Mac@Work : The Ultimate Business Machine

The
Ultimate
Business Machine

Technology, business
and innovation.

And, not least, about
the Mac.

Weblog • Archive • Cutedge

by: Bernard Teo

Thu 18 Jan 2007

Seeing a dark cloud in a silver lining

Category : Commentary/cloudsandsilverlining.txt

Apple's just brought in more revenue in one quarter (a record $7.1 billion) than they did for a whole year, just a few years ago, and I'm guessing what tomorrow's Straits Times headline will look like.

It'll probably be something like this :

"Options probe cloud Apple outlook as Mac sales slide"

going by the trend of years gone by. Want to bet? Let us see.

Also on tomorrow - Leopard Tech Talk, Singapore.

Posted at 3:24PM UTC | permalink

Mon 01 Jan 2007

The Ghost in the Machine

Category : Commentary/poltergeist.txt

I'd better scratch that last advice I gave about Airport Extreme Base Station (AEBS) settings. To recap, to improve the wireless reception that my MacBook Core 2 Duo is getting, I set the AEBS wireless mode to "802.11g Only", which did provide the MacBook with a consistently strong signal.

But the downside is : I found the base station hung up three times in the last three days.

The strange thing is, the base station hung up each time moments after I've closed the MacBook and put aside my work. The first time when I left to attend a funeral wake (eerie!). I was away for three hours, and that's how long our server (which sits behind the base station) was down. Fortunately that happened between three to six in the afternoon (our quietest period in a 24 hour cycle) so maybe not that didn't stop too many people from accessing the things that they want.

Then the next time was, after watching Man United beat Reading on Saturday night, I answered the last of the mail I had still pending, went to sleep, woke up at five (I'm an insomniac) and found the base station hung minutes after I had gone to sleep. I can check, using WebMon, when the last hit on the server had occurred. The site had been down another three hours.

At this point, at five in the morning, I'll admit I was open to any suggestion that a poltergeist had somehow followed me home and was watching my every move.

Then yesterday afternoon, I wrapped up some work for the year and went for a run. You guessed it! Almost two hours later, when I got back, I found the base station hung, almost to the minute I had left the house.

Now, if we have a poltergeist in the house, that must be some Internet TCP/IP-savvy ghost.

Not willing to give in to superstition, I've reset the base station settings to "802.11b/g Compatible" and everything else (channel and multicast rate) to the defaults, to see if we'll get another crash.

But that's, of course, superstition on another level, because I don't at all understand what all these settings do, unlike when I'm debugging my own code and I can find exactly the explanation for why things work the way they do, no matter how seemingly random. "When you believe in things you don't understand, then you suffer", so says Stevie Wonder. But life is lived among varying levels of illusion.

One man's superstition, another man's religion.

The title comes from The Ghost in the Machine by Arthur Koestler, which together with The Act of Creation and The Sleepwalkers, are three great books about the history of technology and the origin of ideas.

And a Happy New Year to all. It is the new year, at last.

Posted at 9:44AM UTC | permalink

Fri 29 Dec 2006

Airport on MacBook Core 2 Duo

Category : Commentary/AirportExtreme80211g.txt

I was having terrible Airport reception from my MacBook Core 2 Duo, when accessing an Airport Extreme Base Station. The reception was poor, wasn't steady, often wavering, and it even lost connection entirely now and then. Applying the latest Airport Software Update didn't seem to have any effect.

Then I thought of switching the Airport Extreme Base Station to use only 802.11g with a multi-cast rate of 6. Now, changing the multi-cast rate was probably voodoo/superstition, because I don't quite understand the effect that was having, but using 802.11g exclusively seems to have fixed the problem for me.

I've got another broadband line with another base station on 802.11b, for my older iBook and PowerBook. Strangely, my MacBook had no problems whatsover attaching to this base station, which is built into a SpeedTouch modem/router, and works only on 802.11b. That was what gave me the idea of switching the Airport Extreme to work on only one setting rather than supporting both simultaneously.

Also, I couldn't have debugged my problems with PayPal yesterday without this other broadband line and the spare server that I've hooked up to it. I created a new PayPal account using my wife's email address and set up a domain that I own, called lifeassets.com, and in a short while I was able to start making on-line payments to it. And that PayPal account is easily linked to a local bank account. So theoretically, I've shown I'm able to set up an on-line Internet business in minutes.

Now that I've got this set up, it allows me to see if I can package this payment processing system that we have into something more robust that other people can download and use. That's going to be one of the projects for next year.

Posted at 6:04AM UTC | permalink

PayPal

Category : Commentary/PayPalUpdate.txt

I think I've found where we're getting jammed up contacting PayPal whenever traffic on the 'Net gets too heavy, and because of this our server couldn't tell it had to generate a serial number to send out. But I think I can fix that now.

Things have gone back to normal. I can even access Macsurfer again, which I couldn't the last two days, so welcome back.

Posted at 5:12AM UTC | permalink

Thu 28 Dec 2006

East Asia-to-US Internet Chaos - An Update

Category : Commentary/ChaosAsia.txt

I had put notices on all my software download pages, about the intermittent Internet connections we are experiencing as a result of the damage caused by the Taiwan earthquake. Then I watched all the PayPal payments go through last night with no problems and so I thought everything was back to normal.

But, now that the sun is here (or at least I'm sure it is behind all those Monsoon rain clouds) and everybody from China to India is up, our connection with PayPal is acting flakey again. So I'm sure (and I'm checking) that it's due to some timing problems that are showing up now that more people jam the little bandwidth that the ISPs have been able to conjure while the data cables are being repaired.

The warning signs go up again.

Evening update : The payments are going through again. You can almost feel the herd stomping out of the offices and going home.

Posted at 1:47PM UTC | permalink

Wed 27 Dec 2006

Taiwan Earthquake Disrupts Asia/US Internet Access

Category : Commentary/TaiwanEarthquake.txt

A strong earthquake off Taiwan late last night damaged underwater data cables carrying Internet and voice traffic between Asia and the United States, disrupting Internet access for most people here in Asia.

I'm experiencing intermittent connections when I'm trying to load pages from sites outside Singapore, but I'm still seeing hits coming in to our server from the US, United Kingdom, Australia, etc..., so this may be what they mean by connections being intermittent.

According to Cable News Asia, the damage could take days to clear. So, if you find this site responding sluggishly, this is the reason why. In the meantime, the various national telecoms providers have started arranging for alternate routes via Europe, so we should start seeing improvements in the flow of Internet traffic soon.

Posted at 8:27AM UTC | permalink

Tue 26 Dec 2006

A Leopard Christmas

Category : Commentary/leopardChristmas.txt

This was my Christmas gift, to myself - the Leopard Early Start Kit. Well, what can you get a guy who has everything (he needs :-) ?

But this gift took three days to unwrap. It's a 5.4 gig download and when it broke, inevitably, after a day or so of downloading, I had to start all over again - until I realised that you can interrupt the download, make a backup of what had been downloaded up to then, and then when I next hit a break in the connection, restart from the point where I had last made the backup.

I found that I could even move the download to a faster machine midway through the download - by pretending to start a download session on that other machine, "steal" its DownloadEntryIdentifier, below, and give it to the download file that I'd been building up - and the download will carry on from where it left off. If this information could help the other people on the Apple Developer Connection program shepherd their downloads toward completion, then it could perhaps alleviate the congestion those Apple servers must be experiencing.

I had expected a boxed set, but it looks like I'm not going to get one. My Apple Store order shows that it has been completed. (You mean, I don't even get a T-shirt? The Developer Connection T-shirt I got the last time I signed up remains my favourite). One moment I had 500 USD and the next it's sucked out to Apple and all I got are these lousy downloads. What a great way Apple has found to print money.

Anyway, my Leopard exploration starts in earnest. "Another year over and what had we done?" I'll have a better idea what I can do next year when this week is done.

And, yes, a Merry Christmas and a Great Year Ahead to all who'd dropped by.

Posted at 1:04PM UTC | permalink

Fri 22 Dec 2006

A TCP/IP Primer

Category : Commentary/tcpipPrimer.txt

I found a good primer on TCP/IP.

We've been setting up this network panel for ages (since OS 7, 8 or 9?) :

but what does Subnet Mask really mean, and how does it work to help our Mac find another machine? And what is TCP, or IP, for that matter?

The Mac's a hugely more powerful, productive and useful machine since those early days and it's important to know a little bit more about what goes on underneath, if we want to reap its enormous power. Really, it's a lot of payback for a little bit more work. I've aways felt that Mac users are great for understanding things conceptually and not by rote, and so, if you can find a really understandable, readable guide on basic networking principles, you really ought to dig in. Like Black Elk says, "let's see how it's made and what it means".

So, Daryl's TCP/IP Primer is good place to start :

"The difference between this (a primer) and an FAQ, is that most FAQ's, in practice, tend to be question-and-answer oriented, and generally seem to try to cover ALL issues, not just the ones frequently asked about. This primer is intended as a starting point for someone who has an interest in the subject, but doesn't know where to start or what questions to ask. This should also help to broaden the understanding of people who have worked with TCP/IP for a while, but either haven't had the time to study all the less-than-useful theory behind the subject, or have been somewhat overwhelmed by the many theoretical details and have missed the big picture."

Also, I've found this IP subnet mask/CIDR calculator widget. (CIDR - what's that? You'll find that covered in the primer.) It's great for fiddling with, to get an idea what's going on when you flip those IP numbers. Great companion tool to have while you're reading the primer.

Posted at 4:11AM UTC | permalink

Wed 20 Dec 2006

"Attack-Neutered Mutant Zombies"

Category : Commentary/zombies.txt

I found this while researching the literature (if you can call that literature) on computer security : "The Strange Tale of the Denial of Service Attacks Against GRC.com".

I guess it's Shakespearen in its re-telling of the age-old struggle between the forces of good against evil, and about tragedy and hubris.

I've developed a healthy respect (and fear) of the carnage that the zombies and evilbots can wrought. I now want to know everything that can be learnt about this field.

Here's another useful article I want to bookmark: "Trends in Denial of Service Attack Technology" - CERT Coordination Center.

Posted at 3:47PM UTC | permalink

Leopard!

Category : Commentary/Leopard.txt

I've given Apple their pound of flesh in exchange for that Leopard Early Start Kit. The CD will come tomorrow but I've started downloading Leopard client. It's going to take 24 hours, by the look of it. I'll probably still be downloading when the CD arrives. (But the CD may not contain this latest build.)

It's not so early any more, but it's only now that I'm ready to take a look at it. Of course, I'm not going to be able to talk about it, under the NDA.

But, onwards, to wherever that is going to take us. Hope it's going to be fun.

Posted at 1:45PM UTC | permalink

Tue 19 Dec 2006

Maven 0.3.5 Beta

Category : Technology/Maven0dot3dot5.txt

Maven now has the ability to create tables, delete tables, and add new table columns (for SQLite3, PostgreSQL 8.x and MySQL 5 databases).

It can also now delete and modify table columns (only for PostgreSQL 8.x and MySQL 5 because you can't delete table columns in SQLite).

Three more steps, and I'll be able to get Maven to where I want it to be :

1) create databases from scratch, 2) allow drag and drop of data and table structures between the three supported databases, and 3) to support a broadening of the things we can specify on the table structures - e.g., foreign keys, default values, and especially various types of constraints.

Then Maven will start to get useful.

If I can do that, then I can keep Luca focused solely on accounting (and take away all those database management functions) because the user can use Maven to move the data across any of the supported databases.

Also, Luca can just restrict itself to providing the standard accounting reports and, hopefully, I can develop Maven so that the user can do all sorts of ad-hoc analytical reporting on it.

That, at least, is where I'm hoping to go with these two projects.

If I can use Maven to help me design and organise the data structures quickly, then I might be able to work faster on the applications I plan to overlay on top of Luca from next year, e.g., inventory, invoicing, time billing, etc...

Posted at 9:39AM UTC | permalink

Mon 18 Dec 2006

Normalcy

Category : Technology/AccidentalDoS.txt

This server has, very thankfully, settled back to normal levels of service. The bots look like they're gone, hopefully for good.

It probably wasn't a Denial of Service attack after all. More like, Incidental or Accidental Denial of Service. But, tell that to the victims of a drive-by shooting. It's no fun getting pummeled, intentional or not.

But why were the bots so smart to hit the same two pages that had a lot of images?

Here's something that could explain what happened :

"SAN FRANCISCO - A computer worm is attacking some business PCs through a flaw in antivirus software by Symantec Corp., a security company warned Friday.

"EEye Digital Security, based in Aliso Viejo, Calif., said the worm, dubbed "Big Yellow," began attacking some computer systems on Thursday...

"Big Yellow enters machines through a security hole in the corporate version of Symantec's antivirus software. Once infected with the worm's "bot" program, a hacker can use it as a way to connect with other computers for malicious attacks."

Last Thursday, US Time. It was Friday, my time. That was when I started hearing my Mac Mini server's fan whirring like a jet engine. The Mac Mini is usually so dead quiet. So that was when I realised something was up. Something was making it go into overdrive ... it was those bots.

So, if things are quietening down now, it's probably because those infected PCs are getting shut down, or the ISP admins are filtering them off their firewalls.

So, like the Christians say, "all good things happen for good...". I've got the kick I need to look at firewalls and computer security. And, so far, that looks like another fascinating area for study, now that I have the context.

I've been thinking that I had taken this with some equanimity because it's not like I had built this business so big I couldn't walk away from it. But if I were to have crossed some tipping point, then losing the ability to transact business at this particular domain - one that I had spent years building on - that would then become a crushing blow.

And this experience shows how easy it is to lose it all. Your web server and mail server get hit so hard you can't keep the ports open without your system come crashing down. Closing the ports means closing off contacts with your customers. How would they reach you then? How would you do business, bring in revenue, keep your reputation, hold on to your world?

Here's a real world case - it just happened. Look how easy it is to lose control of even your domain name. And look at how painful the consequences. Could any business recover from it?

So, with this context, the technical issues come alive. How does denial of service work? What to do immediately when it happens? Where are the choke points? How do you parry it? Where do you place your blocks? How do you trace the attacks so you block the attacks with surgical precision without bringing down the whole site, because that is precisely what the attacks are meant to do - to put you out of business.

It's clear to me now that the time to think about these things is while we're still building our business - so that our means of protecting it grow as our business grows. If we wait till it's worth the world to us, we may not have time to secure it before we lose it all. Apocalyptic and dramatic? Technology is the double-edged sword. The speed you exploit to build up is the same speed that can used to cut you down. If anything, I've seen how now.

Posted at 4:35PM UTC | permalink