Technology – Page 28 – Scott Gruby's Blog

May 11, 2009May 11, 2009

EeePC

Several weeks ago, I received an ASUS EeePC 901. I’ve been looking at them for awhile now and finally had an opportunity to play with one. The first thing that happened when I first pulled it out of the box was I cut myself on the box! It was one of those corrugated cardboard boxes that kind of looked like a picket fence. After that unpleasant experience, I was excited to power it up. I was easily able to get it on my WiFi network and began surfing away.

So far, it is performing well. I’m using it to read the morning paper (sometimes) as we now only get our paper on the weekends. It’s a bit sluggish at times, but otherwise it works well. I’ve managed to get a Cisco VPN client working on it as well as a Windows RDC client. I did have some hiccups as I applied all the ASUS updates (I got the Linux version) and effectively ran out of space as it is partitioned with a small system partition. I reinstalled several times just to get things setup the way I wanted; reinstalling was easy because everything is in firmware for reformatting the box.

Are netbooks the wave of the future? They have a ton of potential as more and more services are being moved to the “cloud”. Would I like to see Mac based netbook? Absolutely! I wouldn’t have said that a few years back as I like having just one machine. However, with most of my work being web based these days, my mind has changed. Will Apple do it? I don’t know; I can’t see huge profit margins in a very inexpensive device.

April 9, 2009April 9, 2009

What to do without the Internet?

I put my son down to bed and came downstairs to check on the Software Update Server I setup at work (I’ll have some hints on this when I get a chance), only to find that my computer wouldn’t connect to the Internet. I restarted and had the same problem. I went over to the cable modem, saw the blinking lights, restarted it, flipped on the TV to see snow and dialed the cable company (I memorized their phone number years ago when problems were quite frequent). The tech I spoke to asked me to restart my cable modem, I told him it was pointless as I had no cable TV, but he insisted. So, I just said, OK, walked into the other room, grabbed my computer, my cellular modem, and walked back into the TV room. The tech asked me to plug the cable modem back in, so I said, OK and went about my business of writing this post. Of course, I didn’t bother to do what he said because I had no TV picture, so obviously I wasn’t going to have a working cable modem! I love calling tech support and having people read from scripts.

Crossing my fingers that they figure this out before the cows come home. It isn’t a problem on my end. Uggh.

March 26, 2009April 21, 2009

Fighting SSL and winning

I’m in the process of setting up a Zimbra server for work and as part of it, I’m documenting configuration for all types of machines and devices we use. One of the devices is a Palm OS Treo (755p in particular). I’ve done a bit of research and found that the Palm OS Treos don’t work properly with wildcard SSL certificates. So, I got my boss to approve a GoDaddy single domain certificate for $30; I assured him that this was needed for the Treos and he didn’t have a problem with that.

What I failed to read was that they also don’t work properly with GoDaddy certificates. These devices only recognize an old standard while GoDaddy is issuing certificates that adhere to a new RFC.

After much trial and error along with research, I almost gave up and admitted defeat. Everything I read today indicated that RapidSSL certificates worked. So, I was going to have to go back to my boss to approve the $69 for a new certificate; that wouldn’t be a hard sell, but telling him that I made a mistake would be harder. I started complaining to a friend that works at Palm and he pointed me to the same threads I was reading that recommended RapidSSL. I went over to RapidSSL to look at certificates. I happened to click on the Buy link (I’m not sure why as I wasn’t about to buy it), clicked the “Continue without support” link, then was pleasantly surprised to see the following:

Picture 1.png

I selected a 1 year certificate, filled out all the information, confirmed the certificate and waited. Without entering a credit card or anything else, my certificate arrived! Not only did it arrive, it was for 2 years! The certificate we purchased just 2 days ago from GoDaddy for $30 was a 1 year certificate.

I fired up the Treo 755p, setup ActiveSync and presto, it worked over SSL.

Wow, not only was I able to solve my SSL issue with the Treo, I got an extra year on the certificate.

So what did I learn? Hmmm, I’m not sure. I made a mistake, but I was able to correct it with a bunch of research and some luck.

Oh and using a Treo 755p brings back memories of developing Palm OS software. The UI seems a bit outdated and I’m glad that Palm is moving on and not resting on its laurels.

March 20, 2009March 20, 2009

Holiday season in March?

This week was a pretty exciting week for a geek like me. Google Voice was rolled out, iPhone 3.0 was announced, and the hardware for our new Zimbra server shipped. Google Voice, the successor to GrandCentral has lots of cool features. So far I like the SMS forwarding and the voicemail transcription is interesting (it sort of works; it seemed to get a phone number pretty well). The call quality seems decent and the ability to call any number from the web site is also quite useful. I discontinued my GrandDialer application as I don’t have any time to work on it. Another developer is working on GV Mobile which looks quite promising.

iPhone 3.0 looks cool and I can’t wait to see it released.

The Zimbra hardware means that my company can start moving towards a real email solution; the hosting provider we use is just awful and quite unreliable despite their claims. In addition, running our own email will reduce external bandwidth and give us more control. The downside is, of course, that if there are problems, I can no longer point the finger!

The disappointment this week is that MIMO Monitors has said that supplies for their 740 have been scarce and don’t know when they’ll be able to get them. I had ordered one to try out. The touchscreen didn’t interest me, but the webcam did; they are having problems getting the touchscreens.

March 14, 2009March 14, 2009

Fun with multi-homing

We have a bunch of Xserves running Mac OS X server at work. Most of the machines are only using one of the 2 built in Ethernet ports as they are on the LAN. We have 2 machines that are customer facing and we just added a dedicated inbound connection for them. Being the clever person that I am, I decided that to ease the transition between the old and new IP blocks, I’d block the new connection into the second Ethernet port and we’d be good to go. Turns out it isn’t that easy with the Darwin kernel. I setup the default connection to be the new network connection and traffic to the new IP addresses worked fine. However, traffic to the old address got hung up. After a lot of investigation, I determined it was due to Asymmetric routing. No problem, I thought, a few commands and it would work. I managed to do this in Linux by following an article, but it wasn’t so easy in Mac OS X. Basically the traffic coming in to the old IP block had the responses going out through the other Ethernet interface out over the new IP block. Many routers block this as it kind of looks like an attack of sorts.

OK, so now that I was stuck, what would I do? I spent about 12 hours on this issue and through some magic use of Apache proxies and another server, I was able to get things working. It isn’t pretty, but it solves the problem until we can get an A record changed (we have no control over that record).

Lesson learned, really, really, think carefully before deploying Mac OS X as a server; it can be quite frustrating to do things that I believe should be simple. Maybe I expect too much and OS X Server isn’t designed for me.

February 6, 2009February 6, 2009

The joys and pains of a VPN

After many years of securing each service, i.e. email, web site, etc. for my servers and servers I managed, I came to realize that the only way to secure a company with more than 1 server is with a VPN. Now that I’ve used a VPN for about a week, I’m extremely happy with it. This will allow us to stop maintaing the firewall on 7 separate servers! My IT coordinator has done an amazing job at getting it running and when he was stuck, he called in a pro (knowing when to say that you don’t know something scores points in my book).

This week, we were trying to connect our San Diego office to our main Minneapolis office. This proved to be much harder than it should have been. We have Cisco routers on both ends and used the EZVPN in the router to establish the connection; turns out it wasn’t very easy. We had it working yesterday, but when I took it into the office, it failed to work. I took another stab at it today. After lots and lots of Google searching, I stumbled across some information about MTUs and made a few changes that amazingly got the VPN working flawlessly! The problem was that I could make connections that only sent a little data, but SSH connections and full web pages over the VPN failed.

The following are changes I had to make to the Cisco 871 on the remote side:

crypto isakmp keepalive 10 periodic

For the Vlan and Ethernet interfaces, I set:

 ip mtu 1400

and on the Vlan1 interface, I set:

 ip tcp adjust-mss 1200

(The last bit was the key.)

I’m tempted to get Cisco certified, but I’d probably pull my hair out if I encountered a problem like this again.

January 15, 2009January 15, 2009

The Power of Compression

Today I was investigating some slowdowns on one of our customer facing sites and after a few minutes working with our developer and Safari, I determined that we weren’t compressing files sent from the server. (Safari warned me in the Show Network Timeline option in the Develop menu.)

As we’re running Apache 2.2.x on Leopard server, I found that it had mod_deflate already installed. While the module was already installed, it wasn’t setup to do anything. After a few minutes reading the documentation and modifying the Apache configuration files, I had compression working. Yeah! Normally I wouldn’t think this would do a lot of good as the connection is pretty fast, but some of the Javascript we use is quite large and compresses quite well. I definitely saw a speed improvement with this simple change.

So my question is, why isn’t there an option in Leopard’s Web Server that says “enable compression”? I see no downside to this using the configuration on the Apache site (Leopard server actually has this enabled for Collaboration) as most modern browser can handle this and can quickly decompress the files.

For reference, I created a file at: /etc/apache2/httpd_deflate.conf that had in it:


<Location />
	# Insert filter
	SetOutputFilter DEFLATE

	# Netscape 4.x has some problems...
	BrowserMatch ^Mozilla/4 gzip-only-text/html

	# Netscape 4.06-4.08 have some more problems
	BrowserMatch ^Mozilla/4\.0[678] no-gzip

	# MSIE masquerades as Netscape, but it is fine
	# BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

	# NOTE: Due to a bug in mod_setenvif up to Apache 2.0.48
	# the above regex won't work. You can use the following
	# workaround to get the desired effect:
	BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html

	# Don't compress images
	SetEnvIfNoCase Request_URI \
	\.(?:gif|jpe?g|png)$ no-gzip dont-vary

	# Make sure proxies don't deliver the wrong content
	Header append Vary User-Agent env=!dont-vary
	
</Location>

Then in each site file, I put:

        Include /etc/apache2/httpd_deflate.conf

January 12, 2009

Macworld Recap

Everyone is posting a recap and analysis of Macworld and I won’t be any different! My trip to Macworld this year, like every year, was a lot of fun, but tiring at the same time. In some years, I’ve worked at the Mark/Space booth, but most years, I just walk around the Expo floor (I don’t find conferences all that interesting to me). I spent the first day walking around the booths to get a lay of the land and talking to people I know (there are some people that I only see at Macworld). The second day, I went up and down every aisle looking for products that would be helpful for my work. Yes, I actually glanced at every booth. There were a number of products that I would never have seen just searching the web.

There has been a lot of speculation about the future of Macworld Expo now that Apple has said that it will not attend next year. For me, Apple’s presence is secondary to all the other vendors. While I can find out about products on the Internet whenever I want, there are many products I would never have known were out there. For instance, nekFIT is a holder for an iPod Nano that goes around your neck. It looks quite interesting so I ordered one (the guy at the booth said if I didn’t like it, contact him and he’d make it right). I love running and the headphone cord always drives me crazy. In addition to that, I did find stuff for work. There is a backup program called CrashPlan that backs up during idle time. Why haven’t I seen anything like this before? Then there is the BT-1 Wireless Webcam from my friends at Ecamm Network.

Will I goto next year’s show? I ordered signed up for my free Expo pass, so hopefully that is a good sign. Will vendors pull out? Likely, yes, but I hope that many of the smaller vendors choose to come. I know it is expensive to come as a vendor, but it is so helpful to come and have so many vendors in one location. The big vendors don’t interest me all that

In addition to looking for things for work, there was some exciting news for me. Mariner Software announced that it had acquired my ReceiptWallet program.

December 31, 2008December 31, 2008

How not to run a web site

Today I went to view my insurance bill online and when I went to view it or save it, I got the standard Apache Internal Server Error message. That’s pretty bad for an insurance company that seems to be beefing up its online presence. If that wasn’t bad enough, they neglected to change the default administrator email address (you@your.address). Should I be afraid that if they didn’t change that default value that they haven’t properly secure their server?

(I’m sure that one of my sites does something stupid like that, but I don’t have a staff that maintains my sites.)

December 28, 2008

Wacky Chinese Packaging

For Hanukkah this year, my wife decided to get me some little things that I could put on my desk. The things she got me were definitely not on my wish list (OK, I don’t have a wish list as I just buy what I want within reason). One of the items she bought me was a flashing coaster. My son seems to enjoy it and it is kind of entertaining. What was even more entertaining for me was to read the package.

I thought that people only saw this stuff on The Tonight Show, but I can now say that I’ve seen bad Chinese translations myself!

Clive Charlwood on Another stab at fixing the Vizio SB36512-F6 SoundbarNovember 22, 2024
This is what exactly what I did. Works a treat.
Happy on Review: PhotoSweeperNovember 20, 2024
Hi Mark, how can Photosweeper X mark all photos for deletion, then let me select the ones to keep? Thanks…
Scott Gruby on Fixing Display Issues on iPad with HDMI outNovember 10, 2024
It's possible that it has to do with the HDMI adapter.
Marc on Fixing Display Issues on iPad with HDMI outNovember 10, 2024
Same problem with new iPad mini but we don't have the three option to choose from!
Dolf Starreveld on Monitoring a SunPower Solar SystemNovember 5, 2024
That indicates the web server itself is still running, but some kind of error (5xx series error) occurs when processing…