkhref="/2020/12/20/deploy-lichess/"rel="alternate"type="text/html"title="How to Deploy Lichess’s Lila With Nginx"/><published>2020-12-20T00:00:00-07:00</published><updated>2020-12-20T00:00:00-07:00</updated><id>/2020/12/20/deploy-lichess</id><contenttype="html"xml:base="/2020/12/20/deploy-lichess/">I was getting ready to have a public test of some changes I made to [lichess.org](https://lichess.org)'s [open source chess platform](https://lichess.org/source).
In preperation, I got my Let's Encrypt certificates and nginx configurations setup...
and it wouldn't work.
Here are some tips for myself and future Lichess developers.
Getting a local development server usually works alright, but once you want to reverse proxy it for security and professionalism purposes, it get more interesting.
[Lila](https://github.com/ornicar/lila/) is the name for the main chess server, we need to change a few settings. Here is my git diff for the `conf/base.conf` file:
This is not a long article, but just some notes for future me and Lila developers.</content><author><name></name></author><summarytype="html">I was getting ready to have a public test of some changes I made to lichess.org’s open source chess platform. In preperation, I got my Let’s Encrypt certificates and nginx configurations setup… and it wouldn’t work. Here are some tips for myself and future Lichess developers.</summary></entry><entry><titletype="html">Getting Pacaur Working on a Raspberry Pi 4 with Manjaro ARM or Arch Linux</title><linkhref="/2020/12/01/pacaur-rpi/"rel="alternate"type="text/html"title="Getting Pacaur Working on a Raspberry Pi 4 with Manjaro ARM or Arch Linux"/><published>2020-12-01T00:00:00-07:00</published><updated>2020-12-01T00:00:00-07:00</updated><id>/2020/12/01/pacaur-rpi</id><contenttype="html"xml:base="/2020/12/01/pacaur-rpi/">I recently installed Manjaro ARM (based on Arch Linux ARM) on a Raspberry Pi 4.
I used some standard commands to start to add the `pacaur` package so I can easily retrieve [AUR packages](https://wiki.archlinux.org/index.php/Arch_User_Repository) without needing to do it manually.
Unfortunately, there is a small problem with compiling this on ARM.
Around half way through compiling this project, I got this cryptic message telling me there was a "target specific option mismatch"...Whatever that means.
The full error is below, hopefully that helps my chances on the search engines.
/usr/lib/gcc/aarch64-unknown-linux-gnu/9.3.0/include/arm_neon.h: In function 'Vector128 {anonymous}::AesRound(const Vector128&, const Vector128&)':
/usr/lib/gcc/aarch64-unknown-linux-gnu/9.3.0/include/arm_neon.h:12452:1: error: inlining failed in call to always_inline 'uint8x16_t vaesmcq_u8(uint8x16_t)': target specific option mismatch
> If you get this error when building for ARM aarch64:
>
> (insert error message from before)
>
> Then check that in /etc/makepkg.conf CFLAGS and CXXFLAGS have the +crypto suffix in -march flag, like -march=armv8-a+crypto (the base identifier may very depending on your hardware)
What Mr. redfish is telling us is that we must add '+crypto' to the end of the -march compiler flag so that our compiler will know how to inline that pesky vaesmcq_u8 function.
> Build of abseil-cpp package works because it uses CMake which adds the correct -march flag regardless of makepkg.conf, whereas when abseil-cpp is build as a subproject within this package, it uses meson, which does not add the flag and thus fails with the above error.
Happy hacking!</content><author><name></name></author><summarytype="html">I recently installed Manjaro ARM (based on Arch Linux ARM) on a Raspberry Pi 4. I used some standard commands to start to add the pacaur package so I can easily retrieve AUR packages without needing to do it manually. Unfortunately, there is a small problem with compiling this on ARM.</summary></entry><entry><titletype="html">ZFS NAS Box, Part 2</title><linkhref="/2020/11/15/nas2/"rel="alternate"type="text/html"title="ZFS NAS Box, Part 2"/><published>2020-11-15T00:00:00-07:00</published><updated>2020-11-15T00:00:00-07:00</updated><id>/2020/11/15/nas2</id><contenttype="html"xml:base="/2020/11/15/nas2/">Back in [part one of my NAS project]({% post_url 2020-04-12-nas1 %}) I discussed how I wanted to set up my hardware.
There were some hiccup along the way, like learning that M.2 slots can disable some of your SATA ports or waiting a month for a host bus adapter to come in from China.
Due to this machine being connected directly outside my network and pulling DHCP like a normal router would, I need to send my data through the WAN connection to get my files to it.
This is rather unfortunate as my upload speed is capped at 20 megabits per second, despite my upload being in the 300+ range.
Do not try to use the M.2 slot on a consumer motherboard where you are also using all the SATA ports.
On my consumer gaming motherboard, the SATA ports next to the M.2 slot became *disabled* when I attached the M.2 SSD.
I found this out form my motherboard documentation, which I read only after a week of thinking my motherboard itself was defective, and sending it in for repairs that did absolutely nothing.
Happy hacking!</content><author><name></name></author><summarytype="html">Back in part one of my NAS project I discussed how I wanted to set up my hardware. Today, I set up the NAS (almost).</summary></entry></feed>