Ubuntu 17.10 64bit on Lenovo ideapad 100s

Ubuntu ideapad 100s, finally.

It works much better with Ubuntu 17.10 now. Instructions edited for 17.10 below.

I struggled with this for a while, but today I found the magic combination of efi and grub parts to mix with an Ubuntu 16.04.1 64 bit ISO to produce an almost perfect Linux laptop. As always, this documentation is for my own use, but it would be nice if it helps someone else looking to get Ubuntu running on a low-grade, lightweight laptop.

  • Keyboard works
  • Trackpad works
  • Wifi works
  • Power management seems to work
  • Wifi not yet without a USB wifi adapter
  • Power and suspend TBD

Here’s what I did.

  1. (on Windows) Download ubuntu-17.10-desktop-amd64.iso
  2. (on Windows) Download debian-8.6.0-amd64-i386-netinst.iso (debian multiarch)
  3. (on Windows) Right click the debian-8.6.0-amd64-i386-netinst.iso and select Mount
    1. Open the virtual disk in windows explorer, we need to copy a couple things from it.
  4. (on Windows) Using Rufus 2.11, burn ubuntu-17.10-desktop-amd64.iso to a bootable USB drive.
    1. Close Rufus
    2. Open the drive in windows explorer, we need to put a few things here.
  5. (on Windows) From the debian image
    1. Copy \boot\grub\i386-efi (the whole folder)
    2. Paste it in to the USB drive (Ubuntu boot disk) in \boot\grub\
    3. Copy \efi\boot\bootia32.efi
    4. Paste it in to the USB drive (Ubuntu boot disk) in \efi\boot\
  6. Now you can shut down the ideapad, insert the USB drive (Ubuntu boot disk), and enter the utility by pressing the smaller button to the right of the indicator LEDs next to the power button.
  7. Choose Boot Menu
  8. Highlight your USB drive.
  9. Install ubuntu.
  10. Change power settings so it never goes to sleep!
  11. You can also add xscreensaver and configure its daemon to start at boot time:


Sleep and wake seem to work with no fiddling now. Battery life is excellent.

While I was writing this in windows 10 on another computer, I learned that if the ideapad does go to sleep, you will have to power cycle it to get it back up. 🙁


I love Ubuntu but I want Kali tools

Yup I love Ubuntu. I even love the Unity desktop UI (so shoot me).  I also want to play with all the tools in the Kali distro, but one thing that gets in my way is the UI is just different enough to make it a little difficult. Blah blah blah this guide is mostly to help me remember how to do it again without having to remember the right questions to ask The Google.

  1. Install Ubuntu
    1. Just do it.
    2. Customize if you like. I can’t get going without reducing the launcher icon size and adding redshift and guake.
  2. Install Git
    1. sudo apt-get install git
  3. Install Katoolin
    1. sudo su
    2. git clone  && cp katoolin/ /usr/bin/katoolin
    3. chmod +x /usr/bin/katoolin
    4. katoolin
  4. Configure Katoolin
    1. 1,1,2
    2. back
    3. 2
    4. 0
  5. Fixing Katoolin package problems
    1. Sometimes the packages listed in the katoolin script are unavailable. In my case it was multiforce that apt couldn’t get. To fix that you need to edit the katoolin script:
      1. gedit /usr/bin/katoolin
      2. search for the missing package and delete its name
      3. save the file
      4. repeat step 4 above.
  6. Now I have Kali tools AND my favorite desktop.

Why do they call me Whoopee?

Is it because I have dreadlocks? No.

Am I prone to screaming “Whoopee!” when I get excited? No.

A decade ago I was working with the same core group of teammates at Spruce Technologies, a DVD authoring software developer. I worked for the “Convergence Services” division, where we made things like DVD-on-CD and Internet-Connected DVDs. We worked directly with studios and artists to produce and format their content. On occasion we even filmed and recorded the content for them as part of the process. Those were the days! One particular artist (we called him Ice), an AWESOME guitarist and producer and musical director (for Top-10 artists by the way), who was our gateway to most of the talent that came our way, noticed that whenever something was broken or just not working right, the team always called me. I guess he’d been watching cartoons that morning because he called me Whoopee. We all looked at each other and wondered why, so he explained. “You remember on the Tennessee Tuxedo Show, how Tennessee and Chumley always went to the professor for solutions to tough problems? That professor’s name was Phineas J. Whoopee, and he was known to Tennessee and Chumley as “The man with all the answers.”


I’m flattered of course, but I realize the reference may also come from the appearance of my cluttered cubicle, not unlike the pile of junk from which Mr. Whoopee always fished out his 3D Blackboard to illustrate one of his many answers.

Tracking MPG with Raspberry Pi and OBDII

I was bitten by the Raspberry Pi bug. The first time I saw it mentioned, I ordered one immediately. I ordered it in August and didn’t get it till April. The first thing I did was to follow a tutorial using python and GPIO to light up a red LED when my unread email count was 0, and flash a yellow LED every time a new unread email showed up. I had connected the cloud to my physical world and I was hooked. There were many experiments after that which I can’t remember. Then I found this video on YouTube and I had a mission.

Martin’s goal was to display diagnostic information overlaid on video from his dash cam. I didn’t have a dash cam and I didn’t want one. I wanted something else. My wife’s car has a “gauge” that shows in real time how efficiently you’re burning gas. Mash the pedal and it will dip below the “econ” mark; feather it and you’ll be rewarded with an indication that you are being green. My truck lacks such feedback, and my truck is inherently less fuel-efficient than her car, so I wanted to create a way to help remind me to be as green as possible in my truck.

More to come…

MOV_2246.MOV Screen shot 2014-01-07 at 6.09.39 PM

Digital Trunked PSPC System With Blue Force Tracking

Last year a police department purchased a digital trunked PSPC system with blue force tracking. What does that mean? A digital trunked PSPC system is a secure radio communications system for Public Safety and Professional Communications organizations (non-military), where all of the transceivers communicate with each other via a central digital “trunk” antenna. All radios in range of the central antenna can communicate with each other and home base. The key to the sale was the promise of a blue force tracking capability, a way for each radio to know the whereabouts of each other radio, and for central control personnel to know the location of each mobile and portable radio in the field (blue dots on the map are good guys, red are bad guys, hence “blue force tracking”). The capability was promised, the system was purchased and installed, but blue force tracking was never implemented. At the hand-off from the vendor to the police department, it was claimed that the capability was promised as a possibility but never promised as an implemented feature.

This police department had a relationship with the Naval Postgraduate School (NPS), which had a relationship with my company, and NPS staff brought us together. We knew enough about the system to know that the components necessary for blue force tracking were designed in, but the dots had just never been connected. I was tapped in to figure out how to connect those dots. We knew the radios had GPS built in. We knew the digital trunk protocol was capable of sending and receiving positional information. We had implemented blue force tracking with these same radios in an analog mesh mode before. All I needed was information about the messaging format for the digital protocol. It took me a couple weeks of personal networking but I finally got my hands on a white paper from the vendor. My chief software architect and I analyzed that white paper and in less than a week he had built us a radio emulator (at least to mimic the positional messaging I/O). I tested this system… confident that I could act as home base, turn on a remote radio’s position reporting function, and see it on a map as a blue dot, I packed up my laptop with the emulator installed and traveled to the police department’s 911 center to test it.

I walked in to that 911 center like a cowboy hero with the guy from the wanted poster slung over my shoulder. I was ready to plug in, fire up the system, show blue dots, and ride away sitting on cops’ shoulders in a ticker tape parade. But nothing happened. NOTHING HAPPENED. Our system told me we were sending activation messages, the radio in my hand said it was receiving activation messages and sending position data SOMEWHERE, but I got no blue dots on my map – the data wasn’t coming all the way back. I fired up Wireshark and after a series of trial and error filters, I was able to find where the messages were being sent. We were listening on the wrong port.

We were listening on the wrong port because the vendor’s white paper described port assignments using an algorithm different from that which was actually implemented. A little more reverse engineering and we had our emulator behaving the same way as the installed system. I took a trip back to the PD, plugged in (a little less cocky this time), and it worked. I sent a command to the radio in my hand to start reporting position and the radio in my hand showed up as a blue dot on the map – and the position was accurate. At this point I called the Chief to let him know it was working. “Try my radio,” he said, and gave me its address. “I see you I said, and now I know where you live,” I replied. “That’s AWESOME… and creepy,” he said.

The image below is not the Chief’s house or anywhere near it – it is meant to show the accuracy of the system only. During a test, an officer stood in a parking lot and showed up on the map:image002

It was a painful but rewarding experience. Getting the information we needed was like pulling teeth from a hungry, unsedated tiger and the information we got was inaccurate. We built the best model possible from that information and designed and implemented a system that got us close enough to troubleshoot our way to the true solution. I impressed and creeped out a police chief. Most importantly, we never gave up.

My data center



I used to have servers sitting on my desk, but they’re noisy and they are extremely overqualified as paperweights. Now I need a couple shelves to get all the desktop NAS boxes in there too, and my bookshelves will have more room for books.

Magic Project Information System

One company I worked for had purchased a job information system that technically did combine job budget and cost accounting with project management and performance information, but the system was slow, it depended on a fat client that made remote access difficult, and the learning curve for project managers was so steep that it ended up being used only by the accounting department. Project Managers were left to their own devices to know their budgets and schedules and somehow find success. I tried to talk management in to letting me build a better project information system that would leverage the accounting data in the purchased system and open up actually useful tools for project managers, but I was told “We already have a system that does that and we can’t get anybody to use it, so no thanks.”

I did it anyway. During slow work periods, in the evenings, on the weekends (at least before my first son was born), I designed the “Magic project information system” or Magic for short, inspired by Clarke’s Third Law: “Any sufficiently advanced technology is indistinguishable from magic.” To lower the learning curve, I created printable forms that allowed project managers to pencil in new cost projection numbers next to those they had already entered in to web forms. Project managers at this company loved worksheets, and this allowed employees without job site access to computers to contribute to the cost projection system. Here’s a quick look at the Job Details form and the Cost Projections worksheet:


Magic Project information System – Job Details screen


Magic Project information System – Cost Projection worksheet

I almost forgot! I also implemented automated weekly project information email notifications. As you can see in the image below, the project manager for this job had not recently updated cost projection data for costs that were projected to have been incurred before the date of the report – his or her projections were out of date and my system was designed to “remind” project managers to keep up to date.


All of the Job Details are queried from the legacy application and mashed up with data entered in to my custom application by the project managers. In the lower grid of the Job Details screen, actual accounting data of record is on the left and project manager-entered data and calculated values and ratios are on the right. The idea of this screen is to present a dashboard of project health indicators. It’s hard to say from this screen whether blown budgets are the result of estimating oversights, fabrication or installation mistakes, or even the effects of the economy on materials prices, but the pain points of the project are immediately visible. On other reports, the aggregate performance of all projects can be seen, helping to highlight which cost codes usually go over budget, or compare project performance from project manager to project manager, or even customer to customer.

I wish I had more time to work on this system, but I think what I was able to get done was helpful to the company.


Currently I am hardening a SQL Server 2012 instance after having already hardened the Windows Server 2008 R2 system on which it is installed. The rules for hardening system components to DoD standards are known as STIGs (Security Technical Implementation Guides). I am not a certified Windows engineer but I was able to fully STIG the server. Last Thursday was the first time I had ever installed SQL Server 2012 so on Friday I not only began the STIG process but I wrote an app to help me document the process. See below:


The problem with the SQL STIG list is it requires the use of SQL scripts for most guidelines, and the guidance in the STIG documents in most cases gives bad (non-working) example scripts. For this reason I have to research every requirement and come up with totally new scripts to test for the specific guideline condition on the STIG item, then come up with a fix for any failures.

Since I don’t want to ever do this again, I designed this app to allow me to record the condition, the result, the suggested test/fix scripts, and my actual test/fix scripts. The log of my experience is captured in SQL Server. The app will export it to XML, then an XSLT script that will output the findings filtered by fixed/open/can’t-be-fixed as a clean document which I will add to our internal wiki.

Our contacts in the DoD tell us that it takes certified MS SQL admins weeks to apply this STIG list. It will take me about the same, and when I’m done I will have produced a document which will cut the next STIG application at least in half.

© 2019 Mike Morris

Theme by Anders NorenUp ↑