ATLAS Experiment OpenData – My Hacks I

Update: Corrected two typos/errors. First, the filename was replaced by the correct filename atlas-jupyter.service. Second, the notebook option is called –no-browser not –nobrowser.

In this video the ATLAS Experiment explains how to log on to the virtual machine and start the Jupyter server

There is a way to automate this, of course, so that the Jupyter server starts automatically at boot-up of the virtual machine.

Here’s how I did it.

First, I adapted the script to the following:

source /home/student/ROOT/build/bin/
/home/student/.local/bin/jupyter notebook --ip= --no-browser --notebook-dir=/home/student

Then I sudoed to root and went to the directory /lib/systemd/system and created a file called atlas-jupyter.service with the following contents:

Description=ATLAS Jupyter Notebook Service



Then I saved this file and enabled the service with

sudo systemctl enable atlas-jupyter.service

After that I could start it by typing

sudo systemctl start atlas-jupyter.service

And the Jupyter server now starts without problem every time I boot the virtual machine and I don’t have to log in and can also start the virtual machine in headless mode, meaning no console (GUI) necessary.

ATLAS Experiment OpenData – User Notes

This is just a quick note for people using ATLAS Experiment OpenData with Oracle VirtualBox VMs on Fedora.
The installation of the ATLAS VM is wonderfully described here. I just have two quick notes. One for users that run Oracle VirtualBox on Fedora (31) and one that is for the VM itself.

First, you’ll need to install the VirtualBox Extension Pack to be able to start the VM. This is because it needs USB 2.0 support enabled to be able to start the VM. Setting USB settings to USB 1.1 will not fix this. The VM will start, but will get stuck during boot up.
On Ubuntu, the VirtualBox Extension Pack is provided as an Ubuntu package and can be installed with the command

sudo apt install virtualbox-ext-pack

On Fedora there is no such package. So you’ll have to get the VirtualBox Extension Pack from the Website so you’ll have to get it from the above link and manually install it. This is quite easy, though.

Click the download link and choose Open with Oracle VM VirtualBox. After installation the ATLAS VM starts without issue.

Continue reading ATLAS Experiment OpenData – User Notes

3rd FCC Workshop at CERN

I was lucky enough to be able to participate in the 3rd FCC Workshop from January 13 to 17, 2020 and got I first hand look behind the scenes of the planning of the Future Circular Collider (FCC) which is supposed to come after the current Large Hadron Collider (LHC) has gone through its High Luminosity (HL) upgrades and needs to be replace somewhere in the beginning of the 2040s.
That sounds like a long time, but as was pointed out, there is a lot of civil engineering work to be done – namely digging the 100 km circumference tunnels – and this needs to be started soon.

FCC is actually several colliders all of which are refereed to as FCC-INT. The first to be implemented is the FCC-ee collider, which is a electron-positron collider. Here, there is some competition between the circular FCC-ee (in CERN), the linear ILC (in Japan) and CLIC (in CERN) designs.

If you’re new to this subject I recommend reading Circular and Linear e+e− Colliders: Another Story of Complementarity by Alain Blondel and Partick Janot (
In a nutshell, FCC-ee is the front-runner if you plan to do more than just Higgs physics. Namely EW, Flavour and Top physics as well as Beyond Standard Model physics (BSM) and if you want to keep the road open to a proton-proton (a hadron collider) called FCC-hh.
Current thinking seems to be that FCC-ee is favoured but with synergies of either ILC (or even CLIC) being built in Japan.

What I profited most in these 5 intense days, was to get some points drawn which I can now connect. Especially in QCD and EFT, BSM physics, but also collider technologies, software used to do particle physics and data acquisition (DAQ) process.

I now have a much better general understanding about the actual data which is being collected. Unfortunately, with my Windows 10 notebook, I couldn’t really participate in the software workshop – this is corrected now. It’s running Fedora 31 – which turns out to be noticeably faster…

I enjoyed my stay at CERN. Nice international atmosphere. Some buildings could use a make-over, though :-).

Google Chrome to Support DNS of HTTPS

After Firefox in early September, Google had also revealed plans to support DNS over HTTPS (DoH).

In traditional DNS, the traffic between DNS servers and client that is looking up an address is going over the wire in un-encrypted and un-authenticated form. This means that the client does not know if the DNS server he is talking to is actually the correct server and that the connection has not been hijacked and he is delivered spoofed entries.

There have been efforts before to secure DNS traffic, and the most advanced and seasoned approach here is DNSCrypt, which is also using the default port TCP 443 (HTTPS) for its traffic.
The DNSCrypt v 2 protocol specification exists since 2013, but the protocol goes back to around 2008. It’s well tested and secure, and I would have expected this to be the quasi-standard to be used in Web browsers. In fact, Yandex browser already used this.

DNSCrypt setting in Yandex browser
Continue reading Google Chrome to Support DNS of HTTPS

CERN OpenDays 2019 – LHCb Site

CERN had its OpenDays on September 14 and 15. As the LHC is in Long Shutdown 2 (LS2) for upgrades until early 2021, this was a good possibility for CERN to present itself and its work to the public.

Both days drew huge crowds and lines for underground visits were long – at one point waiting times for ATLAS visits were 3 hours.

I arrived on Sunday, September 15 shortly before 10 a.m. and after getting my wrist band at the check-in tent went straight for transport to remote site – I already know part of the Meyrin site, and Atlas was already overcrowded so I went to the bus stop in search of Bus F, to go to the CMS Experiment site. Unfortunately, I couldn’t find this bus, so I decided to jump on the one going to the LHCb site. Good choice!

No Beam! LHCb Command Center
Continue reading CERN OpenDays 2019 – LHCb Site

CSCS User Lab Day 2019

Nice day in Lucerne and excellent opportunity to learn about CSCS’s work and interact with the staff. This was my second CSCS Lab Day, and altough I am not working in the HPC field, I learned a lot.
This event is interesting, because it is focused on the interaction of HPC users with the CSCS infrastructure, so you can get a lot of information about containers, virtualization and CSCS user environment, without being overwhelmed with all the HPC specific stuff.

The day started with a talk given by Prof. Demenico Giardini, ETH Zurich who described, how the Seismometer of the InSight Mars mission was developped and deployed and what results obtained were so far.

Migrating Websites to Virtualbox™ – Part Two

Earthquakes in New Zealand, Sep. 7, 2019

As I have announced a few days ago, I was looking into how to migrate my websites to a virtual server environment using VirtualBox.

The installation and configuration was pretty straightforward and it was basically the same as on original websites, the operation systems remains Ubuntu 18.04 LTS and the software environment is identical. However, this was a good opportunity to clean-up some things that have become outdated.

My company website runs on the newer version of Zotonic Erlang CMS (at the time of writing this is 0.51). There was no problem migrating the content and database from a previous version (namedly 0.39).

My website is still running on Yaws Webserver, but some of the data acquisition code needed to be updated, as the source format changed. Thankfully, we are close to solar minimum of solar cycle 24, so there is time for a bigger update on how data on solar events is collected and displayed. For the time being, SDO Videos are no longer produced, as there was an api change on, that’s fixed now, but I decided to redo the whole process of how this data is acquired and treated.

The is also still running on Yaws Webserver, and a handful of sources for earthquake data, namely Iceland, Turkey, Mexico, Switzerland, Philippines and some others were ditched, as they make it exceedingly difficult to acquire the data, and I’ve decided it’s not worth my time. I will spend efforts on improving the data display on the remaining data sources.

The Website is also running on Yaws Webserver and it currently only displays data on near earth objects.

Now, the interesting part will be to see how the VirtualBox environment behaves in production and how easy it is to do DevOps style development with it.

Migrating Websites to Virtualbox™

I am currently running some websites on bare metal servers and while I am not prepared (yet) to move these to virtual servers in the cloud, I do want to virtualize them and run them on Oracle’s VirtualBox.

Most of the migration is straightforward, of course. I duplicated the Ubuntu 18.04 LTS environment in a VirtualBox and moved the configuration and files over. For the data collected I created a separate storage container which expands as needed.

There was only one issue in networking. I used bridged adapter in network settings, however the box was only reachable from the host operating system, not from other machines. That is fixed now, not sure how, though. It’s one of these “change settings multiple times until it works” type of fixes.

Currently the development and test environments are moved, and the development environment is set up so I can edit the files and connect to the database. Now the only thing to figure out is how to best publish the changes from development to test to production.
This should happen with the least possible effort and highest degree of automation possible. Still working on that…

Error in Tor Documentation for Bridge Configuration

I seem to have run into a problem using Tor’s documentation for Tor bridge configuration on FreeBSD.
According to mentioned documentation, you install the following software:

pkg install obfs4proxy-tor tor ca_root_nss

This works perfectly.

However, later in the documentation it says, that you will need to add the following line to torrc configuration file:

ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy

Unfortunately, there is no file called obfs4proxy in the directory /usr/bin/.
The file is installed into directory /usr/local/bin/.
So the correct line to add should read:

ServerTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy

The idea of a Tor bridge is that it’s IP address is not entered into the public database but remains hidden. With this wrong configuration line, the Tor node starts “normally” as a Tor exit node and publishes the IP address to the system in the public database.

Source of documentation:

Tesla as a Surveillance Platform

I ran into this nice little story on Schneier on Security blog, describing how to transform a Tesla into an surveillance platform, using its cameras that give a 360° view of the car’s environment.
The article is a synopsis of a more detailed description on Wired describing the Tesla modifications.
In fact, it is quite easy to turn your Tesla into your own private surveillance platform. Everything you need is already there, you just need to plug in a notebook running the right (open-source) platform and your set.

Now we can understand why the Basle Police might find it interesting to own and run a few Teslas in the city of Basel. Not that I want to claim they actually used the car in this way, I would have no knowledge of that. Just saying it is a possibility that it will be used in this way, either by them or any other entity.

I can also imagine it would be very interesting to have access to all data from all Tesla cars in your fleet and record was going on around them – even if parked.
In fact, since the car already is a surveillance platform when you buy it, and you can use it as such with a few modifications, why not use it as such for your own purposes? Distributing your cars strategically in an area will give on traffic flow and where people go.

Note that while I write here specifically about Tesla, this holds true for any car from any manufacturer that produces similar cars and it will especially be true for self-driving cars.