2014-10-03

iOS8 on iPhone 4S: Is it worth it?

Last week I decided to take the plunge and upgrade my household iPhone 4S's to iOS8.  The rumors on the street have been mixed, but I usually don't pay much attention to rumors because they are very often wrong.

I am very happy I upgraded.  All the fear-mongering about bad performance and bad battery life simply wasn't true for me.  I'm quite confident that those folks just had a bad app that they didn't know how to update, or a heavily-used 3 year old battery.  iOS 8 isn't going to fix your refrigerator, but it isn't going to break it either.

So what do I get?

First of all, I get a refined UI.  iOS7 was a great upgrade, but now iOS8 is simply smoother all around.  It erases all doubts I had moving from iOS6.

Family sharing is in place.  If you have a household with more than one device, this is a big deal for making Dad's life easier.  Or mine.

I get better battery management, with the incredibly useful Battery Usage feature.  Unlike the similarly named Android feature, Battery Usage fully sums up the load of your apps on the battery and gives good advice on improving battery life.  (The Android feature is just a modified top and has limited utility).

Pan-device searching with Spotlight is amped up.  New keyboards.  Notifications.  Photo and Audio filters (VERY awesome, smoothly executed, and well behaved).

So far I have yet to have a single crash of either the OS or -any- application.  ROCK SOLID.

Should you upgrade?  You certainly don't have to.  But I think you might want to.

2014-08-03

Excellent DD-WRT Router for Me: Netgear WNDR3400 / N600

My WiFi performance was suffering, and so I decided to do something about it and upgrade my router.

When I say my WiFi performance was suffering, I really mean it:  I live in a large high-rise apartment building and there are 100+ WiFi access points visible from my home office.  All of the contentious traffic was severely curtailing my WiFi reliability.  I was lucky to get 1 Mbit/second throughput.  Sometimes I was lucky to stay connected even with my WiFi router in the same room.

I decided it was time to go for 5 GHz, which is a WiFi band which is used less frequently and which has a tougher time traversing walls.  And of course I wanted DD-WRT support.  The set of features I was looking for included:
  • Trouble-free DD-WRT support
  • 5 GHz 802.11n Support
  • Simultaneous dual band capability
  • Inexpensive.  Maybe even cheap.  For me this means under $50.  Under $35 is even better!
It sounds like an easy task to bring all this together: All of this technology has been around for over 5 years.  But nothing is as easy as it seems until you know exactly what to do.  Finding the best router for DD-WRT takes a lot of qualitative analysis.

Finding the best router: WNDR3400 (or N600)

After doing some research I found that some Netgear WNDR3400's can be very inexpensive and  support DD-WRT.  This router is also known as the Netgear N600.  In particular, DD-WRT is compatible with version 1 of the '3400.

In shopping around, I found this refurbished Netgear WNDR3400 routers for sale on Amazon for under $35.  I figured the price was right, and if I managed to get a version 2+ I would assess it on its own merits.  (Update: For the real bargain WNDR3400s, make sure you check out the "new and used".)

Well, I ended up getting a version 2, which is not DD-WRT compatible.  But I fired it up anyway, and it performed wonderfully in terms of reliability - it sped up my home WiFi incredibly.  I decided to keep the WNDR3400v2 using the principle that "super-fast working WiFi without DD-WRT" is better than "awful WiFi".

Version 2 Label

After a month or so of operation I remained happy - the N600 was working great.  A family member gave me a call and needed a new router, so I decided to buy another WNDR-3400 for her.  After all, it provided great performance and at an incredible price.   But when I got my next refurb, it was a Version 1!  The gamble paid off!


Version 1 label
Interestingly, the physical details of the v1 is a quite a bit different than the v2.  In particular, the port layouts and LEDs are different.  Both versions purport to have identical function, but clearly they are different devices on the inside.  Anyhow, with a version 1 model in-hand I was ready and excited to install DD-WRT!
The N600: v1 on top, v2 on bottom. They must be very different on the inside.

Choosing the right DD-WRT firmware for the WNDR3400

The hardest part about DD-WRT is knowing what firmware to install.  I have a list of what I look for:
  • A version that has the features I need
    • 2.4 & 5 GHz WiFi
    • Working Ethernet
    • Working SSH
    • Working IPTables
  • No Heartbleed-ing
  • Reliable
  • Known not to brick or otherwise destroy the router
Sounds easy, right?  Never!  The DD-WRT community has an incredible amount of informal documentation, and parsing it all is a substantial job in of itself.  DD-WRT is a hobby, not a product, and so there are a lot of tradeoffs, broken features, gotchas, and potential brick-makers.

After some significant research, I chose a build that seemed to have the right mix of reliability and working features that wouldn't brick my WNDR3400.  To be precise, I used exactly this build:

ftp://ftp.dd-wrt.com/others/eko/BrainSlayer-V24-preSP2/2013/05-27-2013-r21676/broadcom_K26/dd-wrt.v24-21676_NEWD-2_K2.6_mini-WNDR3400.chk

 Installing DD-WRT on the WNDR3400

Now, before you try to do this, just remember that this worked perfectly for me but it may not work for you at all. So please proceed at your own risk. After all, some people do things like drive their car to the repair shop because the oil light is flashing red.

Once I downloaded the firmware build noted above, I installed the firmware using the following procedure:
  • Turned off my computer's wifi
  • Connected my computer to the router's port #1 via an ethernet cable.
  • Restarted the WNDR3400 via its power switch
  • Fired up Firefox on my computer
  • Entered the Netgear firmware update page on http://192.168.1.1/
  • Used the Netgear's firmware update page to install the firmware.
  • Waited about 5 minutes
After installation (again, about 5 minutes), the WNDR-3400 rebooted and the DD-WRT login page appeared.  After that, I used the DD-WRT configuration pages to set up the access point exactly how I like:
  • Set the local password
  • Set the SSID and WPA2 password
  • Configured DDNS
  • Configured SSH
  • Configured port forwarding, static DNS entries, etc.
After configuring all this I did a speed test.    Performance was as awesome - just as good as a hard-wired connection to my cable modem.

Now my WiFi is fast, reliable, and has DD-WRT.  My old v2 router will go to my family, who can use it without DD-WRT.

My WNDR3400 v1 in action with DD-WRT!
Issues with r21676

The only impactful bug I have found so far is related to SSHd.  Despite leaving the private sshd port  22 and putting the public sshd port on 10002, SSHd was publicly listening on 22 and 10002.  This is behavior is different than other DD-WRT builds I have used. 

My simple work-around was to have sshd only available on 10003.  Interestingly, I didn't immediately see this via iptables or netstat.  It took a portscan for me to reveal this.

 So far I find the WNDR3400 very reliable.  It has been up and running for more than a month without any known issues.

Installing DD-WRT on a WNDR3400v2

I have read about some people being successful installing DD-WRT on a v2, but I was unwilling to try - the evidence I saw out there wasn't that strong or compelling.  But if you try, please let me know the outcome in the comments.

UPDATE: I was also able to install DD-WRT on a v2!  Yes, it is possible.  I haven't tried all features, but everything I use on a daily basis is working great.   See this post for details.

2014-07-26

Let's make biking to work for everyone

I live in the city and generally take public transit to work.  But commuting via bicycle is always an option.

Unfortunately, the vast majority of the bikes on the market aren't suitable for commuting.  They  require that you dress in "biking clothes" and take on a life style called Urban Biker.  No other form of commuting requires special garb.  It is one of the tremendous failures of every single US-based bike manufacturer:  Sales are paltry.  And so manufacturers focus on "cool fragility" and not the "useful".

Unacceptable bikes do the following:
  • Spray mud on your butt and back
  • Get grease on your pants
  • Are too fragile to leave outdoors
That's garbage, and the Europeans know it.  They have tons of city bikes, which are much like the bikes we used to have here in the states.  They are designed to help anyone of any age get around the city - to work, the grocery, or the library.

So in this article I list out what I want from a NOT FAKE Commuting City Bike.  Bike manufactures, do your best!  You're almost there.  There is money in this stuff if you can think and act like Steve Jobs did.

So that I can dress for work and not get slopped up
  • Step through frame
  • Effective fenders
  • Skirt guards
  • Sealed drivetrain (such as a full chain case)
  • Upright seating
So that I don't have to worry about my bike
  • Weatherproof for leaving outdoors (no rust, please)
  • Built-in security locks or locking points
  • Reasonably priced - should be much cheaper than a fair used car
  • Small enough to lug indoors
So that I can carry stuff
  • Reasonable baskets
  • Luggage racks
So that I can ride safely
  • Built-in, automatic lights
  • Reflective surfaces
  • Built-in bell
So that I can pedal
  • Some gearing for some minor hills, erring towards granny
  • Platform pedals
  • Reasonable weight
  • Low rolling-resistance tires
So that I can minimize maintenance
  • Puncture-resistant tires
  • Sealed drivetrain
  • Designed to be left in the rain/snow/sun
  • Appropriately robust
These are just good ideas, but some great ideas may obviate the need for some of my line items.

OK folks, tell me what fits the bill in the comments, or tell me what else YOU would like to see in a great commuting city bike.

Your Privacy Quotient

We all have the expectation of privacy, right?  But how private of a person are you?

Here's how to calculate your privacy quotient!

Add up the following "points" as for each item below.  The resulting number will be used to calculate your personal Privacy Quotient:

Card Usage - Tracking your purchases

  • 1 - Do you use store "rewards cards"?
  • 5 - Do you use a credit or debit card for most purchases?
  • 5 - Do you shop for and buy goods on-line?

Banking - Tracking your income and spending

  • 1- Do you have direct deposit?
  • 1- Do you have a bank account?
  • 1- Do you have a mortgage or loan?

Internet - Tracking your relationships and opinions
  • 5- Do you use an internet service provider?
  • 5- Do you use Web Mail, such as gmail?
  • 5- Do you use a social web sites such as Facebook?
  • 5- Do you use Google to search the Internet?
Telephone - Tracking your location

  • 5- Do you have and use a mobile phone?
  • 1- Do you have a landline?
  • 1- Do you have a home security system?

Transportation - Tracking your travels

  • 1- Do you drive a car?
  • 1- Do you have a toll transponder?
  • 1- Do you use a train/bus/subway pass?


Now, here is YOUR privacy quotient:

0..1
Wow!  You are a private person.

2..4 
Good, respectable privacy.  Corporations only know you a little bit.

5..7
Ouch, you're being tracked pretty heavily.

8..15
You're looking for trouble, as your data is all over the place.  Corporations know where you are and who you are most of the time.

15+
Big Brother is your Big Brother.  Your life is well known to millions of corporations.  They almost always know exactly where you are (± 3 meters).  They know almost exactly how much money you make and where you spend it.  They also know your political views, your likes, and your dislikes.  They know your favorite food, and your dog's name (if you have one).


2014-07-13

Privacy theft via "free" apps

I'm a privacy advocate.  And so I get very tired of the myriad of companies that try to make a buck by selling my "profile" to the highest bidder.

Many (but not all) of the "free" apps available for your smartphone are simple privacy sieves.  Their primary purpose is to provide you with a little bit of value in exchange for a huge amount of your private data.

My case in point are 3rd party smartphone email and GPS apps.  There are hundreds available, almost all for free.  They provide a little bit of value, such as "a new way to use gestures to archive your email".  But these free 3rd party apps often take all kinds of data about you, such as:

  • All of your email
  • Your basic information (your name, home address, phone number, etc)
  • Your location at all times, via your phone's GPS capability
  • Your calendar
  • Your entire address book

Of course, the companies state that they can do this in their "privacy policy".

And within that policy they promise that they will anonymize your data as they sell it to their partners.

Truly anonymizing data is nearly impossible.  As seen in the Netflix case, it is quite simple for a high school student to take large data sets to de-anonymize the data.  That's a very scary proposition, particularly given that there are thousands of large data sets available for purchase through many suppliers.

These app developers let you know that your data may be held off-shore, in a foreign country.  Now I'm a big fan of foreign countries, so why should this matter?  And why would they want to hold the data in a far-off land?  After all, American data centers are less expensive than data centers anywhere else in the world.

The short answer to this question is that by holding your personal data outside of the country, app developers hold the data in a place where you have limited (or no) legal standing, and where the laws of this country simply do not apply.   They are simply kidnaping your data and bringing it overseas where to a place where you cannot win.

Finally, these privacy policies clearly state that they can be changed at any time, without your consent or knowledge.  So if they decide to sell your private data outright, they may change their policy and do so immediately.

What we need is a blog.  A blog that covers those apps with that guarantee to protect the privacy of their users in perpetuity. Let me know when you find apps that do protect privacy.

2014-07-06

iPhone 6 Release Party: Friday, September 26th, 2014

There are a lot of rumors out there in terms of when the iPhone 6 will be released.

Let's just cut to the chase, as evidence points to:

Friday, September 19th, 2014

Here is the evidence:
  • Apple will want the iPhone 6 to be released out of the gate as boldly as possible - with iOS 8.
  • Apple explicitly says that iOS 8 will not be available until Fall 2014.
  • Apple will likely want to make the iPhone 6 readily available to all customers by the Christmas Shopping Season - mid-November.  They'd want to eliminate any waiting lists by then.
  • Recent prior releases of iPhones have been between September 20th and October 15th.
Therefore, I predict that Apple will release the iPhone 6 sometime very near early fall.  This year fall begins on Tuesday, September 23th, 2014.

But wait, there's more!  Over the past few years Apple has put their device on sale starting on a Friday.

So given that additional fact, I refine my prediction to include only the following dates:
  • Friday, September 19th
  • Friday, September 26th
  • Friday, October 3rd
  • Friday, October 10th
  • Friday, October 17th
If I were a serious wagering man (I am not), I would wager on the earlier side of things to better align with last year.  And so, in conclusion, I find that the iPhone 6 will most likely be released on Friday, September 19th.

Of course, certain types of events could influence that date, including but not limited to:
  • Component supply line issues
  • Manufacturing issues
  • Unexpected design issues
  • iOS 8 availability/completion
  • External factors (Geo-political issue, major natural disaster, etc)
Manufacturing must have started!

There are a lot of iPhones to be made.  Last year Apple sold 9 million iPhones on its first weekend.   And so I assume that manufacturing is ramping up now, as to hit that mark starting today, Apple needs to make nearly a million iPhone 6's a week.

See you in line on September 19th!

2014-07-05

My iPhone is being remotely controlled by a hacker! (and how to fix it)

Who is remotely controlling my iPhone???


This is a personal story that scared the hell out of me.

On Monday I was awoken by my iPhone alarm telling me that it was time to get up to go to work.   I picked up the phone and looked at the day's calendar.  Ug.  I put it back down in its dock for a couple more Z's.

Seconds later, I heard it clicking.

I looked at my phone, and it looked like someone was typing on it!  Click.  Then a swipe.  And then more clicks.  One of my business apps was being operated, but NO ONE was touching my iPhone!  I was sure that a Hacker was remotely operating my iPhone, digging around for my private data!

This was shocking.  My phone stores a lot of good stuff - my email, photos, finances, passwords and all sorts of other goodies.  If someone compromised my phone they could know where I am.  They could operate the cameras, the microphones - in short, they could know almost everything about me.

It looked like the hacker didn't know what he was doing - he was just bopping around.  Maybe he was just a kid in some far-off land searching for anything of value.  And in the end, I figured out EXACTLY who was to blame.

I quickly decided that immediate action was necessary.

First step: power it down

After taking a quick video of my phone being operated remotely (as evidence), I decided that I should prevent any further damage to my privacy.  I picked up the device and turned on airplane mode.  Then I powered it down.

Second step: wipe

I hooked my iPhone up to iTunes and chose "Backup" to ensure that evidence of the compromise was captured and that any of my remaining data was saved.  Then I performed an iPhone reset via iTunes - which wipes the device and re-installs a brand new copy of the operating system downloaded from Apple.  And then I chose to do a restore, using the logic that my data was OK, it was just a software compromise.

Third step: rebuild

During the restore I had the iPhone restore the apps from the iTunes store - over the air - again using the logic that my apps may have been compromised and there is nothing like getting the latest from iTunes.  I plugged my phone into my iPhone dock and let it pull down the apps wirelessly over WIFI.

Fourth step: passwords!

My phone was compromised, so someone could have got their hands on my passwords as I typed them (keyboard compromise) or by stealing them from poorly behaving app data stores.  So I hopped on my computer and proceeded to change dozens of key passwords (email accounts, Facebook, banking accounts, etc).

Fifth step: WTF!!!

So I was on my computer, in the midst of making my password changes, when I heard my phone clicking on its keyboard again. WTF???  My phone was STILL compromised!  Maybe the low-level firmware was compromised, and even wiping off iOS and all the apps wasn't good enough.  I picked up the phone, and whomever was remotely controlling it stopped!  Undoubtedly the hacker sensed my presence via the motion detector or the camera! VERY SCARY.

Sixth step: Eh?

Then I got to thinking, maybe it was NOBODY.  Maybe my screen was going bad, detecting false touches and swipes.  Hmmm.  I downloaded and installed a "finger paint" program to see what was happening.  Nothing interesting appeared on the screen.  And then I docked it my iPhone, and within in a few minutes, some crazy dots and lines started to appear all on their own, as shown below:
Crazy lines from Paint program

Seventh step: Dang

So I figured my iPhone was dying.  "Dang, out of warranty, still under contract" - this was not great timing.  Then I noticed that the phone was quite warm.  A little more investigation found the power adapter to be rather HOT.  I was running a cheap knockoff USB adapter for the past year - and a little test with a voltmeter showed the knock-off adapter to be providing chaotic power, from 3v to 9v.  Very far away from the 5 volts (±0.55) of the USB standard.

Dangerous knock-off power adapter was the problem all along!


Eighth step: The fix!

So I try all this on another AC adapter, and my "remotely controlled screen" problem completely goes away.  My phone wasn't compromised - it was a very bad (but very official looking) AC Power Adapter.  I chucked the crappy adapter and now I'm back in action.   Yay!

Lesson Learned!

It was all my fault - I bought and used a crappy 3rd party adapter.  It failed in a way that I could never see, and in a way that could have damaged your phone.  Always get a name brand adapter - at least you can go back to them if it damages your phone.  Luckily for me, I suffered no damage*** other than a few hours of paranoia and work.

*** UPDATE: Zapped volume buttons

Soon after this I noticed that my volume buttons stopped working.  I took the iPhone to the shop for repair.  Despite numerous attempts of a repair with new parts, the volume buttons couldn't be fixed.  It was a fault inside the logic board.  I blame the adapter for zapping my iPhone.  A sad story indeed.


2014-06-08

Upgrading my white MacBook with an SSHD Hybrid Hard Drive

A couple of weeks ago the Samsung hard drive in my white plastic MacBook started to have problems starting up - the hard drive was failing.

A few years ago I "upgraded" my MacBook with a higher capacity 500 GB Samsung drive.  Since then, I've been a bit frustrated with my MacBook.  It simply never performed as well, and I just figured that after years of OS updates and demanding web sites that it was about the end of the road for this MacBook.

My first option was to buy a new computer.  My MacBook is from 2009 - and that's a bit old in terms of computing technology.  The MacBook Air is a great high-performance, high-quality machine, but  my old MacBook should be a reasonable performer too.  Perhaps the hard drive was a reason for my lousy performance, and so I decided to shop for a higher-performance drive.


The MacBook with its new Hybrid Drive; old broken drive on top
Unfortunately, thousands of drives are available on the market, but which one should I buy?  I made a quick list of criteria:
  • Storage.  I want plenty of storage for photos, music, and video
  • Performance. My MacBook seemed to have slowed down with time.
  • Cost: This is an older laptop.  It is still good, but I don't want to over-spend.
In the end, I decided to go with this Seagate 1TB Solid State Hybrid Drive.  This drive would fit perfectly inside my MacBook, would offer huge storage, and the great hybrid features would provide good performance at a good price.  

After receiving the drive I used the repair guide at iFixIt.com to install.  Since installing the drive, I find performance to be improved, and I have plenty of storage.  In fact, I am writing this on the very same MacBook.  This will likely be the last upgrade for this 2009 MacBook - I predict that the final OS for this machine will be obsolete by 2018.  By then, a full machine upgrade will be in order!

UPDATE: 2 Years of Operation

It has been a couple of years since I installed the SSHD, and it is working wonderfully.  My MacBook continues to be much faster than before, and I have more storage than ever.  If your old Mac is slow, I would strongly urge you to consider upgrading to an SSHD. 

2014-04-24

On Kilobytes, Megabytes, and other computer-centric factors

I started programming way back.  In those olden days I was working close to the machine - on machine language stuff (assembly languages).  Bits were important: shift left, shift right, AND/OR/XOR.  And memory pages were important too: fitting an important routine within a 256 byte page could really help performance.

These days life is different.  You allocate objects.  If you're storing a boolean, you create a boolean object.  Who knows how that's represented under the hood, but it certainly isn't represented in one bit of RAM.   Most people don't even use the bitwise operators offered through the programming languages given to them.  Sure, some do.  But most do not.

And so now we get into our prefixes: kilo, mega, giga, terra, and peta (and beyond, I suppose!)

Many people still want these prefixes to be based on powers of 2.  One kilobyte is 1024 bytes (2^10). One megabyte is 1024*1024 bytes (2^20).  Etc.  It's an OK system, but it really makes little sense. Why is a kilobyte 2^10?  Because the number, when converted to decimal, is the power-of-two  number that's closest to 1,000.  2^11 and 2^9 simply aren't as close to 1000 as 2^10.

Anyhow, all this makes some (but not much) sense in terms of addressing RAM.  Then these same people wanted everything else related to computing to work the same way.

Disk Storage

So the programmers decided that since physical RAM layout was important, and that it was good to have a funny math for it, that others should follow their methods.  The programmers wanted disk drives to follow the same memory conventions.  At first there was some practicality to this: programmers wrote code to stick pages of RAM onto disks in what they called "disk sectors".  This was primarily done because it was very easy to treat a page of RAM (perhaps 2^8 bytes) as a body of work.  This was key because performance ruled the day with 1 MHz computers.  (By the way, the M in MHz means exactly "1,000,000").

But over time the disk drive guys were not interested.  Sectors were a false abstraction, and under the hood of the drive sectors changed size to pack in more bytes and low-level ECC and other techniques made it pointless. Furthermore, programmers were no longer dumping pages of RAM to disk, they just wanted to store files in a file system.

And so the drive guys started to sell disks using normal base-10 units.  100 MB drive means 100 Million Bytes.  This was convenient to a lot of programmers because most left base-2 mathematics behind when higher level languages became practical.  Before long, if a programmer said that there were 1K of rows in a database, they meant a normal thousand and not 1,024.

And that was the start of the first war.  Programmers screamed at the drive guys for abandoning their "base 2" convention.  The programmers still wanted 1 MB of disk storage to mean 1024 *1024.  But why?  Programmers were no longer worrying about pages of RAM and sector sizes.  Those same programmers also complained when they got less storage than on the box due to the overhead of things like the realities of how a file system works.   And those same programmers are creating substantial "object" to store a 3 character string.  Talk about babies, they couldn't even appreciate a file system.  They just liked their silly "my way or its wrong" math despite the fact that their way no longer had a purpose.

Let me give you a practical example: Let's say you are dumping 1 billion records onto a disk.  Each record is 40 bytes long.  Quick, do you have enough room if you have 38.1 GB free?  WHO KNOWS!  Because bonehead holier-than-thou programmers that never shifted any register on any CPU wanted to confuse everyone.

Networking

Throughout all this the network guys were not interested in this "new math".  They did things in bits per second.  Bytes?  No way!   "Byte" was an ambigulously-sized number of bits, so they smartly renamed a collection of 8 bits an "octet".  kilo?  To a network guy, that meant 1000.  Nothing else.  Mega?  1,000,000.    100 Megabits per second meant 100,000,000 bits in one second. And it still does to a network guy.

But then the uncultured programmers got in there with their stupid math and wrote some software using weird rules and confused everyone.  They started to apply their way to other realms for NO REASON.

What does 100 MB/second mean?
  • Normal Person: 100,000,000 bytes in one second (100 * 1,000,000)
  • Networking Person: 100,000,000 bytes in one second (100 * 1,000,000)
  • Programmer:
    • Normal: 100,000,000 bytes in one second (100 * 1,000,000)
    • Very Stupid: 104,857,600 bytes in one second (100 * (1024*1024))
    • Very Very Stupid: 102,400,000 bytes in one second (100 * (1024*1000))
Unfortunately, most programmers are at least "Very Stupid".

These same annoying programmers no longer use the bin/oct/hex functions of their HP16C.  In fact, I'd say they most wouldn't be able to use an HP16C to add two hex numbers together.

Conclusion

It's time to give up the obsolete base-2 notion of kilo, mega, and giga.  If you really love powers of two, use them explicitly like a REAL tech expert would.  My laptop has 2^33 addresses of active RAM. And now how many 2^8 byte pages of RAM fit into that address space?  Comment with your simple assembly language program that calculates this number (any architecture).

2014-03-09

A Calendar for Everyone

We all kind of dislike calendars that we aren't accustom to, and tons of folks over the centuries have thought they could do a better job.  And some people around the world see calendars as being a primarily religious instrument since Pope Gregory XIII's people pushed for the one we use today.

Here's my proposal, which combines the Herschel and a modified Holocene calendar.
  • Take on the proposal of Sir John Herschel, so that there are 969 leap days every 4000 years.
  • Take on the concept of the Holocene calendar year numbering system, but modify it as such: 
    • The year number is an aggregate of the top 30 year numbers of the calendars of the world, modulo 100.  Then add 10,000.  My calculation comes up with the year 10043.  For you Gregorian fans, just subtract 8029.
  • Retain the other structures of the Gregorian/Julian calendaring system, notably: month numbering, month length, weekdays.
  • Call this the Earth Solar Calendar.
Result:
  • A calendar that is not the Gregorian calendar
  • A calendar that is generally compatible with the Gregorian calendar for all practical purposes
  • A calendar with a new year style which clearly identifies itself from other commonly used calendar styles
  • A calendar that is generally not affiliated with any specific religion or society
Concerns:
  • The proposed calendar retains the Gregorian correction to the Julian calendar.  The timing of that reform is tied to a religious event.
  • The calendar retains the month model of the Julian calendar.
  • Those that appreciate the supposed linkage of the Gregorian calendar with religion may be unhappy with the proposal.  However, the Gregorian calendar is a weird hodgepodge of lunar and solar calendars with a stem several thousand years older than the current Gregorian calendar year. Furthermore, the Gregorian year number is widely known to be inaccurate.
  • No one likes change.

My Computer Security Failures

I'm a security-concious guy, but I have screwed up before.  Here are my security failures over time that I know about:


1994: I downloaded and executed a program from the Internet.  The program spun through the Windows 3.11-based system, overwriting all files.  This resulted in significant data loss.

Root cause: User trusted untrustworthy software.  User failed to back up system.


2001: Fell victim to an SSH exploit on my Linux-based router machine.  The machine was compromised by a remote attacker and used to send spam.  The machine needed to be wiped and reloaded.

Root cause: Zero-day exploit vulnerability, and/or failure to keep on top of security patches.


2006: I gave administrative rights to my brother's au pair's Windows XP-based PC, under pressure from the au-pair who wanted to install software.  The machine was quickly overwhelmed by malware despite anti-virus practices.  The machine was kept in service after significant cleanup.

Root cause: The platform assumed users would need powerful privileges; administrator inappropriately complied.


2008: My account at a popular Internet Service, Twitter, was compromised and misused.

Root cause: I followed poor password management practices: I re-used an identical username/password pair with multiple service providers for accounts "I didn't care about".


2008: Unprivileged Mac OS X user account was compromised remotely over SSH via brute force, due to simple username and matching simple password.

Root cause: Administrator enabled remote SSH access but failed to restrict ssh access to specific accounts.


2014: Wireless access point unsecured, resulting in open network access over-the-air.

Root cause: Administrator created a second wireless SSID without properly securing it.

2014-03-02

Save big money with Free WIFI?

Who wants to pay for Internet?  Maybe your neighbor has open WIFI!  Freedom!  FREE!!!

The problem is that your neighbor's WIFI should never be trusted.  Here's what your neighbor could find out about you:
  • Who you are
  • What sites you visit
  • Your daily schedule
  • What kind of devices you use
  • Probe your devices for vulnerabilities
  • Read many of the web pages you read as you read them
  • See how much mail you receive and send
  • Manipulate what you read on the internet
Now don't be surprised - your ISP can do these things too.  But at least your ISP has a reputation to uphold and (weak) regulations that they must legally conform to.  Your anonymous neighbor that you're stealing from?  They don't really have to worry about such things.

If you're going to steal Internet, use VPN.  VPN doesn't solve all problems, but it solves some of them.

2014-01-03

Fixing my Wahl 9918 Groomsman Beard and Mustache Trimmer

Not everyone would bother repairing a $20 beard trimmer, but why not fix something for under $5 instead of spending another $20?

My Wahl 9918 Groomsman Beard and Mustache Trimmer has admirably performed its beauty duty for many years, but the time came when the battery just wasn't holding a charge any more.  Most people would just put the trimmer in the trash and buy a new one, but I figured I could repair my Wahl and save some money.

I opened up the Wahl by popping off the black plastic faceplate with a tiny flathead screwdriver, which revealed two screws.  By removing the two screws I was able to easily open up the unit, revealing the guts of the device.


Backplate off, Revealing the screws


The internals are rather simple: a motor, a simple circuit board, a switch, and a NiCad battery pack soldered into place.
The Internals, with new battery pack

I decided that the battery was no longer good, so I worked to replace it.  I bought two NiCd Rechargeable AA Cells with Solder Tabs.  The solder tabs are key - they make it reasonably possible to solder together a new battery pack

To create a new battery pack, I used some electrical tape to wrap together the two new cells, in plus-to-minus orientation.  Then I used a trusty soldering iron to solder one of the plus/minus tables together.  I pulled the foam off the old battery pack and stuck it onto my homemade pack.

Then I unsoldered the old battery pack from the Wahl and soldered the new pack in, ensuring that I kept proper polarity.

After, I cleaned up some corrosion on the switch with a pencil eraser and an emery board, and reassembled.  A little test proved good, and so I plugged in the trimmer and let it charge overnight.

Now the Wahl works like new! It runs perfectly and charges perfectly to.  It continues to provide me with a beautiful beard, 12+ years running.


Share