Archive for the 'Rants' Category

Dell PowerEdge R300 ESM / BMC firmware updates on non-supported operating systems

Dell has generally been quite good about making firmware updates available in a variety of formats. In addition to the normal Windows and Linux versions, most patches are also available as a floppy / USB image or an ISO image (depending on size). Those of us who don’t run one of the operating systems Dell provides support for appreciate them going through the trouble.

However, newer updates for older systems and updates for newer systems seem to no longer provide standalone installers. In theory, Dell provides a quarterly packaged roll-up of all available updates on a pair of DVD images (CDU and SUU). Booting these and wasting about 10 minutes switching discs should get your system updated to the latest versions of all firmware without any additional steps.

Unfortunately, the firmware for the R300’s ESM / BMC has not been on any SUU discs I’ve looked at, and the update is listed as “Critical Security Update” on Dell’s site (look under ESM on the R300’s downloads and drivers page). The only two formats it is available in are “Windows Update Package” and “Linux Update Package”. I figure that’s not a problem, as I can boot a Windows 7 recovery disk and then run the ESM update from a USB drive. Unfortunately, that doesn’t work. You get an error about “unsupported operating system”.

Next, I boot the CDU DVD and select F3 for Advanced Options. This eventually gets me to a Linux shell prompt (CDU/SUU operates under Linux). I mount the USB drive and execute the Linux version of the ESM update. That errors out with “Not compatible with your system configuration” for some unknown reason. Time to investigate further…

Clicking on “Previous Versions” on the Dell page shows the previous version as 2.46 from 2009. Looking at the available formats, one is listed as “Hard-Drive”. Depending on the mood Dell is in when they create the kit, this could be anything from a freestanding binary that writes a floppy image to a drive, to creating an ISO file, or something that just unpacks into a bunch of loose files somewhere, perhaps then trying to run them (incorrectly) on the local system.

I downloaded that file (link here) and discovered it created 3 useful files when it was executed:

  • bmcfl16d.exe – a DOS-based flash utility
  • bmccfg.def – some sort of configuration file
  • bmcflsh.dat – the actual firmware to be flashed

Now all I needed to do was to find newer versions of the last 2 files inside either the Linux or Windows installer. The Linux installer was a pain, and I quickly gave up on it. I had much better luck with the Windows version (link here). Despite being an EXE file, I was able to use WinZip 16.5 to open the file (browse to the directory where you downloaded the Dell update, then make sure you’ve selected “All files (*.*)” in WinZip’s Open Archive dialog). There’s a whole load of un-needed stuff in there (which doesn’t completely explain how a 655KB update turns into a 4800KB Windows binary). Find the bmccfg.def and bmcflsh.dat files and extract them on top of (replacing) the ones from unpacking the older download.

I copied the 3 files onto a bootable USB stick and then used that to boot the R300 to be updated. Here are some screnshots of the various stages of the procedure (it’s very simple – just answer Y or N when asked if you want to perform the update):

If the firmware is already at the latest revision, the utility will tell you that and exit. This can also be used to double-check that the update was successful:

That’s all there is to it. If you want a pre-built .ZIP file with the flash utility and the 2.50 image, I have placed one here for your convenience.

Advanced topics

The bmcfl16d.exe utility has a number of documented and undocumented additional features. You can use the -help option to get a list of the documented features. Before using one of these features when updating a system, be sure you know what you’re doing and have a fallback plan in case the update fails and you’re left with a non-operable system.

There is also an undocumented -advhelp (advanced help) option, which shows the additional undocumented options:

The above caution about knowing what you’re doing and having a fallback plan is doubly important if you try using any of the advanced options.

SOPA (and Go Daddy’s FORMER support for it)

Updated 23-Dec-2011 18:30: I received an email response to my letter stating that “Go Daddy is no longer supporting SOPA”. I’ll attach the complete response as the first comment to this post.

There had been a bit of an Internet buzz about SOPA (the Stop Online Piracy Act). Yesterday, Tom’s Guide reported that Go Daddy published a blog entry supporting SOPA. There are a number of sites organizing “boycott Go Daddy” programs and advocating the transfer of domains to other registrars, for example in this post on Reddit and this one on TechCrunch.

As someone who has registered a number of domains with Go Daddy, I wrote them a letter expressing my dissatisfaction with their policy. I’m including it in this blog entry, as I feel that others need to see it as well. Feel free to submit comments (either agreeing or disagreeing with me, but please keep it civil). Hopefully I’ll be able to keep comments open on this post without it degenerating into a free-for-all.

Date: Fri, 23 Dec 2011 00:36:45 -0400 (EDT)
From: Terri Kennedy <>
Subject: A hopefully more-reasoned SOPA comment from your customer
MIME-version: 1.0

  I read your “Position on SOPA” blog, but since comments are closed there (for obvious reasons), I felt I needed to contact you to tell you my feelings on the subject.

  I’m retired these days, but I’ve been in the computer business since the mid-1970’s. I’ve been an owner or principal of hardware companies, software companies, and ISP’s in the last 40 or so years. There’s no reason for me to mention the names of any of them – some you’ve never heard of, some are quite well known.

  I (and my companies) have suffered economic losses from software piracy (though in those days, we called it “stealing”). So I support REASONABLE anti-piracy measures. However, as currently proposed I feel that SOPA is not a reasonable measure.

  It would force service providers and registrars to act as enforcement agents without requiring the complainant to provide a reasonable justification for the enforcement action. It is essentially a conviction without a trial or defense. Even the much-maligned DMCA provides for the accused to assert a counter claim. Under SOPA, the accused may not even know that they are the subject of an action, until they hear from their customers that their site is inaccessible.

  Under existing legislation, we already have already seen a number of instances where the DMCA was maliciously or inadvertently used to remove or render inaccessible content. In fact, GoDaddy was involved in a recent high-profile instance with

  There was also a recent instance where UMG asserted rights to a song, and claim to have a “private arrangement” “outside the DMCA” with YouTube which lets them remove items, thereby stripping away the protections afforded by the DMCA. I am referring to the Megaupload Mega Song, as documented here:

  Further, SOPA appears to be just another escalation in a technological “whack-a-mole” arms race. As John Gilmore famously said, “The Net interprets censorship as damage and routes around it.” In my opinion, this technological warfare accomplishes nothing to prevent illegal acts, especially not ones performed by “commercial” counterfeiting groups and similar organized operations. It just makes life more difficult for the paying customers. Perhaps you’ve seen the “If you are a pirate, this is what you get” image:

  I would be much happier if you reserved your support for SOPA until it exists in a more balanced and practical form. In your own blog post, you use phrases like “changes we believe are necessary” and “room for some improvement”. As you repeatedly emphasize in your blog, you have over 50 million domains and a full-time presence in Washington. That gives you a very strong position to advocate changes to SOPA which would be more effective while still preserving the rights of the accused.

  I encourage you to reconsider your support of SOPA in its current form, and to work toward modifying it so that it will be both more effective in combating real infringing activities while also greatly reducing the chance that it will be abused.

         Sincerely (your customer),
         Terri Kennedy      New York, NY USA

BitTorrent DNA – A *REALLY* Bad Idea

As part of my computer upgrades (see my other blog posts), I had made a list of the software installed on my old computer. I visited the various distribution sites and downloaded and installed the latest versions of everything.

While the new computer was sitting idle, I started getting popups from Spyware Doctor informing me that “Spyware Doctor has blocked access to a bad web site”. The threat listed was “Trojan.Storm_Spam_Server”. Now, I didn’t have any Internet Explorer windows open (in fact, nothing was running except the utilities I run at startup – which doesn’t include the BitTorrent client).

Doing some poking around with WinDump led me to the btdna.exe process in \Program Files\DNA. Oddly, this process couldn’t be killed from Task Manager – I had to rename the executable and reboot the PC.

Once I did that, the Spyware Doctor popups stopped. I proceeded to deinstall both BitTorrent and DNA from my system, and they won’t be coming back.

I’ve been a casual user of BitTorrent for quite some time, mostly for downloading things like FreeBSD distribution ISOs. But this new behavior is inexcusable, for a number of reasons:

  • The application starts without the user’s permission – even if the user selects to not run the BitTorrent client at startup, btdna starts.
  • There doesn’t seem to be any way to shut it down permanently without deinstalling it.
  • It is interacting with many known bad sites – who is going to vouch for the program’s security?
  • Why is it interacting with any sites at all? I never started a download or viewed any content that it could “accelerate”.
  • Why is it stored in \Program Files\DNA? Is this an attempt to conceal that it is related to BitTorrent?
  • Upon viewing the official BitTorrent DNA web site, they claim that this is an accelerator that content providers can purchase access to in order to shift the burden of delivering content onto viewers. Yet the end user isn’t informed that this is happening. This is good for the content providers and BitTorrent. What’s in it for the user? Particularly if the user pays per KB of data transferred through their ISP (as in the case of a mobile user with a wireless network card, for example).

All in all, this strikes me as a really bad idea. My suggestion is to deinstall the DNA service (Start / Control Panel / Add or Remove Programs / DNA should do it, but you might want to check your \Program Files\DNA directory after deinstalling, just in case). Depending on whether you’re as disturbed about this as I am, you might want to deinstall BitTorrent as well and look at a different Torrent client.

UPS sucks, yet again…

I stayed home today to receive a package that was scheduled for delivery today. The status didn’t update on the UPS web site until after 7 PM (the time at which corporate magically loses the ability to contact the local UPS facility). Then the status changed to “THE RECEIVER WAS UNAVAILABLE TO SIGN ON THE 1ST DELIVERY ATTEMPT.” This despite the fact that I was home all day and the doorbell never rang and no notice was left at the door, and the claimed delivery attempt was at 2:59 PM, when the UPS driver never gets here before 5:30 PM. Since this fiasco is still in progress, I don’t have any additional info for this rant. However, you might like to look at this PDF file, which documents an “Early AM” shipment from last year which took a vacation from Newark to Kentucky and back to Newark, which “inexplicably” delayed its delivery. Another example of stellar UPS service (not!).