Category Archives: Misc

The bane of my life (and probably everybody else’s)

I think folks have every reasonable cause to question the general competence of IT persons who design authentication systems that mandate an exact password length, or a maximum password length (say, 10 characters max), or passwords which must not contain certain characters, or lock your account out after three (why three?) attempts.

Also cute – government online service providers that ask you to fill out a “forgotten password phrase” when you set up your account initially. How are mere mortals supposed to remember the phrase two years down the track without writing it down or reusing it? And how is this supposed to be more secure than your basic security questions?

Hello DuckDuckGo (and goodbye

DuckDuckGo logo

Yeah, I can now really do with less targeted advertising, a search homepage which isn’t like a giant ad itself, and Google mining my search queries to “enhance” their floundering me-too social network. Plus that other nasty business. So I’ve switched to DuckDuckGo. It’s like of old, searches are anonymized, and it’s got a cooler name to boot.

The standard DuckDuckGo search provider for add-on for Firefox (the best darn browser around) can be found here.

Natural pest control, Nepenthes-style

It’s a marvellous thing seeing the efficiency with which my pitcher plant can trap and kill food when simply left to its own devices. Bugs are attracted to the nectar, clamber into the traps and become nom noms for the plant. What’s more, it really loves the New Zealand climate combined with being parked next to an open bathroom window. Pitcher plants make a terrific addition to the household for natural pest control. Quite pretty to boot.

Pitcher plant

Scott McNealy’s Top Ten reasons for employees wanting to keep an office

10) Need a place to hang a picture of my chihuahua
9) How can I micromanage my direct reports if I can’t see them?
8) Naps and/or nooners with co-workers
7) Need storage for pilfered coffee, toiletries, condiments and kids’ school supplies, and the A/C is free too
6) We have to still work on “spare the air” days
5) I have self esteem issues
4) I prefer to make my pay by the minute phone calls in private
3) The public sector union work rules mandate private offices
2) Your spouse wants you out of the house, or you can’t stand being home with your spouse, or both
1) You can’t brown-nose virtually

Scott’s really quite entertaining talk on the subject of remote work from which this was transcribed can be found here:

Adding Chinese as an input language in Ubuntu 12.04

Quick how-to for those wanting to know.

Under Ubuntu system settings click on “Language Support”:

Ubuntu Language Support settings

Under the “Language” tab in the window that appears go to the “Keyboard input method system:” drop down list, and select ibus:

Enable the ibus keyboard input method

ibus input method enabled.

Log out of the computer and log back in. You should now observe the presence of a keyboard input method icon in the system status area:

Keyboard input method icon

Click on this, and from the menu that appears select “Preferences”:

Ubuntu keyboard input method preferences

In the window that appears, click on the “Input Method” tab:

Keyboard input method tab

Now, enable the “Customize active input methods” setting. From the drop down list select “Chinese” -> “Pinyin”, then click on the “Add” button:

Selecting the Chinese input method

Chinese input method is now added

Now open an application – in this example we are using Firefox. Go to the keyboard input method icon, and from the drop-down list that appears select “Chinese – Pinyin”:

Selecting the Chinese input method

The keybord method input icon should change accordingly, and now typed text should reflect the language:

Chinese input method selected and active

Cigarette butts and trash

Cisco SRP547W router – first impressions and VPN support

I’ve recently acquired a Cisco SRP547W router to evaluate as a replacement for the Cisco WRVS4400N. The SRP547W sports a similar feature set to the WRVS4400N, with the added bonus of a built-in ADSL2+ WAN interface. Because the WRVS4400N only features an Ethernet WAN port, I had to use the Draytek Vigor 120 as a PPPoA to PPPoE bridge (in New Zealand broadband is delivered over PPPoA). This worked great, but at the end of the day if I can reduce the number of links in the chain it can only be a good thing.

Connecting the SRP547W to Orcon’s ADSL2+ network was straightforward and painless. The device features a very nice first-run wizard, a cut above what you’d find in a vanilla router (as you’d expect given the price difference).

Cisco SRP547W setup wizard.

All of the security goodies of the WRVS4400N are present, with one difference being much-improved VPN support. The SRP547W features a built-in “Cisco VPN Server”. Although Cisco market this as being intended for use with their non-free Cisco VPN Client product (which is end of life incidentally), it’s actually just a standard IPSec VPN and works with a variety of other clients. I had no problem creating a VPN tunnel on Windows 7 using Shrew Soft’s excellent (and free) VPN client. The stock Android VPN client also worked right out of the box, as did Ubuntu Linux using vpnc (I’ve yet to try Mac OS X). A maximum of ten VPN users are supported, and the experience is generally much better than using Cisco’s poorly supported QuickVPN product as marketed with the WRVS4400N.

Price-wise the SRP547W isn’t too bad, not being too much more than the original cost of the WRVS4400N + Draytek Vigor combo – plus you also get analog phone support, a full SIP stack and more. I’ll be sharing some feedback on these other features in the near future.

Configuring URL blocking policy on the Cisco WRVS4400N

This is a weird one and doesn’t really make a lot of sense – but posted here all the same if it helps someone. Part of the Cisco WRVS4400N‘s feature set is a configurable internet access policy, allowing the administrator to schedule internet access hours and permitted sites for discrete LAN clients. The latter is managed by updating a domain blacklist in the admin BUI.

The manual makes out that this is as simple as creating a new policy, adding clients, specifying whether it’s for blocking or allowing access, and adding URLs to the blacklist – but in practice it doesn’t work like this at all. In my case, configuring an “Allow” policy for a single client and adding entries to the blacklist resulted in all internet access being shut off entirely for all machines including the client in question. Looking at the Cisco Small Business support forums, there seems to be equal confusion on this from both customers and Cisco support personnel alike. One Cisco technician mentioned for example in a forum thread on the issue that any clients not defined in an “Allow” rule would be denied by default – but this nugget of information doesn’t seem to have been included in the reference manual.

Anyway, to get a simple website blocking policy in place for one LAN client, here’s what I had to do.

1) Configure an “Allow” policy for the client

In this policy we are allowing the client 24/7 internet access, but not permitting her to access the domain

Configuring a internet access policy rule.

You’d think this would do the trick, but no. If your experience is the same as mine, this will shut off internet access entirely – so we move onto step 2.

2) Configure a second “Allow” policy for every other device

In this policy we are specifying an IP address range – which also covers the address of the machine above. Like the above policy, it’s for 24/7 internet access:

Configuring another internet access policy rule.

On saving this rule (you don’t need to reboot the router), you should have full access to all websites except for for the client defined in the first rule. All other LAN clients should have normal full access.


The WRVS4400N is now end-of-life. In my time with it it’s generally been a useful device, but marred by a number of issues which created the impression of a somewhat half-baked or half-heartedly-supported product (possibly due to its Linksys lineage which Cisco are selling off to Belkin). Counter-intuitive interfaces like the one described above, wireless performance which was pretty slow all around (really not living up to the advertised 802.11n), Cisco QuickVPN software which was great if you were only on Windows (with Cisco not interested in versions say for Mac OS), IPS signature files which failed to block Skype (counter to the advertised feature set), and so on. I have a Cisco SRP547W being made available soon hopefully to replace this unit which I will post some impressions on.

Be Explicit.

Something I see time and time again when observing technical support in action. Don’t ever assume that because you know where a certain feature resides in a certain application that the customer will also know what you’re referring to. If for example the location where you need a customer to modify a setting is at “Edit -> Preferences -> Options -> Formatting, in the desktop variant of application ‘x’, then that is precisely what you must communicate to her. Not, “go to the the formatting settings in application ‘x’, without any indication of what edition of the software you’re referring to.

And not just customers either – it’s a rule that should be adhered to just as rigorously when communicating with colleagues, no matter what their technical level.

2012 in review

The stats helper monkeys prepared a 2012 annual report for this blog.

Here’s an excerpt:

19,000 people fit into the new Barclays Center to see Jay-Z perform. This blog was viewed about 94,000 times in 2012. If it were a concert at the Barclays Center, it would take about 5 sold-out performances for that many people to see it.

Click here to see the complete report.