Recently in full_entry Category

Here we go again...

In early January 2020 in Hong Kong, we started getting an indication of something spreading in Wuhan, Hubei province, China. Within a few weeks, HK schools were on hiatus starting from the Chinese New Year holiday, and are still closed. This is a global pandemic now, and there are far better resources to track it than there were back during SARS.

During the early phases of this everyone referred to it as the 'Wuhan Coronavirus' because of the likely origins of it. Eventually the WHO gave it an official name: the virus is SAR2-nCoV, and the resulting Disease is COronaVIrus Disease 2019, or COVID 19.

Some external visualisations:

• University of Washington (Best and most up to date, I think)
• Johns Hopkins University.
• WHO map
• World O'Meters
• HK CHP

Here are some of my visualisations, made from the sources listed above. They're updated automatically, usually around once per day, as the new data comes in. (Note that I'm not forecasting here. This is the observed data, not a prediction. This is scary enough as it is without extrapolating. I'll leave the forecasting to actual epidemiologists)

In the style of the @jburnmurdoch plots, you've probably seen before...

Confirmed Cases since reporting started. Big shoutout to Macau here - they shut down hard right at the start.

Confirmed Deaths since reporting started.

I recently replaced my elderly MacBookPro (late 2008: 5,1) with a slightly more up to date version (Late 2010: 6,2). While using it, I noticed a very odd problem: Audio over bluetooth headphones started out clear, but would degrade over time to a very low bandwidth quality. (Speech would sound robotic and unpleasant).

Audio over wired headphones or the MacBook speakers was fine, so it wasn't a problem with the inbuilt DAC or the audio sources. My Bluetooth Headphones (Jabra Move) can also be used wired, so the problem was not with them either. (And also, playing audio over Bluetooth from a phone didn't exhibit this problem, so the headphones were not the issue.)

I tried the following procedures before find the correct solution:

• Unpairing and Re-Pairing the headphones. Problem persisted;
• Restarting the Mac. Problem Persisted
• Restarting the Mac and Clearing the PRAM/NVRAM (CMD-OPT-P-R on Boot). Problem Persisted;
• Reset the SMC: (Power off, CTRL-OPT-Shift-Power button, Power on) Problem solved!

I don't know why the SMC reset worked, but my theory is that the Bluetooth Module was replaced at some point, and the SMC reset forced some re-reading of the low level devices in the system.

I didn't find any useful info when searching for a solution, so I've written it up here to help anyone with the same problem.

I host a number of websites from home, and I don't have a fixed IP address, so I need to have a service which updates a DNS entry with my current IP address whenever it changes.

Fadó, fadó, in the early stage of the internet, there were free services that did this, but a whole bunch of them went away about 2009 or so, and DynDNS.net eliminated their free tier. Back then, that service went from free to USD 25 per year, which I dutifully paid up at the time.

Now, it looks as though they're going to start charging USD 60 per year per domain for the service of having a DNS record that gets updated once a month or so. This is just unconscionable gouging as far as I am concerned, so I'm going to have to investigate the alternatives and see if there are any free options available (or free with some work on my part), or if I can settle for some service which is more affordable for me, while providing the same service.

Methodology

1. Identify alternative services
2. Review the service that they actually provide
3. Identify the cost of the service they provide
4. Determine if 2. and 3. make financial sense
5. Determine the scope of work required to switch to another service
6. Switch (if good alternative found)
7. Monitor the performance of the new service
8. After a period of time, review the performance of the chosen service and decide what, if any, action needs to be taken.

So What do I need to be provided?

My core requirements are as follows:

• Provide DNS services for at least two (2) domains that I own and host from home;
• Allow me to update the DNS for those domains using (preferrably) ddclient (No particular reason for that, that's just how I'm setup at the moment and it would require the fewest changes.);
• Cost less than Dyn.com;
• be reliable.

What else?

• Allow for additional domains to be added if I need to, (i.e., not have a per domain cost);
• Cope with possibly shifting the hosting side of things to a Linode instance at some point.

Alternative Services

So, what alternatives are there? I did some basic searches and came up with the following:

• DynDNS
• EntryDNS.net
• Hurricane Electric
• Zonomi
• FreeDNS
• NSUpdate
• NoIP
• Ydns

Yes, I included DynDNS in there. They still provide the service, and there is a chance that there would be no competitive services available, or that any decent alternative would require vast amounts of input on my part.

DynDNS is what I'm using now. It has the lowest transition cost (free: Yay!), but will cost USD 60 per domain to renew (Boo!). This is almost twice what it was last year (USD 35 each), and is a thoroughly ridiculous amount of money for hosting a few Zone files.

It has been very reliable, though: I've been using DYNDNS since 2009, and I think I've had to make a change once in all that time. This is good, as I travel a lot and I'm not always available to solve DNS problems.

So there's the baseline: the replacement service has cost less than USD 120 per year, and not cause headaches, or need constant attention. That seems like a pretty low bar...

EntryDNS.net requires a USD10 registration fee before letting me see what services are available. While I recognise that free internet services still cost money to run, this is a little off putting.

Searching around for reviews of their service finds very little, and a few indications that they nearly went out of business last year, and relaunched this year. Sounds like a little bit too much drama for what I want!

I think I'll give this company a skip, unless I have no alternative.

FreeDNS enforces sharing of domain names, unless you go premium, and this is USD 60 / year. Not really what I want.

Zonomi charges USD10 per year for two domains. This looks promising, so I set up a free account, and I'll go down my list looking through the others.

Hurricane Electric: Good old reliable HE (I've been using them for IPv6 for years)! They have a free service that appears to be a bit cryptic to setup and requires a bit of DNS knowledge. But if you don't understand A records, CNAMES, MX records, etc you have no business doing any of this setup in the first place, and should go look at a hosted service.

Time to test: register a domain (diaspoir.tech, only $4.99 at HOVER) and setup the delegation and the updater client:

vim /etc/ddclient.conf

protocol=dyndns2, server=dyn.dns.he.net,
        login=diaspoir.tech, password=[REDACTED]
        diaspoir.tech

Musical interlude with some noodling around at dne.he.net... (why can you only see the setup instructions when you're logged out?)

$ dig diaspoir.tech
;; QUESTION SECTION:
;diaspoir.tech.         IN  ANY

;; ANSWER SECTION:
diaspoir.tech.      86400   IN  SOA ns1.he.net. hostmaster.he.net. 2016050812 10800 1800 604800 86400
diaspoir.tech.      86400   IN  MX  10 diaspoir.tech.
diaspoir.tech.      296 IN  A   119.237.156.5
diaspoir.tech.      707 IN  NS  ns3.he.net.
diaspoir.tech.      707 IN  NS  ns1.he.net.
diaspoir.tech.      707 IN  NS  ns2.he.net.
diaspoir.tech.      707 IN  NS  ns5.he.net.
diaspoir.tech.      707 IN  NS  ns4.he.net

This seems to be working, so I think I'll turn off the auto-renew on the DYNDNS account, delete my credit card details from there, and start setting up the other domains.

I stopped going down the list at this point, so I didn't try out any of the other services.

Because nobody seems to understand it, and Most Hong Kong people insist on the wrong thing:

*** is not the same as right of abode or permanent residency, and it doesn't signify anything apart from your re-entry status.

Source: http://www.immd.gov.hk/eng/services/hkid/smartid.html

The other day my primary mail server was rebooted after some routine package upgrades and it refused to boot! Technically, the BIOS failed to handover to Grub2, so I had to reinstall Grub2 on the MBR of the Boot disk.

I thought I'd document it here, for posterity, and because I didn't see it explicitly called out elsewhere.

First thing to do is get a live linux USB stick: I use UNETBOOTIN, a handy tool which will download and install a live linux distro (or FreeDOS, BSD, etc) to a USB stick. You'll probably need a 4GB stick or larger, which is no big deal these days.

Once you've got your USB stick, go ahead and boot the Linux box using it to your distro of choice. I normally use a recent version of Fedora, because I've been a Redhat user since 1999, but any recent version of Linux should have the tools below available.

Once you're running your live linux, you'll need to open a terminal, and become root, then re-install the grub boot code to the MBR. The following assumes that your boot partition is /dev/sda1, and the boot device is /dev/sda. (you mount the partition, but you install the MBR on the device.)

$ sudo su -
# mkdir /mnt/sda
# mount /dev/sda1 /mnt/sda
# grub2-install --boot-directory /mnt/sda/boot /dev/sda
Installing for i386-pc platform.
Installation finished. No error reported.

That should be it. Reboot, and remember to remove your USB stick!

Aside: I have had problems with recent Live Installs where the UUID of the boot volume is reported wrongly, so that the USB stick won't boot, but instead fails to the DRACUT emergency Root Console. You need to run blkid and write down the UUID of the boot media and then manually edit the ubninit code to get the right UUID.

I was noodling around in the Apple Store recently and I noticed something interesting. Traditionally, Apple has followed a fairly simple formula for pricing in the HK Apple Store, which is to do assume a HKD:USD rate of around 7.80, round to the nearest hundred and take away 12. Sounds complicated? Not really, as what they really want is to have prices ending in 88, which is very auspicious in Chinese culture.

The first table below shows the pricing for some common products. The Rate below refers to the HK price divided by the US price to determine the exchange rate. The second HKD price uses the formula:

ROUNDUP((US Price) * 7.80 to nearest 100) -12

The difference and markup are bases on the difference between this price and the price in the HK store. The Apple TV price fits the patterns closest, but all the products follow the pattern very closely:

(US Apple Store prices do not normally include sales taxes, and there are also no sales taxes in Hong Kong. All prices are for the base model in each range.)

As you can see, you generally save a small percentage buying the product in HK when compared to the US price. But when you look at some third party products, the price differential between the US prices and HK prices is all over the place. Here's the prices for fitbit products:

Why are the last two fitbit products so expensive? An additional 14%? Seems a bit excessive!

Here's an interesting thing: the latest iPhone models also have this price increase in a way which is out of step with the existing price iOS device price points:

Today I was using my MacBook Pro for work as per normal, when I noticed the Finder windows crashing every minute or so. I tried many things, including:

• Deleting misc plists from my ~/Library/Preferences directory;
• Rebooting in Safe Mode (Hold Shift while rebooting);
• Restoring the System Fonts while in Safe Mode;
• Validating the Fonts within FontBook (Found one corrupt one);
• Deleting every single .DS_Store file on the Mac;
• Trying to diagnose the issue from the Crash Report in the Console.

All to no avail, although I did discover something interesting, of which more anon.

Finally, I waded into the Apple Support Forums, searching on some of the terms I found in the crash reports and I finally found a solution to Finder Crashing Every Minute: Basically, turn off "show file status icons and right click menu" in the Google Drive Preferences. This instantly stopped the problems.

The interesting thing I found? My ~/Library/Preferences directory was full of locked files, and once I deleted all the *.lockfile files, quite a few apps were much faster to open, and several websites dramatically changed their fonts. Perhaps I had overwritten the default font for some of them, as they went from being a nice Helvetica to Verdana.

I get scam attempts:

(Letter to Head of Brand Business or CEO, thanks)

Dear Sir or Madam,

This is a formal email. We are the department of Asian Domain Registration Service in China. Here I have something to confirm with you. We formally received an application on October 15, 2013 that a company claimed Hora Tech, Ltd were applying to register "diaspoir" as their brand name and some diaspoir Asian countries top-level domain names through our firm.

Now we are handling this registration, and after our initial checking, we found the name were similar to your company's, so we need to check with you whether your company has authorized that company to register these names. If you authorized this, we would finish the registration at once. If you did not authorize, please let us know within 7 workdays, so that we could handle this issue better. After the deadline we will unconditionally finish the registration for Hora Tech, Ltd. Looking forward to your prompt reply.

Best Regards Derek Lau Senior Consultant

Tel:+86-551-6349 5334

Fax:+86-551-6349 5344

Address:HuiZhou Ave. 856, Hefei, Anhui, CN

A quick google of the first sentence of the second paragraph reveals a hoax-slayer page about this scam, along with plenty of examples of its use. Nothing to worry about.

First SEO spam in a while:

Hello,

I came across your site (http://www.diaspoir.net/) and would like to discuss the possibility of having a guest post on your site.

I’m working on behalf of my client who is able to create articles including travel, shopping and entertainment amongst many other things.

I hope this would be something of interest and would very much like to hear back from someone regarding this guest post opportunity.

Hope to hear back from you soon.

Kind Regards,

[NAME REDACTED]

[COMPANY NAME REDACTED]

You know, right down on the page here, just about where the email address is, are three little paragraphs of text which say:

• Unsolicited Bulk Email (spam), commercial solicitations, SEO related items, link exchange requests, and abuse are not welcome here and will result in complaints to your ISP.
• email the webmaster
• Any email to the above address may be made public at the sole discretion of the recipient.

I don't think I'd pay for services from a company which apparently can't read the paragraph above and below the contact email address...

I've redacted the responsible company for a few reasons. The main reason is that I don't wish to invite assholes into my life, and SEO spammers whinging about how I am "defaming their personal braaands" by reporting accurately on things they have actually done match that description pretty well.

Also, it's not that obvious from the email, but the company is an SEO consulting company that boasts of using meta-tags and keywords to attract Google attention, which makes them borderline scammers in my book. Real SEO is good content and appropriate semantic markup, not keyword and meta-tag spamming.

Previously, I've blogged about the poor reliability of Shure canal phones, headphones, etc. I've had one set replaced at least twice because one ear would just decrease in volume enough that you couldn't hear anything. Both times, I did genuinely get a different set of SE215 with new serial numbers.

If they do this during the two year warranty period, Shure will replace them free of charge. After that time, you will be held responsible for a cleaning/replacement charge. At this point, you may well feel that you should just buy another pair, as the repair charges are probably a significant proportion of the cost of buying another pair.

I discovered a way to get a pair of Shure SE215 back from the one ear dead state, and it's very simple. This has now worked for me twice, and may be worth a try if you are experiencing this issue *and* your Shures are out of warranty.

If they're in warranty, just take them to Shure and get them replaced.

Seriously.

My method is an act of desperation and is only applicable where: "My earphones are dead and I can't afford a new pair of Shures, and the affordable Ultimate Ears 200vi are crap. (I really don't need to hear that much wire jiggling noise, thankyewverymuch!)"

You will need:

• a pair of Shure earphones which have at least one ear blocked/silent;
• Contact cleaner spray;
• Weak Lemon Drink (or any beverage of your choice, really);
• A sense of desperation that you are willing to risk your headphones for this experimental procedure.

Please note (DISCLAIMER) that I accept no responsibility for any damage to your Shures, computer, lungs, environs, property, chattels and demesnes. You undertake this venture at your own risk. Contents may settle in transit. No motorcycles after 3PM.

The steps to follow are as follows:

• remove the silicon or foam tips from your headphones;
• bring your headphones to a place where spraying contact cleaner is safe and non offensive, and where there is good drainage. Bathrooms are good;
• spray a short burst of contact cleaner directly into the ear tubes of the headphones and immediately turn the headphones opening down to drain excess fluid out;
• DRINK YOUR WEAK LEMON DRINK NOW! (You will need to allow some time for the alcohol in the contact cleaner to evaporate, meanwhile excess earwax or other precious bodily fluids have been melted/synthesized and sent to the NSA/FBI/KGB for analysis and long term storage.);
• Excess alcohol in your weak lemon drink may need dissipating through fried food and carbohydrates.
• Test your headphones for good audio in both ears.

It may take a while for all the various substances to evaporate so be patient. You may need to DRINK YOUR WEAK LEMON DRINK a second time. You should probably pour another, rather than regurgitating the first drink. however, if you have insectoid ancestry, feel free to disgregard this advice.

Problem: My new ISP blocks outgoing port 25 (SMTP) and I want to run a mail server from home.

Solution: I need to set up sendmail so that it uses gmail (or my ISP) as the outgoing smart host.

You'll need SASL running, so yum or apt-get that. Then add the following to your sendmail.mc file:

TRUST_AUTH_MECH(`LOGIN PLAIN GSSAPI DIGEST-MD5 CRAM-MD5')dnl
define(`confAUTH_MECHANISMS', 
       `EXTERNAL LOGIN PLAIN GSSAPI DIGEST-MD5 CRAM-MD5')dnl
define(`SMART_HOST',`relay:smtp.gmail.com')dnl
define(`RELAY_MAILER', `esmtp')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/authinfo.db')dnl

Make an authinfo: /etc/mail/auth/authinfo, chmod it to 0600, and have the following lines in it:

AuthInfo:smtp.gmail.com "U:root" 
                        "I:username@gmail.com" 
                        "P:password" 
                        "M:PLAIN"
AuthInfo:smtp.gmail.com:587 "U:root" 
                            "I:username@gmail.com" 
                            "P:password" 
                            "M:PLAIN"

(Note: these should actually be all on one line per entry, so two lines for the above.)

As always when dealing with sendmail.mc, you'll need to run the m4 processor over the file and make the hash maps. Do yourself a favour and have a Makefile to do it for you. Restart sendmail, and you should be good to go!

# makemap hash authinfo.db < auth/authinfo
# m4 sendmail.mc > sendmail.cf
# service sendmail restart

And note that if you use Application Specific passwords (i.e. 2 step authentication), you'll need to generate a password for this.

Helpful info from:

• http://www.phinesolutions.com/sendmail-gmail-smtp-relay-howto.html

UPDATE: While the above is fine and works, Google's mail servers rewrite the From: address to the gmail account you use to authenticate. This is not the best solution if you want to not appear to only be able to send from gmail.com. Here are some other changes to use the ISP's mail server. (In this case I'm using netvigator.com, others should be similar.)

/etc/mail/auth/authinfo (Note that I don't need to specify the higher ports, as the ISP only accepts on port 25. The Method ("M:PLAIN") doesn't seem to be required either.

AuthInfo:smtp.netvigator.com "U:username" "P:password"

/etc/mail/sendmail.mc

define(`SMART_HOST',`relay:smtp.netvigator.com')dnl
define(`RELAY_MAILER', `esmtp')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 25')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 25')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/authinfo.db')dnl

And to enable all this:

# makemap hash authinfo.db < auth/authinfo
# m4 sendmail.mc > sendmail.cf
# service sendmail restart

I'm taking a break from doing this.

You may enjoy some of the links on the left.

Stand Up Economist

"Daniel Goldsmith" called me back tonight with the spiel for buying into an IPO on an institutional investment rate.

The IPO deal was for a company called USA Oil And Gas Corp (Nice and generic, huh? Although the company does appear to exist.) and how they were about to be snapped up by Halliburton and be given vast amounts of previously untenable oilfields to extract oil from.

(At least he didn't read out the URL in pseudo-milspeak like he did the company one: "Kilo! India! November! Golf! Sierra! Mike! Echo! Alpha! Delta! Papa! Echo! er, dot com". I was so tempted to come back with Whiskey Tango Foxtrot!)

He reckoned that the opening price for the IPO would be USD 1.95, but I could get on board for USD 1.50 and cash in after the IPO.

While explaining the details of the deal, he was really hammering on the "little yeses". This is a sales technique which involves getting the sucker 'valued customer' to agree with you at each incremental step along the way so that they hopefully agree to give you all their money at the end.

I told him I wasn't interested in doing business. He got quite angry at that point and, although he managed to control himself, he started getting quite snappy. He told me that if I didn't get on board now, I'd be sorry in five weeks (the IPO time), and he'd call me back to gloat.

When I mentioned finding negative reviews of KingsmeadPE on the Motley Fool forums and how they appeared to be a Boiler Room, he started up with a cock and bull story about how a disgruntled office junior named Walters was poisoning the good name of the company. At that point, I hung up on him, having better things to do.

So, the guys from KingsmeadPE are following up (from Kingsmeade?) with breathless anticipation of a deal for me.

I got a URL out of them this time (see above), and a quick google search on their company name (kingsmeadpe ) turned up a whole bunch of threads on The Motley Fool about Boiler Room operations.

That's not the kind of profile you expect from a respectable business!

UPDATE: so, about 45 minutes after posting this, this post is #3 on the google search for KingsmeadPE.