Sunday, March 09, 2014

A Calendar for Everyone

We all kind of dislike calendars that we aren't accustom to, and tons of folks over the centuries have thought they could do a better job.  And some people around the world see calendars as being a primarily religious instrument since Pope Gregory XIII's people pushed for the one we use today.

Here's my proposal, which combines the Herschel and a modified Holocene calendar.
  • Take on the proposal of Sir John Herschel, so that there are 969 leap days every 4000 years.
  • Take on the concept of the Holocene calendar year numbering system, but modify it as such: 
    • The year number is an aggregate of the top 30 year numbers of the calendars of the world, modulo 100.  Then add 10,000.  My calculation comes up with the year 10043.  For you Gregorian fans, just subtract 8029.
  • Retain the other structures of the Gregorian/Julian calendaring system, notably: month numbering, month length, weekdays.
  • Call this the Earth Solar Calendar.
  • A calendar that is not the Gregorian calendar
  • A calendar that is generally compatible with the Gregorian calendar for all practical purposes
  • A calendar with a new year style which clearly identifies itself from other commonly used calendar styles
  • A calendar that is generally not affiliated with any specific religion or society
  • The proposed calendar retains the Gregorian correction to the Julian calendar.  The timing of that reform is tied to a religious event.
  • The calendar retains the month model of the Julian calendar.
  • Those that appreciate the supposed linkage of the Gregorian calendar with religion may be unhappy with the proposal.  However, the Gregorian calendar is a weird hodgepodge of lunar and solar calendars with a stem several thousand years older than the current Gregorian calendar year. Furthermore, the Gregorian year number is widely known to be inaccurate.
  • No one likes change.

My Computer Security Failures

I'm a security-concious guy, but I have screwed up before.  Here are my security failures over time that I know about:

1994: I downloaded and executed a program from the Internet.  The program spun through the Windows 3.11-based system, overwriting all files.  This resulted in significant data loss.

Root cause: User trusted untrustworthy software.  User failed to back up system.

2001: Fell victim to an SSH exploit on my Linux-based router machine.  The machine was compromised by a remote attacker and used to send spam.  The machine needed to be wiped and reloaded.

Root cause: Zero-day exploit vulnerability, and/or failure to keep on top of security patches.

2006: I gave administrative rights to my brother's au pair's Windows XP-based PC, under pressure from the au-pair who wanted to install software.  The machine was quickly overwhelmed by malware despite anti-virus practices.  The machine was kept in service after significant cleanup.

Root cause: The platform assumed users would need powerful privileges; administrator inappropriately complied.

2008: My account at a popular Internet Service, Twitter, was compromised and misused.

Root cause: I followed poor password management practices: I re-used an identical username/password pair with multiple service providers for accounts "I didn't care about".

2008: Unprivileged Mac OS X user account was compromised remotely over SSH via brute force, due to simple username and matching simple password.

Root cause: Administrator enabled remote SSH access but failed to restrict ssh access to specific accounts.

2014: Wireless access point unsecured, resulting in open network access over-the-air.

Root cause: Administrator created a second wireless SSID without properly securing it.

Sunday, March 02, 2014

Save big money with Free WIFI?

Who wants to pay for Internet?  Maybe your neighbor has open WIFI!  Freedom!  FREE!!!

The problem is that your neighbor's WIFI should never be trusted.  Here's what your neighbor could find out about you:
  • Who you are
  • What sites you visit
  • Your daily schedule
  • What kind of devices you use
  • Probe your devices for vulnerabilities
  • Read many of the web pages you read as you read them
  • See how much mail you receive and send
  • Manipulate what you read on the internet
Now don't be surprised - your ISP can do these things too.  But at least your ISP has a reputation to uphold and (weak) regulations that they must legally conform to.  Your anonymous neighbor that you're stealing from?  They don't really have to worry about such things.

If you're going to steal Internet, use VPN.  VPN doesn't solve all problems, but it solves some of them.

Friday, January 03, 2014

Fixing my Wahl 9918 Groomsman Beard and Mustache Trimmer

Not everyone would bother repairing a $20 beard trimmer, but why not fix something for under $5 instead of spending another $20?

My Wahl 9918 Groomsman Beard and Mustache Trimmer has admirably performed its beauty duty for many years, but the time came when the battery just wasn't holding a charge any more.  Most people would just put the trimmer in the trash and buy a new one, but I figured I could repair my Wahl and save some money.

I opened up the Wahl by popping off the black plastic faceplate with a tiny flathead screwdriver, which revealed two screws.  By removing the two screws I was able to easily open up the unit, revealing the guts of the device.

Backplate off, Revealing the screws

The internals are rather simple: a motor, a simple circuit board, a switch, and a NiCad battery pack soldered into place.
The Internals, with new battery pack

I decided that the battery was no longer good, so I worked to replace it.  I bought two NiCd Extended Capacity Rechargeable AA Cells with Solder Tab.  The solder tabs are key - they make it reasonably possible to solder together a new battery pack.

To create a new battery pack, I used some electrical tape to wrap together the two new cells, in plus-to-minus orientation.  Then I used a trusty soldering iron to solder one of the plus/minus tables together.  I pulled the foam off the old battery pack and stuck it onto my homemade pack.

Then I unsoldered the old battery pack from the Wahl and soldered the new pack in, ensuring that I kept proper polarity.

After, I cleaned up some corrosion on the switch with a pencil eraser and an emery board, and reassembled.  A little test proved good, and so I plugged in the trimmer and let it charge overnight.

Now the Wahl works like new! It runs perfectly and charges perfectly to.  It continues to provide me with a beautiful beard, nearly 10 years running.

Sunday, December 15, 2013

Unlocking the Verizon iPhone 4S - MD278LL/A

Before you buy that unlocked Verizon iPhone 4S, you might want to read this.

After considerable research, I conclude that Verizon's "unlocking" program does not actually unlock the iPhone 4S.

Instead, Verizon's program seems to merely bless specific non-American 3rd party SIMs to be used with your iPhone.  It looks like American 3rd party SIMs from AT&T and T-Mobile USA are locked out forever even after the Verizon "Unlock".

In fact, within Apple's "Wireless carrier support and features" knowledge base article ht1937, Apple itself says that Verizon "offers unlocking on certain iPhones, some with certain restrictions."

That's certainly ominous.  It reads like Verizon might be willing to unlock the deadbolt on your iPhone, but the security chain is still attached so only some SIMs through.  To me, that isn't an unlock.  That's a lock with exceptions.

Do you want to use an AT&T or T-MobileUSA SIM in your Verizon iPhone?  That's Verizon's choice.  And from everything I understand, Verizon will say "no" - they will not unlock the SIM for these carriers.  Your iPhone is still locked.

Even though its your phone.

And you paid for it in full.

And you've been a good customer for years.

And the device has all the technology it needs.

Maybe the best way out is to sell your old iPhone 4S and get yourself a brand new, inexpensive "contract" smartphone like this inexpensive Nokia on T-Mobile.  Or go all out and get an unlocked Apple iPhone 5S.

Saturday, December 07, 2013

Do WIFI security cameras work? This EasyN one works for me!

I bought an inexpensive WIFI security camera - an "EasyN F-M166" - for my vacation home.

Does it work?  Well, yes it works very well!

Via a web browser on my Mac, I can view video, tilt-and-pan the camera, and control things like the infrared lighting.   It doesn't need any special software or plug-ins for my Mac, and I can even view the thing from my iPhone.

My EasyN WIFI cam, mounted upside-down on my porch ceiling

I have the camera mounted outside, in a protected area of my porch.  I'm not sure if it'll survive cold weather, but it still works OK even though it has been as cold as 15° F.  After a power failure it reconnects to WIFI just fine, so I don't have to worry too much about it getting disconnected from the Internet.

Via a web browser on my Mac, I can view video, tilt-and-pan the camera, and control things like the infrared lighting.   It doesn't need any special software for my Mac, and I can even view the thing from my iPhone.

Surveillance of a doorbell-pusher via the EasyN - as seen from my iPhone

With the camera's built-in web software, I've configured it to email me pictures every time "movement" is detected.  So I don't actually need a web browser to use the cam - I just get email with photos attached whenever anyone shows up at the house.  I -love- this feature.  Once in a while I'll get a moth or a bird or something, but that's the price you pay. Although the camera's web software is pretty ugly, it works very well; the software hasn't crashed yet despite running for the past 6+ months.

The camera sensor isn't nearly as good as a "real" camera, but I'm still very happy with it.    I haven't gotten the microphone to work on it, but I don't use it that way.

For under $50, it's a pretty darn good security camera.  You can find the EasyN F-M166 on Amazon.

Thursday, November 28, 2013

Time to think about Time seriously!

Attention programmers!

Good logic lasts forever.

Many of you were not in the programming business in the 1980s.  Back then, we realized that Y2K was on its way and there was a lot of code that would break with dates beyond 1999-Dec-31.

At the time we were looking to save storage - heck, I supported systems that stored the year in 4 bits, because  it was a huge memory saver, and 16 years of operation was a long time.  We simply expected that our systems would be retired before then.

But come the 1990's, we realized we were still running programs written in the 1960s, and someone would have to address all of the date calculation problems.

Turn the clock ahead to today and we see that in less than 25 years the classic 32-bit Unix clock will turn over.    And the storage problem no longer exists like it once did.  In the past we often tried to squeeze in a full Gregorian date (Y-M-D) into 15 or fewer bits.    Today, using 24 or 32 more bits to store a Gregorian date seem completely reasonable and will greatly outlast our era.

Best practice demands that our code of today will work perfectly with dates into and beyond 2038.  As programming matures as a business, we should be validating clocks and times and dates well into the future, at least beyond 2101.

Are you signing a contract for software services?  Demand proper testing for this problem today.  Code easily lasts for more than 25 years, and so not demanding proper date handling behavior is irresponsible and a dereliction of your professional obligations.  Period.

Our software will be running in 80+ years into the future?

Why not?  Buildings and bridges are designed and maintained to last for centuries... we hope.  Logic lasts forever; why dispose of otherwise good work?