Tag: Technology

Posted on

Review: Apple AirPods

When Apple announced the AirPods last fall, I wasn’t impressed as I already had Bluetooth earbuds that I used for running that worked quite well. It took me a few weeks to realize the advantages of them over other ear buds such as no on/off switch, take one out to pause, pairing across all devices, easy charging, convenient carrying case, etc. After that, I was convinced that they were the sleeper hit of the event.

Once the AirPods became available to order, I immediately placed my order; the price didn’t phase me. When I received them a few weeks later (I didn’t get in on the first batch), my excitement quickly turned to disappointment. They appeared to be plagued with problems such as dropping constantly on phone calls and popping while listening to music on my walks. I found forums posts where people had similar issues and I went ahead with Apple’s online support so that they could get it on record that there was a problem with my combination of devices and AirPods (iPhone 6s, first generation Apple Watch). None of their suggestions worked, but I didn’t really expect them to as I had tried what others suggested in the forums.

Several weeks later, I received a call from Apple wanting to see if I had time to follow up with a support person collecting information for engineering. Sure, I said as my AirPods were basically useless at that point. I spoke with an Apple person for well over an hour during which the AirPods dropped and switched to the iPhone’s speaker many, many times (once every few minutes). I didn’t hear back from Apple, but saw some forum reports indicating that the beta iOS versions fixed the problems (I don’t normally install beta iOS versions on my device). When iOS 10.3 came out, I immediately installed it (I backed up first because the APFS update kind of scared me). I was more than pleasantly surprised about my AirPods; they now worked exactly as Apple had described. Over 2 months after I bought them, they had become completely usable!

Now that I had working earbuds, what impressed me with the AirPods? First off, charging is easy and convenient. Next, the charging case makes it easy to carry them. There is no on/off switch and taking the AirPods out of my ears pauses the music. They are so convenient that I find myself listening to music more when I walk the dog.

Pros

  • Convenient charging/storage case.
  • Fits well in my ears.
  • Easy to pair with all my devices.
  • Acceptable sound quality (I’m not an audiophile so it works for me).
  • Taking the AirPods out of the case immediately turns them on.
  • Removing one AirPod pauses the music.

Cons

  • Initial issues delayed my full use of the AirPods.
  • There are cheaper ear buds on the market.
  • Easy to drop or lose.
  • Batteries won’t last all day.

Summary

I’ve tried a number of Bluetooth ear buds and headsets over the years and besides my Plantronics BackBeat Fit that I use for running, I haven’t managed to keep using any one for all that long. I’m cautiously optimistic that the AirPods are going to be my ear buds of choice for the foreseeable future. While they are not the cheapest ear buds out there, I think that all the pros outweigh the cost.

Posted on

Review: Ubiquiti UniFi Security Gateway

Sometime after I reviewed the Ubiquiti EdgeRouter Lite, Ubiquiti contacted me and offered me a few products to test and review. One of the products they sent me was the UniFi Security Gateway. At the time, I set the box aside as it didn’t have all the features of the EdgeRouter Lite. In January when my father was having trouble with his Internet, I put the USG into service. For that application, it was ideal as it integrated with the rest of the components and was simple to manage.

After the success of that install, I was kind of jealous and decided to purchase a USG and see what it would take to replace my EdgeRouter Lite; the UniFi team has done a lot of work on the controller (the GUI to manage the device) since I was originally sent the device. Replacing a router should not be rocket science. Unfortunately for me, my network is a little bit customized. Going from the EdgeRouter Lite, I had to move over the following:

  • Dynamic DNS (for my external IP address)
  • IPv6
  • VLANs
  • Firewall rules for the VLANs
  • OpenVPN server
  • Static DHCP entries
  • Static DNS host entries

Some of this is available in the controller, some of it isn’t.

The first step was to adopt the USG into my controller. I followed the instructions on how to integrate the USG into an existing network. Unfortunately, I was unable to adopt (meaning the controller can manage the device) the USG. I tried a few times with no success. Next I looked at an article that allows me to configure the USG to find the controller (instead of the controller finding it). I followed the SSH instructions and issued the commands:

    mca-cli
    set-inform http://ip-of-controller:8080/inform

This worked and I started getting somewhere. (After reading some more posts on Ubiquiti’s extremely helpful forum, it appears that an old firmware may have had issues adopting and that upgrading the firmware before adopting may have helped.)

After the USG was adopted into the controller, I plugged in the WAN connection, rebooted the cable modem (so that it would pick up the new MAC address) and was able to connect to the Internet. If I had a simple network, I’d be done, but nothing is ever easy for me.

Next up was setting static DHCP entries. While the current controller doesn’t let you assign DHCP entries until after a device has been seen, all my devices were online and showed up in the controller (I have UniFi switches which makes the controller populate with all devices it sees) using the addresses I had assigned from the EdgeRouter Lite. It was a simple matter of selecting each device, clicking the “Use fixed IP address” checkbox and clicking Apply. (Note there is a bug in the UI where the checkbox doesn’t stay checked even after applying.)

Screen Shot 2017 03 06 at 11 08 48 AM

Perfect, so now that was out of the way (tedious, but reasonable), I could move on or so I thought. The controller lets me assign static IP addresses for clients; switches and access points are not considered clients. I needed static IP addresses for the switches and access points so that I could use SNMP monitoring on them; the package I’m using, Observium uses host names to address the devices; in order to use host names, I had to first give devices static IP addresses. This is where the messiness begins. Ubiquiti has an article on how to customize the USG and have the changes persist across reboots. (The EdgeRouter Lite just lets you configure it using the command line and the changes persist.)

You start the process by doing something like this:

    configure
    set service dhcp-server shared-network-name LAN_10.0.1.0-24 subnet 10.0.1.0/24 static-mapping UniFi-LR ip-address 10.0.1.131
    commit
    save
    exit

and then

    mca-ctrl -t dump-cfg

At this point, you have to pick through what was dumped and only choose what you entered manually as the json file you create gets merged in with what is produced from the controller. This isn’t necessary if you have a standard config and the controller has all the options you need.

I then repeated this process for IPv6, static DNS entries and my OpenVPN server configuration.

There is a GUI for configuring the firewall and I setup rules that prevent IoT devices from talking to my LAN, my cameras from talking to anything except 1 device, and a few other rules. This was straightforward, but a little different than on the EdgeRouter Lite.

Screen Shot 2017 03 09 at 2 13 16 PM

Now that I had the USG setup like my EdgeRouter Lite, what did I get? The hardware is virtually identical, so I didn’t gain performance. The main thing I gained was being able to look at my entire network in 1 place. In addition, I get the ability to remotely manage/monitor my network through the UniFi cloud. Did I mention the pretty picture with the circles?

Screen Shot 2017 03 06 at 10 59 55 AM

People are going to ask, why go with a USG over an EdgeRouter Lite. Here’s my rundown:

USG

  • Easily integrates with other UniFi equipment.
  • Simplified configuration.
  • Remote access via UniFi mobile app.
  • Firewall configuration is slightly easier than on ERL, I think.

EdgeRouter Lite

  • UI has some more advanced configurations like being able to change any option using the configuration tree.
  • Firewall configuration in UI allows you to apply rules directly to VLANs.
  • Configuration via command line is a one step process; make change and save it vs USG which has multiple steps.
  • Core operating system is newer than USG.
  • Static DHCP reservations can be made prior to a device being on the network.

Conclusion

Pros

  • Easy setup for simple networks.
  • Full view of entire network in one spot.
  • Remote access to router from UniFi mobile app (using the UniFi cloud).
  • Easy configuration of firewall entries.

Cons

  • No IPv6 DPI (deep packet inspection).
  • DPI works across all interfaces and may not give you an accurate representation of WAN traffic (which is what interests me).
  • Not all configuration options are available via the GUI.
  • Initial setup into a non-trivial existing network is painful.
  • WAN speed test is only useful for up to 150 – 200 Mbps (according to a forum post; I have 300 Mbps down and can only get about 130 Mbps shown).
  • JSON configuration for command line options is a bit awkward as you have to use the command line first, export the options and then pair down the result to put in the JSON config so that settings persist.

Summary

As I’ve written about in the past, the UniFi line of networking products is easy to use and everything works well together. The USG fits in well and despite my rough start with it, I’m pleased with it. While there wasn’t a huge leap from the EdgeRouter Lite to the USG, being able to see my entire network configuration in one place makes it easier for me to manage. In the future, I plan on adding more firewall rules and possibly more VLANs to separate out more IoT traffic (a day doesn’t go by where you don’t here about some IoT device doing something shady).

If you already own an EdgeRouter Lite, moving to a USG is a tough decision. You gain no new functionality or performance, but an interface that works with other UniFi hardware. If you don’t already own an EdgeRouter Lite and either plan on getting UniFi access points or switches, I think it is a no brainer to get a USG. If you aren’t using other UniFi gear, a USG itself won’t buy you a whole lot. With the USG, I’m able to define VLANs once and have it apply to the WiFi access points and the switch ports; with the EdgeRouter Lite, I had to define VLANs in both places for proper routing.

UniFi employees are quite active on their forums and have posted their roadmap. I really like some of the features and their openness is refreshing. The features won’t really change how I use the device, but will help reduce the number of command line changes I have to make.

Posted on

Channels DVR – A change in my TV viewing

I’ve written in the past about different systems that I’ve tried out to find the perfect system for recording and watching TV. The last system I wrote about was MythTV and it was working pretty well. However, it was a bit fragile. When Plex announced their DVR, I decided to give it a try. Once I found scripts to skip commercials and transcode the video to play well on my Apple TV, I thought I had found the system for us. Unfortuantely there were a few pieces that annoyed me to no end. It basically boiled down to the system would sometimes strip too much of a show when it removed commercials and the audio kept becoming out of sync with the video. If you’ever ever watched a show this way, you know that it degrades the viewing experience.

Last year when Channels released their Apple TV app, I was hooked. The app let us watch TV on the Apple TV; while this sounds almost useless, the Apple TV became the only device we used and the remote could control the TV, sound bar, and Apple TV. The folks behind Channels said that they were working on a DVR. If they could combine the Apple TV app with a DVR, it could be the next great solution for me.

About a month ago, Channels released their DVR into a public beta. At first, the $8 per month fee seemed a bit high as TiVo is around $13 per month and could Channels be as good as the gold standard? Breaking down the fee, there is about $2 per month for the guide data (based on what I’ve paid for the data in the past) and $6 for the application; that made it more palatable to me. I decided to give it a try. The DVR portion runs on my Mac Pro and does all the recording pieces and commercial detection (the fact that it has ComSkip built in for detection is a huge win for it). The Apple TV app has a decent interface and makes it easy to play back videos. When videos are playing, double clicking the right side of the remote skips the commercials that ComSkip marked. While my old system didn’t require me to manually skip commercials, this system means that if the commercial detection isn’t perfect, I can rewind and see what I missed.

The playback is excellent and we haven’t experienced any audio sync issues. The Channels team wrote their own player to playback the MPEG transport streams that come off the HDHomeRun. One downside of this is that you don’t get the built in Siri controls like “what did he say” that rewinds, turns on closed captioning, and then plays the video. However, by playing back the raw video instead of transcoding like I had before, I can turn on subtitles and read what I missed; not as convenient, but it works.

The team behind the app is constantly working on the app and making nice enhancements and fixing bugs. There have been some hiccups with some releases, but they have been quickly fixed.

WIth all the different systems I’ve tried, people may ask why I just don’t spend the money and get a TiVo with one of the best interfaces around. I really don’t want another box and I like the flexibility of running a DVR on my media center.

I obviously can’t say that this is the be all, end all system for my TV viewing, but at the moment, it is the best option for me.

Posted on

Curing home Internet problems with UniFi gear

For as many years as I can remember, I’ve been the goto person for my family when they have tech problems. Anyone that is in this situation knows that this gets old pretty fast! At the beginning of January, my father started having problems with his Internet connection where he said it kept going out. I told him to call the cable company and get them to come out. He wasn’t quite convinced that it was the cable company, so he spent about a week testing out his router/access point (Apple TimeCapsule) and my sister’s router (similar device). (My dad and sister live in separate houses on the same property.)

After no real change in the stability of the connection, my dad started the game of contacting his provider. He also told me that he wanted the same router and access points that I have. Initially I said absolutely not as I didn’t want to have to walk him through configuring the UniFi devices. While the UniFi controller is pretty easy to use, it isn’t aimed at consumers. I thought about this for a day and told my dad that I’d set him up with a new router and access points on the condition that I managed all of it remotely. Once the UniFi gear is setup, there is very little management needed.

I purchased 2 UniFi UAP AC LR Access Points, a UniFi CloudKey, and a UniFi USG. I had an old Netgear PoE switch that I threw into the mix.

Setup of the pieces was pretty easy. I put all the pieces on my floor, connected them, and then hooked my MacBook Pro up to the USG to create a separate network. In addition to configuring the devices, I labeled everything and put “DO NOT UNPLUG” on the devices as power cycling seems to be a popular way to “troubleshoot” Internet connections. As I hadn’t used the CloudKey before, I was slightly confused that I had to goto the web interface of the CloudKey as well as the web interface for the USG for initial setup. I don’t remember the exact steps, but it only took a few minutes to get things running.

UniFi Setup

I setup the UniFi Controller on the CloudKey to use my UniFi login so that I could remotely manage it.

My dad and I installed the USG, switch and 1 access point next to the cable modem which took a little while to make everything look neat. The USG and the switch have those dumb slots for screws that I can never get right on the first or second try. The access point, however, has a removable base that made it a snap to install in the closet where all the equipment lives.

Once I powered everything on, it just worked as I setup the wireless networks with the same SSIDs and passwords that were already used. The only slight problem was that I had to turn off WiFi on the Time Capsules as devices were connecting to the wrong access point.

The UniFi iOS app has come a long way since Ubiquiti started it. The app now has everything I need to remotely monitor and manage the network. Ubiquiti uses a protocol for remote management that works in Chrome (on the desktop), but currently not Safari, so using the iOS app is the only way to look at the remote setup from my iPad.

UniFi iPad App

While my dad’s Internet connection has been up and down over the last 12 days, the USG and access points have been rock solid. The cable modem has been rebooted a number of times, but none of the UniFi gear has been touched.

This type of setup isn’t cheap, but it seems to be on par with some of the newer mesh systems.

Pros

  • USG, CloudKey, and UAP AC LR are easy to setup for networking savvy people.
  • Mobile app can handle most of the monitoring and configuration.
  • UniFi Controller with the USG shows traffic statistics in pretty pictures!
  • Remote access works well.
  • Very stable.
  • Access points provide good coverage.

Cons

  • UAP AC LR uses passive 24V PoE. The PoE switch I installed is 802.3af which means that I had to use a power injector to power the access point (I could have bought an adapter from Ubiquiti to conver the 24V to 802.3af).
  • Average consumer cannot easily setup the equipment.
  • USG is missing some features such as GUI configuration for IPv6, static DNS entries, DHCP reservations (before device is seen on network).
  • Default guest network configuration uses client isolation such that guests can’t connect to other devices on the network, but the guests can scan for other devices. I changed the configuration to use a separate VLAN and give out IP addresses in a separate range for guests. I think that this may be a better setup for an out of the box configuration when the wizard asks if you want a guest network.
  • When I inserted the micro SD card into the CloudKey, it got stuck. I basically had to destroy the card to get it out. I’m not sure if this was a design issue or a manufacturing issue, but I put a new micro SD card in there and everything works fine.

Summary

While I was hesitant to set my dad up with the same networking equipment I have. I now believe that this will be the best long term strategy to supporting him. If he or my sister blame the router and access points for Internet problems, I can show them that it isn’t. Being able to remotely monitor and configure the devices (including performing upgrades) is a great benefit to anyone having to deal with someone’s Internet issues.

I hadn’t played much with the USG prior to this install as I use the EdgeRouter Lite. However, based on this and the periodic updates to the firmware and controller, I’m definitely going to be switching over to the USG in the near future (there are a few items on Ubiquiti’s roadmap that I want).

With Apple exiting the router market, people are looking for alternate solutions. If you are savvy with networking, I think the USG, UniFi Access Points, and CloudKey (unless you have an always on machine to run the controller) are a great combination. For a home setup, it may seem like a lot of money, but how much is my time worth?

Note: The USG was sent to me by Ubiquiti as a review unit. It has been sitting on my shelf for a year now simply because the controller software wasn’t exactly what I wanted at the time. The controller software has come a long way and if I had to choose between the Edge Router Lite and the USG, the USG would now be my choice.

Posted on

CarPlay, a month later

Now that I’ve been using CarPlay in my Subaru Impreza for about a month, here’s a mini review.

After waiting years to get a new car, the number one feature for me was a nice infotainment system, in particular CarPlay. Until using CarPlay, I didn’t realize how bad the interfaces for many car infotainment systems were. Apple’s minimalist design is exactly what is needed in a car; too much information and it is just a distraction.

While some may say that CarPlay is a gimmick, it has really become second nature to me to use it. When I get in the car, I plug in my phone and see Maps. This may seem like a minor thing as I usually know where I’m going, but it also shows traffic and ETA to my destination which are very convenient. I’m not a huge user of the phone or listening to my own music (I mostly just listen to the radio), but both of those can easily be controlled using the touchscreen or Siri. Sending and receiving text messages is virtually identical to other systems using Siri except that you can start a conversation from the touchscreen; I don’t find that this is helpful. CarPlay will not show you the text messages on the screen; it only reads them.

Pros

  • Seamless integration; I start the car and my next destination appears on the screen ready to navigate or at least just tell me the ETA.
  • Clean user interface; there is very little clutter to take my eyes off the road.
  • Everything you can do with Siri Eyes Free, you can do with CarPlay with visual feedback.

Cons

  • There are some quirks either with CarPlay or the Subaru integration. For example, I’ve had to factory reset the head unit twice to get it working again (it wouldn’t show up as an option).
  • Limited number of apps available for CarPlay. In particular, I’m looking for Navigon for the times when I don’t have cellular coverage or to reduce my data usage.
  • I have to remember to plug in my phone each time I get in the car. The car has all the components to do wireless CarPlay (Bluetooth and WiFi), but it hasn’t been implemented.

Summary

The infotainment system apparently is a gateway for car manufacturers to get people to buy more services. I’ve been reading a number of articles lately about companies not wanting Apple and Google to monopolize the system as they are losing revenue and are banding together on an alternative. While that may sound great to them, as long as CarPlay (and possibly Android Auto) is an option, I think it will win out over whatever is developed mainly due to the integration with the phone.

To me, CarPlay is not a game changer, but a really, really nice feature to have in a car. Going forward, my future cars will have tight integration with whatever phone I’m using. If I had to use some other infotainment system, I’m sure I’d be really disappointed. It is unfortunate that the rollout of CarPlay by car manufacturers is so slow; it should be an option on every car not only for convenience, but I believe that if people are accustomed to using Siri for communication, it may help with some distracted driving (yes, even Siri is a distraction).

Posted on

First Impressions: 2017 Subaru Impreza

For the last year and half, I’ve been looking for a new car. My 2003 Toyota Highlander has been starting to show its age. It has low mileage, but I’ve had to do some maintenance on it. In addition, the only tech I have on it is a radio I installed about 2 years ago with Bluetooth. One of the features I’ve really wanted is Apple’s CarPlay as it would allow me to have a familiar interface in the car for navigation, media, and phone. While the number of cars with CarPlay available has been increasing, most haven’t been cars that I’d want to own.

In July, I happened to look at Apple’s CarPlay site and saw that the 2017 Subaru Impreza would have CarPlay. I looked online at the car and it looked like it could fit the bill. However, it wasn’t going to be available until the end of the year, so I’d have to wait. In the last few weeks, I started looking at inventory at the local dealers and saw that cars were in transit. I picked the color and options and used a car buying service to negotiate the price for me. Last Thursday was the day for me to test drive it and see if it really was the car.

Going from an SUV to a small car was definitely going to be a change, but I don’t really need an SUV (helpful a few times a year). Fuel economy was going to improve and a smaller car might be more fun to drive.

When I first got in the car, besides being much lower than my Highlander, I found that the side and rearview mirrors were larger than I expected. Last year I test drove an Audi A3 e-tron and the mirrors on that thing were tiny. I was worried that the smaller car wasn’t going to be able to accelerate on the freeway, but was pleasantly surprised how well it did. The tech, at first, was a bit distracting. There are 3 displays! One is behind the steering wheel, one is the center display for radio, maps, phone, and the third is an info display that can be used for radio info, weather, MPG, etc.

After the test drive, I was ready to buy; I promised my wife that I wouldn’t buy a car without her seeing it. We went back the next day and I left with a new car.

I’ve driven it for 3 days now on city streets and highways and have gotten a pretty good feel for the car. While I’ve tried to go through the manuals, there is far too much information in them for me to consume right now. I chose the Impreza 5 Door Limited with EyeSight. I’m a tech guy and not a car guy, so I picked the car based on the tech and specifications. The fact that it was pleasant to drive was almost a bonus!

My impressions are in no particular order.

Pros

  • Backup camera has lines showing where the car will go.
  • Blind spot detection; can be annoying at times as it lights up almost constantly on the freeway as people are passing.
  • Rear cross traffic alert. Getting out of a parking space at SeaWorld is a nightmare. This and the backup camera (and of course looking with my eyes), got me out of a space safely.
  • Impressive turning radius. Specs say less than 18′; my Highlander appears to have been about 38′!
  • CarPlay. Enough can’t be said about this. When I’ve gotten in the car, it knows where I’m going (based on my calendar) and offers to navigate. Phone integration is great and so is music. Controlling everything with Siri works well (better than Siri on my Bluetooth radio in my old car). One thing to be cautious about is if you use maps all the time, you’re going to use up some of your cellular data. After a few hours of driving, I used almost 12 MB of data for Maps alone. I’m going to keep an eye on this; even at 10 MB of data per day on maps, that won’t be a problem on my current plan. (I pay for 2 GB, buy AT&T has given me 2 GB bonus per month plus I have rollover. At a minimum I have 4 GB per month and the most I’ve used is 3 GB.) If someone streams music and uses Maps all the time, this could be costly.

IMG 5915

  • Speed adjusted volume. There is a setting to make the sound louder when the car is going faster. This is great for freeway driving. I’m still playing with the setting as I think the max setting is a little high as the volume increases even at lower speeds.
  • While not documented, it appears that there is a separate volume level for the radio, for navigation (using CarPlay), and for phone. If you adjust the volume while the navigation is speaking, there is a different icon on the display. This is great as I don’t need it really loud.
  • The keyless entry allows me to leave the key in my pocket. This is really neat and convenient. In addition, since the key uses proximity for unlocking, you have to be pretty close to the car to unlock it. While I can still push the button on the remote, I think the proximity is more convenient and potentially safer due to a potential replay attack.
  • Handling is good; while I haven’t gone zipping around that many curves, I like how it handles.
  • Acceleration is much better than I expected. Coming from a larger engine, I was worried about being able to get up to speed in traffic. I haven’t found that to be a problem.
  • Quiet. I know this is subjective, but it seems like the ride is quieter.
  • Lane departure warning; this feature is one that I hope to never use, but have already heard it beep when I was driving due to 2 lanes merging and I was slightly over the line. The system that actually keeps the car in the lane has to be turned on separately (it isn’t automatic).
  • While not specific to this car, Subaru put all the manuals in PDF on their website. Unfortunately they separated the manuals into 20 parts. It took me awhile to grab all the pieces and put it back together; I’d rather a 50 MB PDF than 20 smaller ones that are harder to search.

Cons

  • The STARLINK multimedia apps (not the system that gets help in an emergency) is a bit outdated for a system that supports CarPlay. With CarPlay, there is no reason (that I can think of) to use Subaru’s app. The whole system is truly a piece of crap. The iPhone app looks like iOS 3 or 4; the display in the car isn’t much better. The apps take forever to load (we’re talking 30 seconds) and the second time I tried the system, I couldn’t get the apps to come up (tried for about 20 minutes). Frankly I wish there was an option to completely hide it. This is NOT a selling point for the car. If the navigation system is anywhere near as bad as this, I’d steer clear of it. It appears that this system was designed by Clarion. I’ll be removing the app from my phone (it is required for the head unit piece to work). Even though CarPlay is limited (I’d like to see Navigon on it), the interface is well thought out and looks good.

IMG 5912IMG 5913IMG 5917IMG 5918

  • No lumbar support in seat.
  • Too many settings in too many places. Each of the 3 displays has a way to change settings.
  • It’s low to the ground. I’m not used to this and right now I’ll call it a con.
  • There are all kinds of warnings about cleaning the inside of the windshield to protect the cameras for the EyeSight system. The instructions say to use a piece of copy printer taped over the cameras when cleaning. Subaru should have provided a rubber boot that fits the system; this would have been less error prone and would have protected the camera better.
  • No good place to put my phone in the car. In order to use CarPlay, I have to plug in my phone to USB; the USB plugs are in the center console and allow me to route the cord outside of the console. For now, I leave my phone upside down in the cup holder. I’d love a dock (with Lightning connector) like I have on my desk (it would have to be a bit more secure, though).
  • Less cargo space. This is pretty obvious as I came from a larger vehicle. I think the only time I’ll have a problem is when we go camping. I’ll have to get a roof box for those few times a year.
  • No ability to remove some options from the multimedia menu. I just want CarPlay, radio, and settings to show up.
  • The button to lock all the doors is hard to find by touch. This could have been mitigated by an option to lock all the doors when the car is put in drive, but that doesn’t appear to exist.
  • Too much information can be distracting. I’m trying to find the settings I like that keep distractions down.
  • One of the information displays is right behind the steering wheel causing the analog speedometer to be moved to the right; this is partially obscured and I have found that I have to use the digital speedometer in the display in order to easily see my speed.
  • Not specific to the car, the mysubaru.com app and site don’t let you do an initial login on a phone as the page is too long to fit an iPhone 6s screen and it doesn’t screen. Also the app appears to just be the mobile website.

Things that would have been nice

  • Dual front climate control (manual talks about this, but didn’t appear to be an option).

Summary

I’m truly amazed at how many things this car got right. It has all the safety features I want, all the tech I want, and the price didn’t break the bank. In fact, I read an article that indicates the average selling price for a car is over $34,000! I’m not sure how people afford these cars or what they get for more money, but my Subaru came in at under this. I’m enjoying driving the car and I hope the fun continues.

Feel free to ask questions!

Scott and his car

Posted on

Mobile App Done Right

Last week I went to test drive a new car and after test driving, I was ready to buy. There are, of course, a number of steps required to purchase a car including securing a loan, providing proof of insurance, and getting insurance for the new vehicle. I’ve used my banking and insurance company’s app for years basically to check my account balances. For the last year or so, I’ve checked my credit card balance almost weekly to make sure it isn’t too high in anticipation of applying for a car loan. The app was useful for this, but that didn’t prove the power of the app.

When it came time to apply for a loan, I pushed a few buttons on the app (while someone else was driving), applied for a loan, got approved, and signed all the loan documents. On top of just getting the loan, the app let me fax or email the payment instructions directly to the dealer. In case that wasn’t enough, I knew I needed insurance and didn’t know what my insurance company provided on a new car before I spoke to them, so I looked on the app to see what I could do. Even before I left the finance guy’s office, I had entered the VIN of the car into the app, got a quote on the new policy and added the car to my policy. The app also provided me with proof of insurance. Now that was cool.

Apps can do so much these days, it is so hard to know what I want an app to do until I have a need. It’s not like I’m going to do this every day or week, but knowing that this company has put in just about every feature you could imagine to handle everyday and occasional needs makes me even more pleased that I’ve used them for a long time.

Posted on

Navigation or No Navigation

Back in July, I stumbled upon the Subaru Impreza as possibly my next car. With the release pegged at the end of the year, a few weeks ago, I started looking at the dealer sites to see when they’d get the car so I could test drive it. I picked the trim level I wanted (that was easy) and was looking at the option packages. There were only 2 choices and trying to figure out which one I wanted was quite difficult.

Subaru’s website shows the following image:

Screen Shot 2016 12 18 at 6 52 52 AM

If you look closely, the differences are that the more expensive package has better audio and the Multimedia Navigation. It implies that only it has the 8″ display and the less expensive option doesn’t. I definitely wanted the 8″ display, but finding that option package on the cars coming to the dealers proved more difficult. After more research, I found another link that described the different multimedia systems.

SUBARU STARLINKâ„¢ 8.0″ Multimedia Plus with Apple CarPlayâ„¢, Android Autoâ„¢, Pandora® and Ahaâ„¢ smartphone app integration5, STARLINKâ„¢ cloud-based applications, including Yelp®, iHeart® Radio, Magellan® navigation7, SiriusXM® All Access Satellite Radio8 and Travel Link®8, high-resolution LCD touchscreen display, 6 speakers, AM/FM/CD player, HD Radio®, USB port/iPod® control, Bluetooth® audio streaming and hands-free phone and text messaging connectivity, and 3.5-mm auxiliary jack

And…

SUBARU STARLINKâ„¢ 8.0″ Multimedia Navigation System: Voice-activated 8.0-inch multi-touch gesture high-resolution GPS navigation system with Apple CarPlayâ„¢, Android-Autoâ„¢, Pandora®, Ahaâ„¢ and smartphone app integration5, STARLINKâ„¢ cloud-based applications, including Yelp®, iHeart® Radio, Magellan® navigation7, SiriusXM® All Access Satellite Radio8, Traffic®16 and Travel Link®16, high-resolution LCD touchscreen display, AM/FM/CD player, HD Radio®, dual USB port/iPod® control, Bluetooth® audio streaming and hands-free phone and text messaging connectivity, and 3.5-mm auxiliary jack

Spotting the differences between the two became even harder. Both had the 8″ display (great), but what were the other differences? The only difference that matters is that the second one has “GPS navigation”. Now I was getting somewhere. This means that there are maps loaded into a navigation system and there is a GPS antenna. However, with CarPlay and Maps on my phone, why would I want this?

Pros of GPS Navigation

  • Doesn’t use smartphone data
  • External GPS antenna provides faster acquisition and potentially better accuracy
  • Potentially faster recalculating as it doesn’t have to goto the cloud
  • Works when there are no cell towers

Cons

  • Separate interface to Maps on iPhone
  • No integration with contacts on phone

Now I was getting somewhere. Given that Maps on my phone has worked well with my phone in my pocket (connecting over Bluetooth) and the number of times I haven’t had cell coverage in the last 5 years I can count on one hand, the decision was easy; forget the GPS navigation. Too bad the choices weren’t clearer.

(An interesting note is that while NAVIGON and other iPhone mapping apps can store maps locally and not use GPS data, Apple hasn’t given them the ability to use CarPlay.)

Posted on

Blocking IP Cameras from Talking to the Internet

The recent distributed denial of service attack is said to have been caused by the Mirai botnet which basically turns IoT devices in attackers. One of the devices that is vulnerable is an IP camera that has a default username and password. While I don’t have that brand of camera, my cameras have accounts that I can’t remove and apparently one ONVIF account with a username/password that can’t be changed. I’m pretty good at securing my network from people coming in, but what about things going out? A lot of these IoT devices talk to a server for firmware updates or whatever. Since my IP cameras only need to talk to my server that is recording video, there is absolutely no need for them to connect to the Internet. I decided to see what I could do to isolate the traffic; this is something I’ve wanted to do for 3.5 years ever since I got a Cisco router that did VLANs, but couldn’t figure out a reason and didn’t have the knowledge to do it. However, times have changed.

In my case, I now have managed switches UniFi Switch 8 and the 16 port version as well as an EdgeRouter Lite. Using this equipment, I was easily able to separate out the camera traffic on a VLAN that has no access to the Internet. Here’s what I did:

  1. On the EdgeRouter Lite, setup a new VLAN. From the Dashboard, click on Add Interface and then Add VLAN.
    Screen Shot 2016 10 23 at 1 17 50 PM
  2. Setup the VLAN similar to the picture. The 1002 is the VLAN ID. Select the Interface for your LAN port. Enter the IP address for this subnet.
    Screen Shot 2016 10 23 at 1 20 31 PM
  3. Click Save.
  4. Switch to the Firewall/NAT tab. Select Firewall Policies.
    Screen Shot 2016 10 23 at 1 22 08 PM
  5. Click Add Ruleset.
  6. Set it up similar to this picture.
    Screen Shot 2016 10 23 at 1 22 54 PM. Repeat for CAMERAS_OUT and CAMERAS_LOCAL (in is for data coming from the camera subnet, out is for data going to the camera subnet, and local is data to and from the router.
  7. After the rules are saved, select Actions to the right of the IN rule. Choose Interfaces.
    Screen Shot 2016 10 23 at 1 25 40 PM
  8. Select the VLAN (ethernet port + VLAN ID) and the direction. Click on Save Ruleset. Then close the dialog.
    Screen Shot 2016 10 23 at 1 26 20 PM
  9. Repeat the above steps for the OUT and LOCAL rulesets.
  10. IN and OUT are now complete; basically we have just made all traffic from this new VLAN never goto the Internet or receive data from the Internet.
  11. To the right of the LOCAL ruleset, click on Actions and select Edit Ruleset.
  12. Click Add New Rule.
  13. Enter NTP for the description and select Accept. Select UDP for the Protocol.
    Screen Shot 2016 10 23 at 1 33 02 PM
  14. Click on Destination. Enter 123 for the port.
    Screen Shot 2016 10 23 at 1 33 12 PM
  15. Click Save.
  16. Create a new rule for DNS using UDP port 53.
  17. Create a new rule for DHCP using UDP port 67.
  18. Click Services at the top of the Edge Router interface.
  19. Click Add DHCP Server.
    Screen Shot 2016 10 23 at 1 42 13 PM1.
  20. Set it up like in this picture.
    Screen Shot 2016 10 23 at 1 43 24 PM
  21. After setting up the DHCP server, you may want to Configure Static Map to assign specific IP addresses for each MAC address.
  22. Before leaving this area, click on DNS and add the VLAN as a Listen Interface and click Save.
  23. Now move over the UniFi Controller.
  24. Goto Settings and choose Networks.
    Screen Shot 2016 10 23 at 1 31 23 PM
  25. Click Create New Network. Set it up similar to this picture.
    Screen Shot 2016 10 23 at 1 32 00 PM
  26. Click save.
  27. Goto Devices and select the UniFi Switch. Click Ports and locate a port with a camera. Click the Pencil.
  28. Change the VLAN to the Cameras VLAN. Click save.
    Screen Shot 2016 10 23 at 1 40 39 PM
  29. Power cycle that port and the device will come up on the new VLAN.
  30. On my Mac (the machine recording video), go into Network settings, click the gear and select Manage Virtual Interfaces.
    Screen Shot 2016 10 23 at 1 45 26 PM
  31. Click the + button and select New VLAN.
    Screen Shot 2016 10 23 at 1 46 12 PM
  32. Enter the VLAN ID for the Tag and give it a name.
    Screen Shot 2016 10 23 at 1 47 16 PM
  33. Click Create and then click Done.
  34. Select the new interface, select Configure IPv4 Manually. Alternatively you can use DHCP.
    Screen Shot 2016 10 23 at 1 48 58 PM
  35. Re-configure your security software (in my case SecuritySpy) with the new IP addresses.
  36. I also changed the NTP address in the cameras to be 10.0.2.1 as the router will now block all traffic trying to go outside. The EdgeRouter Lite happens to be running an NTP server which is quite convenient.

Yes, there are a lot of steps here, but this makes me feel a bit safer. Without a managed switch and a router that can handle VLANs, this would be difficult, if not impossible. Unfortunately most people won’t be able to do this and their IoT devices will be targets. I have no idea how we’re going to solve the problem of IoT devices getting hacked, used to launch hacks, or generally cause havoc on the Internet.

Please let me know if I missed anything or there are any mistakes.

Posted on

Native vs Web App for IoT Devices

Recently I was chatting with a friend about a new WiFi router. I hadn’t heard of it and he sent me a link to it. The first thing I noticed about it was that the configuration was done via an iOS or Android app. As an iOS developer, I know that a native app is going to generally provide a better user experience than a web app. However, as a consumer, I shy away from devices that only have a native app interface. If the app stops working, isn’t updated quickly when an OS gets updated, or the company stops supporting the app, I’d be out of luck. In addition, I like being able to configure devices using my desktop machine and most devices don’t have a Mac app for configuration.

The native apps are great, but they have to be secondary to a web interface for any IoT device. I mentioned this to my friend and he understood right away my point. I look at the serial to Ethernet gateway I have that I bought used 3.5 years ago and is likely not made any more and am glad that it has a web interface. Granted it is a very specialized device on my network, but the web interface is the only reason that I’m still able to use it. If it were a device that I wanted to look at more often, like a router that I needed to control various aspects of it, the lack of a web interface makes the device a no go in my opinion.

I wish that more companies would implement web interfaces first for their IoT devices and have native apps as secondary interfaces. I’m not saying that all apps should be web apps; in fact, I believe that native apps provide a better user experience. I am saying that web apps should always be a backup option in case the native app isn’t available or doesn’t work.