Windows is Dangerous

One of my coworkers got a new laptop last week.  Friday I set it up with software, configured email, removed a ton of the pre-installed crapware that wasn't needed, and passed it on to her. Should be all fine, all that was really needed was to install a few bits of extra software, Skype, Slack, etc.

Today she came to me asking if she should install "this". This turned out to be what happens if you search for "skype download" on google and click the first link. Turns out you don't get the skype download site, but instead you get an "installer" which prompts you (with varying types of trickiness, for example 'decline / accept' buttons to move to the next step, and on the next step the 'accept' button is to install some crapware, and the 'decline' button is actually 'skip'.

After successfully navigating the "installer" software, Skype was installed, so I looked to see what else was installed. There were somehow about 5 more bits of crapware installed now. I don't know if it was done in the 2 work days since she got the laptop, or all today from this. Lets see:

  • Norton
  • "PC cleanup" software
  • A browser search engine / home page hijacker called "bikiniland", installed as two separate programs, in both IE and Chrome, plus extensions
  • Another couple of random bits of software

I don't know if it's the lack of knowledge in recognizing the difference between a legitimate download site and an obvious ad (and knowing that the only reason you'd put an ad up like that is to add on extra crap), or the fact that (in general) the "windows install wizard" culture gives software of ill-repute a lot of ways to scam the user, compared the the (in general) "drag the icon to your Applications folder" philosophy of Mac OS.

Either way it was 30-60 minutes of my life I won't get back from probably a couple of bad clicks. Now I know why Windows Total Cost of Ownership is so much higher due to having to lock down computers, disable users from installing things, etc.

I wonder if there's a test I can give new users about how to recognize what they should and shouldn't do online.

New Year, New Eyes

img_4271.jpg

Being that this blog seems to be only ever used for big life events, I figure this is probably worth it.  After  years and years of thinking about it, talking about it, going for consultations, and saying over and over how I couldn’t afford it, I finally got laser eye surgery on Dec 22, 2014. As of now (just over 4 weeks later), my eyesight feels like it’s at about 95% of “perfect” (or at least what I had with my contacts before), though I haven’t had any formal testing against a chart.

My boss’s wife got some sort of a referral deal where she got $500 off at the London Eye Care Center in New Westminster, and by dropping her name, I got the same deal. At this point in my life I figured that that’s about as good a deal as I’ll get, and am still wishing I’d done it 10 or 15 years ago. Ah well, hindsight is always 20/20 I guess (pun intended).

The Procedure

Honestly it was pretty boring. Of course I anticipated things for the weeks leading up, but I never thought to watch any videos of what was going to happen. Honestly, I was going to have it, so seeing what was going to happen wasn’t going to change what would happen, so I figured I’d find out when I found out. Luckily it was really, really dull.

Basically I got sat down in a chair, and got some eye drops. Then after a few minutes I got moved to another reclining chair, where I got more drops. They did put the anti-blink thing on, but you don’t see it or feel it, so there’s zero sense of some crazy mechanical medieval thing keeping you from blinking. Then more drops. Then a few more.

After a bunch of different drops the laser moved over top of me (and by “laser” I mean something that from my view looked like a large flashlight with a blinking light in it). A patch was put over the other eye and I was told to star at the blinking light, which I did for the required amount of time (50 seconds my fairly high (-6.50 / -7-ish) prescription). When the time elapsed there was more drops and some saline on the eye that got done, then the machine moved over and the procedure repeated for the other eye (48 seconds this time).

Day One

There was an immediate difference, but it was a lot like wearing contacts that were about half as powerful as they were needed. Also as soon as the numbing drops wore off in the car I realized what they meant when they said you’d be light sensitive. Know when you get the eye exam when they dilate your pupils, and even if it’s a dull cloudy day it feels like someone pointing an incredibly powerful flashlight into your eyeballs, and it hurts? It was like that but worse. I spend the drive home (not me driving obviously) with eyes closed, sunglasses on, and my hoody pulled low over my eyes. And it still sucked.

The Sucky Part

The really sucky part of it all is the first 3-4 days suck. And I mean really suck. I spent most of those days in the bedroom with the window blacked out, sunglasses on, with an ice pack on my face (thanks for the best early Christmas present ever Sarah!) and my eyes closed, with an audiobook from my iPhone in my ears. There’s also a regiment of drops (not bad) and a drive back to the clinic the day after the procedure, the third day after, and the 5th day after.

After the third or fourth day the pain sucked less (though they do give you numbing drops to deal with that, and a perscription for T3s and sleeping pills). Vision also was about 70%, enough to squint at my phone to communicate with people (you’re not supposed to look at screens too much in the first week) or figure out kinda what’s going on on TV (mostly I just listened without watching because the screen did hurt to look at.

Impatience

The improvement to 70% was great, I wasn’t in pain, was able to drive (though I wouldn’t have wanted to have to find a certain street or drive where I wasn’t familiar) and things went better. From the end of the first week to the third week things stayed about the same, which sucked. I’m fairly patient, and even though I talked to my buddy Mike who got the same thing done last summer who said this was all totally normal, I started thinking about what if they got it wrong, what if I have to go through the whole thing again to get a touch up, etc. All that stuff.

(Minor) Complications

When things still weren’t getting better in week three (or thereabouts) and I was still very light sensitive (oncoming headlights while driving to and from work made me tear up and want to stop the car and just sit there with my eyes closed) and eyes hurt and I was using the numbing drops still. They had said to use fake tears (“eye lube”) to keep my eyes moisturized. They helped for the short term, and made my eyes suddenly go to what felt like perfect 20/20 vision, but soon after they went back to being sensitive and painful. I figured I’d ask the clinic and went in to see if they could tell me if this was normal or something was wrong.

The doctor looked at my eyes and asked me if I was using lots of the eye lube, as they had told me to. I tell him yes. He says ah, you’ve got “surface toxicity” to the preservatives in the drops and I need to get the (fancy, expensive) preservative free eye lube drops and everything should get better.

I did, and it did. A day or two later the pain had disappeared and the need for drops all the time dropped to nil. I’m not sure if it’s related or just coincidental timing (Mike did say that it would be about four weeks before vision was where I wanted it), but in that time I also moved from what I’d consider 70-80% perfect vision to about 90%.

Almost There!

I remember the day that I thought “Oh wow, this is really working”. I was driving to work and could clearly read my digital odometer. I thought at the time that I must have just put in eye drops (like I said the eye drops gave me perfect vision for a bit, probably smoothing out the outside of my eyeball or adding the last microscopic bit of lens correction that was needed)

I hadn’t.

Maybe my eyes were tearing up and it’d go away when I blinked.

Nope.

I kept on randomly staring at my car dashboard while driving to see if it went back to the slightly fuzzy mess it was before, but it didn’t. Since then things kept on getting better. Now I can see my computer screens of all sizes and at all distances just fine, can read, watch TV, and while I don’t think I’m at 100%, but it’s getting closer and closer. I’ve got another checkup in three weeks, when I assume most of the minor fluctuations in vision quality will have settled down, and they’ll have an idea of if the procedure was a great success (at this point I’d say yes, pretty damn good).

Now life is normal. Other than one drop per eye twice a day, nothing’s changed. Focusing seems a bit slower than before, but the same thing happened when I went back to contacts, just have to get used to the eyes working slightly differently again.

I still reach for my glasses in the morning and still think I forgot to take out my contacts when I go to sleep and can see. In the shower I can see clearly which is also odd (either not having glasses on or having to deal with contacts flipping around as they tend to do in the shower), but I’m slowly getting used to it all.

No complaints :)

Windows 8 is Terrible

I take it back. I used to say that Windows 8 wasn't that bad, you just have to get used to it. Sure it's a bit different, but once you start using it, you'll start to figure out what the thinking was.

I was wrong. At that time I had never "really" used Windows 8. I'd used it for very simple things, helping out people in the office, setting up Office, installing apps, getting the printer working, setting up a second monitor, that sort of thing.

Then my friend Shaun got himself a new computer, and I got "invited" over to help him with a few things. I got to sit and use Windows 8 as a user for the first time and thought I'd give a few thoughts.

First of all, I know this stuff. I've been using computers since 1992, and have used Windows from version 3.0 onward. I've used Mac, Linux, Windows, BeOS, and other systems that don't exist anymore. I live and breath technology, and while in the last couple of years I've migrated myself into a Apple environment (laptop, desktop, phone, tablet), I still play with new technology and feel I'm still pretty much "with it".

I also don't blame Windows for the horrible crap inflicted on the computer itself. It was a $399 Future Shop special, loaded up with all sorts of crapware, and with not the greatest hardware. Not Windows fault at all.

I'll do my best to avoid a plain old "just get a Mac" argument. Macs aren't for everyone, both budget wise and aesthetically, and I tend to disbelieve anyone who speaks in absolutes (like "macs are best").

My Thoughts

  • The desktop colour scheme is terrible. It's essentially white on white, meaning you can't easily see which is one window or another when they overlap. I know that the desktop is the realm of the super-user these days, but seriously, put back a bit of drop shadow or at least make the non-foreground window have a different colour.
  • The complete and total bifurcation of the OS is approaching the insane. There are two separate control panels, one in the "Metro" environment, one in the desktop environment. Both do different things, but there's not a hugely clear reasoning. For example if you want to change your desktop font and size, you need to do that in two separate places.
  • Updating is completely insane and understandably confusion to the non-native user. Here goes my best attempt to explain what I learned:
    The Windows Store app had updates for apps, but only the ones that you bought through the windows store. For system updates, you have to do those in the desktop version of windows update, which you get to through the easily remembered sequence of Win-x -> system -> updates (I think). This will get you all the system updates needed. Except Windows 8.1, which needs to be gotten from the Windows Store, but only after the system updates have been done in the Windows Update app.

    Makes Sense right?

  • I at first thought that I could just find the Windows 8.1 update in the store, so I wanted to search for it. You'd think that's how it would work, go into the Windows Store app, click on a search field (just like it is in the Mac App Store app) and search. Oh wait, there's not a search field, or button. To search the Windows Store, you have to go to the main system search, put in your search term, scroll down a stupid long list of other places to search (by default it searches your system) until you see "store", click on that to select it, and then it'll search through the windows store. W. T. F.
  • I found the same searching problems when I tried to install Microsoft Security Essentials (to replace the aforementioned terrible crapware of Mcafe or whatever was installed by default). You'd think that when you click on the link from the site to install it (before I realized it was built in already), or in fact any Windows Store app link, it'd jump you right to the app. On the mac you click on a link that looks something like "itunes.com/app/someapp/12345" it will jump you into the app store with that app selected, or a "not found" if it's a bad link. The Windows Store links I clicked on just seemed to go to the main page of the store. I had no idea if the link was bad, the app was gone, or if the Store didn't respect the links.

In its defence, Windows 8 now does have the ability to mount an ISO (CD or DVD disk image) built right into the OS, instead of having to deal with 3rd party Virtual CD drivers like I had to previously. So... yay.

So those are my impressions of using Windows 8 for the first time to do something, for what it's worth. Maybe after using it for a while it'd all make way more sense. Maybe.

Some days it’s a bad idea to ignore (or rather, just not check) email. And ignore weird stuff when you see it. Turns out for two days straight my server has been spewing out spam, after a user on the server had their password compromised. The server is a Ubuntu server with Postfix as the underlying mail transport.

The spam was in the form of a from address of xxx@domain.com, where xxx was a random string. The server doesn’t allow relaying, so to send mail from domain.com (hosted on my server) to random other domains (yahoo, gmail, etc) they’d have to be sending it as a user on my system.

To temporarily fix things, all the email that was in the queue got put on hold.

# postsuper -h ALL

This puts the mail on the back burner until you figure out what to do. The server won’t try to deliver it at all until you “un-hold” it. This had to be done a couple of times before I figured out where the spam was coming from. Thing is, what to do with 600,000+ emails sitting in the hold queue?

First thing was to figure out where the mail was coming from. I looked through the logs and it seemed like all the spam mail seemed to be sent through the same user.

Oct 27 10:01:14 amarok postfix/smtpd[25071]: C3E4FB1CEA3: client=unknown[46.253.82.98], sasl_method=LOGIN, sasl_username=bob

Ok, so looks like ‘bob’ got his email login compromised. Ok, now at least there’s a starting point. A bit of digging through the logs I found about where the spam started, and confirmed that by checking where the user was logging in from. Unless he could jump from Vancouver to Bulgaria in a minute, and then decided to send mail every second, it was pretty easy to figure it out.

Ok, so what now?

Next step, get a list of the IPs that the user was logging in from sorted and uniqued so I had each of the IPs used to spam.

# grep sasl_username=bob /var/log/mail.log | sort -u > iplist.txt

Now I tried a few different things to figure out if the IPs were real or not. I figure if they came from the Vancouver area they were probably legit, but if they were from Asia, Russia, or a host of other countries they were probably not valid. I used a few different methods to try to do an automated lookup of where the IPs were from, but the reverse lookup tools seem to be inconsistent at best for automated lookups.

In the end I basically used a network tool to do a lookup like this: http://networktools.nl/whois/5.57.75.82 where the IP I looked up sometimes was just the first number, i.e.: http://networktools.nl/whois/175.0.0.0. Honestly after a while I just deleted the IPs I knew were commonly used by Rogers and Shaw, and then deleted everything else:

 root@server:/var/log# grep -wFf /root/iplist.txt m.log | cut -f 6 -d ' ' | cut -f 1 -d ':' | postsuper -d -

This greps for sources in iplist.txt, in m.log (which was a combination of mail.log mail.log.1 and mail.log.2 (the three days of log files I knew had relevant data). Any resulting log file messages are cut up until just the mail queue ID was left, and then that is piped into postsuper which deletes it.

After a few of those I was down to 5,000 messages in the queue, down from 600,000. Not bad. Still a few to deal with though.

# mailq | grep domain.com | awk '{ print $7 }' | sort -u

Now that’s a list of all the email addresses in the queue that are “bad” and need to be deleted. So using a great little tool for deleting postfix messages by to or from address I called pfdel, I did this to now run each of those bad emails through it and delete those messages from the queue:

# for i in `mailq | grep domain.com | awk '{ print $7 }' | sort -u` ; do pfdel.pl $i ; done

This took me down to 38 messages in the hold queue, which were easily looked at to see if they were legit (hint: if it was coming from a .ru or .br address, or a spammy looking domain, it got nuked).

So that’s it, short, sweet, and not the way I wanted to spend my Sunday night. Now dealing with removing my server from all the blacklists, that’s another issue… Ugh :(

RIP Corny :(

On Thursday, my friend, and cat, since 1997 passed away.  He was sick the day before and Andrea took him into the vet, and we were told he needed some fluids and antibiotics, but the issue was a fixable one, not a "he's old and you're just prolonging the inevidble" situation.  We left him there but there were complications at the vet's office, and she called me to tell me he had passed away just as I was telling a model (I was out for a shoot in Abbotsford) about how he was old and I was prepared for what might happen, but was happy that he'd be with me a while longer.  Ah well, such is life.  16 years is a long time for a cat I think, and I was happy to have him by my side since before I was out of University when I got him from Pam as a tiny kitten.  The first post I could find was a while into his stay, but not that long since. The very first mention is July 1997, before I got him when the litter of kittens was still too small to come home.

Anyway, here's the last couple of pictures I have of the old man, doing what he does best, cuddling with his people.

Corny and Andreacorny and rob

And a couple from when he was a baby.

king rd apartment - corny 10.jpgking rd apartment - corny 3.jpgHe was my first "real" cat and was with me for almost as many years as he wasn't.  I miss him but am happy for the time I had with him cuddling on the couch or sleeping on my shoulder at night and purring.

On Facebook News Feed Censorship

There’s been a lot of talk recently about how Facebook is repressing my posts, people aren’t seeing them, OMG Facebook is censoring my news.

Good I say.

Here’s the thing, if you’re on Facebook you’ve probably “liked” a lot of things, from your favourite TV show, to your friends pictures, to your local community library. All those people and things have updates and they all want your attention. Chances are you don’t want to see them.

Now I’m not going to go out on a limb and say that Facebook isn’t evil, but they are (with some notable exceptions) doing what’s best for the users and censoring the news feed to show you things that you are interested in[1].

Chances are that the things you are interested in on Facebook are things like your friends announcing their baby, your mom posting a picture of her new cat, your college friends’ updates, and that sort of thing, not Drobo posting a new blog post about why their RAID technology is the best, the photographer that you follow posting a new image to his portfolio, or a website announcing a new contest (“like us and follow us on twitter to enter!”). The thing is, everyone feels like their posts are important, especially those companies, who would love to have you see everything they post. These are (in general) the ones that are complaining that “Facebook is censoring me, make sure you click our page and select ‘add to interests’”.

If you’re friends or have liked with more than a few people on Facebook, seeing everything on the news stream is going to be overwhelming, and you’ll scroll down three or four pages just to see the last hours updates, which would make the Facebook experience tiring to say the least. Facebook is very smart about retaining engagement with users, and know this, so they have sophisticated algorithms (or at least I assume they do) that let them track what gets your attention and what you do see and engage with, and show you more of that and less of the contest to win a new DSLR (“Just like the page and share this post to enter”).

The thing is it seems that most of the people up in arms about this are companies and journalists, beating the drum that their posts and publications posts aren’t being seen. I have yet to hear a user or friend actually complain about this, unless they’re just parroting back a post about it.

So I say good for Facebook for keeping my news stream (mostly) clean of posts, and good on them for taking money from people who aren’t engaging enough with people to get “real” attention and exchange it for giving them more visibility (even if it is really annoying as the user to see the promoted posts popping up).

Recently the big new Facebook news is the revamped news feed which actually does go to some extents to “fix” the “censorship” issue. Part of the new design is to let you see everything in order (i.e.: no more missed items, but you see everything) as well as separate pages for friends only, companies only, etc.

[1] The exception here is of course the sponsored posts, ads, “8 of your friends like allstate”, and so on that are obvious marketing and ads jammed into your feed.

My Pebble Smart Watch Review

There are many Pebble Smart Watch reviews, all similar, all unique.

This is mine.

I heard about the Pebble Watch on Kickstarter the day that it made it’s goal, and even though I didn’t write about it, I did back it immediately. I got back into wearing a watch a couple of years ago with a gift from my grandmother, but the watch strap has been slowly deteriorating, so it felt like a good excuse to replace it.

The Pebble team originally planned an October 2012 release, but as time moved on, it became more obvious that they weren’t going to make it. Instead of promising another release date, and potentially breaking it, they did the smart thing and said nothing until they knew a schedule that would work. They announced that shipping would start January 23. Long story short, mine finally arrived today, after an extended stay in Vancouver customs and one false start.

Pebble Shipping

The “out of box” experience is good, the shipping box is unique, fits the watch well, and there was no shifting of the watch. There was no documentation inside, no quick start guide, but I suppose if you’re the sort of person who guys a Smartwatch off of the internet via Kickstarter, you can figure stuff out yourself. The watch is smaller than I thought it would be, but still not “tiny”. Definitely not a downside.

Pebble in Package

The screen is just the right size I think, or pretty close to it. The wrist strap is less “plastic-y” than I thought. Seeing the reviews didn’t prepare me for the soft plastic that it is made out of. Not low quality as far as I can tell (not being a plastics expert), and pleasant against the wrist.

Watch build quality is good, but not perfect. The seams aren’t perfect, and there is a bit of odd distortion on the e-ink display that others have noted. Not a big deal though.

The software is simple and easy to understand. There are some bugs (being able to re-order downloaded watch faces, some backlight oddness, etc), but they are all (potentially) easily fixable with software updates. Some software updates to the watch has already been made to fix things like notification display and backlight control. The ‘flick your wrist to turn on the back light’ is a nifty feature as well.

I’m not a BlueTooth borg person, so I’m not used to having my phone tethered to BlueTooth. I was a bit worried that the battery would die sooner than normal, but my iPhone 5’s battery has only seemed to wind down a bit faster than normal (maybe 5-10% faster?) but it’s hard to tell as usage is pretty much dependant on the user. It’ll take a few more days of use to see.

IMG_2662.jpg

Right now the watch is a bit plain. On the iPhone it can:

  • show the time, with different watch faces that can be used.
  • control the music on your smartphone
  • display some notifications for SMSs, calendar events, incoming phone calls, and emails (android is less restricted by Apple’s draconian rules about what you can and can’t get notifications for, and lets you have much finer grained control of what notifications (and you get more of them))

… and that’s about it. No, not buyers remorse, but you have to remember that this is, in essence, just a watch with a couple of extra bits, not a magic do-everything smart watch (yet). That said, the ability to see what my phone is trying to tell me without pulling it out of my pocket is pretty awesome. Is the text ignorable? What thing is it that I’m about to be late for? Etc.

So conclusions…

Is it cool? Yes. Is it worth the (now) $150 cost? Probably, but it’s definitely something for people with a bit of disposable income. Do I love it? Hell yea :)

Scrambled EggsHad a nice time last night with the now-sort-of-annual New Years Eve party.  It's actually more of a "we are old and lazy and don't want to go out so why don't people just come to our house" party if I was to be honest.  Only 3 people showed up, but there was still lots of great snacks (and actual real food that A made), lots of drink (not irresponsibly too much of course), and fun.  

Among the fun was swapping computer hardware, which, even a bit tipsy, is possible.  A's computer died a couple of weeks ago (dead hard drive) so we got her another one (after 5 years that's not bad).  I got a gift card for NCIX so I got myself a(nother) SSD drive, and then last night swapped the hard drive out of my laptop, put the new SSD in, and put my old drive into her old computer.  A few (amazingly fun) hours of installing Windows Vista, and voilà, usable laptop, and a now super-speedy drive for me.

Slept in late, woke up feeling... mostly alive, got up, made eggs, and am now watching Lord of the Rings (the original trilogy I heard it referred to a couple of days ago, awesome), while A and Shaun play Age of Mythology (she's kicking his ass.... again).

Merry 2013 everyone!

First Snow 2012

Not sure yet if it's an indication of the upcoming end of the world this friday, but it is snow in the Fraser Valley.

snow-2012.png
snow-2012-2.png
Had the option of a snow day from work yesterday, but succumbed to the lure of a fancy coffee for those who weren't wimps.  Of course it's the Fraser Valley so the snow was pretty much all gone by the time I got home.  This morning I woke up to the above though, but it's not sticking (though it's still coming down nicely).