Category Archives: Hardware

ASUS & McAfee’s cringeworthy antivirus campaign

Exhibit A:

ASUS and McAfee antivirus campaign screengrab.

Oh, if only it was this much fun. Which – if you’re the poor sod who’s ever spent hours having to wrestle with antivirus software such as McAfee that’s proved to be completely useless in removing any number of infections from Microsoft’s godforsaken products – it’s really not.

Enough with the cutesy ads ASUS, do the right thing by your customers, and give us some laptops with Ubuntu preinstalled with first-class support, please.

(By the way, ASUS products from a hardware standpoint are generally incredibly well designed.)


Extreme fan noise with an HP ProLiant ML110 G7

A little while back I posted some initial impressions of the Hewlett Packard ML110 G7, and noted:

“One review made mention of the ML110’s quiet operation and how it would not be noticed in an office environment. Well, unless your office happens to be on the factory floor of an air conditioning manufacturing plant, you’re going to notice this thing…”

Out of curiosity I decided to look into this a bit more. It turns out a whole bunch of other folks have encountered the same thing, and if you perform an online search for “HP ML110 G7 fan noise” you’ll find many forum posts with all manner of straw clutching – from running every firmware and BIOS update under the sun, to nuking warranties with third-party cooling hacks.

One thing I noted with my unit was the actual reported fan speeds via the LOM were in the order of 31%/13%/10% for the three fans respectively – which hardly accounts for what sounds like a system with its fans running absolutely full tilt (completely unsuitable for office operation).

Buried in one forum post was information apparently passed on from HP’s support personnel to an affected customer, advising them to reseat the front fan (referred to as the PCI fan in the service manual), as apparently it may become dislodged during shipping. Sounded rather odd to me as clearly the fan itself is functioning (a bit too well…), but as it turns out this totally nailed the problem. After disconnecting the fan’s motherboard connectors and physically removing the component, then letting the system boot, POST and shutdown with a fan error, then reconnecting everything and powering it back up, the server is now quiet.

Updating iLO3 firmware on an HP ML110 G7

Hewlett Packard’s website is an embarrassing mess. Don’t go looking for an easy-to-find page for the iLO3 with a one-click firmware download, because you won’t find one. The state of HP’s site is a rant for a future post, but for now here’s a quick guide to getting your hands on the latest iLO3 revision. The sole catch is that you’ll need a Microsoft Windows-based PC at some stage, irrespective of which OS you have installed on the server itself (OpenIndiana in my case).

First, go to HP’s product page for the ML110 G7. Next, we’ll choose “Microsoft Windows Server 2008 R2” (blech…) as our OS:

HP ML110 G7 product page

Look for the Lights Out Management Firmware section, and click the relevant link to start the download (we’ll go for a 64-bit Windows target OS):

Download the iLO3 installation file

Now, run the downloaded executable file (named “cp022549.exe” in this example) on a Windows-based system (Windows 7 or Windows 8 will do just fine) and extract (not install) the file contents to disk:

Extract the downloaded file contents

Look for the .bin file in the extracted files – this is the one we need:

Look for the firmware BIN file

Now, go to the iLO3 admin BUI, upload the .bin file, and wait for the update to complete. Once the LOM reboots, verify the firmware version:

Prepare to upload the BIN file

Firmware file is uploading

Updating to the latest firmware


Compare the old firmware version to the newest


iLO3 firmware is now at the latest version

The new Apple Mac mini makes even less sense

In the past we’ve noted Apple’s insane pricing for their (claimed) entry level Apple PC, the Mac mini. With the latest model released in the past couple of weeks, Apple adds another key reason to avoid the Mac mini, in the continued pointless eroding of customer-replaceable parts. In a rather detailed review from Ars Technica, special mention is made of Apple now sealing off easy access to the device’s innards and the hard-soldering of system memory to its motherboard:

“Older Minis had a round plastic cap on the bottom. Twisting it off would give easy access to the computer’s two RAM slots, and enterprising techies with a screwdriver and a little know-how could lift out the rest of the parts and perform further upgrades… The 2014 Mini still has the plastic hatch on the bottom, but it no longer twists off… now instead of seeing the Mini’s guts you see yet another metal shield, held in place with Torx Security screws. Remove that shield, and after you pull the entire motherboard out and flip it over you’ll finally see that the new Mac Mini’s RAM is soldered directly to the motherboard. It’s no longer user-upgradeable, so make sure you order all the RAM you need when you buy the computer in the first place.”

This continues the generally anti-consumer trend Apple has firmly established in their other products (iPhones, MacBook Pros, et al). The removal of easy access to customer-upgradeable parts is especially relevant to small businesses: unless your organisation is flush with cash, can afford to replace computers outright or can tolerate multi-week outages while your faulty Mac mini is sitting at an Apple service centre, there is little reason to consider the mini in its present incarnation.

If you’re not bound to Apple OS X for any mission-critical applications, then the Intel NUC running Ubuntu makes a more attractive proposition at an even more compact size – which we’ll be covering in a future post or two:

Intel NUC compared to Apple Mac mini

Cisco SRP547W router – first impressions and VPN support

I’ve recently acquired a Cisco SRP547W router to evaluate as a replacement for the Cisco WRVS4400N. The SRP547W sports a similar feature set to the WRVS4400N, with the added bonus of a built-in ADSL2+ WAN interface. Because the WRVS4400N only features an Ethernet WAN port, I had to use the Draytek Vigor 120 as a PPPoA to PPPoE bridge (in New Zealand broadband is delivered over PPPoA). This worked great, but at the end of the day if I can reduce the number of links in the chain it can only be a good thing.

Connecting the SRP547W to Orcon’s ADSL2+ network was straightforward and painless. The device features a very nice first-run wizard, a cut above what you’d find in a vanilla router (as you’d expect given the price difference).

Cisco SRP547W setup wizard.

All of the security goodies of the WRVS4400N are present, with one difference being much-improved VPN support. The SRP547W features a built-in “Cisco VPN Server”. Although Cisco market this as being intended for use with their non-free Cisco VPN Client product (which is end of life incidentally), it’s actually just a standard IPSec VPN and works with a variety of other clients. I had no problem creating a VPN tunnel on Windows 7 using Shrew Soft’s excellent (and free) VPN client. The stock Android VPN client also worked right out of the box, as did Ubuntu Linux using vpnc (I’ve yet to try Mac OS X). A maximum of ten VPN users are supported, and the experience is generally much better than using Cisco’s poorly supported QuickVPN product as marketed with the WRVS4400N.

Price-wise the SRP547W isn’t too bad, not being too much more than the original cost of the WRVS4400N + Draytek Vigor combo – plus you also get analog phone support, a full SIP stack and more. I’ll be sharing some feedback on these other features in the near future.

Configuring URL blocking policy on the Cisco WRVS4400N

This is a weird one and doesn’t really make a lot of sense – but posted here all the same if it helps someone. Part of the Cisco WRVS4400N‘s feature set is a configurable internet access policy, allowing the administrator to schedule internet access hours and permitted sites for discrete LAN clients. The latter is managed by updating a domain blacklist in the admin BUI.

The manual makes out that this is as simple as creating a new policy, adding clients, specifying whether it’s for blocking or allowing access, and adding URLs to the blacklist – but in practice it doesn’t work like this at all. In my case, configuring an “Allow” policy for a single client and adding entries to the blacklist resulted in all internet access being shut off entirely for all machines including the client in question. Looking at the Cisco Small Business support forums, there seems to be equal confusion on this from both customers and Cisco support personnel alike. One Cisco technician mentioned for example in a forum thread on the issue that any clients not defined in an “Allow” rule would be denied by default – but this nugget of information doesn’t seem to have been included in the reference manual.

Anyway, to get a simple website blocking policy in place for one LAN client, here’s what I had to do.

1) Configure an “Allow” policy for the client

In this policy we are allowing the client 24/7 internet access, but not permitting her to access the domain

Configuring a internet access policy rule.

You’d think this would do the trick, but no. If your experience is the same as mine, this will shut off internet access entirely – so we move onto step 2.

2) Configure a second “Allow” policy for every other device

In this policy we are specifying an IP address range – which also covers the address of the machine above. Like the above policy, it’s for 24/7 internet access:

Configuring another internet access policy rule.

On saving this rule (you don’t need to reboot the router), you should have full access to all websites except for for the client defined in the first rule. All other LAN clients should have normal full access.


The WRVS4400N is now end-of-life. In my time with it it’s generally been a useful device, but marred by a number of issues which created the impression of a somewhat half-baked or half-heartedly-supported product (possibly due to its Linksys lineage which Cisco are selling off to Belkin). Counter-intuitive interfaces like the one described above, wireless performance which was pretty slow all around (really not living up to the advertised 802.11n), Cisco QuickVPN software which was great if you were only on Windows (with Cisco not interested in versions say for Mac OS), IPS signature files which failed to block Skype (counter to the advertised feature set), and so on. I have a Cisco SRP547W being made available soon hopefully to replace this unit which I will post some impressions on.

System hard freezes with the AMD FX-8350

As an update to my post here, I observed seemingly random freezes on my system upgraded with the AMD FX-8350. The behaviour encountered was a total freeze of the desktop environment, no response to local keyboard nor mouse, no response to attempting to launch a virtual console, no reponse to pings over the network, and no ability to log in remotely. The only way to restore system operation was to perform a hard reset. Interestingly I could also consistently crash the system running a GraphicsMagick benchmark. Additionally, the freezes were OS-agnostic, occurring under both OpenIndiana and Ubuntu Linux.

Looking around online you can find several posts from folks on AMD Bulldozer rigs with very similar issues (such as detailed here), including a few from people who have rather alarmingly downgraded to a Phenom or Intel CPU as a “fix”, after having received advice to alternately update the motherboard BIOS, faff around with multiple BIOS settings, test and replace the RAM, power supply and hard disk, RMA-ing the new CPU (!?), and on and on and on. Most of this didn’t really add up, and similarly my problems were encountered on a system that was hitherto generally stable using an older-generation CPU (the Phenom II X6 in my case).

To cut a long story short, this quite simply turned out to be the motherboard not stably supporting the FX-8350. Although the ASRock 870iCafe 2.0 is an AM3+ compatible part and advertised as being “8 Core Ready” (to the point of specifically claiming compatibility with the FX-8350), the reality is that the latest BIOS release was in December of 2011 – a major red flag. After upgrading my motherboard to a Gigabyte GA-990FXA-UD3 with the recent F9 BIOS, the system is now stable. And yes, this is using the original PSU, RAM, graphics card etc.

For the OpenIndiana readers, the GA-990FXA-UD3 works fine, although don’t expect USB3.0 support:

Gigabyte GA-990FX-UD3 driver support on OpenIndiana

HP ProLiant ML110 G7 server – a short review

I’ve recently acquired an HP ProLiant ML110 G7 tower server for evaluating for use in a small business environment, specifically running OpenIndiana. Following are a few short notes regarding my impressions of the box.


Price-wise, for the base spec model, in my case with the Intel Xeon E3-1220 CPU, it’s an incredible bargain (and even more so bearing in the mind the below pros). Consider that even with an 8GB RAM upgrade and dual 1TB drives it’s not that much more than say a well-specced Dell business desktop PC.

It’s built like a tank. Nothing chintzy about the materials, nothing flexes, wobbles, rattles. In short, it oozes build quality.

Access to user-expandable options is super easy, as you’d expect.

There is ECC RAM support – ideal for extra peace of mind when using ZFS storage arrays. On that note, OpenIndiana oi_151a7 installs and runs just fine, with no driver nor hardware issues out of the box. Installing KVM on OpenIndiana, and installing and booting guest VMs poses no problem – it “just works”.

Dual Gigabit Ethernet ports are standard.

A Lights Out Manager is also included as standard. Sadly, the remote console functionality is a paid extra, but the included remote power management and monitoring functionality is quite impressive.

HP Lights Out Management interface


Remote console, remote virtual media and other LOM options are sadly licensed extras. Unless you pay extra for this expect to potentially be making site visits from time to time. Kinda wish HP would just throw this in with the LOM as standard – Sun did, for instance.

There is nothing much in the way of physical redundancy for the server in its base spec.

One review made mention of the ML110’s quiet operation and how it would not be noticed in an office environment. Well, unless your office happens to be on the factory floor of an air conditioning manufacturing plant, you’re going to notice this thing…

Maximum physical RAM capacity is 16GB, which is a tad on the small size.

And although I haven’t checked, extending the warranty out from the standard one year period would probably cost a fair bit.

Das Keyboard Model S Professional Mechanical Keyboard – a short review

I find that simply having different keyboard layouts, or even the same layout from different keyboard manufacturers can really become a hindrance when rapidly switching amongst multiple computers across disparate locations. I figured why not purchase a set of identical make and model keyboards as a solution, but then got to thinking: I spend most of my time at a computer keyboard, so why not look around for something a bit more deluxe?

In terms of mechanical keyboards, I’ve hitherto been using on and off an old Silicon Graphics AT-101 keyboard which I rescued from the waste skip at work during a clear-out of old equipment a few years back. Even though the keyboard response is a bit soft, each key is mechnically switched – and a definite improvement over the cheap Dell keyboards which I typically use most of the time.

After a considerable amount of reading and research, I’ve gone for a mechanical keyboard in the form of the Model S Professional keyboard from Texas company Das Keyboard:

As can be seen at the above link, each key has its own mechanical switch, in this case, the Cherry MX Blue switch from German company Cherry.

Some impressions: it’s a no-frills piece. Just 104 keys, and a built-in USB hub. No backlighting, programmable macros, media controls or shortcut keys. This kind of simplicity, coupled with the excellent build quality and the weight of the device (it’s not light for a keyboard!) leaves the impression it’s designed to do one thing very well.

The keyboard symbols are laser-etched: no cheap printing here. An extra-long length USB cable pair is a very considerate touch – perfect for reaching down the back of a desk to a computer on the floor. No third party drivers are required, as there is no enhanced functionality of any kind. Simply plug it in, and go.

Of the mechanical keyboards I was looking at, the Model S Professional is the sleekest and most stylish design available, in my opinion. The glossy piano black finish is a nice touch, too:

Das Keyboard Model S Professional

So what’s it like to use? In a word, awesome. The “clickyness” in the key action is delightful, and true to the advertising, less force is required to make a successful keystroke compared to a cheap keyboard by virtue of the mechanical switches. Quite simply, after an hour of using the Model S Professional, my Dell keyboard by comparison feels like total mush – really awful. If there is one tiny complaint I have, it’s that the backspace key is a tad squeaky. I have a second unit arriving in the next few days (to accompany the first, not to replace it), so it will be interesting to see if it’s the same. (Update: the second unit has arrived and it has no such squeaks. Nothing a little bit of DIY couldn’t fix, and sure enough it’s the plastic hooks on the stabilizer bar which just needed a little bit of synthetic grease.)

If you haven’t used a mechanical keyboard before and you perform a moderate to heavy amount of typing during the day and/or night, then definitely check one out. I can certainly recommend Das Keyboard’s products.

Microsoft Surface – the short version

There are many words I could waste on the newly announced Microsoft Surface tablet, reflective of the company’s obsession with Apple Inc, and their increasingly obvious hail mary approach to staying relevant amongst mobile users – a market that I believe has well and truly left Microsoft behind. However, my feelings on it are perhaps best summarized by this:

Twitter search for vapourtrails hashtag

Yes, despite the inane statements and claims originating from certain (somewhat clueless) Microsoft staffers, the thing is vapourware, pure and simple.

If I had one piece of advice to give Microsoft collectively at this point, it would be – to paraphrase Gordon Ramsay – if you’re going to do this, then shut the fuck up and do it. Keeping customers in the dark about price, dates, or if it will even run half-decently at all can only translate to huge amounts of egg on face if or when it doesn’t match their expectations.

If anything, this is the one area they could do with aping Apple a bit more closely…