Tuesday, November 17, 2009

The giant magnetic door catch

My door to the garage is big and heavy, and is the only door used. Any door catch cannot stand the repetitive impact due to carelessness of the kids. Also the door must be easily kept open to unload the grocery. My wife came up with the idea of magnetic catch. I went on to make one but it was rather poor until now.

You need powerful magnets such as those greater than 1 inch long, about 1/2 inch wide and 1/8 thick, available in many hardware stores, rather cheap. You need a few to stack up for power and more importantly, to adjust to suit the space between the door and the wall.

You need two different metal plates, such as those used for building decks from hardware stores. The right ones need a great force to be removed from powerful magnets above.

The larger or bigger steel plate is to be mounted to the wall, the smaller thinner one on the door. Just put the magnets on the steel plates and they can hold the door open. When you close the door, the magnets will stay with the thicker plate on the wall. That's the law of physics.

That's it. There's no need to mount anything except for screwing the plates into the wall and door. Both the door and the wall are protected by armored plates. The catch area is as big as the plates.

The fancy stuff.

You can decrease the magnet and plate size or increase the force and catch distance by mounting the wall plate at an angle. The angle is to ensure that when the door is fully open, the magnets are the door are in parallel, when the magnetic force are greatest. This can be simply done by putting something under the wall plate on one side, or a soft wooden wedge for clamping and spacing filling.

You can also put some pad materials to soften the impact and reduce noise.

Of course you can mount and fix the magnets, and use angled plates.

No pictures because the first excellent version is ugly.

Thursday, November 12, 2009

The future of goods and services

Your local shops are selling you things that they can survive on, not what you really need. The discrepancy is getting bigger and bigger. I get my electric toothbrushes and replacement heads from the net, cheaper and more choices.

Many goods in Target can be replaced by online purchase. Indeed I find more things that I need that is sold by Target online only, than sold at stores only.

Local stores can survive by a few things, customization, touch and feel, and knowledge. Apparel stores are doing well but once you can try on clothes by your online clone, and view yourself in all 360 degrees at home, a lot of people will stay at home instead. Lands-end had it but it was too primitive to be useful. The colors are not even accurate.

Touch and feel can't be replaced, but hardly any goods need that. And if you provide that, you risk become free demo for other online businesses.

People don't like car salesperson, but can't do without car mechanics. You go to a garage because you don't know how to do it, so you buy parts and labor from them.

For the future of goods and services, we can looking at the most expensive personal items, the house and the car. Home Depot is actually selling you knowledge, you buy from them tools and items that are designed for doing it yourself. If you don't mind things that are not completely flat and straight, you can pave your whole yard and build walls without any experience.

The high labor cost is killing the service industry such as plumbing. In many cities it's hard to find a plumber because they cannot afford to live there. You can use cowboys but there's no guarantee. To protect consumers and to protect skill labors, there are many red tapes, and a lot goes to insurance. It's crazy to find a plumber to do a job for you. If you buy all the tools and parts you only pay for a fraction of the cost for calling out a plumber.

Even the car mechanics are not safe. Local mechanics are charging an arm and a leg. But they could be forcing people to drive to Mexico for big services. It started many years ago now. If you plug a scanner into your car, you know what went wrong and what need to be replaced. Mechanics kept saying that the codes don't tell you anything and insists to charge you $40 to $100 for the diagnostics. But do you believe that the many error codes are designed to tell you something? At least they are designed for dumb mechanics.

For simple things such as fluid flush and oil change, you can drive a bit to find cheap labor, or do it yourself. You can find all sort of manuals leaked on the net - the knowledge. For diagnostics, you can do it more reliably than dumb mechanics, and replace parts yourself. It's much cheaper to get parts online, and many old cars are still supported with OEM parts.

Even car wash is a rip-off. If you want the brand new car with deep waxy look, it's hard to say. But for most people, manufacturers should use easy wash paints, available many years ago as options. These surfaces do not need waxing for 5 years. But I think most paints hardly need any waxing and special body wash. I have been using auto car wash for years. After apply "conditioner " and rinse off, no drying is necessary. Even if you go for hand wash, the chemicals are the same. The difference is that they have cheap labors holding the brush in additional to the pressure wash. And they have people to pad dry the car.

Now I tried the dry organic wash and it works fine, almost as good as auto car wash, but better because it's a hand wash. If you wash your car every week or every other week, it is just a matter of wiping the dirt off with a cloth, and then dump the cloth into the washing machine. It also works if you car is dirty. But if your car is all dirty, it's simpler go to an auto car wash, or leave it in the rain.

Also the wheels. I spray it with biodegradable detergent and leave it for one minute. Then I wipe it off with a cloth and a bucket of water. It's dirty work but just 4 wheels. And your wheels will be cleaner than any auto or hand wash joint.

My old neighbor, a classic car enthusiastic, use only a bucket of water to wash the whole car. But I think his cars are very clean. I always want to wash my own cars, if only to avoid the hassle to go to the auto wash. But the dirt water goes directly to the beaches here, if they don't get to my plants first. Now it's "dry" wash for the body and one bucket of water for the wheels. I can even do it inside the comfort of my own garage!

Monday, October 19, 2009

DNS Leak in Firefox 3.5.3 with Dynamic Proxy Switching Add-ons

The DNS leak problem in a simplified scenario: the domain name in the URL address has to be converted to an IP address before the http request can be made. The DNS conversion request and the http request are two separate process performed by different servers. If you have something to hide by using an http proxy, only the http request goes through the proxy. The DNS request may or may not go through the proxy. The implication is that, for example, someone monitoring your activities at your ISP knows approximately when and which websites you are visiting, even though your http requests are encrypted and your IP hidden by the proxy.

DNS leak should be a thing of the past ever since the preference network.proxy.socks_remote_dns was introduced in Firefox 3, the value of which should be set to true to avoid leaks via about:config. However there were some changes in around Firefox 3.5 that made DNS leak possible.

I suppose that the changes are: the DNS and http request are not synchronized or loosely synchronized. This should not affect anything if the proxy selection is static, like editing the Firefox proxy option by hand. DNS leak may occur in dynamic proxy switching add-ons like FoxyProxy. There were no leaks prior to around FF v3.5.

In dynamic switching add-ons, the proxy preference is switched for the http request, but revered to the previous Firefox setting after the request. I would think that the DNS request is made before the correct proxy is selected for the next http request. The previous FoxyProxy, the new Standard and Basic versions all leak DNS requests.

To avoid leaks in FoxyProxy, one must use a sock proxy, and check the global option to use the sock proxy for DNS.

However, one of the free and fast censorship circumvention system, ultrasurf, do not allow socks. In this case, simple and static switching should be used, such as Multiproxy Switch.

There is no DNS leak if you use a VPN - all network request goes through the VPN server. However, if you use a proxy on top of a VPN, any DNS leak from the proxy will be protected by the VPN, but not both.

I use Wireshark for testing. The simple capture filter should be set to "port 53" to capture DNS requests only.

Saturday, October 10, 2009

The Battle with Ants

With the right climate, if you live next to some large open space not under your control, you can't really get rid of all the ants, but only manage it.

If you go to the hardware store to get some ant control stuff, you may be OK for a while, but the labels don't tell you the whole story.

You can call a pest control company. Some gave up, while one company offer to spray every two months instead of three, with expensive "organic" chemicals. It's a waste of money because there are unlimited supply of ants.

You will need the following:
  1. ant spray (for attach to hose)
  2. ant spot treatment (with hand pump)
  3. ant bait
  4. ant poison
  5. sealant
Then you need to understand ant behavior:
  1. nest
  2. travel
  3. food & water
You need to use the right strategies for:
  1. setup environment hostile to ant
  2. emergency treatment
  3. regular control
Ant behavior

Ants live in cool dry places where they may also keep their nest moist. So if you have a yard the best is to cover all areas with working sprinklers, whether you have grass, plants or not.

Ants will find the shortest distance. Moist soil and dense grass or ground cover will take them forever to reach your house. They have eyes and they prefer to travel in the dark. Avoid fixtures in the yard that they can travel under, forcing them to be easily spotted.

Ants need food and water. You are nuts if you plant fruit trees when you live in a giant ant hill. The worst you can get is that ants live inside your house and go outside for food and water. You need to seal off your house. Ant colonies trapped inside the house can be eliminated sooner or later.

Ants are more active in spring due to reproduction cycle, or dry hot summer where they need shelter and water.

Environment

At outdoors, ants like to live in dry cracks like between garden walls and the pavement, between your house and concrete sidewalk, foundations for gate poles, voids in garden paving and ornaments. If you have these you need to seal off the cracks or pour in ant poison, otherwise you have to spray regularly every few months.

Ants may live in trees, typically the top, or under thick trees with loose skins. They are normally harmless but hosting large amounts of ants near your house is bad. It's easy to spray and get rid of them but it's hard to prevent ants from getting back if you have a fruit tree. Ant barriers don't work for me. Even for palm tree, you need to cut off the "fruits" before they become attractive to ants.

Ants are usually found traveling at the under side of external walls just above ground level. This means that you have nests near your house or inside. This part has also the most chance to have cracks for an older house. Avoid any plants or ornaments that make it difficult to spot the ants or any cracks.

For indoors, the most dangerous part is under the kitchen sink where there is moisture, and a lot of cracks and pipes. From there ants will travel all over the kitchen cabinets and beyond. If you can, check for perfect plumbing so your kitchen is completely dry. Seal off any voids due to piping and seal off cabinets from each other if possible. But the most important is to fix any cracks from your house to the outside.

In the kitchen place your stuff in groups such as food, eating utensils etc. Food not in the fridge should be placed in cabinets and shelves above the kitchen sink, but far from ceiling and corners. Under the kitchen sink is only suitable for stuffs that can be sprayed in an emergency, or there's no chance of chemicals getting into your body.

If ants are really desperate looking for shelter, they will enter through air vents in your drying machine, exterior exhaust fans, window frame draining holes and even cracks in the roofs. Try to make these weak points accessible to spot treatment if you have an emergency ant invasion.

Emergency Treatment

If you start treating ants and disturb the equilibrium, it may turn into an emergency at first. Ants living in your house may have to invade your kitchen once they are cut off from outside. When you destroyed an ant nest outside, the ants may have to find a new home inside your home.

If you are overwhelmed by ants inside or outside, it's likely it's time for a large area spray outside the house. Those spray bottles for attachment to a garden hose is easiest. Concentrates for dilution into large spray cans are more accurate. I always use chemicals suitable for plants and grass, unless you like to keep two separate bottles. I also use chemicals specially for ants rather than for multiple insects, unless you have other problems. Your local store usually will stock chemicals that is effective in your area, or most likely you can have a refund.

Most likely these chemicals are not instant kills. But when the chemical get to ant nests and then dry up, they are effective in repelling the ants or killing them.

Lawns in good conditions are rarely problems. Spray on gaps and cracks outside the house, dry areas at trees and brushes, foundations of paths and gates.

Emergency inside the house I use one gallon bottles with a rather powerful hand pump attached for so called spot treatment. I also use chemicals suitable for plants as that is all I need for outdoors other than emergencies. For spot treatment, the ants should die instantly, or at least act irrationally and fall off walls. Use chemical from major stores to make sure that they are safe.

You just need to spray at the corners where the ants travel, and at gaps where the ants come out. Once being forced to the open you can use a microfiber cloth or packing tape to kill the ants. A wet microfiber cloth trap more ants when you wipe at them, and more likely to kill them after you rinse and squeeze it in water.

Regular control

To avoid regular spraying with chemicals, you need to fix all the cracks in your house leading to the outside. And any outdoor fixtures that easily become ant nests. All you need is to watch and follow any long line of ants forming right outside of your house.

If there are large area of hidden voids and no plants, I would pour poison such as boric acid in the form of powder that you can get online. Boric acid is organic so it's rather safe for humans when it gradually get diluted.

If there are small cracks I would pour glue like those white glue for schools. If you cannot "pour", there are those caulk in the form of white glue, for all purpose outdoor sealing, which dries clear, non toxic too.

For larger areas of cracks you need to do proper mending, like speckling compounds for external walls. For outdoor dry areas you can seal it with sand, or sand like sealants that stick together.

Ant barrier granules are pretty useless time after time. I see ants walk straight over them.

Baiting ant outdoors is rather useless because they will just be replaced by another colony. But if your house is sealed off from ants outdoors, you can kill the ants trapped inside by baiting, instead of waiting for them to die slowing from hunger and thrust.

Baits are slow poisons that you allow the ants to bring back to their nests. It does not work for all species. So for some species you are just feeding them instead of killing them. I use boric acid powder mixed with honey and put drops of it on water proof paper under the kitchen sink and where ants are found. I guess it's effective as I can see ants that act like drunk, and have to rest before going home.

Thursday, February 12, 2009

Your data not totally safe with Chinese Circumvention proxies

On Jan 9, 2009, Hal Roberts reported that 3 three of the circumvention tools sells user data. The only one that I reviewed and recommended is GPass, and as I reported, it wasn't really working recently.

I'm not surprised as I never trusted anybody. These guys are the least trust worthy; just one step up from some anonymous person having some server capability hosting a CGI script. I am a little surprised that they publish aggregate data freely on partner websites, and even openly offer to sell confidential data for a fee, and only if you pass THEIR strict screening. This is sad as nobody even have a privacy policy on their websites.

The other confirmed sad news is that they actually store individual user logs, which by law they don't have to. But since they do store, by law LE like FBI can request for it, and they had been cooperating. The advantage of US freedom is again lost. In contrast there are Data Retention law in most EU countries.

Nothing important is lost, as I never use them alone, and I never invite the attention of FBI.

Saturday, January 31, 2009

Long Term Practical Proxy Report

All are totally free, not free trial, some with optional paid services.
Hotspot Shield is still awesome. It's fast enough for watching Hulu movies. It's VPN so it support all protocols. All network traffic such as email, IM, etc are routed through it. You can check that it's working by using WireShark or just by firing up Windows Task Manager. On the network tab there is a VPN Adaptor in addition to your original Local Network connection. Traffic in both network connection is the same as any protocol goes through the VPN Adaptor first, then being converted to encrypted OpenVPN protocol, which then go through your hardware network card. If you use WireShare, you can see the protocol conversion. There are others, but only Free Trial. AlwaysVPN started charging but the old free beta version still works, though a lot slower than Hotspot Shield.

Hotspot Shield is ad supported with a banner on top. But it's pretty easy to get rid of it. A sure thing is to use encrypted connection such as https with your bank. You can also use any of the other proxies as they are all encrypted. The advantage of using another encrypted proxy is that, Hotspot Shield knows my IP, but it doesn't know anything about where I'm visiting and the contents. I have successfully use bittorrent for a couple of hours without disconnection. A BT client which hide the BT protocol helps. The speed is decent even that other peers cannot initiate a connection to you.

I use all the other proxies because their speed varies a lot, and sometimes fail. So the necessary Firefox add-on is FoxyProxy. Forget about the fancy options, just add a proxy, give a name such as ultrareach, and then the host and port. Set leftclick option to cycle through the proxies.

Apart from the German JonDoNym (and Hotsport Shield), all are American proxies aimed to bypass Chinese censorship. The software is not open source. You don't know who is behind the software or individual servers. So use it at your own risk. Possible funding sources are Voice of America, Fulong Gong. Most are detected as virus, malware or spyware. I can assure that they are not destructed virus (so far). But I don't know if they spy on me or not. But with Hotspot Shield running under, they don't know my IP. Also, if your anti-virus or anti-spy scanner cannot set to ignore them, it's a bit inconvenient. You may have to pause your anti-virus shields momentarily when you start them. They say the Chinese report them as malware on a large scale so they are detected as such. Some malware detectors had taken them off the list but there are too many detectors.

Ironically, all the Chinese censorship bypassing proxies have heavy censorship in varying degrees. Porns are out, but it's a good thing, otherwise the servers will be a lot slower. Anti-virus companies are out if they don't take them off the virus list. They also protect surfers by disallowing websites with dubious privacy policies, even Google. That's why you need slower proxies but with less censorship.

UltraSurf is very fast most of the time. You can even watch youtube with decent speed. Censorship is heavy. Supports only http protocol.

GPass is pretty decent until recently. May be it doesn't work well with Hotspot Shield. It supports many protocols via socks, such as email clients, IM, streaming video players. It can also route through Skype, so when you are browsing something forbidden, it appears to spying eyes that you are making a phone call, or other Skype users are making p2p phone calls routing your PC.

GTunnel is currently decently fast. It also supports Skype. It's the most often detected as malware.

FreeGate is not free anymore for non-Chinese users. Phoenix is another free VPN, but the Chinese interface makes sure that non-Chinese cannot use it.

JonDoNym is pretty slow part of the day. However it's reliable when it works and censor free. But with German data retention law, it's the most traceable by court order.

TOR is only useable in a small window around UTC 8 am. But it's nearest to be untraceable.

That's what I use on a daily basis.

Thursday, January 22, 2009

TrueCrypt - virtual encrypted disk

TrueCrypt looks and sounds complicated, but actually it's pretty easy to use. It is not only a file or data encryption, but provides file system encryption, which makes it usable on a daily basis. I never had the patient and discipline to maintain encryption files, but now most of my secrets are encrypted on a constant basis.

All the default options will give you safe and secure encryption - you create a fixed size file that becomes a virtual disk with a drive letter (on Windows), protected by a password. When the file is mounted, you can see an additional disk drive that you can access like any others. When the file is dismounted, via TrueCrypt or by pulling the plug, the file remains an encrypted file with no known backdoors. You can exit the TrueCrypt user interface anytime while the encryption engines run in the background.

There are some actions that you may want to perform. One is under [tools], [refresh drive letters]. For some reasons, after you mount or dismount, the drive letters are not always updated. The other action is under [volumes] , [store volumes as favorite] and [mount favorite volumes]. I also put TrueCrypt into my start menu, and set it's preference to Mount favorite volume when started. So basically whenever I login to or boot up windows, I also have to login to my most used virtual disk.

The most useful feature I use is to encrypt all my surfing activities by encrypting my Firefox profile. I worked in competitive or secretive companies before. When someone quit or being fired, they may be escorted immediately by security guards out of the door. You don't even have time to erase your private bookmarks or caches. This is more real than being raid by the FBI, NSA, or US Secret Service. Smashing the harddrive is too late and hardly effective. With TrueCrypt you just need to pull the plug, or dismout gracefully when you have time.

To bring up the FireFox profile manger, edit the properties of any FireFox shortcut, find the target in the form of
"C:\Program Files\Mozilla Firefox\firefox.exe"
and add the option
"C:\Program Files\Mozilla Firefox\firefox.exe" -profilemanager

Create a TrueCrypt drive and mount it as say z. When you create a new profile, you can pick your own profile directory to be in the z drive. The default profile directory is where your current profile is at, so you can find it and copy it over if you need to.

If you have multiple profiles, you can edit any FF shortcut to go straight into that profile:
"C:\Program Files\Mozilla Firefox\firefox.exe" -P profileName

The other useful FF option is -no-remote, so different profiles can be used at the same time.

FireFox stores everything in the profiles, history, bookmark, encrypted passwords and cache etc. So when the profile drive is not mounted, all your data are encrypted, and FF can't even run. Most add-ons also store data in the profile directory. But if you are using some extensions that handle secret or private data, you have to check.

If you use encrypted virtual drive continuously, as in using it as for FF profile, you have to avoid automatic force dismount under some circumstances. If your drive is force dismounted while in use by some application such as FF, the drive letter is not available anymore, and you have to reboot to clear it up. For security reason, drives are dismounted after certain time by default, when the screen saver is on, or other power management features.

In the pass, I had major inconveniences during upgrade of OS, either by choice or by force due to hardware replacement. I am wary of compression and backup utilities that uses proprietary formats. TrueCrypt is open source, use standard encryption, and I stord a copy of the software just in case.

TrueCrypt is safer and more secure in many ways. There is no decrypted copy at anytime, so you don't have to worry about magnetic traces on the physical devices. You can pull the plug anytime once you finished updating something - they were encrypted on the fly.

Will you lost the whole file or whole virtual disk due to hard disk corruption? Firstly, disk/file corruption doesn't happen anymore nowadays. Secondly, I don't think you will lost any more data than what you lost if the file is not encrypted. The encryption unit will be file sectors. There are redundancy to ensure that the volume can still be accessed when error occurs.

DVD's and CD's are more tricky. There are redundancy in DVD's to ensure that data can still be recovered when there are errors, comparable to hard disks. But you don't touch or smash hard drives. I would test DVD's for recoverable errors yearly or once several years. Most DVD burning utility comes with test scans. If these error occurs, it's time to make a new error free DVD. Again I don't think you will lost more data than if the disks are not encrypted. But since the encrypted file sizes are larger, you are a tiny little bit more exposed to disk corruption.