Paul E. Jones' BlogPersonal blog published by Paul E. Jones, convering topics related to Internet communication, web development, and other musings.2024-02-07T00:03:15ZPaul E. Joneshttps://www.packetizer.com/people/paulej/blog/blog.xmlCopyright (C) 2024 Packetizer, Inc.Packetizer ATOM Feed Generatorhttps://www.packetizer.com/people/paulej/blog/images/paulej_blog.jpgWebex for Apple Vision Prohttps://www.packetizer.com/people/paulej/blog/712024-02-07T00:03:15Z2024-02-07T00:03:15Z<p>
I previously wrote a blog post about <a href="/people/paulej/blog/65/">Webex Hologram</a>, which uses any one of several 3D headsets to allow one to participate in holographic videoconferences. While that was is awesome, Cisco just released a video for Webex using the Apple Vision Pro. This is a very practical step toward both allowing one to utilize a 3D headset with existing videoconferencing, while also serving as a precursor to a full-blown holographic video experience.
</p>
<div style="width: 100%"><iframe style="margin: 0 auto; display: block; width: 560px; height:315px; border-style: none; border: 0px" src="https://www.youtube.com/embed/db1Z056c_5s?si=Bg70TlzRFOhcNf6q" >(Embedded object; your browser does not support iframes)</iframe></div>
Variable Length Integer Encodinghttps://www.packetizer.com/people/paulej/blog/702023-08-30T00:01:12Z2023-08-30T00:01:12Z<p>
In recent years, I’ve seen several methods for variable-length encoding of integers for transmission over a network. The most recent one I encountered was defined in section 16 of the <a href="https://www.packetizer.com/rfc/rfc9000/">QUIC</a> protocol specification. In that document, 64-bit integers are encoded as 1, 2, 4, or 8 octets based on the value of the integer. Another format is specified in Appendix B of the <a href="https://www.packetizer.com/rfc/rfc8949/">CBOR</a> specification, which specifies how to encode any one of the typical integer sizes commonly used on modern computers today. Using a rigid encoding like these offers a means of quickly serializing data, but at a cost of increasing the number of octets required. In the case of CBOR, it perhaps isn’t accurate to refer to it as a variable-length encoding, but rather an encoding for each possible signed and unsigned integer type. However, the effect is more-or-less similar, though larger integers are encoded with less space efficiency.
</p>
<p>
When considering space-efficiency, another encoding approach is to encode integers so that the MSb of each serialized octet indicates whether this is the final octet or whether there is another octet to consume. The following illustrates that idea:
</p>
<pre style="white-space: pre-wrap; color: #000080; background-color: #f2f2f2; border: #168620 solid 1px; padding: 0.5em 1em 0.5em 1em; font-family: Courier New, monospace; font-size: 8pt; text-align: left; line-height: normal;">
10000011 11111111 01111111
^ ^ ^—- 0 == final octet
</pre>
<p>
Here, if a 1 is present as the MSb, it means the next octet is a part of the integer. If the MSb is a 0, it indicates this octet is the last octet in the serialized sequence of octets. Following this method, a value between 0 and 127 can be serialized into a single octet, while incrementally larger integers consume additional octets. This method can be used for both unsigned and signed integers, where the signed integers are stored in twos-complement format.
</p>
<p>
Serializing and deserializing data can be efficient. Below, I present functions that will perform those operations on a buffer given an unsigned or signed 64-bit integer. This code uses C++ constexpr functions, though these could easily be transformed into C macros if one prefers those.
</p>
<pre style="white-space: pre-wrap; color: #000080; background-color: #f2f2f2; border: #168620 solid 1px; padding: 0.5em 1em 0.5em 1em; font-family: Courier New, monospace; font-size: 8pt; text-align: left; line-height: normal;">
// Space-efficient encoding of variable length integers
// Copyright (C) 2023
// Paul E. Jones <paulej@packetizer.com>
#include <cstdint>
#include <cstddef>
#include <span>
// Find the most significant bit position for unsigned integers
constexpr std::size_t FindMSb(std::uint64_t v)
{
std::size_t p = 0;
if (v >= std::uint64_t(1) << 32) p += 32, v >>= 32;
if (v >= std::uint64_t(1) << 16) p += 16, v >>= 16;
if (v >= std::uint64_t(1) << 8) p += 8, v >>= 8;
if (v >= std::uint64_t(1) << 4) p += 4, v >>= 4;
if (v >= std::uint64_t(1) << 2) p += 2, v >>= 2;
if (v >= std::uint64_t(1) << 1) p += 1, v >>= 1;
return p;
}
// Find the most significant bit position for signed integers
constexpr std::size_t FindMSb(std::int64_t v)
{
return ((v >= 0) ? FindMSb(static_cast<std::uint64_t>(v)) :
FindMSb(static_cast<std::uint64_t>(~v)));
}
// Return number of octets required to encode given std::uint64_t value
constexpr std::size_t VarUintSize(std::uint64_t value)
{
return FindMSb(value) / 7 + 1;
}
// Return number of octets required to encode given std::int64_t value
constexpr std::size_t VarIntSize(std::int64_t value)
{
return (FindMSb(value) + 1) / 7 + 1;
}
// Serialize the unsigned integer into the given buffer, returning 0 if the
// buffer is too short to hold the serialized integer
std::size_t Serialize(std::span<std::uint8_t> buffer, std::uint64_t value)
{
// Determine space requirements for the variable-width integer
const std::size_t octets_required = VarUintSize(value);
// Ensure the buffer is of sufficient length
if (buffer.size() < octets_required) return 0;
// Write octets from right to left (reverse order)
for (std::size_t i = octets_required; i > 0; i—)
{
// Get the group of 7 bits
std::uint8_t octet = value & 0x7f;
// Shift the data bits vector by 7 bits
value >>= 7;
// If this is not the last octet, set the MSb to 1
if (i != octets_required) octet |= 0x80;
// Write the value into the buffer
buffer[i - 1] = octet;
}
return octets_required;
}
// Deserialize the unsigned integer from the given buffer, returning number of
// octets deserialized or zero if there was an error
std::size_t Deserialize(const std::span<std::uint8_t> buffer,
std::uint64_t &value)
{
std::uint8_t octet{0x80};
std::size_t total_octets{0};
// Initialize the integer value
value = 0;
// Read octets until we find the last one having a 0 MSb
while (octet & 0x80)
{
// A 64-bits value should never require more than 10 octets
if (++total_octets == 11) return 0;
// Ensure we do not read beyond the buffer
if (total_octets > buffer.size()) return 0;
// Get the target octet
octet = buffer[total_octets - 1];
// Add these bits to the returned value
value = (value << 7) | (octet & 0x7f);
}
// If the total length is 10 octets, initial octet must be 0x81
if ((total_octets == 10) && (buffer[0] != 0x81)) return 0;
return total_octets;
}
// Serialize the signed integer into the given buffer, returning 0 if the
// buffer is too short to hold the serialized integer
std::size_t Serialize(std::span<std::uint8_t> buffer, std::int64_t value)
{
// Determine space requirements for the variable-width integer
std::size_t octets_required = VarIntSize(value);
// Ensure there is sufficient space in the buffer
if (octets_required > buffer.size()) return 0;
// Write octets from right to left (reverse order)
for (std::size_t i = octets_required; i > 0; i—)
{
// Get the group of 7 bits
std::uint8_t octet = value & 0x7f;
// Shift the data bits vector by 7 bits
value >>= 7;
// If this is not the last octet, set the MSb to 1
if (i != octets_required) octet |= 0x80;
// Write the value into the buffer
buffer[i - 1] = octet;
}
return octets_required;
}
// Deserialize the signed integer from the given buffer, returning number of
// octets deserialized or zero if there was an error
std::size_t Deserialize(const std::span<std::uint8_t> buffer,
std::int64_t &value)
{
std::uint8_t octet{0x80};
std::size_t total_octets{0};
// Ensure we do not read beyond the buffer
if (buffer.empty()) return 0;
// Determine the sign of the number by inspecting the leading sign bit
value = (buffer[0] & 0x40) ? -1 : 0;
// Read octets until we find the last one having a 0 MSb
while (octet & 0x80)
{
// A 64-bits value should never require more than 10 octets
if (++total_octets == 11) return 0;
// Ensure we do not read beyond the buffer
if ((total_octets) > buffer.size()) return 0;
// Get the target octet
octet = buffer[total_octets - 1];
// Add these bits to the returned value
value = (value << 7) | (octet & 0x7f);
}
// If the total length is 10 octets, ensure the initial octet is one
// of the only two valid values
if ((total_octets == 10) && (buffer[0] != 0x80) && (buffer[0] != 0xff))
{
return 0;
}
return total_octets;
}
</pre>
Revolutionizing Collaborative Communications using Distributed Applicationshttps://www.packetizer.com/people/paulej/blog/692022-10-02T03:24:40Z2022-10-02T03:24:40Z<p>
Having recently finished work on a project involving <a href="/people/paulej/blog/65/">holographic videoconferencing</a> (which was totally awesome, by the way), my mind now drifts back to one of the things that is near and dear to my heart: the concept of distributed applications in the space of collaborative multimedia communications.
</p>
<p>
Those who know me know that I was championing this concept for several years just as the 2008 financial crisis took a grip on the world. Before that global recession, there was substantial momentum and interest. It’s a non-obvious concept, often confused and conflated with the concept of “disaggregated media.” It usually took me explaining the concept to hardware vendors, like TV and device makers, for them to understand it. However, the reaction was always positive once the lightbulb went off in their heads.
</p>
<p>
I’m back to thinking about it again. I put together a new presentation on the subject of<br/>
“<a href="https://hive.packetizer.com/users/packetizer/papers/voip/revolutionizing_collaboration.pdf">Revolutionizing Collaboration Technology using Distributed Applications</a>.” It is hard for me to not think about this concept because the concept is powerful and has the potential to truly revolutionize the way we communicate. It opens the door for innovation unlike anything we have seen to date in this space.
</p>
<img src="/people/paulej/blog/images/dance.png" style="max-width: 600px; display: block; margin-left: auto; margin-right: auto" alt=""/>
<p>
As I take inventory of the current collaborate communications landscape, I see an unfortunate trends in the industry, including more isolation, disregard for standards or interoperability, and more centralized control. I am convinced that a more open collaborative communications platform can be created that not only creates more value for users but can simultaneously create more customer loyalty and profit growth. I have heard many users express a yearning for more interoperability, and it is frustrating to them (and me, quite frankly) that it isn’t just seamlessly possible to jump on a video call with anyone in his or her address book because different people use different vendors.
</p>
<p>
Building a distributed application platform is not trivial. I have been studying this for a long time. I understand the challenges and there are plenty. At the same time, if done properly it opens the door for substantially more user adoption and collaboration among people. This is especially true for those who need to communicate with industry partners, vendors, etc.
</p>
<p>
Perhaps most neglected of all in all of the existing collaborative communications offerings is the consumer space. I understand why. And while there are many non-interoperable solutions from which to choose, the abundance of non-interoperable options is one of the biggest problems. I, and I think most users, would prefer to select a preferred communication application provider and, from that application, be able to collaborate with anyone.
</p>
<p>
This is achievable.
</p>
Pointers Are Not Dangeroushttps://www.packetizer.com/people/paulej/blog/682022-07-21T18:11:22Z2022-07-21T18:11:22Z<p>
Some programmers say pointers are dangerous. I think pointers are fine; bad programmers are dangerous.
</p>
What is the Metaverse?https://www.packetizer.com/people/paulej/blog/672022-02-11T19:29:34Z2022-02-11T19:29:34Z<p>
I have been asked several times “What is the metaverse?”
</p>
<p>
The short answer is that it’s a flailing company’s effort to remain relevant as their user base and core business erodes.
</p>
<p>
Seriously, that’s it.
</p>
<p>
Young people do not care about Facebook anymore, and older adults are getting bored with it, too. This is reflected in <a href="https://www.cnbc.com/2020/10/29/facebook-fb-earnings-q3-2020.html">decline in number of daily active users</a>.
</p>
<p>
Teens and young adults are more interested in newer platforms like TikTok and Snapchat.
</p>
<p>
I appreciate that my definition of metaverse is entirely non-technical, but it’s important to put things into perspective. There is and will be a lot of hype around metaverse, with Facebook jockeying to put itself at the front of the pack. it’s unlikely to unfold that way, though.
</p>
<p>
The metaverse concept is substantially equated with virtual reality or augmented reality. To that end, Facebook has a good foot in the door with the acquisition of Oculus. There is no doubt that virtual and augmented reality will become a bigger part of our lives. However, merely creating a piece of hardware is not going to make one the dominant player in the VR/AR market. Facebook understand that, which is why they’re trying to position themselves as the platform for this technology. This platform being the metaverse.
</p>
<p>
The challenge that Facebook has is that VR/AR will be most successful in entertainment (especially gaming) and business, neither of which Facebook has any significant presence. By far, the largest business opportunity for VR/AR will be gaming, which will be dominated by Microsoft and Sony. Apple could be strong contender, too, if it produces a <a href="https://www.macrumors.com/2017/11/08/apple-augmented-reality-headset-2020/">long-rumored headset</a>. Likewise, Google could be a player in this space and has dipped its toes in the water a bit. Importantly, though, the company that will dominate in this space will be one with a large platform. Microsoft, Sony, Apple, and Google have viable platforms. Facebook does not and likely will not. Facebook phone, anyone? They are too far behind.
</p>
How to Pronounce "char" (C Data Type)https://www.packetizer.com/people/paulej/blog/662021-12-03T02:57:18Z2021-12-03T02:57:18Z<p>
Click on this link to learn how to pronounce <a href="https://www.youtube.com/watch?v=de2Hsvxaf8M&t=158s">char</a>.
</p>
Holographic Videoconferencinghttps://www.packetizer.com/people/paulej/blog/652021-10-26T15:40:25Z2021-10-26T15:40:25Z<p>
While I've not been so engaged in public activities recently, I've nonetheless still been very busy working on some very cool videoconferencing technology.
</p>
<p>
Over the past few years, two things I've been involved with are end-to-end media encryption in conferencing and holographic video conferencing. The former was predictable since I had worked in the public on some standards related to that (like <a href="https://www.packetizer.com/rfc/rfc8871/">RFC 8871</a>). The latter has been kept pretty quiet.
</p>
<p>
Today, Cisco announced that new product I've been working on. It is called <a href="https://newsroom.cisco.com/press-release-content?type=webcontent&articleId=2202545">Webex Hologram</a>. Webex Hologram utilizes an array of cameras to create a three-dimensional image that gives you the impression of being there with the person with whom you're communicating. You can move left or right and observe the parallax enabled by using a plurality of cameras.
</p>
<p>
To get a sense of what Webex Hologram will enable, see this <a href="https://www.youtube.com/watch?v=YEx7h0NKnXE">video</a>.
</p>
<img src="/people/paulej/blog/images/wxh_camera_array.jpg" style="max-width: 600px; display: block; margin-left: auto; margin-right: auto" alt=""/>
<p>
In addition to video, the system enables one to interact with content. The content interaction is pretty cool, but what truly makes Webex Hologram stand out from other holographic solutions is the fact that there is real video, not just bobbing cartoon heads.
</p>
<img src="/people/paulej/blog/images/wxh_content.jpg" style="max-width: 600px; display: block; margin-left: auto; margin-right: auto" alt=""/>
<p>
It has been a very fun project that offers a revolutionary user experience. It is not over, but I'm pleased to see the project reach this significant milestone.
</p>
<p>
Links:
</p>
<ul>
<li><a href="https://newsroom.cisco.com/press-release-content?type=webcontent&articleId=2202545">Official news release</a></li>
<li><a href="https://www.youtube.com/watch?v=YEx7h0NKnXE">Marketing video</a></li>
<li><a href="https://finance.yahoo.com/news/cisco-launches-webex-hologram-augmented-130000347.html">Newswire press release</a></li>
<li><a href="https://twitter.com/SquawkCNBC/status/1452985000689811460">Interview with Chuck Robbins</a></li>
<li><a href="https://cheddar.com/media/cisco-looks-to-bring-augmented-reality-work-collaboration-with-webex-hologram">Interview with Jeetu Patel</a></li>
<li><a href="https://www.zdnet.com/article/cisco-unveils-webex-hologram-for-ar-meetings/">ZDNet article</a></li>
</ul>
LinkedIn Using Demographics to Artificially Promote Usershttps://www.packetizer.com/people/paulej/blog/642021-10-22T20:35:12Z2021-10-22T20:35:12Z<p>
I logged into LinkedIn and was greeted with this. They want to “improve equal access and opportunity” by asking me demographic questions. There is only one possible way to use such demographic data: to modify algorithms to artificially promote some people and demote others based on demographics. There is nothing “equal” about that kind of behavior.
</p>
<img src="/people/paulej/blog/images/linkedin_demographics.png" style="max-width: 600px; display: block; margin-left: auto; margin-right: auto" alt=""/>
<p>
I am a firm believer in promotion based on merit. Anything other than merit-based promotion is demoralizing, degrading, and unfair those who are intelligent and who have worked hard to achieve accomplishments.
</p>
Crumbling Discourse in Societyhttps://www.packetizer.com/people/paulej/blog/632021-10-07T01:56:13Z2021-10-07T01:56:13Z<p>
Our society seems to be going off the rails. I am not sure where the problem is rooted, but people have become more and more intolerant of views expressed by others in recent years to the point that I think it is harmful. I have seen friends become enemies. I have seen people rebuked for merely having a different opinion on a topic. Any day of the week, you can visit Twitter and see some of the nastiest, hateful exchanges between people. Twitter isn’t alone, of course. The same thing exists on Facebook. And it is because of the hateful exchanges I’ve seen that I do not have account on either platform any longer.
</p>
<p>
Before I closed those accounts, though, I had many animated discussions with people on different topics. Some people participating in the conversation agreed with my opinions and some did not. Personally, I appreciate the fact that others have a different opinion than my own, since hearing their views helps me to expand my thinking about whatever issue is being discussed. However, there were some people who had absolutely to tolerance for any view except their own. And it was sad, too, because most of those people who were so bigoted in their thinking called themselves “liberals”. Liberals, they were not.
</p>
<p>
In 2021, it is clear that the free exchange of ideas is still being oppressed by these types of bigots. One of the platforms I was using was “Nextdoor”. For those unfamiliar with Nextdoor, they are a community-oriented site where people have discussions about things happening in their town or the neighborhood. I had not visited the site for a few days, but tonight when I went to log in I was greeted with this notice.
</p>
<img src="/people/paulej/blog/images/nextdoor.com.png" style="max-width: 600px; display: block; margin-left: auto; margin-right: auto" alt=""/>
<p>
I was being falsely accused of violating community guidelines, specifically in sharing “misinformation.” I had not been involved in any heated exchanges with people, but I was involved in discussions related to vaccinating children. There are some in my neighborhood who want to require all kids to get the new COVID-19 vaccine. I believe we should not force it on them until we know more about the effects. Is my opinion “misinformation”?
</p>
<p>
It might due to the references I used to support my position. On the CDC’s <a href="https://archive.ph/4PCcs">web site</a>, they show that children are not nearly as affected by COVID-19 as older adults. In fact, as of today they show the total number of deaths of children aged 0 to 17 at 499 people, whereas the same page shows that the number of children who have died from pneumonia is 1010. We also know, generally, who in that age group is most at risk, as the CDC has <a href="https://archive.ph/HWoCU">published that information</a>, too. The <a href="https://archive.ph/C7yT9">research</a> is pretty clear about it.
</p>
<p>
And my concern about vaccinating children is a concern shared by the Joint Committee on Vaccination and Immunisation in the UK. They <a href="https://archive.ph/xoUT4">wrote</a>:
</p>
<blockquote style="border-left: 4px solid #168620; background: #f2f2f2"><div style="border-left: 1em solid #f2f2f2; padding: 0.3em 0.5em 0.3em 0em;">For persons aged <18 years old who do not have underlying health conditions that put them at higher risk of severe COVID-19, there is more uncertainty in the precision of the harm-benefit balance when considering the impacts on children and young people themselves.</div></blockquote>
<p>
My concern is also shared by Pfizer, too. In a <a href="https://www.fda.gov/media/153409/download">document</a> published October 2021, they wrote the following:
</p>
<blockquote style="border-left: 4px solid #168620; background: #f2f2f2"><div style="border-left: 1em solid #f2f2f2; padding: 0.3em 0.5em 0.3em 0em;">The number of participants in the current clinical development program is too small to detect any potential risks of myocarditis associated with vaccination. Long-term safety of COVID-19 vaccine in participants 5 to <12 years of age will be studied in 5 post-authorization safety studies, including a 5-year follow-up study to evaluate long term sequelae of post-vaccination myocarditis/pericarditis.</div></blockquote>
<p>
In short, they need five years to determine whether it is safe for children.
</p>
<p>
My expression of caution is clearly shared by medical experts. Even so, the bigots who police Nextdoor falsely claimed that my opinion, with data points taken from the CDC and linked directly, is “misinformation”.
</p>
<p>
Well, this is one more social media platform I will not be using. It’s sad that our society is so full of intolerant, bigoted individuals. What’s worse, though, is that they lie. I did not publish “misinformation”. Apparently, though, I published information with which they did not agree.
</p>
<p>
How can we function as a society when conversions are shut down by intolerant, bigoted individuals like those at Nextdoor?
</p>
<p>
More importantly, how many deaths like <a href="https://openvaers.com/covid-data/covid-reports/1849514">this</a>, <a href="https://openvaers.com/covid-data/covid-reports/1890705">this</a>, <a href="https://twitter.com/TheChiefNerd/status/1455743667927502853">this</a>, <a href="https://www.rt.com/news/538953-south-korea-vaccinated-teenager-death/">this</a>, <a href="https://www.thecollegefix.com/northwestern-student-appears-to-have-died-from-heart-inflammation-linked-to-covid-vaccine/">this</a>, and <a href="https://www.abc4.com/coronavirus/teens-death-days-after-getting-covid-19-vaccine-under-investigation/">this</a> will there be among children due to vaccines the government claims are “safe”? Perhaps we will know once <a href="https://archive.ph/zoRXJ">research</a> is conducted on what is actually causing the adverse side-effects.
</p>
<p>
UPDATE 9/2022: A year later, the CDC is now sharing even more information about how to deal with the <a href="https://archive.ph/PlJZs">health issues that we observed in 2021</a>. Nextdoor still says I shared misinformation. I did not. Not only did they suppress information I provided from the CDC, but they also lied about me and still lie about me.
</p>
<p>
UPDATE 10/2022: It has now <a href="https://twitter.com/Rob_Roos/status/1579759795225198593">been made public</a> that Pfizer did not test to see if the vaccine stopped transmission.
</p>
Credit Cards Paying 2% Cash Backhttps://www.packetizer.com/people/paulej/blog/622021-09-06T20:49:57Z2021-09-06T20:49:57Z<p>
Talking about credit cards that pay 2% cash back has nothing at all to do with technology, but I just found it interesting that recently there are several cards on the market paying this amount. What prompted me to take notice was the fact that I got an invitation in the mail from PayPal for a credit card that pays 2% cash back. I knew PayPal had debit cards, but until I got that letter in the mail I was completely unaware that they even had a credit card. (It might have been advertised to me when I logged in, but I'm really fast at bypassing ads without reading them.)
</p>
<p>
As I looked around, I found several cards that pay 2% or more cash back on all transactions. I'll maintain this list for a while of those cards I find (or if you tell me) that pay 2% or more cash back. I do not want to list cards that use gimmicks like paying 5% in "top categories" or have "requirements" you have to satisfy periodically or limits on the cashback amount.
</p>
<p>
Here are the consumer credit cards I found that might be of interest (in alphabetical order):
</p>
<ul>
<li>Citibank - <a href="https://www.citi.com/credit-cards/citi-double-cash-credit-card">Double Cash Card</a> - 2%</li>
<li>First National Bank of Omaha - <a href="https://www.fnbo.com/personal-banking/credit-cards/evergreen/">Evergreen</a> - 2%</li>
<li>PayPal - <a href="https://www.paypal.com/us/webapps/mpp/credit-card/2-percent-cash-back-mastercard">Cashback Mastercard</a> - 2%</li>
<li>Wells Fargo - <a href="https://creditcards.wellsfargo.com/active-cash-credit-card/">Active Cash Card</a> - 2%</li>
</ul>
<p>
If you find more, send them my way and I'll put them on the list. Just don't email me cards that use gimmicks.
</p>
<p>
Also, while credit cards like the Amazon Prime card with its 5% back are great for Amazon customers, and the Apple card is great for Apple Pay users, I just want to list the general use cards that consistently pay 2% or more cash back.
</p>
Scott Adams' Financial Advicehttps://www.packetizer.com/people/paulej/blog/612020-12-27T21:02:42Z2020-12-27T21:02:42Z<p>
Today, I was listening to Scott Adams daily video blog. As the creator of <a href="https://dilbert.com/">Dilbert</a>, Scott Adams is well-known through that cartoon for highlighting the stupidity often found in the corporate world. In this video (<a href="https://rumble.com/vc7qbt-episode-1233-scott-adams-the-news-is-boring-so-ill-take-you-to-a-higher-lev.html">episode 1233</a>) he mentioned that he had outlined a list of financial advice and suggested we search for it. He said that he wanted to write a book about financial advice but gave up since it really boiled down to just these ten things and the rest of the “financial advice” industry is more-or-less a fraud.
</p>
<p>
Here is his list of recommendations:
</p>
<ul>
<li>Make a will</li>
<li>Pay off your credit card balance</li>
<li>Get term life insurance if you have a family to support</li>
<li>Fund your company 401(k) to the maximum</li>
<li>Fund your IRA to the maximum</li>
<li>Buy a house if you want to live in a house and can afford it</li>
<li>Put six months’ expenses in a money market account</li>
<li>Take whatever is left over and invest it 70% in a stock index fund and 30% in a bond fund through any discount brokerage company and never touch it until retirement</li>
<li>If any of this confuses you, or you have something special going on (retirement, college planning, tax issue), hire a fee-based financial planner, not one who charges you a percentage of your portfolio</li>
</ul>
<p>
I would make one suggested change. Buy a house once you find yourself in a fixed location. Regardless of whether you are renting or buying, you are paying for a place to live. If you are renting, though, you are essentially buying somebody else’s home or business.
</p>
How to Pronounce JSONhttps://www.packetizer.com/people/paulej/blog/602020-12-04T21:07:26Z2020-12-04T21:07:26Z<p>
Click on this link to learn how to pronounce <a href="https://www.youtube.com/watch?v=zhVdWQWKRqM">JSON</a>.
</p>
How to Pronounce GIFhttps://www.packetizer.com/people/paulej/blog/592020-12-04T21:06:33Z2020-12-04T21:06:33Z<p>
Click on this link to learn how to pronounce <a href="https://www.youtube.com/watch?v=DUmVvocbrgQ">GIF</a>.
</p>
Rise of New Technology Platformshttps://www.packetizer.com/people/paulej/blog/582020-11-08T22:15:07Z2020-11-08T22:15:07Z<p>
When new innovations come along, inevitably those innovations will be copied. It happens every time in every industry, so it is no surprise to see several new video platforms, social networking platforms, and messaging platforms get created in recent years. What is unfortunate, though, is that I think people are often unaware they exist.
</p>
<p>
Today, I received a message about "Rumble" being one of the top apps on the Apple app store. How could I not have heard of this platform and it be ranked so high? I know why: I usually have my head down working and I don't get so engaged in many of the new platforms that come along.
</p>
<p>
That said, there is something refreshing about seeing new platforms emerging and so I decided to spend a few minutes making a list of the new platforms I've discovered in recent months and years. If you know of one I should add to the following list, send me an email (ahem, yeah, I still use email mostly) or a message via Telegram (I'm relatively new to that platform).
</p>
<p>
<b>Video Platform</b>
</p>
<ul>
<li><a href="https://www.bitchute.com/">BitChute</a></li>
<li><a href="https://www.brighteon.com/">Brighteon</a></li>
<li><a href="https://www.dailymotion.com/">Daily Motion</a></li>
<li><a href="https://tv.gab.com/">Gab TV</a></li>
<li><a href="https://lbry.tv/">LBRY</a></li>
<li><a href="https://odysee.com/">Odysee</a></li>
<li><a href="https://rumble.com/">Rumble</a></li>
<li><a href="https://ugetube.com">UGETube</a></li>
<li><a href="https://vimeo.com/">Vimeo</a></li>
</ul>
<p>
<b>Social Media</b>
</p>
<ul>
<li><a href="https://gab.com/">Gab</a></li>
<li><a href="https://gettr.com/">Gettr</a></li>
<li><a href="https://joinmastodon.org/">Mastodon</a></li>
<li><a href="https://www.minds.com/">Minds</a></li>
<li><a href="https://www.parler.com/">Parler</a></li>
<li><a href="https://mewe.com/">WeMe</a></li>
</ul>
<p>
<b>Messaging</b>
</p>
<ul>
<li><a href="https://discord.com/">Discord</a></li>
<li><a href="https://signal.org/">Signal</a></li>
<li><a href="https://www.snapchat.com/">SnapChat</a></li>
<li><a href="https://telegram.org/">Telegram</a></li>
</ul>
<p>
<b>Live Streaming</b>
</p>
<ul>
<li><a href="https://dlive.tv/">DLive</a></li>
<li><a href="https://streamyard.com/">StreamYard</a></li>
</ul>
America, Stop Listening to the WHO and Much of What the CDC Sayshttps://www.packetizer.com/people/paulej/blog/572020-04-04T20:56:23Z2020-04-04T20:56:23Z<p>
When the new coronavirus (COVID-19) became known to me in early January, I took interest in it since I am married to a woman from China and have family there. My wife and I would talk about it daily. I was tracking the infection rate and getting tips on how to avoid it.
</p>
<p>
All the while, I was absolutely dumbfounded that the WHO was recommending people not wear masks. Even as late as March 31, 2020, CNN was reporting that the <a href="https://www.cnn.com/2020/03/30/world/coronavirus-who-masks-recommendation-trnd/index.html">"WHO stands by recommendation to not wear masks"</a>. That is absolutely stupid. The WHO was also reporting incorrect death rates. I was looking at the data China was publishing, and I kept seeing far higher death rates. Finally, the WHO <a href="https://www.cnbc.com/2020/03/03/who-says-coronavirus-death-rate-is-3point4percent-globally-higher-than-previously-thought.html">reported that the death rate was 3.4%</a>. That was a closer number, but still low. China was clearly tracking over 4% and some other countries are tracking even higher. Spain's death rate stands at over 9% as of this writing. The WHO simply cannot be trusted, so do not listen to them.
</p>
<p>
Yes, wear a mask! A mask isn't just to prevent you from spreading it to others. That seems to be the new claims from the US CDC, but even that’s misleading. It does help with that, but a mask also helps prevent getting it. The reality is that they are just concerned that you might buy the masks the medial teams need. In fact, they made that a bit clearer in a <a href="https://twitter.com/CDCgov/status/1246208619479261188">tweet</a>. The reality is that a surgical mask or an N95 mask is absolutely your best defense if you must be out in public, but any good mask is better than no mask. The best defense, of course, is to not be out in public.
</p>
<p>
I think everyone has heard many of the recommendations about washing your hands, keeping distance between yourself and others, cleaning anything that enters your home, etc. I have also heard claims that drinking hot liquids will help. I have no evidence to support the claim, but I have seen "fact checking" sites say it does not help. At this point, I do not trust any site that claims anything does or does not work. What I can tell you is that pretty much everyone in China is required to wear a mask in public and at work. Many businesses require employees to drink hot liquids before shifts start. It is either that or gargling hot salt water. Given China's success rate at combating this virus, I put more stock in the common practices there than I do in what "experts" are telling us in the west.
</p>
<p>
By all means, do not listen to people <a href="https://twitter.com/BilldeBlasio/status/1234648718714036229">like this</a>:
</p>
<img src="/people/paulej/blog/images/20190302_de_blasio_tweet.png" style="max-width: 600px; display: block; margin-left: auto; margin-right: auto" alt=""/>
<p>
The bottom line is this: if it makes sense, even if remotely helpful, do it. Help protect yourself and your loved ones.
</p>
Eric Ciaramella, Alleged Ukraine Whistleblowerhttps://www.packetizer.com/people/paulej/blog/562020-02-14T06:43:42Z2020-02-14T06:43:42Z<p>
Something is seriously wrong in America when a Senator mentions the name Eric Ciaramella, the alleged whistleblower who raised concerns with Adam Schiff that then led to the Impeachment of Donald Trump, and the video from his talk on the Senate floor is <a href="https://thehill.com/homenews/senate/482897-youtube-removes-video-of-rand-paul-reading-alleged-whistleblowers-name-on">removed by YouTube</a>.
</p>
<p>
Something is very, very wrong.
</p>
Preventing Windows 10 from Rebooting after Installing Updateshttps://www.packetizer.com/people/paulej/blog/552016-09-18T19:10:17Z2016-09-18T19:10:17Z<p>
Microsoft made the dumbest decisions I've ever seen with Windows 10 to simply download updates, install them, and then reboot your machine for you! I've lost work I was doing several times and finally decided to track down a solution.
</p>
<p>
Here is what seems to be working for me.
</p>
<p>
1) Run "gpedit.msc".<br/>
2) Under "Computer Configuration" -> "Administrative Templates" -> "Windows Components" -> "Windows Update"...<br/>
2a) Select "Configure Automatic Updates", select "enabled", select "3 = Download the updates automatically and notify when they are ready to be installed", uncheck "install during automatic maintenance". I also checked "install updates for other MS products", though I'm not sure if this has any effect.<br/>
2b) Under "No auto-restart when logged on users for scheduled automatic updates" select "Enabled".<br/>
3) Run "gpupdate /force".
</p>
<p>
This works for Windows 10 Pro. I believe that "Home" versions may not have the ability to manipulate policies, so you just have to live with the crap from Microsoft, I guess.
</p>
Dynadot Adds Support for DNSSEChttps://www.packetizer.com/people/paulej/blog/542013-11-25T03:27:10Z2013-11-25T03:27:10Z<p>
I posted a blog entry talking about <a href="/people/paulej/blog/35/">configuring DNSSEC</a>. When I wrote that blog entry, very few registrars actually supported DNSSEC. One of the registrars that I use (<a href="http://www.dynadot.com/">Dynadot</a>) did not. Today, though, they do! I was excited to discover that, though I never saw an announcement about it.
</p>
<p>
I did a little searching via Google and learned that there are actually several registrars that now support DNSSEC! Perhaps people are finally taking security a little more seriously.
</p>
<p>
I also found another <a href="http://pir.org/products/find-a-registrar/">list of registrars</a> that includes, among other things, a clear indicator as to whether the registrar supports DNSSEC or not. This might be useful when you are looking to register or transfer a domain name. For whatever reason, <a href="http://www.icann.org/en/news/in-focus/dnssec/deployment">ICANN's list</a> still does not show that Dynadot supports DNSSEC.
</p>
Using WebFinger to Simplify Bitcoin Paymentshttps://www.packetizer.com/people/paulej/blog/532013-09-28T20:24:15Z2013-09-28T20:24:15Z<p>
For a number of years, users of <a href=" http://bitcoin.org/">Bitcoin</a> have expressed a desire to use email addresses as a means of sending Bitcoin payments. The reason is that the typical bitcoin address looks like this: 17XoqvUCrf12H7Vc7c7uDxib8FDMXFx2p6. Trying to accurately convey that string of characters to somebody so they can enter it in manually is error prone. It's far simpler to request them to just send money to an address like paulej@packetizer.com.
</p>
<p>
Making bitcoin friendlier for the average person involves the use of <span style="border-bottom: 1px dashed #a1932b"><a href="https://www.techabulary.com/w/webfinger/">WebFinger</a></span>. WebFinger is a very light-weight protocol published by the IETF September 27, 2013 that allows one to map a URI (like an email-type address) to a set of other URIs. As a very simple example, this is a subset of what you get if you query my WebFinger server for paulej@packetizer.com:
</p>
<pre style="white-space: pre-wrap; color: #000080; background-color: #f2f2f2; border: #168620 solid 1px; padding: 0.5em 1em 0.5em 1em; font-family: Courier New, monospace; font-size: 8pt; text-align: left; line-height: normal;">
$ curl https://packetizer.com/.well-known/webfinger?resource=acct:paulej@packetizer.com
{
"subject" : "acct:paulej@packetizer.com",
"aliases" :
[
"h323:paulej@packetizer.com"
],
"properties" :
{
"http://packetizer.com/ns/name" : "Paul E. Jones",
"http://packetizer.com/ns/name#zh-CN" : "保罗‧琼斯",
"http://packetizer.com/ns/activated" : "2000-02-17T03:00:00Z"
},
"links" :
[
{
"rel" : "http://webfinger.net/rel/avatar",
"type" : "image/jpeg",
"href" : "http://www.packetizer.com/people/paulej/images/paulej.jpg"
},
{
"rel" : "http://webfinger.net/rel/profile-page",
"type" : "text/html",
"href" : "http://www.packetizer.com/people/paulej/"
},
{
"rel" : "http://packetizer.com/rel/blog",
"type" : "text/html",
"href" : "http://www.packetizer.com/people/paulej/blog/",
"titles" :
{
"en-us" : "Paul E. Jones' Blog"
}
},
{
"rel" : "http://schemas.google.com/g/2010#updates-from",
"type" : "application/atom+xml",
"href" : "http://www.packetizer.com/people/paulej/blog/blog.xml"
},
<span class="highlight"> {
"rel" : "http://bitcoin.org/rel/address",
"href" : "bitcoin:17XoqvUCrf12H7Vc7c7uDxib8FDMXFx2p6"
}</span>
]
}
</pre>
<p>
What you see in the output is a set of link relation types and links. The last one on the page is a bitcoin address. Bitcoin wallet software could issue a query to my WebFinger server and receive this address and use it. It’s that simple.
</p>
<p>
What's presently shown in my example is static, but it would not have to be. For example, if I used blockchain.info as my wallet, I might put something like this into WebFinger:
</p>
<pre style="white-space: pre-wrap; color: #000080; background-color: #f2f2f2; border: #168620 solid 1px; padding: 0.5em 1em 0.5em 1em; font-family: Courier New, monospace; font-size: 8pt; text-align: left; line-height: normal;">
{
"rel" : "http://bitcoin.org/rel/payments",
"href" : "bitcoin:17XoqvUCrf12H7Vc7c7uDxib8FDMXFx2p6?
request=https%3A%2F%2Fblockchain.info%2Fr%3Fid%3Dpaulej"
}
</pre>
<p>
Now, when the user enters my email address, they basically get back a <a href="https://bitcointalk.org/index.php?topic=300809.0">payment API</a> address. I would assume the subsequent query the wallet makes to blockchain.info would contain the actual PaymentRequest message as per <a href="https://en.bitcoin.it/wiki/BIP_0070">BIP70</a> (versus the static 17XoqvUCrf12H7Vc7c7uDxib8FDMXFx2p6).
</p>
<p>
To make things even simpler, we just do this:
</p>
<pre style="white-space: pre-wrap; color: #000080; background-color: #f2f2f2; border: #168620 solid 1px; padding: 0.5em 1em 0.5em 1em; font-family: Courier New, monospace; font-size: 8pt; text-align: left; line-height: normal;">
{
"rel" : "http://bitcoin.org/rel/payments",
"href" : "https://secure.packetizer.com/bitcoin_address/?account=paulej"
}
</pre>
<p>
Note that if you do a GET on that URI on my server as of this writing, you get get a bitcoin address. I have not actually implemented BIP70.
</p>
<p>
None of these procedures have been adopted by the Bitcoin community, yet, but it does highlight simple and secure ways of conveying addresses that are less prone to error and use the familiar e-mail address.
</p>
WebFinger Makes the Web Friendlierhttps://www.packetizer.com/people/paulej/blog/522013-09-16T04:13:24Z2013-09-16T04:13:24Z<p>
<span style="border-bottom: 1px dashed #a1932b"><a href="https://www.techabulary.com/w/webfinger/">WebFinger</a></span> is a new IETF protocol that allows one to discover information about people and entities on the Internet. It is a <span style="border-bottom: 1px dashed #a1932b"><a href="https://www.techabulary.com/r/rest/">RESTful</a></span> protocol that returns a <span style="border-bottom: 1px dashed #a1932b"><a href="https://www.techabulary.com/j/json/">JSON</a></span> object (referred to as a <span style="border-bottom: 1px dashed #a1932b"><a href="https://www.techabulary.com/j/jrd/">JRD</a></span>) containing a set of aliases, properties, and links related to a given URI.
</p>
<p>
WebFinger is not a protocol that scours the Internet looking for information about people. Rather, it is a protocol that enables a requesting entity to retrieve specific information that is publically and purposely shared via a WebFinger server. To give a concrete example, suppose you are a member of a social networking site, wherein you can post your profile picture, publish your contact information (e.g., address, phone number, and email address), and your name. The social networking site probably has privacy mechanisms so that you can mark that information to be shared with only certain people, groups of people, or publically. If the social networking site implements WebFinger, then any information marked as “public” might be available via a WebFinger query.
</p>
<p>
Now, you might be asking yourself why anyone would care about this. Well, imagine visiting a blog and entering your email address in order to post a comment. If you publish information via WebFinger, it would be possible for that other blog to retrieve that information. So, you would not have to publish a new picture of yourself or re-enter your name. The blog could retrieve it automatically for you, just using your email address. That’s very cool.
</p>
<p>
Now, while WebFinger can work with any URI, typically clients and servers utilize the <a href="http://tools.ietf.org/html/draft-ietf-appsawg-acct-uri">“acct”</a> URI (refers to a user’s account) to query for information about a person. For example, my email address is paulej@packetizer.com and my acct URI is acct:paulej@packetizer.com. A blog I might visit would issue a query to the WebFinger server at packetizer.com asking for information about “acct:paulej@packetizer.com”. The response would be the JSON document I described above.
</p>
<p>
Just to show a simplified example, this is what part of the response message might contain if the server were queried using the “curl” command.
</p>
<pre style="white-space: pre-wrap; color: #000080; background-color: #f2f2f2; border: #168620 solid 1px; padding: 0.5em 1em 0.5em 1em; font-family: Courier New, monospace; font-size: 8pt; text-align: left; line-height: normal;">
$ curl https://packetizer.com/.well-known/webfinger?resource=acct:paulej@packetizer.com
{
"subject" : "acct:paulej@packetizer.com",
"aliases" :
[
"h323:paulej@packetizer.com"
],
"properties" :
{
"http://packetizer.com/ns/name" : "Paul E. Jones",
"http://packetizer.com/ns/name#zh-CN" : "保罗‧琼斯",
"http://packetizer.com/ns/activated" : "2000-02-17T03:00:00Z"
},
"links" :
[
{
"rel" : "http://webfinger.net/rel/avatar",
"type" : "image/jpeg",
"href" : "http://www.packetizer.com/people/paulej/images/paulej.jpg"
},
{
"rel" : "http://webfinger.net/rel/profile-page",
"type" : "text/html",
"href" : "http://www.packetizer.com/people/paulej/"
},
{
"rel" : "http://packetizer.com/rel/blog",
"type" : "text/html",
"href" : "http://www.packetizer.com/people/paulej/blog/",
"titles" :
{
"en-us" : "Paul E. Jones' Blog"
}
},
{
"rel" : "http://schemas.google.com/g/2010#updates-from",
"type" : "application/atom+xml",
"href" : "http://www.packetizer.com/people/paulej/blog/blog.xml"
},
{
"rel" : "http://bitcoin.org/rel/address",
"href" : "bitcoin:17XoqvUCrf12H7Vc7c7uDxib8FDMXFx2p6"
}
]
}
</pre>
<p>
This document has a lot of useful information inside. For example, it provides my name, URLs to my picture, blog, RSS feed for my blog, and my Bitcoin address.
</p>
<p>
The last example is rather interesting. For those who are not familiar with <a href=" http://bitcoin.org/">Bitcoin</a>, it is a relatively new digital currency that is growing in popularity. One of the challenges from a user perspective with Bitcoin is sharing one’s bitcoin address reliably with people. A bitcoin “address” looks like that long string of characters following “bitcoin:” in the example above. Typing that when trying to send somebody money is prone to error. WebFinger makes it much simpler by “discovering” the address using the more familiar e-mail address. So, as Bitcoin software clients are updated to support WebFinger, one would just enter “paulej@packetizer.com” to send money, for example. The software would add the “acct” URI scheme on the front, send the query to the domain, and then look for the bitcoin address(es) returned in the JRD.
</p>
<p>
WebFinger is already utilized by standards like <a href="http://openid.net/connect/">OpenID Connect</a>, which allows one to log into remote web sites using their account URI. This greatly simplifies the login process and the need to fill out lots of repetitive information when creating new accounts or associating two accounts.
</p>
<p>
Of course, since WebFinger is still new, it’s quite possible that your service provider does not yet support it. The good news is that it’s very simple to implement and there are already several <a href="http://www.packetizer.com/webfinger/software.html">open source implementations</a> of client and server code.
</p>
Paranoia Leads to Excessive Use of Firewall Ruleshttps://www.packetizer.com/people/paulej/blog/512013-06-24T17:35:17Z2013-06-24T17:35:17Z<p>
All of us want to ensure our private information remains private and that data is not leaked onto the Internet. However, some IT departments simply go overboard in trying to secure information.
</p>
<p>
My wife recently worked for a company that would not allow any external communication by any employee without authorization from their management. Basically, without authorization there was absolutely no Internet access privileges at all. That’s certainly one way to control the leaking of information, though the same IT department had absolutely no means to prevent data from being copied to a flash drive. Thus, the policy must have been in place only to prevent leaking of information by “spyware” software that was unknowingly running behind the scene. That might have helped, but I doubt it. After all, there were many in the company with Internet access.
</p>
<p>
Her employer and many, many IT departments also practice something that absolutely makes little sense to me: blocking certain outbound ports. Sometimes, an IT department will block outbound UDP ports (all of them or ranges). Other IT departments will block nearly all outbound TCP ports. To what end? Is the intent to try to prevent leaking information to the Internet? If so, that is a pretty pointless exercise, if the IT department leaves port 443 (HTTPS) open. One could copy a company’s entire collection of data files right out through port 443. Further, software designed to steal information will exploit any potential hole. Whether there is a single port open or 65,535 ports open, it makes no difference. One is all that is needed.
</p>
<p>
Is the reason for blocking certain outbound ports to prevent employees from using certain software programs? If so, why? Is there truly a business reason to prevent use of certain applications, or is the practice just to demonstrate a certain level of control over employees “because we can”?
</p>
<p>
Since few reasons make little sense to me, I’ve come to conclusion that the practice of blocking outbound ports on a firewall is really something done out of paranoia. There appears to be a widespread fear of the unknown when it comes to the Internet. An expert in networking and hacking can get anything through a firewall if even one port is open, so blocking a bunch of ports if a futile exercise. What blocking ports does is create more frustration for end users and more work for IT departments as they try to figure out what ports to open for applications users want to use. What it really does not do is provide any real security, which is the claimed objective.
</p>
Backing Up Files to Amazon S3 Using Pughttps://www.packetizer.com/people/paulej/blog/502013-05-26T22:37:16Z2013-05-26T22:37:16Z<p>
Like many other people, I have a need to do routine backups of my data. And like many others, I have to concern myself with not just my own files but, but everyone’s files on the network. Backing up data can be a mind-numbingly boring chore after a while, only made worse by the fact that I really have better things to do than to deal with backing up data frequently.
</p>
<p>
Years ago, I used to back up data to magnetic tape. Yeah, that was a long time ago, but it helps put things into perspective. I’ve had to deal with this problem far too long. I graduated with time from magnetic tape to other external storage devices, most recently being USB drives.
</p>
<p>
I tried a variety of techniques to backing up data, including full data backups to incremental backups. Incremental backups are so nice to perform, since they require far less time. However, if you have ever had to restore from an incremental backup, you know how painful that can be. You have to restore the main backup and then each individual backup. And it’s only made worse when what you need to restore is just one user’s files or a single file.
</p>
<p>
There is also the hassle of dealing with physical backup devices. You cannot simply store those on site, because they are subject to damage by fire, water sprinklers, etc. So periodically, I would take drives to the bank for storage in a safe deposit box. That just added to the pain of doing backups.
</p>
<p>
What I wanted was a backup solution that met these requirements:
</p>
<ul>
<li>I wanted a fully automated solution where I didn't have to be bothered with physical storage devices, storing physical drives in a bank vault, etc.</li>
<li>Once put in place, I wanted a solution that "just worked" and was fault tolerant</li>
<li>I wanted a solution that was secure</li>
<li>I wanted a solution that would work incrementally, storing only new or changed files each day (or even each minute)</li>
<li>I wanted a means of storing multiple versions of files, any one of which I could retrieve fairly easily</li>
<li>I wanted a solution that would not waste space by storing the same file multiple times (which is a problem when multiple users have the same copy of the same file)</li>
<li>I wanted a solution that would preserve locally deleted files for whatever period of time I specify (i.e., if a user deletes a file, I want to be able to recover it)</li>
<li>I wanted a solution that would allow me to recover any version of a file for some period of time</li>
<li>I wanted a solution that I could rely on even in the face of a natural disaster</li>
</ul>
<p>
Fortunately, cloud storage options came along, which had the potential for meeting many of the above requirements. Perhaps most popular among those cloud storage options is <a href="http://aws.amazon.com/s3/">Amazon S3</a>. Equally important, Amazon S3’s pricing is fairly reasonable. If one has 100GB of data to store, for example, the cost of storage is US$9.50 per month today. Amazon also has a very good track record of reducing the price of cloud storage as they find ways to reduce those costs, making it even more attractive.
</p>
<img src="/people/paulej/blog/images/pug_concept.png" style="max-width: 600px; display: block; margin-left: auto; margin-right: auto" alt=""/>
<p>
The challenge I had was finding the right software.
</p>
<p>
I found several packages that would synchronize an entire directory with S3, but that did not meet many of my requirements. For example, if a user accidentally changed a file and then then the sync took place, the original file was lost forever. Likewise, I would not want an accidentally deleted file to be removed from cloud storage.
</p>
<p>
I also found tools that would create full backups and store those in the cloud. However, that approach is extremely costly in terms of storage and bandwidth. I also found some that worked incrementally, wherein one large backup is made and then only changes were made. The problem with that is that restoring the files meant that downloading the main backup file and then every single incremental backup. That’s painful even doing a full restore, but horribly painful when trying to restore just a single file.
</p>
<p>
So not finding a tool that really met my needs, I decided to write my own. The result is a backup program I call <a href="http://pug.packetizer.com/">Pug</a>. Pug replicates new and changed files to the cloud as they are discovered and deletes files from the cloud when they are deleted from local storage. Importantly, controls are given to the administrator to allow any number of versions of files to be maintained in cloud storage and to maintain deleted files for whatever period of time one wishes. Thus, I can maintain a complete history of all files stored in local storage and retrieve any single one of them.
</p>
<p>
In practice, I do not keep all versions of all files. While Pug will allow that, I keep at most 14 revisions of files. And if a file is deleted, I will keep the deleted file around for 90 days. These are just my configured policies, but you get the idea. Pug takes care of everything automatically. The intent is to have a flexible solution that will work in many enterprise environments.
</p>
<p>
Pug also meets my other requirements in that it never uploads the same file twice, regardless if there are 100 copies on the network. Before uploading to Amazon S3, it compresses files using <a href="http://www.gzip.org/">gzip</a> and then encrypts them using <a href="http://www.aescrypt.com/">AES Crypt</a>. This provides for bandwidth efficiency and security. (Note: do make sure you keep AES Crypt key files well-protected and stored somewhere other than Amazon S3 in plain view!)
</p>
<p>
I have been using Pug for a while and I’m quite pleased with the results. I no longer have to deal with routine backups to physical devices, the system automatically scans all locations (local file system files and files on NAS devices) looking for files to upload or delete, and, of course, the data is securely maintained off-site.
</p>
US Government Trying to Kill Mt. Gox?https://www.packetizer.com/people/paulej/blog/492013-05-16T20:25:01Z2013-05-16T20:25:01Z<p>
Sensationalism at its best, I think. Here's an <a href="http://cdn.arstechnica.net/wp-content/uploads/2013/05/Mt-Gox-Dwolla-Warrant-5-14-13.pdf">affidavit filed by the US government</a> in a move to seize all of the US-based assets of Mt. Gox, the largest Bitcoin exchange in the world.
</p>
<p>
Here's are the facts:
</p>
<ul>
<li>Mt. Gox is a Japanese company owned by Mark Karpeles (and perhaps others)</li>
<li>Mr. Karpeles opened a company in the US that is, as I understand, a wholly-owned subsidiary of Mt. Gox called Mutum Sigillum, LLC</li>
<li>Mutum Sigillum, LLC opened a bank account at Wells Fargo, stating it was not a money-transmitting business</li>
<li>One can use Dwolla (US company) to put funds into your Mt. Gox account, and the money goes from Dwolla to the Mutum Sigillum LLC</li>
<li>Mutum Sigillum LLC credits your account at Mt. Gox, transferring money between its account in Japan (held at Sumitomo Mitsui Bank) and its account in the US (held at Wells Fargo)</li>
</ul>
<p>
So, the US government decided that Mutum Sigillum LLC is a "money transmitter". But where was the money transmitted to? It was transmitted to that person's account at Mt. Gox. This is effectively more-or-less the same notion of wiring money from your bank account in the US to your bank account in Hong Kong, I suppose. Is this a money transmitter? The definition is this:
</p>
<blockquote style="border-left: 4px solid #168620; background: #f2f2f2"><div style="border-left: 1em solid #f2f2f2; padding: 0.3em 0.5em 0.3em 0em;">The term "money transmitting business" means any business other than the United States Postal Service which provides check cashing, currency exchange, or money transmitting or remittance services, or issues or redeems money orders, travelers' checks, and other similar instruments or any other person who engages as a business in the transmission of funds, including any person who engages as a business in an informal money transfer system or any network of people who engage as a business in facilitating the transfer of money domestically or internationally outside of the conventional financial institutions system (Source: 31 USC § 5330(d)(1))</div></blockquote>
<p>
It sounds like the company might be transmitting money, since it is sending money from a customer's account in one place to the customer's account in a different place. The US is trying to argue the company does currency conversion, but Mutum Sigillum LLC does not — only Mt Gox does that, which is the company based in Japan. So that part of the complaint from the US is nonsense. But, they are still "transmitting money", perhaps. The issue I have with this is that they are not transmitting money to other people. They are merely moving it from one account that YOU own to another account YOU own. So, transmitted where? To yourself.
</p>
<p>
So perhaps it still qualifies as a money transmitter. But, then again, who actually transferred the customer's money to Mutum Sigillum LLC? Dwolla did. They have a money transmitter license, I guess. Mutum Sigillum LLC just transferred its OWN money to their OWN account in another country. How was this transmitted? They used Wells Fargo, which is either also a money transmitter or exempt as per the end of that definition, since they are a "conventional financial institution". (You have to love how big banks are given a break here.) So, who transmitted the money? The bank did.
</p>
<p>
So, Dwolla, the bank, and Mutum Sigillum LLC are ALL money transmitters? I can appreciate the first two being classified as such, since they move money from one entity to another entity. Mutum Sigillum LLC does not do that: they transferred funds to themselves: the beneficiary they list on their wire transfers is themselves. Further, Mutum Sigillum LLC used established money transmitters to transfer money: nothing is hidden or secretive in the transaction.
</p>
<p>
I'm having a tough time seeing how the government is in the right here. It looks to me like they just do not like Bitcoins, feel they are a threat, and are looking for every opportunity to kill it for whatever reason.
</p>
<p>
What about Dwolla? Are they a money transmitter? In their terms of service, they say, "You also understand that we are not acting as a fiduciary, trustee, money transmitter, or providing any type of escrow service with respect to your funds, but only acting as the receiver’s agent." So, they declare they are not. And they might be able to make the argument since there is a credit union behind them actually performing money transfers. (Like Mutum Sigillum LLC.) So, it's OK for Dwolla to not have a license, but Mutum does need one?
</p>
<p>
And one does have to ask: if the company is not in compliance with the law, rather than taking all of the money — which includes customer funds! — why did they not first notify them of a compliance requirement? The heavy-handed action makes it damned hard for any startup to build a business. After all, there was certainly no criminal intent here. They just want to allow people to buy and sell Bitcoins.
</p>
<p>
This leads me back to one argument: the government just does not like Bitcoins.
</p>
Microsoft Will Remain the Leader in the Computing Industryhttps://www.packetizer.com/people/paulej/blog/482013-04-02T23:19:07Z2013-04-02T23:19:07Z<p>
Reading my most recent post about <a href="http://www.packetizer.com/people/paulej/blog/47">Microsoft and their insane product activation procedures</a>, one might surmise that I don’t like Microsoft products very much or loathe the company. Actually, I rather like Microsoft products and held the opinion for years that Microsoft did more to progress personal computing industry than any other firm out there. While all companies operate for the purpose of making a profit and Microsoft is no exception, the company truly produced some of the best software products on the market.
</p>
<p>
Consider Microsoft Office as one example. Hands down, it is the best productivity suite on the market. Yes, I’ve tried competitive products. There are some good alternatives out there, but they pale in comparison to Office. Some of competitive commercial products are really good (e.g., Corel’s office suite) and LibreOffice, which is a free open source product, is also pretty good. However, they all fall short when it comes to matching features of Microsoft Office. More importantly, none of them do a perfect job at rendering documents created in Microsoft Office. Perhaps it is not fair to judge a product based on how well it reproduces a Microsoft Office document, but that is really a very important consideration for any potential replacement for Office. I recall many years ago when I made the move from WordPerfect to Word for Windows. Microsoft did a pretty good job at converting documents, but it was not perfect. Many who were heavily invested in WordPerfect simply could not make the move, but WordPerfect really dropped the ball by being so late to move to the Windows platform. They more-or-less opened the door to Microsoft. At the same time, Lotus and Borland were in a spat over the look and feel of a spreadsheet program and, being so engaged in a pointless debate, they did not see Microsoft come in strong with a very good product for Windows, taking the spreadsheet business away from both of them. In the end, Microsoft was king of the productivity suites and they have not stopped innovating. They continually improve the core productivity tools and have introduced great new products like OneNote.
</p>
<p>
However, Microsoft did drop the ball in a few areas. These days, I use Google’s Chrome browser because Microsoft failed to keep the innovation engine running with Internet Explorer. Internet Explorer 6 lived way too long and Microsoft essentially handed the business to Chrome and Firefox. That matters, because many of the more recent innovations in computing have been in the browser area. The browser is helping Google, for example, wrestle some control of the productivity space away from Microsoft by offering free browser-based productivity tools that, while not perfect, are free, “good enough”, and accessible from the browser.
</p>
<p>
Microsoft absolutely and completely dropped the ball in the mobile computing area. They dropped the ball so hard that it created a crater around the Redmond campus several feet deep. The first abysmal failure was the failure to make substantial updates to Windows Mobile. Those who developed applications for Windows Mobile know how horrible the Windows CE development environment was. However, it wasn’t just the operating system itself. End users do not care so much about the operating system. Rather, they care what they can do with it. Microsoft delivered a fairly crippled platform with Windows Mobile. This gave Apple the opportunity to come into the market and show how to do it right. And they did. The iPhone was an awesome piece of technology at the time.
</p>
<p>
The second major failing in the mobile computing space was Microsoft’s extremely slow move to get into the tablet computing market. That was most unfortunate, too, since Microsoft had been a leader in showing off what could be done in the tablet computing space. They just never seemed to get any products into production. Perhaps the issue was that they were so hung up on maintaining full compatibility with the legacy Windows desktop software.
</p>
<p>
Things are different today, though. Microsoft has learned a valuable lesson. Maintaining compatibility with all of the legacy applications is not important to consumers. What is important is providing a platform that consumers like. With the right platform, application developers will develop for that platform. As examples, we have the iPad and Android tablets. Apple and Google have stolen the tablet computing market and it is refreshing to be able to use such thin, light-weight computing platforms to do the less-serious tasks.
</p>
<p>
Microsoft did wake up, though, and introduced two new mobile computing platforms: Windows 8 and Windows RT. Microsoft has received a lot of flak over Windows RT, but I actually think it was a good move. In fact, I would argue that Microsoft should not even have a traditional desktop mode on the tablet devices. The only reason it would be there is to allow legacy applications to run. However, that is only important in the short-term. If the desktop mode was not offered on tablets, application developers would develop to the APIs available on Windows RT and the applications would likely be more natural to the touch interface on the tablets.
</p>
<p>
In its rush to get into the tablet market, Microsoft screwed up the desktop. Windows 8 is a horrible desktop operating system. Yes, there are some improvements in efficiency, but I don’t need the start screen. I don’t want to scroll through a bunch of icons. I don’t want the screen flipping from “desktop mode” to the Start Screen to that screen one uses to find applications. It is really messy. People who buy Windows to run on the desktop want a desktop. People who buy tablets want a tablet. The two environments are different and should stay different. Unless Microsoft fixes this mess with Windows 9, then I fear Microsoft will risk driving even more of its users to Mac or Linux. Yes, I said Linux. If you’ve not taken a good look at operating systems like Ubuntu or Linux Mint, you should. Those systems provide a lot of functionality and can run Windows applications, either through tools like Wine or VirtualBox.
</p>
<p>
These days, I use a Nexus 7 as my tablet device. It’s really a perfect size for a lot of the more casual things I want to do. There is only one thing I would prefer more than a Nexus 7 and that would be a Windows RT device that is about the same size and had an RT version of Microsoft Office built in. If it came in with a comparable price tag, the Windows RT tablet would definitely win.
</p>
<p>
There is a lot of speculation in the market these days about Microsoft’s market strategy and many paint some very gloomy pictures for the company. I’m actually very upbeat about Microsoft’s future in the computing space. Yes, personal computer sales are down, but they are not dead. Contrary to some calling this the “post PC era”, I would argue the PC is here to stay. I cannot do my job on a tablet and I know very few who can. Further, I would not want to do my job on a tablet. It’s painful, to say the least. It is simply the wrong tool for doing a job. However, I can appreciate why many consumers are buying tablets and not buying PCs. One reason is that some do not really use their computer to do real work, anyway: it’s a glorified web browser. Another reason is that consumers have a PC and are buying tablets to augment those PCs. The latter class of consumers will likely upgrade when there is a compelling reason. Windows 8, unfortunately, is not a compelling reason. Further, Windows 8 is horrible for the enterprises that depend on desktop applications to get real work done.
</p>
<p>
I do not know what Microsoft has in store, but contrary to what many are suggesting, I think Microsoft should kill the Windows 8 Pro tablet and focus only on Windows RT. That model has proven to work with both iPad and Android tablets. Application developers can build great Windows applications on Windows RT. At the very least, get rid of the desktop mode on the tablet. At the same time, Microsoft needs to do something with Windows 9 so that it is once again a usable desktop operating system for those who use a PC either at home or at work.
</p>
<p>
I want a tablet to do things I would do on a tablet. I want a desktop operating system to do things I do on a desktop machine. The two do not have to be precisely the same platform, but what I would want is to have Microsoft Office on both. That is the one piece of software that Microsoft holds in its hands that can make it stand out above all competitors. And I don’t think I’m alone here. I suspect that Microsoft could probably “own the market” on both the desktop and tablet, but their current offerings in both are a bit lacking. However, I’m positive they will get this sorted out.
</p>
Microsoft Product Activation Suckshttps://www.packetizer.com/people/paulej/blog/472013-03-26T05:03:28Z2013-03-26T05:03:28Z<p>
Today for no sane reason, Microsoft Office on my PC decided that it was not activated, even though it has been installed and activated on my machine for well over a year. It opened a window and told me I had 28 days to activate it. So, what’s wrong? I tried to re-enter the activation key and Office would tell me that my key was not valid.
</p>
<p>
This became a very long process. I’m going to detail everything below, but I don’t blame you for wanting to skip the details. It’s pretty dry reading. The bottom line is that Microsoft’s product activation crap screwed up and, due to no fault of my own, cost me several hours. I counted at least 4 hours of wasted time. That did not include writing this up, but this just helps me feel better. :-)
</p>
<p>
I went through various steps in the troubleshooting page that the product activation window directed me to on Microsoft’s web site. Everything seemed to check out fine and I finally get to a page that says “Microsoft Customer Service may be able to help” and I was presented with a phone number. I call the phone number and select the “business customer” option. I get to a lady who asks if I have a support contract. I’m sure my company does, but I don’t know what it is. She said that it would cost over $500 to provide support to me! My gosh! Seriously!?! I told her the nature of the problem and she went ahead and tried to help me out. She never asked for credit card information, though. I trust that was a free call. I’m still beside myself that a single support call would cost more than the product itself!
</p>
<p>
She asked me for the product key, the serial number on my physical disc, etc. She verified everything and said it all appeared valid and she then said she will transfer the call to the product activation team for further assistance. She said that is who I should have called in the first place. Well, I would agree, but I have no idea why Microsoft’s troubleshooting guide related to product activation would lead me to customer service.
</p>
<p>
I then get transferred to some fellow named Raul. He asked for some number that I had never heard of before. I asked what number he was referring to and he just countered my question with “You are trying to activate Office 2010, right?” I said yes and he then made the same request for some number. I again told him I have no idea what number he’s referring to, so he said he was going to transfer me to customer support. “But, I was just there and they transferred me to you!”, I told him. I asked why I should be transferred to customer support when the issue is product activation. He put me on hold for a moment and the next thing I know I am transferred to customer support, but this time they tell me that the customer support is closed. Nice.
</p>
<p>
So, I called back. The lady I spoke to in customer service before gave me the direct number (+1 866 432 3012). I spoke to a fellow there and we went through the motions again. Finally, he said he needed to transfer me to customer support. I told him that customer support was closed already, but he insisted and asked me to stay on the line. I did, but then the line dropped. I’m not sure if he accidentally dropped the line or hung up on purpose. After being tossed around like a volleyball, I do have to wonder.
</p>
<p>
There’s apparently a problem somewhere and I don’t think he can resolve it. He did confirm that my product key was valid, but for whatever reason, Office 2010 is telling me otherwise.
</p>
<p>
It was late at night. I went to bed.
</p>
<p>
The next day, I called Microsoft’s activation number. Again, they ask me two times to read the product activation key and they tell me that it validates. Now, just in case you are not aware, those product activation keys are very long alphanumeric sequences. To say that I’m tired of repeating this number is an understatement. After verifying that it validates, I was transferred to customer support. I was also provided with a direct number to customer support (+1 800 936 5700) and a case was opened for support (case # 1201074501). The wait time is 33 minutes, but fortunately there is an option to allow Microsoft to call me back.
</p>
<p>
In the meantime, I was curious as to whether communication was really happening between my PC and Microsoft’s activation servers. Oddly, I could not see any. I used Wireshark to try to watch traffic between my PC and Microsoft. I saw IP packets going to several places that I could identify, but none going to Microsoft. So, is Office even communicating with Microsoft’s servers? I disabled the network interfaces on my laptop and got the same results. Office isn’t even talking to Microsoft!
</p>
<p>
I got a call back from Microsoft. The support person said they need to reinstall Office 2010. Why!?!? How did it break? I didn’t break it. Nothing new has been installed, except for the updates that come down from Microsoft. So, did Microsoft break Office in some Windows update? In any case, I could not wait on an update, because I had a meeting to attend.
</p>
<p>
The Microsoft representative called me back after the meeting and uninstalled Office and re-installed it. Interestingly, he said he had to use a new activation key. He blamed the activation server for something, but it was not clear to me as to what the issue was. All I know is that he used a new key, but interestingly he used the old installation binary. So, I’m wondering why the re-install was even needed. If he had to change keys for some external reason, then I don’t understand the need to re-install the software.
</p>
<p>
He also applied a number of Windows registry changes, change the user account control settings to be insanely generous, changed permissions in the temp directory, and modified my preferred folder view settings. I asked him to change the folder permissions back, but I still had to go change the other things myself and double-check settings. I then had to re-download a bunch of patches via the Windows Update.
</p>
<p>
Next up, a bunch of applications got screwed up somehow. From what I can tell, some important files in the c:\windows\installer directory were deleted in the process. Damn! How many hours of my day am I obliged to waste because of this crap? I’ve wasted several already and it looks like I’m going to have to re-install a bunch of applications.
</p>
PDF Creation, Editing, and Viewinghttps://www.packetizer.com/people/paulej/blog/462013-03-19T01:20:00Z2013-03-19T01:20:00Z<p>
It seems that with each passing year, the value of PDF is increasing. It is the common document format that allows one to perfectly view a document on a wide variety of computing platforms, from PCs and Macs to tablets and mobile phones. In recent years, though, Adobe Reader has been plagued with issues. Actually, I’ve been fortunate enough to have never encountered those issues, but Adobe sends out updates from time-to-time wherein they patch some security vulnerability. So, there are definitely issues.
</p>
<p>
Adobe’s most recent update to their Windows version of Reader did present me with a problem, though: I could not open two PDF documents at the same time. It did not matter what I did, it was impossible to open a second document.
</p>
<p>
So, I went looking for an alternative PDF viewer for my PC. I decided to give <a href="http://www.foxitsoftware.com/">Foxit</a> a try. I had heard about Foxit a few years ago, but did not really know how well it compared to Adobe. I was impressed right away. It seemed to load quickly, render quickly, scroll quickly, and I could not find a document that presented rendering issues. (Yeah, that is the one ugly truth about PDF. It’s universally available, but largely because Adobe Reader is universally available. In my experience, other software does not always consistently render PDF documents properly.)
</p>
<p>
I’ve been using Foxit every day now for a few weeks. It’s a really great PDF viewer. So far, I have not found a single instance where it failed to properly render a PDF document.
</p>
Microsoft Office 2013: Licensing from Hellhttps://www.packetizer.com/people/paulej/blog/452013-03-05T01:05:45Z2013-03-05T01:05:45Z<p>
I upgrade to the latest version of Microsoft Office every time a new version is released. While some feel that Office has more features than anyone needs, I spend much of my time working in Office and have always appreciated the new enhancements and features that came with each new Office release.
</p>
<p>
Unfortunately, Office 2013 brings with it such insane licensing agreements that I cannot buy it. I do not have any reasonable options. There are basically four options I could consider, but each one presents a roadblock.
</p>
<p>
<b>Option 1 – Office 2013 Professional</b>
</p>
<p>
This is more-or-less the same product I have purchased from Microsoft with every product update. In the past, I could install that on my primary desktop and I could install it on my laptop. I could use it for work-related activities or personal stuff. If I bought a new machine, I could uninstall it from my old machine and install it on my new machine. The Office 2013 Professional license agreement forbids that. It says that the software is licensed for a single computer and that “you may not transfer the software to another computer or user.” You are not allowed to install a second copy on a laptop, either. Honestly, I don’t care about the desktop and laptop installs. However, I do buy new computers from time-to-time and if I buy a new one, I don’t want to be in a situation where I cannot install Office. And, that’s exactly what it says. I cannot do that. Just imagine spending $400 on new software tomorrow and the next day your computer breaks. You’re out of luck. You lose your computer and your $400 for Office.
</p>
<p>
<b>Option 2 – Office 365 Home Premium</b>
</p>
<p>
This is Microsoft’s new subscription service. You basically get everything in the $400 Office Professional version, except it’s a subscription service. With the service, you get updates at no charge as long as you maintain the subscription. The cost is $100/year, which is a reasonable price as compared to the Office Professional 2013. Further, you have the right to install and use Office on up to 5 different computers. You can even use it on Mac or Windows. Boy, for those looking for an opportunity to escape Windows for a Mac, this is the ticket.
</p>
<p>
Unfortunately, this option has a major problem: it’s licensed for home use only. You are not allowed, per the license agreement, to use it for business. It states that Home Premium is for home use. So, if I use this for business? It is rather explicit about saying it is for “Home” and “Non-Commercial Use”. So, what if I author a document for work using it? Apparently, that’s not acceptable. My wife owns a business where she needs to use Office about 10% of the time, whereas the other 90% is personal. Well, that’s not permitted, either. Both of those activities would be classifies as commercial use. So, Option #2 is out.
</p>
<p>
<b> Option 3 – Office 365 Small Business Premium</b>
</p>
<p>
This option allows one to buy Office for use in business. Oh, but this one is explicitly listed as a product for business use only. I assume that is the case, because <a href=" http://office.microsoft.com/en-us/products/office-frequently-asked-questions-FX102926087.aspx">this page</a> says “for business use” under the “Which Office products are available for home and business?” drop-down. Further, if you try to sign up, it wants your business name and email. But, I don’t want something exclusively for business. This is sometimes used at home and sometimes I use it for work. So, this one is out.
</p>
<p>
<b>Option 4 – Office Home & Business 2013</b>
</p>
<p>
This one is like Office 2013 Professional, except it is missing Publisher. I want Publisher! So, I buy this and don’t get Publisher? I guess so, but it has a lower price, too. I guess I could buy Publisher separately. The problem is that, like Office 2013 Professional, it is tied to a single computer. You spend the $220 they are asking for the product, but have the risk that if the computer dies, your $220 goes out the window. No thanks.
</p>
<p>
<b>Conclusion</b>
</p>
<p>
Microsoft has successfully created a licensing scheme that is so messed up that I have no upgrade path. Congratulations, Microsoft. I’ll keep using Office 2010, as I have no viable, legal alternative. In the meantime, I’ll have to invest a little time evaluating alternatives. There is Kingsoft, WordPerfect, and LibreOffice. Others?
</p>
<img src="/people/paulej/blog/images/office_2013_restrictions.png" style="max-width: 600px; display: block; margin-left: auto; margin-right: auto" alt=""/>
<p>
<b>UPDATE:</b> It appears that Microsoft heard this complaint from too many customers, as they have made a sane step toward licensing. It is now permissible to <a href="http://news.cnet.com/8301-10805_3-57572795-75/office-2013-licenses-can-now-be-transferred-to-another-pc/">transfer purchased copies of Office from one machine to another</a>, if you wish.
</p>
Resetting Directory and File Masks on Synology NAShttps://www.packetizer.com/people/paulej/blog/442012-12-09T08:36:43Z2012-12-09T08:36:43Z<p>
If you have a Synology NAS and you mount those file systems on Linux, you see something horrible. Synology always sets the directory and file creation masks to 0777, so all files and directories are readable and writable by everybody else on the Linux machine. It works fine on Windows since access to files is controlled by the Samba software.
</p>
<p>
If you're like me, though, you want a little more control. This Perl script, when run on a Synology NAS server running DSM 4.1, will add the desired config lines to the smb.conf file. Put is over in /usr/local/bin/modify_samba_config (make sure root can execute this program).
</p>
<p>
<b>NOTE:</b>DSM 5 and DSM 6 changes a few things. See the notes at the bottom.
</p>
<pre style="white-space: pre-wrap; color: #000080; background-color: #f2f2f2; border: #168620 solid 1px; padding: 0.5em 1em 0.5em 1em; font-family: Courier New, monospace; font-size: 8pt; text-align: left; line-height: normal;">
#!/usr/bin/perl
#
# Modify the smb.conf file on the Synology disk station
#
# Location of the smb.conf and temp files
$smb_file = "/usr/syno/etc/smb.conf";
$tmp_file = "/tmp/mod_smb_cfg.$$";
# Below are the names of the shares and to the right
# are the config lines to introduce
%share_config =
(
'archive' => [
"directory mask = 0755",
"create mask = 0644"
],
'music' => [
"directory mask = 0755",
"create mask = 0644"
],
'pictures' => [
"directory mask = 0755",
"create mask = 0644"
],
'public' => [
"directory mask = 0775",
"create mask = 0664"
]
);
#
# SameOption
#
# This function will check to see if the option names are the same
#
sub SameOption
{
my (@options) = @_;
my ($i);
if ($#options != 1)
{
return 0;
}
# Normalize values
for ($i=0; $i<=1; $i++)
{
$options[$i] =~ s/=.*//; # Remove everything after =
$options[$i] =~ s/^\s+//; # Remove all leading whitespace
$options[$i] =~ s/\s$//; # Remove all trailing whitespace
1 while $options[$i] =~ s/ / /g; # Remove excess spaces
}
if (($options[0] eq $options[1]) && (length($options[0]) > 0))
{
return 1;
}
else
{
return 0;
}
}
#
# MAIN
#
# The following is the main logic of the program
#
# Read the old config, make changes, writing to a temp file
open(SMBFILE, "< $smb_file") || exit;
open(TMPFILE, "> $tmp_file") || exit;
while(<SMBFILE>)
{
# We will assume the current line will be printed
$print_line = 1;
# This logic will remove lines from the existing config that are
# added via the $share_config array
if ((!/^\[/) && (length($section_name) > 0))
{
$tline = $_;
chomp($tline);
foreach $line ( @{ $share_config{"$section_name"} } )
{
# Is the current config option in our
if (SameOption($tline, $line))
{
$print_line = 0;
last;
}
}
}
if ($print_line)
{
print TMPFILE;
}
next unless /^\[/;
# Add configuration lines as specified in "share_config"
chomp($section_name = $_);
$section_name =~ s/^\[//;
$section_name =~ s/\].*//;
foreach $line ( @{ $share_config{"$section_name"} } )
{
print TMPFILE "\t$line\n";
}
}
close(SMBFILE);
close(TMPFILE);
# Read the temp file in and replace the original config file
open(TMPFILE, "< $tmp_file") || exit;
open(SMBFILE, "> $smb_file") || exit;
while(<TMPFILE>)
{
print SMBFILE;
}
close(TMPFILE);
close(SMBFILE);
# Get rid of the temp file
unlink($tmp_file);
</pre>
<p>
You can modify the config lines, adding or removing whatever you wish. The "keys" in that hash (e.g., "archive" and "private") are the names of the Samba shares created on your Synology box. You'll need to assign those appropriately. You can have different additions per "share" to customize whatever you wish. (Note that if Synology already has a config line like what you introduce, your config line might be ignored. I've not tested what happens if there are two conflicting config lines.)
</p>
<p>
Now, you want this script to run before Samba starts. I tried adding it to rc.local, but the synology box loads services like Samba in the background, so there is a risk of a race condition and things not working right.
</p>
<p>
What I decided to do was create a "service" that the Synology box calls before it starts Samba, but after it has re-built the config (which it does every time the machine boots). I created a script in /usr/syno/etc/rc.d/S80alt_samba_config.sh. The Samba service is S80samba.sh, so this script will get called first (alphabetical sorting).
</p>
<pre style="white-space: pre-wrap; color: #000080; background-color: #f2f2f2; border: #168620 solid 1px; padding: 0.5em 1em 0.5em 1em; font-family: Courier New, monospace; font-size: 8pt; text-align: left; line-height: normal;">
#!/bin/sh
if [ $# -eq 0 ]; then
action=status
else
action=$1
fi
# dispatch actions
case $action in
start)
/usr/local/bin/modify_samba_config
;;
*)
# Do nothing with any other command
;;
esac
</pre>
<p>
That's it! Now, if you reboot the NAS server, you should get the permissions in Samba as you wanted.
</p>
<p>
<b>DISCLAIMER:</b> This is not a technique you should try if you're not familiar with Linux system administration. I cannot help you if you break your NAS server. Carefully review the code and test it before using it.
</p>
<p>
<b>UPDATE:</b> It appears that each time you install an update of the DSM software, the /usr/syno/etc/rc.d directory gets replaced. So, you'll have to put the "80alt_samba_config.sh" script back on place each time. The /usr/local/bin/ directory appears to remain untouched.
</p>
<p>
<b>UPDATE:</b> With DSM 5, I think it was, the name of the rc.d script had to change to S02smbfix.sh in order to run at the proper time.
</p>
<p>
<b>UPDATE:</b> With DSM 6, Synology moved things around. The smb.conf file is now in /etc/samba/. So, the line that says '$smb_file = "/usr/syno/etc/smb.conf";' needs to change to '$smb_file = "/etc/samba/smb.conf";'. Also, the rc.d directory changed. It appears that placing the script "S02smbfix.sh" into /usr/local/etc/rc.d will work.
</p>
Intel's Next Unit of Computinghttps://www.packetizer.com/people/paulej/blog/432012-12-02T23:02:27Z2012-12-02T23:02:27Z<img src="/people/paulej/blog/images/intel-nuc-dc3217iye.jpg" style="max-width: 600px; display: block; margin-left: auto; margin-right: auto" alt=""/>
<p>
Intel released a really cool new device called the Next Unit of Computing. It's a small 4x4x2" box that packs the power of an Intel Core i3 processor. It has three USB ports, two HDMI ports, a gigabit Ethernet port, and consumes very little power as compared to normal a desktop machine.
</p>
<p>
It's designed to be mounted right on the back of a display using the supplied VESA mounting bracket, turning any display device into a computer.
</p>
<p>
It was not made for the technically challenged, though. At the same time, one does not have to be a hardware expert, either. It is sold as a kit, and one has to buy the memory and storage separately. While that was expected, what was not expected is the fact that the kit is shipped without a power cord to go from the power brick to the wall. I had to make a run to the local CompUSA to get one of those.
</p>
<p>
It uses an mSATA drive for storage and can hold up to 16GB of DDR3 RAM.
</p>
<p>
I purchased a 128GB mSATA drive and 4GB of RAM for mine. Total cost was about $440 for the NUC, storage, RAM, and power cord.
</p>
<p>
I've only had it running a few hours, but this thing is awesome. I installed Linux on it and replaced one of my aging Linux machines. I use Linux machines in my house to provide various network services, including DHCP, TFTP, and DNS, and use the devices when writing software on Linux, including <a href="http://www.aescrypt.com/">AES Crypt</a>. These devices also handle storage functions for me, allowing me to back up data to <a href="http://aws.amazon.com/s3/">Amazon S3</a>.
</p>
<p>
I don't have a monitor or keyboard connected to the box. It's just a tiny little box connected to the network that I access via SSH that serves a useful purpose for me and my family.
</p>
<p>
Another great feature with this device is that it consumes far less power than the desktop it is replacing. The desktop I was using was not a monster machine: just a low-end Dell Dimension. Even so, I could tell from the display on my UPS that the box consumes far less power.
</p>
<p>
So, I save space in the house, the machine runs way faster (since it's solid date vs. traditional hard drives), and save energy. What's not to like? Very cool box.
</p>
Frustrating Customer Service Agent at AT&Thttps://www.packetizer.com/people/paulej/blog/422012-12-01T01:16:20Z2012-12-01T01:16:20Z<p>
On October 8, 2012 I went to my local AT&T store to get a prepaid SIM card. I just needed an extra phone for about 4 months with just voice service. The representative at the store suggested that I just add a line to my current monthly plan, since I'd probably save money that way. He said he'll waive the activation fee and the contract period for the new line. So, rather than paying for $25/mo for the prepaid card, I could pay just $10/mo using my existing plan (plus taxes, 911 fees, etc.) In all, I could probably save 50% that way. He made a kind offer to do that, but likely because I've been a customer of AT&T a long time.
</p>
<p>
He printed out the service summary sheet and marked through the things that were waived. You can see that below.
</p>
<img src="/people/paulej/blog/images/2012-10-08_att.jpg" style="max-width: 600px; display: block; margin-left: auto; margin-right: auto" alt=""/>
<p>
Though this was the agreement we had, I was charged the activation fee on my bill this past month. Oh, well. Mistakes happen, right? So, I called AT&T to get it corrected.
</p>
<p>
The lady was absolutely horrible. I don't think she necessarily believed me, speaking down to me as if I was a peasant. She really had a condescending tone to her voice. She told me, "We'll waive the fee this one time, but we'll put a note on your account and if you add another line, we will not waive the fee again." So, now she's is doing me a favor? Or was this a threat? I can't tell which. Between the tone of voice, suggestion she's doing me a favor "this one time", and the threat that AT&T will never extend an offer to waive an activation fee again, I got mad.
</p>
<p>
Sometimes, I really, really hate AT&T. Working in the communications business, I have a number of friends who work for AT&T and I've worked with their engineers on projects. The company has many good people, but representatives like this battle ax are what frustrate customers and drive them elsewhere.
</p>