Archive for May, 2006

D-Link DSM-G600, a device that almost worked right

At the recommendation of a close friend who knows I’m a gadget black hole, I went out and bought a D-Link DSM-G600 wireless NAS enclosure.

D-Link DSM-G600 NAS Enclosure

This device seemed to be the perfect replacement for my Ministack v2 enclosures (I have 4 of these). The D-Link was an enclosure that had seemingly fixed the flaws I found in my Ministack units. Larger fan, more space around the drive, 2 USB 2.0 ports, an onboard webserver, ftp server, email alerts, GigE, and.. wireless!

My hopes were soon crushed, once I started poking at the actual enclosure. Sigh.

The enclosure does indeed have a lot of room in it, which helps with the cooling. The internal cabling left quite a bit to be desired, especially the flat ribbon cable. I had to bend it at a weird angle to fiit it across the top of the drive.

Now, on to the major quirks:

  1. Whatever drive you put in it, regardless of whether or not the drive has data on it, must immediately be formatted to ext3. Yes, that’s right.. you can’t put a drive with data in this enclosure, if you intend on keeping the data on the drive.
  2. No filesystems supported except ext3. This means no support for extended journal options (such as data=ordered) and no other filesystems supported. No XFS, no JFS, no FAT/FAT32, no NTFS… nothing except ext3. If you format your drive to another filesystem and put it back into this enclosure, you will be forced to format it as ext3 again anyway.
  3. Broken networking. D-Link saw to it that the IP that you assign in the static IP section of the setup.. is the same physical IP that is used for both LAN and WAN ports. How nice. This also means that every other packet sent to the device, is a “DUP!” packet. It might explain the horrible performance of the device when sending data.
  4. No web interface over wireless. Once you configure the device and enable wireless, you can no longer tweak or reconfigure the device over wireless. You MUST use the LAN connection to configure the device once wireless is turned on.

There are at least two separate security issues affecting the GoAhead-Webs webserver that powers this interface. I didn’t have time to validate these myself, since I’m not keeping the device, but I’ll bet others who have these devices will be vulnerable to them. Ugh.

After about 5 hard resets to get it to properly finish formatting the drive, and then trying to configure the crazy, misconfigured networking options with their web interface, I was ready to map the drive through Windows and then with Linux, using ‘mount -t smbfs’ and the standard options.

On to the second major problem: the speed. This thing is SOOOO slow when sending data to it. Reading data seemed to be fine, but writing data to it was, at best, 180k/sec.

The web interface is among the ugliest I’ve ever seen. With 30 minutes of work, it could be really amazing, including adding in some majikal AJAX fu. That’s not really important, but the interface is completely disorganized. Options that should be grouped together, aren’t. Sub-options that should be in separate places, aren’t.

Apparently Rev A of this enclosure is XScale-based, larger RAM, larger flash capacity, Atheros wireless, and some other things. The Rev B (which is the only one BestBuy sells, unfortunately) is PowerPC-based, less ram, less flash, and not very hackable.

There is a group of people who are interested in hacking on this box on the OpenWRT forums, but they’re focusing their efforts on the Rev A. model, not the Rev B. which I happened to have. D-Link has posted the sources to the GPL versions used in the box, but I don’t have my toolchain set up, so I can’t go building a custom firmware for it. Another long thread on this box is over here, and it seems like people want it to do fun things, but the development seems stalled/dead.

Here’s the list of things I’d suggest D-Link focus their efforts on, to make this device work properly:

  1. Fix the broken networking configuration. You should never bind the same IP to two physically separate interfaces, ever!
  2. Clean up that web interface, its a mess. Group logical options together, and make it flow cleanly.
  3. Optimize the Samba config, and use the latest release of Samba. The default config used on this device is CLEARLY affecting the horrible write speed of the device. I have several Samba servers running on Linux and FreeBSD here, and I regularly get 2-3M/sec. transfers over wireless to these machines. Whatever D-Link is doing, is less than 5% of that speed.
  4. Update that kernel to 2.6. and add some optimized kernel options at boot time (scheduler=deadline, panic=30, etc.)
  5. Work on a better internal cabling system. Look at the Ministack v2 internal cabling for a perfect example of how to do right-angle bends with an IDE signal cable.
  6. Make the front power-on button into a proper power-off button as well. It turns the device on, but the only way to turn it off, is to unplug it. Not smart. Its not even ATX compliant, so holding the button down for 7+ seconds doesn’t reset it or power it off either.
  7. Overall, I’d give this 2 stars out of 5, if I had a rating system. Its going back to BestBuy for a credit.

    Its another “Not Quite There Yet” device, but it has the potential to be.. with a bit more hacking.

Happy Geeks are Productive Geeks

How NOT to Lead GeeksI was pointed to a blog entry called “How NOT to Lead Geeks“, and I found several items very interesting and eerily familiar:

The main reason IT people are unhappy at work is bad relations with management, often because geeks and managers have fundamentally different personalities, professional backgrounds and ambitions.

In my IT career, I’ve almost always played the role of Geek+Manager, or Manager+Geek, depending on which part consumes the larger percent of my time. I’ve played on both sides of this table, locking horns with Management about the wrong way to lead their technical staff, as well as trying to “herd cats”; as a Technical-Manager-of-Geeks.

In my OSS world, I also have to lead and manage and guide geeks, many of which I will only ever know through email. Not knowing your team personally has a distinct impact on your ability to build trust and confidence. The rules change quite a bit.

I recommend every Manager work with a team of people he will never meet in person, and hone his skills there, to be a truly successful manager with the team of people he does work with in-person.

Here’s the Top 10 from “How NOT to Lead Geeks“:

  1. Downplay training
  2. Give no recognition
  3. Plan too much overtime
  4. Use management-speak
  5. Try to be smarter than the geeks
  6. Act inconsistent
  7. Ignore the geeks
  8. Make decisions without consulting them
  9. Don’t give them tools
  10. Forget that geeks are creative workers

Of these, #2 and #9 are the ones where 99.999% of all “Managers” fail. Almost every manager fails here because they believe they are there to “manage” people, “tell” their staff what to do, and they expect those things to get done.

WRONG!

A manager has one job description: Give his team all of the tools necessary to do their jobs (i.e. meet their goals, as agreed to by the entire team), and then step out of the way.

When political pressure threatens to affect the progress of that team (geeks or otherwise), the “manager” is expected to step in the way and deflect it. At no point should a team have to deal with anything political to get their jobs done.

These tools can be physical tools (applications, access to systems), communications tools (introductions to the right edge teams to minimize overlap), or social tools (meet-n-greet with other members, build camaraderie, offsites to let off steam, training..).

Many managers believe their “subordinates” (they already building walls by using that term) are supposed to do “what they are told”, and not complain or cause waves. It ends up building a situation based on office posturing and finger-pointing when things slip or don’t get done on time. To cover the situation, good people get fired or laid off. When you see this happening, it is always because of bad management, not bad technical people.

Rarely do you see the Geeks survive the pink-slipping, while managers get to keep their jobs… the same jobs they’re doing poorly time and time again.

If your technical team is performing poorly, you need to look at a few key items. All of these items point back to the competence of the manager, not the team itself:

  1. Did you hire the right people with appropriate skills to achieve success? You were responsible for hiring and selecting the team. If they lack the skills, you chose poorly.
  2. Do they have all of the tools and training necessary to do the jobs being asked of them? Did you provide access to the right systems, people, training for your team to grow and complete their goals?
  3. Are the deadlines and goals realistic? Is everyone in agreement with the goals? Did you consult with the team to find out what their opinion was? Did you listen to their opinions and comments objectively?
  4. Are you (the manager) in the right place in the team? Not too close to smother or micro-manage the team, and not so far away that you lose sight of the progress on goals.

Another good point in this blog was:

Geeks usually know the technical side of the business better than the manager, so making a technical decision without consulting them is the biggest mistake a leader can make.

I have seen one major company implode based solely on this exact problem. We went from 250 people down to less than 30 people in 2 years, and rotated through 4 CEOs and 5 rounds of layoffs in that time. Hundreds of amazingly-qualified, brilliant technical people were laid off in wave after wave. Why? Because they were never asked if what the company was doing, was the right thing to do.

The “Managers” (and I use that term loosely here) at this company were agreeing to do work for clients that was simply impossible to do, under even more impossible deadlines. If the geeks were consulted, the projects would have been realistic, on-time, and completed to profit. That never happened, so who had to go? Not the manager of course: The geeks. Very sad to see hundreds of talented colleagues laid off time and time again.

In my experience managing and being managed by dozens of managers in my IT career as I moved up and around the corporate landscape, I have only had 1 manager that did exactly this, and in 2 years, everyone under this manager received a promotion every year, because of the rapid success and accomplishments. I was on my way to my third promotion in just as many years, when I decided to resign and work for the company above, that fell on its face.

But I strive to be exactly the style of manager that I had when I was at my best. High-volume, low-stress, clearcut and productive with every task and project.

I should also add that I’ve never been fired or laid off from any job I’ve had, both as Geek or Manager, and I don’t intend to. I make my points heard, even if it means risking my job. In every case, my voice has either saved the team, project or company with realistic objectives.

Who Writes the Rights

Slashdot Ball CapI saw this comment on Slashdot today, and I had to re-post it here, because it really captures exactly what I’ve been thinking for the last two decades or so, watching this mess go by in our society and administration and environment:

Rights are not granted to us by the government.
We grant rights to the government.

Any attempt to reverse this will, in effect, start a bloodbath that I would be happy to participate in to preserve what is rightfully ours. Even if some of those rights are things I do not agree with. They are ours and ours alone.

The government is merely a keeper for its citizens, soon to be or otherwise protected by natural inalienable human rights and its sole obligation is for our collective protection and benefit for the long and short term.

Amen my Slashdot brother, amen.

UPDATE: I’ve been hearing dozens and dozens of comments and corrections from this one entry, one in particular which clarified that we grant “limited powers” to the government, not “rights”.

Seems quite a few people take this issue very seriously. Keep the comments and inertia going, everyone.

A Good Idea vs. an Invention

Tags:

After watching most of the episodes of American Inventor on ABC, and having my wife tell me several times that I should have been on that show, I’ve found myself pondering the reality of that.

I’ve easily “invented” hundreds of things over the years in my life to make life easier, solve silly engineering problems in other products, and in general just “fixed that which is broken” by coming up with a better solution.

But are these “good ideas” or are they “inventions”. Wikipedia defines invention as:

…an object, process, or technique which displays an element of novelty. An invention may sometimes be based on earlier breakthroughs, collaborations or ideas, and the process of invention requires at least the awareness that an existing concept or method can be modified or transformed into a new invention…

Can I be an inventor? Are the things I’ve “invented” to solve problems in my life and the lives of others really “inventions”? Are they “good ideas”? Sure, they’re both. I’ve come up with many things that eventually came out on the market on their own, years before they were released. Could I have captured the market and made some money on these inventions? Absolutely. (Of course, I firmly object to patents, but that’s another matter entirely =)

Last night, Janusz Liberkowski won the first American Inventor award with his “spherical safety seat“, a means to safe the lives of infants involved in automobile accidents. Doug Hall was his mentor on this task, and throughout the competition, it seemed clear that he had the most novel of all of the inventions there.

Janusz Liberkowski

I really did think Francisco Patino (original ABC Inventor Profile page archived here) was going to take the win last night, based purely on the potential market dollars for his invention. The bicycle market is a $2B industry, its massive. He received the lowest number of votes. I found that surprising.

Francisco Patino

I also thought that Ed Hall‘s WordAce game was a great invention. It too had a large market. When you look at these three inventions, WordAce really has the biggest amount of potential penetration. Kids of all genders, races and ages can use it, even those who are too old for a car seat or those who can’t even ride a bike (handicapped?). Adults could use it, schools could use it as a learning and teaching aid. It had extrmely broad appeal. Add some additional functionality like “language modules”, “learning packs” and such and you could really extend it far. Make it networked, and play with users remotely across the Internet. Lots of potential for this kind of product. He’ll have to come up with a new name though, because “WordAce” is used in quite a few places that I can find, and is most-certainly trademarked by someone.

But Janusz’s invention, though extremely limited in scope and market, seemed to be the winner for everyone who called in and voted. Was it his empathetic appeal to everyone else that won the calling audience over? Was it the invention itself? Was it his commercial? I don’t know, but he did win… and its only fair to congratulate him on his invention.

Are these entrepreneurs? I’d argue that out of all of them, Francisco showed the most entrepreneurial spirit and heart, determination, and drive.

Now things are going to get really interesting… time to plan for my own appearance on American Inventor for next season.

Fighting Crime from the Sofa

surveillance cameraLook Ma, no privacy!. It looks like the public is slowly being groomed to accept more and more invasion of their privacy at an even greater scale than before. London is piloting a program that will allow their public to sit at home, watching television, to tune into the more than 400 closed circuit cameras around town, 24×7, to watch their citizens for crime.

What does this REALLY do?

Well, for one.. it makes it easier to anonymously report your neighbors for their crimes (remember ThoughtCrime?), and it also makes it MUCH easier for predators, pedophiles and other miscreants to zoom in on their prey, watch their habits, monitor their behaviors, and stalk them.

Nice.

Combine this with Apple’s All-Seeing Monitor, and you have a full 360-° solution to watching the people, and watching the watchers. Record all of this data (storage is cheap these days), and begin putting together profiles of everyone’s behaviors, by keeping them in their homes during great television shows, keep them outside during work hours, and so on.

Hey, this could all be a great experiment on how to control the human conscious, by filling it with all kinds of subconscious bombardment. At the same time, we slowly erode their civil liberties, burn the Constitution off in the corner, and begin to turn our world into a complete totalitarian state.

Here’s a note to the current administration thinking this is somehow a good idea:

George Orwell’s book 1984 was meant to be a warning, not a script! – David A. Desrosiers, 2005

This reminds me of David Brin’s “Transparent Society” (on amazon here), a non-fiction work wherein he forecasts the erosion of privacy, as it is overtaken by low-cost surveillance, communication and database technology.

Brin argues that true privacy will be lost in the “transparent society”; however, we have the choice between one that offers the illusion of privacy by restricting the power of surveillance to authorities, or one that destroys that illusion by offering everyone access (including the ability to watch the watchers).

There’s another great article in the Arizona Republic online edition, that describes all of the various ways in which our privacy is being eroded every day. Here are some of those examples:

  • Cameras eye you while you drive, bank, shop, eat and sometimes even when you stray into your neighbor’s yard.
  • Your boss could be monitoring your computer-usage habits, maybe reading your private e-mails. Even the bathroom may not be safe from snoopers.
  • Stores keep track of your shopping habits, sometimes sharing the fact that you prefer Crest over Colgate with marketers.
  • Applying for a mortgage lays open the full details of your financial, employment and residential history.

This quote really stands out in this piece:

“Former Phoenix Police Chief Harold Hurtt, who now heads the Houston Police Department, suggested recently that crime-fighting in Houston could be enhanced with surveillance cameras in apartment complexes, on downtown streets and in private homes.”

“I know a lot of people are concerned about ‘Big Brother,’ ” Hurtt told reporters at a briefing in Houston, “but my response to that is if you are not doing anything wrong, why should you worry about it?”

Perhaps Harold, because it violates the Constitution? Read your 4th Amendment recently? Just because you think you CAN stick cameras in every corner, doesn’t mean you’re legally allowed to.

And for that matter, why not just stick my own cameras on my own house, pointed in every corner of the street, driveway, street corners, and put those videos online for others to see. Its all public information, right?

These people seriously need a wake-up call.

4th Amendment v. National Security Agency

I was just pointed to an interesting MSNBC video snippet where DCI nominee General Michael V. Hayden, who implemented and defended the NSA warrantless wiretap program, refuses to admit that the 4th amendment of the US Constitution requires probable cause for search. The video is quite funny:

“If there’s any amendment to the Constitution that employees of the National Security Agency know very well, its the 4th Amendment.”

Would that be because you’re openly violating it at every chance you can get, Mike?

Michael Hayden from the NSA

Which leads me to this other interesting article (not sure if this is true or not, but Google has quite a few references to it): “GOP leaders told Bush that his hardcore push to renew the more onerous provisions of the act could further alienate conservatives still mad at the President from his botched attempt to nominate White House Counsel Harriet Miers to the Supreme Court.

“I don’t give a goddamn,” Bush retorted. “I’m the President and the Commander-in-Chief. Do it my way.”

“Mr. President,” one aide in the meeting said. “There is a valid case that the provisions in this law undermine the Constitution.”

“Stop throwing the Constitution in my face,” Bush screamed back. “It’s just a goddamned piece of paper!”

Nice. I’ve recently changed my email signature to the following:

“Erosion of civil liberties… is a threat to national security.”

The previous one was just as succinct:

“Do you think the government has no business wire tapping anyone?” No, I think the government has no business wire tapping EVERYONE.

Wired has an eye-opening article on how the NSA is now rising above the legal arm of the Department of Justice, basically telling them to pound sand with regard to their illegal spying activities. In short, the NSA has denied clearance to the DOJ, in an effort to investigate the Bush administrations illegal use of wiretaps. This was also covered in some detail by this article on CNN.

I hate to have to remind the corrupt, totalitarian administration currently in power… but we’re INNOCENT until proven guilty. You seem to believe that somehow we have to prove we’re innocent, while you assume we’re guilty by default. I’m sorry, no. Go back to the caves from whence you came, because that is not how this country is run.

There are a LOT more of us than you, and we’re a LOT more motivated and angry than you can ever be. People are beginning to rise up, you’re artificial reign is over.

You think these paltry laws will stay on the books to continue to twist these citizens to your will? No. Your time is at an end.

Firefox Tricked Out (and firewalled ports)

Tags:

I’ve been a long-time Mozilla user. I love the interface, I love the fonting, I love the extensions, and in general, it loaded and ran faster than Firefox.

Firefox Logo

But I’ve now switched over to Firefox for all of my browsing. I have a ton of extensions loaded in it to make it useful for my day’s work (which is to say, my most-used tool, next to email and gcc).

Here’s a list of the extensions I’m currently using in my Firefox build (you can see how I have it tricked out with all of my theming and extensions over here):

  • Sage, a really slick and fast rss aggregator/reader for Firefox. It docks on the sidebar and is visible with a simple Alt-S keystroke. Very nice, and easy for me to catch up on some quick headlines when I need to.
  • AdBlock Plus with the AdBlock Filterset G Updater to stop the flood of useless ads from coming at me. I did have to add one small rule for Google’s ads, because I do actually like the recommendations they provide from time to time, and it helps out sites I visit with a little revenue. That regex looks like this:
    @@*.googlesyndication.com/*
  • Web Developer, a very useful and slick toolbar/menu driven suite that allows me to do all kinds of things to websites I’m viewing, including validation, showing where their css classes are, manipulating forms, cookies, images, and dozens of other features. Hands-down, the most-useful extension I have as a developer/tweaker of web content.
  • PrefBar, another powerful extension I use every single day. This one allows me to change the capabilities of my browser with a simple click of a checkbox. Want Java enabled? Click. Sick of popups? Click. I have Colors, Images, Javascript, Java, Flash, Popups, Proxies, Pipelining, Referers, Cache on my bar. Its completely customizable, and very well-done.
  • SwitchProxy lets me manage and switch between multiple proxy configurations quickly and easily. I can also use it as an anonymizer to protect my system from prying eyes. I have Squid, Squid + Privoxy, Privoxy + Tor and i2p enabled in my configuration at the moment. Quick and easy, and one status-bar dropdown lets me change from one to another.
  • FasterFox gives me a little boost by auto-configuring some parameters for faster browsing, such as link prefetching, pipelining, DNS cache, paint delay, and others.
  • ForecastFox, weather.. in my status bar. I’ve changed the icons a bit with a separate icon pack called Lansing, which is nice adn small and out of the way. Minimal is the way to go on my toolbars and status bars.
  • Linky lets me open or download all or selected links in a page, image links and even web addresses found in the text in separate or different tabs or windows. A simple right-click on any link or web address, and away I go.
  • Google PageRank Status gives me a quick overview of the PR of a site in the current view. This is useful as I do a lot of web work, and knowing what kind of sites get a decent or poor PR is useful information.
  • SearchStatus is another SEO toolbar for Firefox, which I use quite a bit. With this extension, I can see a site’s Google PageRank, Google Category, Alexa popularity ranking, Alexa incoming links, Alexa related links and backward links from Google, Yahoo! and MSN, and others. Beautiful and easy. It sits quietly in the status bar and out of the way until I need it.
  • FireBug is another great web developer extension, which shows me exactly how pages are failing when they error out. I can step into the code via the DOM, and see exactly what went wrong. OTHER pages of course, my pages never have troubles…
  • Google Advanced Operations Toolbar uncovers the often-cryptic syntax that Google uses to search in more detail to find information. Need to know how to use the ‘site:’ syntax? Just use this toolbar and it’ll do it all for you. Quick, easy, simple.
  • DownThemAll! is a downloader for Firefox. With this, I can right-click a page of links, and specify by a wildcard or any of the preloaded templates, which links on the page I want to download. Want to download all of the Linux 2.6 kernels matching a specific version? This can do it in one click. Very well-done, slick, and useful when you want to download a lot of links from one particular page.
  • TamperData gives me the power to monkey with the form data being received or sent to servers. Want to malform that POST request? TamperData can do it. Need to send more parameters in with that form submission? This extension can do it. You can trace and time http responses and requests, validate your web applications against security issues by stuffing garbage into POSTs, and more.
  • RankQuest SEO Toolbar, yet another SEO tool I use quite a bit. This one gives me access to over 25 different SEO tools to check, test, and qualify websites against their SEO health.
  • HyperWords is probably the second-slickest extension I have. I can highlight any word or series of words on a page, and a menu will pop up allowing me to search major search engines for those words, or look them up on dictionary and reference sites, Wikipedia, stock exchange, IMDB and dozens of others. I can blog about the highlighted words, map them, translate them, and a truckload of other options. AMAZING extension.
  • Free eBook Search lets me search the highlighted text for ebooks on Free eBook Zone. I can search using the Book Title, ISBN (10 Digit), Description, Book Author and even the ebook backward link.
  • CacheView gives me the power to see a site’s cached copy through Google’s(tm) Cache, Coral Distribution Network‘s Cache, Wayback Machine‘s Cache, Dot Cache, and Tech Guru’s Cache of the current tab open via right-click.
  • Live HTTPHeaders shows me the actual headers being passed in every request of a page or content. Want to make sure those headers in your web application are showing accurate data? This will do that for you.

These are the extensions I use every day, in my browser. Without them, I’d be spending a LOT more time hunting down links, sites, creating Javascriptlets, and lots of other tools. You can see what the whole extension list looks like in this screenshot.

As I mentioned, I tend to use Firefox with a lot of proxies (Squid, Tor, Privoxy, i2p and others). This generally means poking at non-standard ports. Until recently, this hasn’t been a problem for me..

But today, I noticed I can’t get to “non-standard” ports under 1024 anymore, with the current 1.5.0.3 version of Firefox.

To see this in action, point Firefox to http://www.example.com:72 and see what you get. In my case, I see:

This address is restricted
This address uses a network port which is normally used for purposes other than Web browsing. Firefox has canceled the request for your protection.

But there’s a way around it! Mozilla has Port Blocking enabled by default.

To enable some ports in Firefox, simply do the following in your user.js file

user_pref(“network.security.ports.banned.override”, “72,73,74”);

To disable ports, use this construct:

user_pref(“network.security.ports.banned”, “81,90”);

For an easier way, type ‘about:config‘ in your browser’s URL field, and you will see all of the tunable settings that Firefox has to offer.

Within these settings, you can create value that will allow or disallow these ports. Follow these steps:

  1. In the list of values provided, right-click any line and choose “New -> String”
  2. A dialog box will pop up asking for the name. Type ‘network.security.ports.banned.override’ into this box and hit enter to save the value. Do not include the single-quotes when you add this name.
  3. A second box will pop up. Type each port number you need to use, separated by commas, into this box, for example ‘72,73’ (again, do not include the single quotes)
  4. Click on “Ok” to confirm and save these values.

Now you should be able to access these ports on the servers that require them.

Perhaps this little “feature” is there to protect Windows users from being exploited by malware or phishing attacks, but it certainly got in the way of my daily use of Firefox when I realized it.

Bad Behavior has blocked 885 access attempts in the last 7 days.