Share

Sunday, August 03, 2014

Excellent DD-WRT Router for Me: Netgear WNDR3400 / N600

My WiFi performance was suffering, and so I decided to do something about it and upgrade my router.

When I say my WiFi performance was suffering, I really mean it:  I live in a large high-rise apartment building and there are 100+ WiFi access points visible from my home office.  All of the contentious traffic was severely curtailing my WiFi reliability.  I was lucky to get 1 Mbit/second throughput.  Sometimes I was lucky to stay connected even with my WiFi router in the same room.

I decided it was time to go for 5 GHz, which is a WiFi band which is used less frequently and which has a tougher time traversing walls.  And of course I wanted DD-WRT support.  The set of features I was looking for included:
  • Trouble-free DD-WRT support
  • 5 GHz 802.11n Support
  • Simultaneous dual band capability
  • Inexpensive.  Maybe even cheap.  For me this means under $50.  Under $35 is even better!
It sounds like an easy task to bring all this together: All of this technology has been around for over 5 years.  But nothing is as easy as it seems until you know exactly what to do.  Finding the best router for DD-WRT takes a lot of qualitative analysis.

Finding the best router: WNDR3400 (or N600)

After doing some research I found that some Netgear WNDR3400's can be very inexpensive and  support DD-WRT.  This router is also known as the Netgear N600.  In particular, DD-WRT is compatible with version 1 of the '3400.

In shopping around, I found this refurbished Netgear WNDR3400 routers for sale on Amazon for under $35.  I figured the price was right, and if I managed to get a version 2+ I would assess it on its own merits.

Well, I ended up getting a version 2, which is not DD-WRT compatible.  But I fired it up anyway, and it performed wonderfully in terms of reliability - it sped up my home WiFi incredibly.  I decided to keep the WNDR3400v2 using the principle that "super-fast working WiFi without DD-WRT" is better than "awful WiFi".

Version 2 Label

After a month or so of operation I remained happy - the N600 was working great.  A family member gave me a call and needed a new router, so I decided to buy another WNDR-3400 for her.  After all, it provided great performance and at an incredible price.   But when I got my next refurb, it was a Version 1!  The gamble paid off!


Version 1 label
Interestingly, the physical details of the v1 is a quite a bit different than the v2.  In particular, the port layouts and LEDs are different.  Both versions purport to have identical function, but clearly they are different devices on the inside.  Anyhow, with a version 1 model in-hand I was ready and excited to install DD-WRT!
The N600: v1 on bottom, v2 on top. They must be very different on the inside.

Choosing the right DD-WRT firmware for the WNDR3400

The hardest part about DD-WRT is knowing what firmware to install.  I have a list of what I look for:
  • A version that has the features I need
    • 2.4 & 5 GHz WiFi
    • Working Ethernet
    • Working SSH
    • Working IPTables
  • No Heartbleed-ing
  • Reliable
  • Known not to brick or otherwise destroy the router
Sounds easy, right?  Never!  The DD-WRT community has an incredible amount of informal documentation, and parsing it all is a substantial job in of itself.  DD-WRT is a hobby, not a product, and so there are a lot of tradeoffs, broken features, gotchas, and potential brick-makers.

After some significant research, I chose a build that seemed to have the right mix of reliability and working features that wouldn't brick my WNDR3400.  To be precise, I used exactly this build:

ftp://ftp.dd-wrt.com/others/eko/BrainSlayer-V24-preSP2/2013/05-27-2013-r21676/broadcom_K26/dd-wrt.v24-21676_NEWD-2_K2.6_mini-WNDR3400.chk

 Installing DD-WRT on the WNDR3400

Now, before you try to do this, just remember that this worked perfectly for me but it may not work for you at all. So please proceed at your own risk. After all, some people do things like drive their car to the repair shop because the oil light is flashing red.

Once I downloaded the firmware build noted above, I installed the firmware using the following procedure:
  • Turned off my computer's wifi
  • Connected my computer to the router's port #1 via an ethernet cable.
  • Restarted the WNDR3400 via its power switch
  • Fired up Firefox on my computer
  • Entered the Netgear firmware update page on http://192.168.1.1/
  • Used the Netgear's firmware update page to install the firmware.
  • Waited about 5 minutes
After installation (again, about 5 minutes), the WNDR-3400 rebooted and the DD-WRT login page appeared.  After that, I used the DD-WRT configuration pages to set up the access point exactly how I like:
  • Set the local password
  • Set the SSID and WPA2 password
  • Configured DDNS
  • Configured SSH
  • Configured port forwarding, static DNS entries, etc.
After configuring all this I did a speed test.    Performance was as awesome - just as good as a hard-wired connection to my cable modem.

Now my WiFi is fast, reliable, and has DD-WRT.  My old v2 router will go to my family, who can use it without DD-WRT.

My WNDR3400 v1 in action with DD-WRT!
Issues with r21676

The only impactful bug I have found so far is related to SSHd.  Despite leaving the private sshd port  22 and putting the public sshd port on 10002, SSHd was publicly listening on 22 and 10002.  This is behavior is different than other DD-WRT builds I have used. 

My simple work-around was to have sshd only available on 10003.  Interestingly, I didn't immediately see this via iptables or netstat.  It took a portscan for me to reveal this.

Installing DD-WRT on a WNDR3400v2

I have read about some people being successful installing DD-WRT on a v2, but I was unwilling to try - the evidence I saw out there wasn't that strong or compelling.  But if you try, please let me know the outcome in the comments.

Saturday, July 26, 2014

Let's make biking to work for everyone


I live in the city and generally take public transit to work.  But commuting via bicycle is always an option.

Unfortunately, the vast majority of the bikes on the market aren't suitable for commuting.  They pretty much require that you dress in "biking clothes" and take on a life style called Urban Biker.  No other form of commuting requires special garb.

That's garbage, and the Europeans know it.  They have city bikes, which are much like the bikes we used to have here in the states.  They are designed to help anyone of any age get around the city - to work, the grocery, or the library.

So in this article I list out what I want from a Commuting City Bike.  Bike manufactures, do your best!  You're almost there.  There is money in this stuff if you think like Steve Jobs.

So that I can dress for work and not get slopped up
  • Step through frame
  • Effective fenders
  • Skirt guards
  • Sealed drivetrain (such as a full chain case)
  • Upright seating
So that I don't have to worry about my bike
  • Weatherproof for leaving outdoors
  • Built-in security locks
  • Reasonably priced
  • Small enough to lug indoors
So that I can carry stuff
  • Reasonable baskets
  • Luggage racks
So that I can ride safely
  • Built-in, automatic lights
  • Reflective surfaces
  • Built-in bell
So that I can pedal
  • Some gearing for some minor hills, erring towards granny
  • Platform pedals
  • Reasonable weight
  • Low rolling-resistance tires
So that I can minimize maintenance
  • Puncture-resistant tires
  • Sealed drivetrain
  • Designed to be left in the rain/snow/sun
  • Appropriately robust
These are just good ideas, but some great ideas may obviate the need for some of my line items.

OK folks, tell me what fits the bill in the comments, or tell me what else YOU would like to see in a great commuting city bike!

Your Privacy Quotient

We all have the expectation of privacy, right?  But how private of a person are you?

Here's how to calculate your privacy quotient!

Add up the following "points" as for each item below.  The resulting number will be used to calculate your personal Privacy Quotient:

Card Usage - Tracking your purchases

  • 1 - Do you use store "rewards cards"?
  • 5 - Do you use a credit or debit card for most purchases?
  • 5 - Do you shop for and buy goods on-line?

Banking - Tracking your income and spending

  • 1- Do you have direct deposit?
  • 1- Do you have a bank account?
  • 1- Do you have a mortgage or loan?

Internet - Tracking your relationships and opinions
  • 5- Do you use an internet service provider?
  • 5- Do you use Web Mail, such as gmail?
  • 5- Do you use a social web sites such as Facebook?
  • 5- Do you use Google to search the Internet?
Telephone - Tracking your location

  • 5- Do you have and use a mobile phone?
  • 1- Do you have a landline?
  • 1- Do you have a home security system?

Transportation - Tracking your travels

  • 1- Do you drive a car?
  • 1- Do you have a toll transponder?
  • 1- Do you use a train/bus/subway pass?


Now, here is YOUR privacy quotient:

0..1
Wow!  You are a private person.

2..4 
Good, respectable privacy.  Corporations only know you a little bit.

5..7
Ouch, you're being tracked pretty heavily.

8..15
You're looking for trouble, as your data is all over the place.  Corporations know where you are and who you are most of the time.

15+
Big Brother is your Big Brother.  Your life is well known to millions of corporations.  They almost always know exactly where you are (± 3 meters).  They know almost exactly how much money you make and where you spend it.  They also know your political views, your likes, and your dislikes.  They know your favorite food, and your dog's name (if you have one).


Sunday, July 13, 2014

Privacy theft via "free" apps

I'm a privacy advocate.  And so I get very tired of the myriad of companies that try to make a buck by selling my "profile" to the highest bidder.

Many (but not all) of the "free" apps available for your smartphone are simple privacy sieves.  Their primary purpose is to provide you with a little bit of value in exchange for a huge amount of your private data.

My case in point are 3rd party smartphone email and GPS apps.  There are hundreds available, almost all for free.  They provide a little bit of value, such as "a new way to use gestures to archive your email".  But these free 3rd party apps often take all kinds of data about you, such as:

  • All of your email
  • Your basic information (your name, home address, phone number, etc)
  • Your location at all times, via your phone's GPS capability
  • Your calendar
  • Your entire address book

Of course, the companies state that they can do this in their "privacy policy".

And within that policy they promise that they will anonymize your data as they sell it to their partners.

Truly anonymizing data is nearly impossible.  As seen in the Netflix case, it is quite simple for a high school student to take large data sets to de-anonymize the data.  That's a very scary proposition, particularly given that there are thousands of large data sets available for purchase through many suppliers.

These app developers let you know that your data may be held off-shore, in a foreign country.  Now I'm a big fan of foreign countries, so why should this matter?  And why would they want to hold the data in a far-off land?  After all, American data centers are less expensive than data centers anywhere else in the world.

The short answer to this question is that by holding your personal data outside of the country, app developers hold the data in a place where you have limited (or no) legal standing, and where the laws of this country simply do not apply.   They are simply kidnaping your data and bringing it overseas where to a place where you cannot win.

Finally, these privacy policies clearly state that they can be changed at any time, without your consent or knowledge.  So if they decide to sell your private data outright, they may change their policy and do so immediately.

What we need is a blog.  A blog that covers those apps with that guarantee to protect the privacy of their users in perpetuity. Let me know when you find apps that do protect privacy.

Sunday, July 06, 2014

iPhone 6 Release Party: Friday, September 26th, 2014

There are a lot of rumors out there in terms of when the iPhone 6 will be released.

Let's just cut to the chase, as evidence points to:

Friday, September 26th, 2014

Here is the evidence:
  • Apple will want the iPhone 6 to be released out of the gate as boldly as possible - with iOS 8.
  • Apple explicitly says that iOS 8 will not be available until Fall 2014.
  • Apple will likely want to make the iPhone 6 readily available to all customers by the Christmas Shopping Season - mid-November.  They'd want to eliminate any waiting lists by then.
  • Recent prior releases of iPhones have been between September 20th and October 15th.
Therefore, I predict that Apple will release the iPhone 6 sometime in the early fall.  This year fall begins on Tuesday, September 23th, 2014.

But wait, there's more!  Over the past few years Apple has put their device on sale starting on a Friday.

So given that additional fact, I refine my prediction to include only the following dates:
  • Friday, September 26th
  • Friday, October 3rd
  • Friday, October 10th
  • Friday, October 17th
If I were a serious wagering man (I am not), I would wager on the earlier side of things to better align with last year.  And so, in conclusion, I find that the iPhone 6 will most likely be released on Friday, September 26th.

Of course, certain types of events could influence that date, including but not limited to:
  • Component supply line issues
  • Manufacturing issues
  • Unexpected design issues
  • iOS 8 availability/completion
  • External factors (Geo-political issue, major natural disaster, etc)
Manufacturing must have started!

There are a lot of iPhones to be made.  Last year Apple sold 9 million iPhones on its first weekend.   And so I assume that manufacturing is ramping up now, as to hit that mark starting today, Apple needs to make nearly a million iPhone 6's a week.

See you in line on September 26th!

Saturday, July 05, 2014

My iPhone is being remotely controlled by a hacker! (and how to fix it)

Who is remotely controlling my iPhone???


This is a personal story that scared the hell out of me.

On Monday I was awoken by my iPhone alarm telling me that it was time to get up to go to work.   I picked up the phone and looked at the day's calendar.  Ug.  I put it back down in its dock for a couple more Z's.

Seconds later, I heard it clicking.

I looked at my phone, and it looked like someone was typing on it!  Click.  Then a swipe.  And then more clicks.  One of my business apps was being operated, but NO ONE was touching my iPhone!  I was sure that a Hacker was remotely operating my iPhone, digging around for my private data!

This was shocking.  My phone stores a lot of good stuff - my email, photos, finances, passwords and all sorts of other goodies.  If someone compromised my phone they could know where I am.  They could operate the cameras, the microphones - in short, they could know almost everything about me.

It looked like the hacker didn't know what he was doing - he was just bopping around.  Maybe he was just a kid in some far-off land searching for anything of value.  And in the end, I figured out EXACTLY who was to blame.

I quickly decided that immediate action was necessary.

First step: power it down

After taking a quick video of my phone being operated remotely (as evidence), I decided that I should prevent any further damage to my privacy.  I picked up the device and turned on airplane mode.  Then I powered it down.

Second step: wipe

I hooked my iPhone up to iTunes and chose "Backup" to ensure that evidence of the compromise was captured and that any of my remaining data was saved.  Then I performed an iPhone reset via iTunes - which wipes the device and reinstalls a brand new copy of the operating system downloaded from Apple.  And then I chose to do a restore, using the logic that my data was OK, it was just a software compromise.

Third step: rebuild

During the restore I had the iPhone restore the apps from the iTunes store - over the air - again using the logic that my apps may have been compromised and there is nothing like getting the latest from iTunes.  I plugged my phone into my iPhone dock and let it pull down the apps wirelessly over WIFI.

Fourth step: passwords!

My phone was compromised, so someone could have got their hands on my passwords as I typed them (keyboard compromise) or by stealing them from poorly behaving app data stores.  So I hoped on my computer and proceeded to change dozens of key passwords (email accounts, Facebook, banking accounts, etc).

Fifth step: WTF!!!

So I was on my computer, in the midst of making my password changes, when I heard my phone clicking on its keyboard again. WTF???  My phone was STILL compromised!  Maybe the low-level firmware was compromised, and even wiping off iOS and all the apps wasn't good enough.  I picked up the phone, and whomever was remotely controlling it stopped!  Undoubtably the hacker sensed my presence via the motion detector or the camera! VERY SCARY.

Sixth step: Eh?

Then I got to thinking, maybe it was NOBODY.  Maybe my screen was going bad, detecting false touches and swipes.  Hmmm.  I downloaded and installed a "finger paint" program to see what was happening.  Nothing interesting appeared on the screen.  And then I docked it my iPhone, and within in a few minutes, some crazy dots and lines started to appear all on their own, as shown below:
Crazy lines from Paint program

Seventh step: Dang

So I figured my iPhone was dying.  "Dang, out of warranty, still under contract" - this was not great timing.  Then I noticed that the phone was quite warm.  A little more investigation found the power adapter to be rather HOT.  I was running a cheap knockoff USB adapter for the past year - and a little test with a voltmeter showed the knock-off adapter to be providing chaotic power, from 3v to 9v.  Very far away from the 5 volts (±0.55) of the USB standard.

Dangerous knock-off power adapter was the problem all along!


Eighth step: The fix!

So I try all this on another AC adapter, and my "remotely controlled screen" problem completely goes away.  My phone wasn't compromised - it was a very bad (but very official looking) AC Power Adapter.  I chucked the crappy adapter and now I'm back in action.   Yay!

Lesson Learned!

It was all my fault - I bought and used a crappy 3rd party adapter.  It failed in a way that I could never see, and in a way that could have damaged your phone.  Always get a name brand adapter - at least you can go back to them if it damages your phone.  Luckily for me, I suffered no damage other than a few hours of paranoia and work.


Sunday, June 08, 2014

Upgrading my white MacBook with an SSHD Hybrid Hard Drive

A couple of weeks ago the Samsung hard drive in my white plastic MacBook started to have problems starting up - the hard drive was failing.

A few years ago I "upgraded" my MacBook with a higher capacity 500 GB Samsung drive.  Since then, I've been a bit frustrated with my MacBook.  It simply never performed as well, and I just figured that after years of OS updates and demanding web sites that it was about the end of the road for this MacBook.

My first option was to buy a new computer.  My MacBook is from 2009 - and that's a bit old in terms of computing technology.  The MacBook Air is a great high-performance, high-quality machine, but  my old MacBook should be a reasonable performer too.  Perhaps the hard drive was a reason for my lousy performance, and so I decided to shop for a higher-performance drive.


The MacBook with its new Hybrid Drive; old broken drive on top
Unfortunately, thousands of drives are available on the market, but which one should I buy?  I made a quick list of criteria:
  • Storage.  I want plenty of storage for photos, music, and video
  • Performance. My MacBook seemed to have slowed down with time.
  • Cost: This is an older laptop.  It is still good, but I don't want to over-spend.
In the end, I decided to go with this Seagate 1TB Solid State Hybrid Drive.  This drive would fit perfectly inside my MacBook, would offer huge storage, and the great hybrid features would provide good performance at a good price.  

After receiving the drive I used the repair guide at iFixIt.com to install.  Since installing the drive, I find performance to be improved, and I have plenty of storage.  In fact, I am writing this on the very same MacBook.  This will likely be the last upgrade for this 2009 MacBook - I predict that the final OS for this machine will be obsolete by 2018.  By then, a full machine upgrade will be in order!

¡¡¡ 1 Month Update !!!

It has been a month and the new drive is working wonderfully.  My MacBook is much faster than before, and I have more storage than ever.  If your old Mac is slow, I would strongly urge you to consider upgrading to an SSHD.  I will be performing more of these upgrades int he near future.