U.S. petrochemicals giant Dow Inc and the Singapore government said they were transforming old sneakers into playgrounds and running tracks. Reuters put that promise to the test by planting hidden trackers inside 11 pairs of donated shoes.
Most got exported instead.
[…]
t a rundown market on the Indonesian island of Batam, a small location tracker was beeping from the back of a crumbling second-hand shoe store. A Reuters reporter followed the high-pitched ping to a mound of old sneakers and began digging through the pile.
There they were: a pair of blue Nike running shoes with a tracking device hidden in one of the soles.
These familiar shoes had traveled by land, then sea and crossed an international border to end up in this heap. They weren’t supposed to be here.
Five months earlier, in July 2022, Reuters had given the shoes to a recycling program spearheaded by the Singapore government and U.S. petrochemicals giant Dow Inc. In media releases and a promotional video posted online, that effort promised to harvest the rubberized soles and midsoles of donated shoes, then grind down the material for use in building new playgrounds and running tracks in Singapore.
Dow, a major producer of chemicals used to make plastics and other synthetic materials, in the past has launched recycling efforts that have fallen short of their stated aims. Reuters wanted to follow a donated shoe from start to finish to see if it did, in fact, end up in new athletic surfaces in Singapore, or at least made it as far as a local recycling facility for shredding.
Apple purposely disables a feature on your phone during unrest.
Anti-government protests flared in several Chinese cities and on college campuses over the weekend. But the country’s most widespread show of public dissent in decades will have to manage without a crucial communication tool, because Apple restricted its use in China earlier this month.
AirDrop, the file-sharing feature on iPhones and other Apple devices, has helped protestors in many authoritarian countries evade censorship. That’s because AirDrop relies on direct connections between phones, forming a local network of devices that don’t need the internet to communicate. People can opt into receiving AirDrops from anyone else with an iPhone nearby.
That changed on Nov. 9, when Apple released a new version of its mobile operating system, iOS 16.1.1, to customers worldwide. Rather than listing new features, as it often does, the company simply said, “This update includes bug fixes and security updates and is recommended for all users.”
Hidden in the update was a change that only applies to iPhones sold in mainland China: AirDrop can only be set to receive messages from everyone for 10 minutes, before switching off. There’s no longer a way to keep the “everyone” setting on permanently on Chinese iPhones. The change, first noticed by Chinese readers of 9to5Mac, doesn’t apply anywhere else.
[…]
But why did Apple rush out the change unannounced, in an unassuming update to iOS in early November, and apply it only to Chinese iPhones? One clue may lie in what happened the month prior, when Xi Jinping’s anointment to a third term as China’s leader was met with rare displays of public dissent.
In the most visible protest, a dissident now known as Bridge Man lit a fire on a bridge in Beijing to draw attention to his protest banners. One read, “Go on strike at school and work, remove dictator and national traitor Xi Jinping.” References to the banners were quickly censored across the Chinese internet, but photos still made their way through private channels. Vice reported that Bridge Man’s messages were spreading on the Shanghai subway via AirDrop.
The unannounced update has, as always, been twisted as a useful update to “protect the users”.
Besides all the power they already hold “curating” the app stores, imagine, next time, Apple (or any other Big Tech Corp) decides to disable your camera when the police put their knees on the neck of a poor guy, or they decide to disable the keyboard inside certain Telegram chat rooms, or disable Wi-Fi and data inside certain geo-zones, etc…
Not Shan. Also Shan rarely smiles when looking at work on her iPad... ;) Photo by Buro Millennial on Pexels.com
Shan uses her iPad a lot, but a lot of the more serious (interior design) work needs to happen on AutoCAD or Photoshop. That is just not going to work on an iPad.
When we’re travelling (read: holiday) she’s carrying an old Lenovo ThinkPad 13 (great device!) just “in case” she needs to open AutoCAD and edit something minor or read the drawings/dimensions. But honestly, most of the time that device is turned off and dead weight.
But all the above is just an excuse to “I was bored, and I wanted to test something”: can I use an old Raspberry Pi (zero W) to remotely wake her Intel NUC, and then use Tailscale to use RD on her iPad? Well, yes I can.
I completed this using:
Tailscale to remote desktop from anywhere to home
Cloudflare Tunnels, Access and DNS to have a web interface to wake the desktop
A Linux device that’s always on and in the same LAN, and that’ll run a PHP script.
Prep work: enable WOL
First off: enable Wake-on-LAN (WOL) in the BIOS and in your Windows settings. This article explains it for Intel NUCs, but would be similar enough for most devices. The Device Manager pane looked different on our i5 NUC, but was close enough.
On Mac, you just need to enable it in the Energy preference pane, for Linux I have no clue. 🤷♂️
Second step: have a working Raspberry Pi (or any Linux device) in the same LAN. This device needs to be turned on 24/7, so use something that uses very little power.
I do have a more powerful RPi4 I wish I could've reused (running Docker and some other "serious" stuff; however it's currently in a different VLAN, and it's quite crucial the Linux device is in the same LAN as the device(s) you want to wake up), so I went with an old Raspberry Pi Zero W that was collecting dust (it used to run pwnagotchi).
On the Linux device, install etherwake. The command to run is quite simply etherwake aa:bb:cc:11:22:33 (= the ethernet MAC address of your device).
If this doesn’t wake your desktop, something is wrong and there’s no point continuing. Go and troubleshoot.
Install Tailscale and RD
On the (Windows) desktop and your iPad, install Tailscale. Login, and make sure it works by pinging from one to the other.
Then set up Remote Desktop on both (Windows, iPad). You should test and make sure you can properly connect using the LAN IP address and then the Tailscale IP address.
Fun fact: I create a DNS record for all my devices using Cloudflare DNS with the syntax of device-name.ts.yeri.be, so I don't need to ever remember IPs, and can easily ssh or ping devices without having to look up IPs.
Cloudflare DNS screenshot, filtered on “ts”. I add both A and AAAA records (not shown in the screenshot)
Fun fact side track: I actually have a dynamic script that runs (on Linux) and creates hostname.ts.yeri.be for the Tailscale IP, hostname.wg.yeri.be based on the Wireguard IP, hostname.lan.yeri.be based on the LAN IP. This dyndns script runs every so often and updates IPs if needed. All this is running using Cloudflare DNS and their API. Super convenient.
Nginx, php and etherwake
I'm a 80s kid, so I'll use dirty PHP to run this script. I'm sure I'll go straight to hell for this, but yolo.
Install nginx and PHP (no need for MySQL and other stuff).
etherwake requires root to run (because it needs root access to create a weird magic ethernet packet). Create a file in /etc/sudoers.d/etherwake and add this line:
www-data ALL=(ALL) NOPASSWD: /usr/sbin/etherwake
This will allow www-data (nginx/php) to run /usr/sbin/etherwake using sudo, without password.
In /var/www/html/ create an index.php file with:
<html>
<head><title>Wake on Lan</title></head>
<body>
<p>Wake up <a href="mycooldesktop.php">My Cool Desktop</a>
</body>
</html>
And be sure to edit the MAC address to match your desktop’s ethernet MAC address.
Cloudflare tunnels
Install Cloudflare Tunnel (via Zero Trust dashboard).
When creating a new tunnel, the dashboard will give you all needed commands to install the tunnel on your RPi — but be sure to select the right OS/architecture (arm64? arm? armhf?).
Easy.
And then point the tunnel to http://localhost. No need to mess around with SSL certs.
Lastly, set up Cloudflare Access (via the same Zero Trust dashboard): create a new application, and make sure only approved users can sign in (i.e.: using a pin code emailed to only approved emails).
I only allow access to my own emails, and my family, by using groups.
Optionally, but recommended: lock down Nginx to only allow connections from localhost (127.0.0.0/8 and ::1) if using Cloudflare Tunnels, or Cloudflare IPs if using port forwarding with Cloudflare Access in front.
Love my design skills… But it gets the job done: click that link, and it’ll execute etherwake.
To recap
We used Tailscale to create a VPN network between the desktop and the iPad. The big benefit is that Tailscale works effortlessly across NAT networks without having to open ports,
We used Cloudflare DNS so we don’t need to remember hostnames :),
We used Cloudflare Tunnels to make sure the RPi web interface is accessible across NAT (without port forwarding) and from anywhere,
We used Cloudflare Acces and locked down access to the right people using ACLs,
We used etherwake running on a RPi to wake up devices that are hibernating or turned off.
And that’s it really.
PS: technically WoL works with WiFi, but when I enabled WoL on the WiFi adapter, the NUC refused to hibernate/sleep for more than a minute, and kept waking itself up. So, there seems to be some kind of trigger in my network that keeps waking it up. Also, not sure if WoL via WiFi would work if the device is turned off (as opposed to sleep or hibernate). I just ended up using ethernet.
PPS: both Cloudflare Tunnels and Tailscale use Wireguard tech in the background, so that's really cool.
And of course the actual ad (how iPhone is super mega amazing) 🤷🏼♂️ but nice to see how they did it. And neat to see how tech evolved since my first iPhone 3G. What they fail to mention is the insane time it takes to film all that, and the post production editing… 😉
