Jul 192014
 

Oi, Microsoft, yes You!

See this?  Now Bugger Off!  Your lack of self-control was pushing my poor server’s CPU through the roof, so I blocked you.  Now I see you’re back and after the 403 you still aren’t taking the hint!

Search just about anywhere else on this site, no problems.  But the git repositories, those are both CPU and I/O intensive.  Had you noticed how long it was taking, and backed off, I might’ve put up with you, but 5-minute CPU load averages in excess of 80 on a dual-core Intel Atom are no fun.

Go bing up someone else’s host!

Jul 192014
 

My only mode of transport these days is a bicycle.  I might get lifts from other people on occasion, but normally I ride everywhere.

It’s a great way to get around, good form of exercise, cheap and whilst I won’t be breaking any speed records, it’s not overly time consuming.  I spend more time waiting for buses and trains than I do getting places on the bike.  The downside is what to wear whilst cycling.  For cycling use, car drivers have a hard enough time seeing a cyclist as it is, so I feel safer if I’m at the very least, light-coloured, ideally day/night high visibility compliant with AS/NZS 4602:1999.  I’ve been cycling as my main mode of transport now for nearly 5 years, and over this time I’ve tried a number of things for clothing.

Regular clothing

“Normal” clothing, was naturally what I started out with.  What I find is that it quickly wears out, particularly trousers, when subjected to this sort of treatment.  The cycling movement puts a lot of stress in the crutch and thus, I find they give out within a year or two.

Cycling is also very physical, so one will sweat a lot.  So at the very least you’ll want a shirt to wear cycling, and another to change into when you get to your destination.  The high-visibility polo shirts work well for this, they’re cheap and lightweight, keep the sun off well without being too hot.

Work clothing

By this I mean industrial work clothing.  After finding that my trousers were wearing out at an alarming rate, I decided I’d go for more industrial type clothing.

I hate wearing belts, so I looked around and bought some overalls.  My preference is for ones that have a front zip.  A bloody pain in the arse to find in this country!  The likes of King Gee, Bisley, Worksense and many others tend to make those sorts for markets like in NZ, but over here they tend to sell only stud-fastening ones which I find are more time consuming to fasten.  A zip: you’re done in about 2 seconds, studs you’ll be clipping them together for about 10.  But I digress…

The ones I found were medium-weight ones, 290gsm or something like that.  In the winter, they’re okay, but once the fabric gets soaked with sweat one’s body temperature then becomes rather uneven.  In summer they’re often too hot to consider.

Lighter-weight ones might fare better in the sweat stakes, not sure about durability.  Given the high cost ($70~$120 a pair) I’ll just have to keep looking.

Ones made out of the same material as the high-visibility polo shirts could work well, no idea where to find them though if they exist.

Seeking the all-weather cycling suit

Some at this point would be screaming at me “why not lycra”?  Well, I’ve never been a fan of lycra and have no intention of becoming a MAMIL.

One evening coming home a few weeks ago, we had some very windy weather. It’s mid-winter right now, and this wind was going right through me. My clothes were wet with sweat, and with the wind, made the cold weather that much worse.

This got me thinking: what have I got or can I get, that will block the wind, without making me sweat ridiculous amounts?  It’s presently winter, and so now’s a good time to go try an experiment, and see how they fare as the weather patterns shift towards the more humid summer weather.  If I’m still wearing this clothing in July 2015, I’ll be onto something.

Breathalon spray coveralls

I had some Breathalon coveralls lying around, previously I had worn these in wet weather, and found they are not bad.

I bought this pair for about $15 off eBay, but they’re rare as hens teeth. One company sells them for about the AU$150 mark. So not the cheapest, amongst my gripes is that they’re not the most comfortable fit and they have a one-way zip which is an annoyance when nature calls. Apart from that though, they’re a bright yellow, and they’re breathable.

The other gripe I have is no pockets: this particular pair I tried cutting access slits in to gain access to the pockets in my trousers. This proved to be unwise, they now leak in wet weather, so I’ll have to look at sealing those slits somehow.

I tried them one week: I found I sweat less than I did wearing other clothing. With just a lycra stinger suit underneath, I got to work mostly dry and comfortable. This was in dry weather. Summer humidity might be another matter, but in bright sunny winter weather, they were fine. However, they’re very hard to get hold of, and are still quite expensive.

That said, they’re probably 60% of the way there.

Disposable clothing

With the above experiment being largely successful, I considered what else would make the grade. The Breathalon coveralls were okay, but they lacked some features. Could I find some material and make my own?

Will Rietveld provided the inspiration for a cheap alternative: Tyvek coveralls. These are about AU$10 a pair, are generally white in colour (okay, not strictly daytime high-vis, but at least not black like motorcycle rainsuits), very lightweight and were apparently not much different to the old Gore Tex for breathability.

Before doing this, I did some research.  I had seen these before but had dismissed the idea thinking, they’re disposable, surely they won’t last!  Looking around, I found Barefoot Jake’s article which gave them the thumbs up, and Ken K’s forum post giving them the thumbs down.  In the forum post, the comment was the failure was in the seams.  The other two articles mention taping the seams to prevent this problem.

For the cost I thought it worth giving a go. There are a few different fabrics used in this sort of clothing. Tyvek being just one.  They’re usually described in therms of protection classes.

Class 6 coveralls tend to be very flimsy, made from single layered polypropylene and are by far the cheapest at ~AU$5 a pair.  You can just about see through them, wind and water will pass right through.  Maybe you can get some in a bright colour, in which case they’re about as good as a high-vis vest.  For keeping wind and water out: useless.

Class 5 coveralls are made from slightly heavier material such as SMS fabric and are more expensive (~AU$8 a pair).  They’re more opaque (although you can still see clothing through these), will repel water and light spray and block a small amount of wind.  If you’re like me, and a bit self-conscious, you could wear these over the top of more conventional cycle clothing.

I found that water will pool on the fabric, and they are a bit more breathable.  However, the slight transparency is a little disconcerting.  They’re worth a look.

Class 4 coveralls are used for things like asbestos removal.  Materials vary, but in amongst these are the Tyvek ones recommended by Wll’s article.  They can be had for about AU$10 a pair.

I decided to start with these, buying 3 pairs of these.  I noted the fact that the seams were taped a bright orange.  The fact they were taped seemed to suggest that someone had noticed this particular failure mode and had taken particular attention to the problem.  These ones I think are the Hazguard MP4 type material, similar to Tyvek, but with a plastic-like coating.

As I’m after a single-piece suit, I dispensed with the scissors.  When I got home, I tried grabbing a pair, turning a tap on and running the water over them to see what the waterproofing was like.  The water pooled, running my hand under the pool did not reveal any leaks.  So from that perspective, they should do exactly what I’m after.

Things were getting draughty outside so I put the pair on, and after wearing them for a few hours basically just pottering around the house, I hadn’t broken out into a ball of sweat, so breathability was there, a PVC suit would have had me sweating like a pig by then.  I wore them on my way into work to try them out.

First experiments with Class 4 coveralls

First thing that became apparent: as I cycled, the back part ballooned out.  Not necessarily a bad thing, as it made me very obvious to drivers by enlarging my apparent size.  Pedalling appeared to act like a pump, pushing air into the suit, and the air appeared to be trapped.  Like in Will’s experiment, I found that I was starting to sweat after about 20 minutes, and when I got to work, I was noticably more sweaty.  However, it was just humidity, I didn’t feel like I was overheating, nor did I feel cold when the wind blew.

So not quite there, but close.  I can buy Tyvek material on a roll cheap enough, so maybe with some work, we can improve on this.

Class 5 coveralls experiment

Since the humidity really did build up quickly, I thought maybe there was something a little more breathable.  I bought a pair of coveralls that were an SMS-type fabric.  The seems are not taped, and so I suspect these will probably have a blow out at some point.  I did the same waterproofness test and found the water pooled there also, however they’re considered splash resistant, so I suspect the water would seep through eventually.

It was at this point I noticed they were slightly more transparent.  So the following Monday I cycled in them, with one of my lycra stinger suits underneath.  I got to work, not quite as sweaty as the previous week, but still with a noticeable amount of moisture.

One hypothesis: with the Breathalon suit, I also had my stinger suit underneath.  Maybe that was helping by soaking up the sweat rather than letting it bead up on my skin, and allowing it to be more efficiently evaporated?

Class 4 + stinger suit

I tried the stinger suit underneath the class 4 coveralls, and found that the amount of sweat hadn’t changed.  In fact, doing this made things worse, the moist air didn’t dissipate fast enough and once I cooled down, the cold sweat kept me a little too cool.  Without the stinger suit, I’d eventually dry out inside the coveralls after about 15 minutes, but with the stinger suit, I was still damp after 30.

Alternative options

So I hit the web again.  Was the answer to buy another pair of spray coveralls like the Breathalon pair?  There aren’t too many options around here in Australia.  Elliots did make some out of their Zetel material, but they’ve stopped making those (pity, they had pockets!).  Castle Clothing over in the UK make something that looks ideal.  Alas, I tried emailing them to see if they had an Australian distributor — I’m yet to hear back.

Neither of these options are meant for cycling.  Looking around I saw the BikeSuit.  Clearly Olaf Wit had a similar idea, and actually got his to production.  A few comments:

  • The bikesuit comes in one colour: black.  There are some reflective stripes, so I guess that’s kinda class N (night-time: i.e. reflective) high visibility, but I’d like class D (daytime: i.e. bright colour) too.  In fact, if I had to choose between them, I’ll take class D over class N.
  • The idea of using ventilation to prevent sweat build-up looks like just what the doctor ordered.  That said, wearing this over regular clothes — I sweat in regular clothes without any waterproof gear over the top, surely this will not improve the situation?
  • The suit packs up into a bag about the volume of two soccer balls.
  • Watching the video, it appeared clumbersome to put on.  There are zips everywhere.  The fellow takes it out of its bag at time 0:20.  At 0:50, he’s still adjusting things.  10 seconds later, he’s ready to start cycling.
  • They cost over US$340.  Sure breathable and durable fabric can be expensive, but Ouch!

The class 4 coveralls: I timed myself, and it took me about 50 seconds and I was zipped up.  I had work boots on at the time which I did not remove.  About the only thing BikeSuit has over the dispsable coveralls, is ventilation, durability and built-in shoe covers.  It loses on price, availability and visibility.

Poor man’s “bike suit”?

That got me thinking, could I turn these coveralls into a poor man’s bike suit?  I observed how the back of my coveralls ballooned out, what if I made some ventilation holes?

I tried making 10 small holes just below the line of elastic at the back.  I covered the area over with plastic tape first to give the material some re-enforcing, then punched the holes.  The next day I got to work, not quite sweat free, but certainly much dryer than before.  About on par with my experiment in the Breathalon suit.

I’m thinking if I cut a slit horizontally about 30cm long, then glue (sewing is not good with Tyvek) a triangular patch of mesh fabric maybe 40cm wide and 60cm tall to the inside, that would allow the coveralls to vent.  Fold the material over at the bottom so the bottom of the slit is covered by a layer of material, or use some sheet Tyvek to make a flap, and I think I might be onto a low-cost alternative.  Tier Gear sell sheet Tyvek, so a metre or two of that would suffice for adding the extra flaps needed.

As for day/night high visibility: they exist.  More expensive obviously, but they do exist.

The only real question is one of durability.  Thankfully these things pack up so small and are lightweight enough, I can have a spare pair on the bike for wardrobe malfunction emergencies.  They should be good for WICEN events too: often I’m out on a checkpoint in the wind and rain.  Time will be the ultimate test, we shall see.

Jun 152014
 

This is a simple vertical groundplane antenna intended for mounting atop a 10m Squid Pole. These can be made to nearly any frequency you desire, and can be self-supporting if needed. The main limitation is the stiffness of the wire used.

The antenna gets its name as the original was one I quickly knocked up just prior to a horse endurence ride event that took place at Donnybrook in 2011. I was assisting Brisbane Area WICEN with the emergency communications at this event, and this antenna, worked very well. 10W was more than sufficient to get back to base on 2m FM.

The design is very simple. You’ll need some stiff copper wire, and a panel-mount BNC connector. I used some strands from a thick mains cable: this was being tossed out at a ham radio meeting some years back. The cable had a black plastic coating and inside were 7 strands of solid copper, each about 2mm thick. Perfect for small antennas.

Similar wire can be found in non-stranded house mains cable.

First step is to work out what length to cut the elements. They should all be roughly the same length. This can be calculated by the simple formula:

v=f\lambda

which if you take v as being the velocity of light in a vacuum (~3\times10^8 m/s; radio will travel a little slower through air, but who’s counting?) and f as being 147.050\times10^6 and solve for \lambda you get 2.04m as the wavelength.  We want ¼ of this, so I’ve aimed for 51cm long elements.

Don’t worry about them being perfectly straight when measuring, extra length is good at this point, you’ll want a good 2cm extra.  You can make a wire shorter, you can’t make it longer.

Measuring the elements

Measuring the elements

Measure and cut the 4 elements. 3 will become your groundplane, and the 4th the radiating element. Also cut off about 10cm or so, give or take, which will be the ground wire used to hook the groundplane elements to the BNC connector. Also add to your parts list, some small velcro strips: you’ll find these handy to strap the coax to the squid pole.

Procured parts

Procured parts

Start with the short piece of wire. You’ll want to bend it into a rough triangle shape, with loops of wire at the corners. The groundplane radials will loop through these holes. The excess wire should be coiled up to one side: this is the loop the squid pole will pass through. The BNC connector will be fitted in between the 3 small loops.

Ground wire

donnybrook-03-ground-wire Ground wire

Be sure you can still put the nut back on.

Take 3 of the four elements, and make a hook at one end. Pass this hook through each of the small loops in the triangle. Try to make them sit roughly straight out from the centre of the triangle, then solder each hook into the loop.

Hooking the radials

Soldering the radialsAttaching the radials

Having done this, put the BNC connector in and do the nut up tight. You can do away with the eyelet with the solder tag. To finish off, take your remaining element, make a hook just big enough to go around the centre pin of the BNC connector, then solder into place.

Preparing radiating element

Hooking radiating elementSoldering the radiating element Attaching the radiating element

To finish off, bend this until it is vertical. The antenna is now ready for tuning.

Completed untuned antenna

Completed untuned antenna

Double check the length is about right. It should be around the 51~52cm mark.

Checking length

Checking length (close) Checking length

To check the tuning, use a SWR meter or antenna analyser if you have one. Here, I used the built-in SWR meter on my Yaesu FT-857D. When using a SWR meter, ensure you’re running minimum power. The following are some results from my set.  It is at this point, you do any trimming of your antenna.  The following are without trimming the antenna, you’ll note that in most examples, the SWR is very low, just a point or so showing up on the left side of the screen.

On 2m:

donnybrook-13-test-144500 donnybrook-13-test-145500 donnybrook-13-test-146500 donnybrook-13-test-147500

On 70cm:

donnybrook-13-test-432100 donnybrook-13-test-433100 donnybrook-13-test-434100 donnybrook-13-test-438100 donnybrook-13-test-439100 donnybrook-13-test-440100

To mount the antenna on your squid pole, feed the tip of the squid pole through the remaining loop.  Bend the tip of the antenna around the tip of the squid pole.  Hook your coaxial cable to the BNC connector and use velcro straps at regular points to hold the coax to the side of the squid pole.

Mounted antenna

Mounted antenna

Recommended coax for this purpose is RG-195.  RG-58 will work, but is lossy, RG-213 and LMR400 are too heavy to use on a squid pole and will cause it to bend or collapse.

Update: This antenna performed quite well.  Saturday, we used it for 2m packet, providing a digipeater for the stations in our area in case they couldn’t reach the main node (at “the pineapple farm” just outside Imbil).  We had stable packet communications all day.  Since the stations around us found they could work the main node directly, we swapped antennas around and used it instead for a VHF/UHF cross-band voice repeater.  Signal reports were good through the Imbil state forest.

Jun 012014
 

Just a quick note. I’ve been getting a lot of spambots registering on this site of late. Probably at least 3 an hour.

Thus I have implemented a new policy. Inactive accounts older than a week 3 days old who have posted no comments will be deleted. I will quarantine the account, and can re-instate it should an account be mistakenly deleted.

The comment doesn’t have to be approved, it can be in moderation. If the comment is spam, the account and comment will be deleted upon discovery. So spambots, go ahead, it’ll let me hunt you sooner. Or don’t even bother creating the account, no one will see it so it’s a waste of time anyway.

May 282014
 

Entered into an eBay contact form.

Hi, Just a short note.

I am closing my account: the form that asks why didn’t really capture the true reason why I’m closing.

It’s not quite “identity theft”, but it is security-related.

I haven’t been using my eBay account, so I thought I’d set the password to something nice and *strong*. On the password change form, I noticed a 20-character maximum limit.

This was red flag no. 1.

Then I pasted a randomised password from a generator. The site complained I had forbidden characters.

This was red flag no. 2.

By placing limits on the size of password and its content, it is clear to me that eBay is *not* serious about making its systems truly secure, and that breaches like the one experienced recently will be a recurring event.

By hiding behind “proprietary encryption” it isn’t even serious about reassuring the public: good crypto doesn’t need secret algorithms to work well.

As there’s now very little I buy off eBay, I feel the time has come to say goodbye. If you ever do get your act together, I might consider returning, but until then, farewell.

Apr 142014
 

I just checked my email, and see this:

Return-Path: < …>
X-Original-To: …
Delivered-To: …
Received: by atomos.longlandclan.yi.org (Postfix, from userid 0)
	id 67204200E27C; Sun, 13 Apr 2014 23:05:55 +1000 (EST)
Subject: [Fail2Ban] SSH: banned 138.91.144.167 from atomos
Date: Sun, 13 Apr 2014 13:05:55 +0000
From: Fail2Ban < …>
To: …
Message-Id: <20140413130556.67204200E27C@atomos.longlandclan.yi.org>

Hi,

The IP 138.91.144.167 has just been banned by Fail2Ban after
5 attempts against SSH.


Here is more information about 138.91.144.167:


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=138.91.144.167?showDetails=true&showARIN=false&ext=netref2
#

NetRange:       138.91.0.0 - 138.91.255.255
CIDR:           138.91.0.0/16
OriginAS:       
NetName:        MICROSOFT
NetHandle:      NET-138-91-0-0-1
Parent:         NET-138-0-0-0-0
NetType:        Direct Assignment
RegDate:        2011-06-22
Updated:        2013-08-20
Ref:            http://whois.arin.net/rest/net/NET-138-91-0-0-1


OrgName:        Microsoft Corp
OrgId:          MSFT-Z
Address:        One Microsoft Way
City:           Redmond
StateProv:      WA
PostalCode:     98052
Country:        US
RegDate:        2011-06-22
Updated:        2013-10-03
Comment:        To report suspected security issues specific to 
Comment:        traffic emanating from Microsoft online services, 
Comment:        including the distribution of malicious content 
Comment:        or other illicit or illegal material through a 
Comment:        Microsoft online service, please submit reports 
Comment:        to:
Comment:        * https://cert.microsoft.com.  
Comment:        
Comment:        For SPAM and other abuse issues, such as Microsoft 
Comment:        Accounts, please contact:
Comment:        * abuse@microsoft.com.  
Comment:        
Comment:        To report security vulnerabilities in Microsoft 
Comment:        products and services, please contact:
Comment:        * secure@microsoft.com.  
Comment:        
Comment:        For legal and law enforcement-related requests, 
Comment:        please contact:
Comment:        * msndcc@microsoft.com
Comment:        
Comment:        For routing, peering or DNS issues, please 
Comment:        contact:
Comment:        * IOC@microsoft.com
Ref:            http://whois.arin.net/rest/org/MSFT-Z

OrgTechHandle: MRPD-ARIN
OrgTechName:   Microsoft Routing, Peering, and DNS
OrgTechPhone:  +1-425-882-8080 
OrgTechEmail:  IOC@microsoft.com
OrgTechRef:    http://whois.arin.net/rest/poc/MRPD-ARIN

OrgAbuseHandle: MAC74-ARIN
OrgAbuseName:   Microsoft Abuse Contact
OrgAbusePhone:  +1-425-882-8080 
OrgAbuseEmail:  abuse@microsoft.com
OrgAbuseRef:    http://whois.arin.net/rest/poc/MAC74-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban
atomos ~ # grep 138.91.144.167 /var/log/auth.log ; zgrep 138.91.144.167 /var/log/auth.log-20140*.gz
Apr 13 23:05:40 atomos sshd[3143]: Did not receive identification string from 138.91.144.167
Apr 13 23:05:40 atomos sshd[3144]: SSH: Server;Ltype: Version;Remote: 138.91.144.167-1025;Protocol: 2.0;Client: JSCH-0.1.51
Apr 13 23:05:41 atomos sshd[3144]: SSH: Server;Ltype: Kex;Remote: 138.91.144.167-1025;Enc: aes128-ctr;MAC: hmac-md5;Comp: none [preauth]
Apr 13 23:05:41 atomos sshd[3144]: SSH: Server;Ltype: Authname;Remote: 138.91.144.167-1025;Name: support [preauth]
Apr 13 23:05:48 atomos sshd[3144]: Invalid user support from 138.91.144.167
Apr 13 23:05:48 atomos sshd[3144]: Postponed keyboard-interactive for invalid user support from 138.91.144.167 port 1025 ssh2 [preauth]
Apr 13 23:05:49 atomos sshd[3203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.144.167 
Apr 13 23:05:51 atomos sshd[3144]: error: PAM: Authentication failure for illegal user support from 138.91.144.167
Apr 13 23:05:51 atomos sshd[3144]: Failed keyboard-interactive/pam for invalid user support from 138.91.144.16  port 1025 ssh2
Apr 13 23:05:51 atomos sshd[3144]: Postponed keyboard-interactive for invalid user support from 138.91.144.167 port 1025 ssh2 [preauth]
Apr 13 23:05:51 atomos sshd[3236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.144.167 
Apr 13 23:05:54 atomos sshd[3144]: error: PAM: Authentication failure for illegal user support from 138.91.144.167
Apr 13 23:05:54 atomos sshd[3144]: Failed keyboard-interactive/pam for invalid user support from 138.91.144.16  port 1025 ssh2
Apr 13 23:05:54 atomos sshd[3144]: Received disconnect from 138.91.144.167: 3: com.jcraft.jsch.JSchException: Auth cancel [preauth]

Seriously, some dodgy ISP in Russia or Asia having a crack, I’ll ignore it. But a big company like you? I expect better behaviour.

Apr 122014
 

Well, it seems user interfaces are going around in circles again. Just recently, I’ve been meeting up with the Windows 8.1 style UI. One of my colleagues at work uses this as his main OS, we also have a VM image of Windows Server 2012 R2 (a 180-day evaluation).  One thing I will say, it’s a marginal improvement on Windows 8.  But is it all that new?

win2012r2

Now, the start screen is one of the most divisive aspects of the Windows 8 UI.  Some love it, some hate it.  Me?  Well the first incarnation of it was an utter pigsty, with no categorisation or organisation.  That has improved somewhat now that you can organise tiles into groups.

But hang on, where have I seen that before?

winnt31-1

That looks… familiar… Let me scroll over to the right a bit…

winnt31-2Ohh, how rude of me!  Allow me to introduce you to an old acquaintance…

winnt31-3This, is Windows NT 3.1.  What one might call the first real ancestor of Windows 8.1.  Everything that came before was built on DOS, Windows 8.1 basically calls itself Windows NT 6.3 beneath the UI.  This is the great-great-great-great-great-great-great-great-grandparent of today’s Windows desktop OS.  Yeah, it’s been that many releases: 8.0, 7, Vista, XP, 2000, NT 4, NT 3.51 and NT 3.5 all sit in between.

Now the question comes up, how is it different?  Sure there are similarities, and I will admit I exaggerated these to make a point.  The Program Manager normally looks more like this:

winnt31-4The first thing you’ll notice that the Program manager (the closest you’ll get to the “start screen”) doesn’t normally occupy the full screen, although you can if you ask it to.  In fact, it will share the screen with other things you might have open:

winnt31-5This is good for both novice and power user alike.  The power user is likely wanting to launch some other application and will be thinking about the job at hand.  The novice might have instructions open that they’re trying to follow.  In neither case, do you want to interrupt them with an in-your-face full screen launcher; a desktop computer is not a smartphone.

The shortcoming of the original Program Manager interface in terms of usability was that you were limited to two levels of hierarchy, with the top-level containing only program groups, and the lower level containing only program icons.  The other shortcoming was in switching applications, you either had to know the ALT+TAB shortcut or minimise/restore full-screen applications so you could see the other applications or their icons.  There was no status area either.

Windows 95 improved things in that regard, the start menu could show arbitrary levels and the taskbar provided both a status area and a screen region dedicated to window selection.  As the installer put it, changing applications was “as easy as changing channels on TV”.  (Or words to that effect.  I’ve ran the Windows 95 installer enough times to memorise two OEM keys off-by-heart but not well enough to remember every message word-for-word.)  Windows NT 4.0 inherited this same interface.

This remained largely unchanged until Windows XP, which did re-arrange some aspects of the Start menu.  Windows 2000/ME made some retrograde changes with respect to network browsing (that is, “My Network Places” vs “Network Neighborhood”[sic]) but the general desktop layout was the same.  Windows Vista was the last version to offer the old “classic” menu with it disappearing altogether in Windows 7.  The Vista/7 start menu, rather than opening out across the desktop as you navigated, confined itself to a small corner of the screen.  Windows 8 is the other extreme.

Windows 8, the start screen takes over.  There’s no restore button on this “window”, it’s all or nothing.  Now, before people point me out to be some kind of Microsoft-hater (okay, I do endulge in a bit of Microsoft-bashing, but they ask for it sometimes!) I’d like to point out there are some good points.

The Start screen isn’t a bad initial start point when you first log in, or if you’ve just closed the last application and wish to go someplace else.  It’s a good dashboard, with the ability to display status information.  It’s also good for touch use as the UI elements are well suited to manipulation by even the most chubbiest of digits.

What it is not, is a good launcher whilst you’re in the middle of things.  A more traditional Start menu with an item to open the Start Screen would be better here.  It also does a very poor job of organising applications: something Windows has never been good at.

So I guess you’ve all worked it out by now that I’m no fan of the Windows UIs in general, and this is especially true of Windows 8.1/2012 R2.  Not many UIs have a lower approval rating in my opinion.  The question now of course, is “how would I do things different”?  All very well to have an opinion about what I don’t like, and so far the IT industry has pushed back on Microsoft and said: “We don’t like this”.  The question is, how do they improve.

Contrary to what some might think, my answer is not to roll the UI back to what came in Windows 7.  The following are some mock-ups of some ideas I have decided to share.

Meet a desktop that for now we’ll call the “Skin The Cat” desktop.  The idea is a desktop that provides more than one way to perform typical actions to suit different usage scenarios.  A desktop that follows the mantra… “there’s more than one way to skin a cat”.  (And who hasn’t wanted to go skin one at some point!)  No code has been written, the screenshots here are entirely synthetic, using The Gimp to draw what doesn’t exist.

mockup-desktopSo here, we see the STC desktop, with two text editors going and a web browser (it’s a quiet day for me).  I’ve shown this on a 640×480 screen just for the sake of reducing the amount of pixel art, but this would represent a typical wide-screen form-factor display.

You’ll notice a few things:

  • Rather than having the “task bar” down the bottom, I’ve put it up the left side.
  • The launch bar (as I’ll call it) has two columns, one shows current applications, the other shows that application’s windows.
  • Over on the right, we have our status area, here depicting volume control, WiFi, battery and mail icons, and a clock down the bottom.
  • Bottom left is a virtual desktop pager.  (MacOS X users would call these spaces.)

Why would I break Microsoft tradition and use this sort of layout?  My usual preference is to have the launch bar up the top of the screen rather than down the side, as that’s where your application menus are.  However, monitors are, for better or worse, getting wider rather than taller.  So while there’s plenty of space width-wise, stacking bars horizontally leads to one being forced to peer at their work through the proverbial letter-box slot.  This leaves the full height for the application.

I group the windows by the application that created them.  All windows have a border and title bar, with buttons for maximizing, iconifying (minimising, for you Windows folk) and closing, as well as a window options menu button, which also displays the application’s icon.

So how does this fit the “skin the cat” mantra?  Well the proposal is to support multiple input methods, and to be able to switch between them on the fly.  Thus, icons should be big enough you can get your thumb onto them with reasonable accuracy, most common window operations should be accompanied by keyboard actions, and the controls for a window should be reasonably apparent without needing special guidance.  More importantly, the window management should stay out of the way until the user explicitly requests its attention by means of:

  • clicking on any title bar buttons or panel icons with the mouse
  • tapping on the title bar of a window or on panel icons with one’s finger
  • pressing an assigned key on the keyboard

Tapping on the title bar (which is big enough to get one’s finger on) would enable other gestures momentarily to allow easier manipulation with one’s fingers.  The title bar and borders would be enlarged, and the window manager would respond to flick (close), pinch (restore/iconify or maximise) and slide (move) gestures.

Tapping the assigned keyboard key or keystroke (probably the logo/”Windows”/command key, inference being you wish to do give the window manager a command) would bring up a pop-up menu with common window operations, as well as an option for the launch menu.

Now this is good and well, but how about the launcher?  That was one of my gripes with Windows for many years after all… Well let’s have a look at the launch menu.

mockup-launcherSo here we’ve got a user that uses a few applications a lot.  The launcher provides three views, and the icons are suggestive about what will happen.  What we see is the un-grouped view, which is analogous to the tiles in Windows 8, with the exception that these are just program launchers, no state is indicated here.

The other two views are the category view, and the full-screen view.  These are identical except that the latter occupies the full screen like the present start screen in Windows 8 does.  Optionally the category view (when not full screen) could grow horizontally as the tree is traversed.  Here, we see the full-screen version.  Over on the right is the same list of frequent applications shown earlier.  As you navigate, this would display the program items belonging to that category.

mockup-launcher-fullscrn

Here, we choose the Internet category.  There aren’t any program icons here, but the group does have a few sub-groups.  The “Internet” category name is displayed vertically to indicate where we are.mockup-launcher-fullscrn-inetLooking under Web Browsers, we see this group has no sub-groups, but it does have two program icons belonging to it.  The sub-group, “Web Browsers” is displayed vertically.  Tapping/clicking “Internet” would bring us back up to that level.mockup-launcher-fullscrn-inet-web

In doing this, we avoid a wall of icons, as is so common these days on Android and iOS.  The Back and Home links go up one level, and up to the top respectively.

The launcher would remember what state it was last in for next time you call it up.  So if you might organise specialised groups for given tasks, and have in them the applications you need for that task.  It’d remember you opening that group last time so you’d be able to recall applications as needed.

Window management is another key feature that needs to be addressed.  The traditional GUI desktop has been a cascading one, where dialogue boxes and windows are draw overlapping one another.  Windows 8 was a throw-back to Windows 2.1 in some ways in that the “Modern” (god I hate that name) interface is fundamentally a tiling one.

There are times when this mode of display is the most appropriate, and indeed, I use tiling a lot.  I did try Awesome, an automatic tiling window manager for a while, but found the forced style didn’t suit me.  A user should be able to define divisions on a given desktop and have windows tiled within them.  The model would be similar to how spreadsheet cells are resized and optionally merged.  A user might initiate tiled mode by defining the initial number of rows and columns (which can be added or subtracted from later).  They then can “snap” individual windows to groups of cells, resizing the divisions as required.  Resizing and moving a window would then move in units of one “cell”.

At the request of the user, individual windows can then be “floated” from the cellular layout allowing them to be cascaded.  Multiple windows may also occupy a cell group, with the title bar becoming “tabbed’ (much like in FluxBox) to allow selection of the windows within that cell group.

I haven’t got any code for the above, this is just some ideas I’ve been thinking about for a while, particularly this afternoon.  If I get motivated, we may see a “skin the cat desktop” project come into existence.  For now though, I’ll continue to do battle with what I use now.  If someone (commercial or open-source motivated) wants to try and tackle the above, you’re welcome to.  However, the fact the ideas are documented here means there is prior art (in fact, there is prior art in some of the above), and I’d appreciate a little attribution.

Apr 122014
 

Hi all,

Well, this week has given the security world quite a shake-up as a result of the OpenSSL Heartbleed bug.  I’ve got no reason to suspect my key has actually been compromised, but two things made me decide to revoke my old key and issue a new one:

  • It was quite old, dating from 2011.  I think I’ll be replacing them every 2~3 years from now on.  (new one after two years, old one revoked a year later)
  • I’ve got no way to really know if my system was penetrated or not, better to be safe than sorry.

The following is my new key (minus the UIDs, I don’t want to encourage the spam):

pub   4096R/10BDE3B7 2014-04-11 [expires: 2017-04-10]
Key fingerprint = 9804 EB67 F914 61DE 967D  A1B0 4DFA 1914 10BD E3B7

Right now I’m going through and changing some of my passwords, just to be on the safe side. Thankfully I use a few different passwords (I have “classes” of passwords which I use for different tasks) so those getting revealed is less of a problem than it may have been.

The other good news is that my SSH keys haven’t been compromised, I have been gradually replacing my old DSA one with new RSA ones, and hadn’t copied the private key to my server yet (although the public one was in authorized_keys).  That, and my CA key used for this site, was kept on another computer, so it should be okay.  I’ve generated new SSL keys just in case though.

The new GPG key is signed with my old one, you can trust that signature if you wish.  Don’t trust anything signed by it after this date however.

Now, to re-train my muscle memory with these new passwords.  (sigh)

Apr 032014
 

Well, lately I’ve been doing some development work with OpenNebula.

We’ve recently deployed a 3-node Ceph cluster which we intend to use as our back-end storage for numerous things: among them being VM storage.  Initially I thought the throughput would be “good enough”, 3 hosts each with gigabit links supplying VM hosts with gigabit backhaul links.

It’d be comparable to typical HDDs, or so I thought.  What I didn’t count on in particular was the random-read latency introduced by round-tripping over the network and overheads.  When I tried Ceph with just libvirt, things weren’t too bad, I was close to saturating my 1Gbps link.  Put two VMs on and again, things hummed along.  Not blistering fast mind you but reasonable.

I got OpenNebula talking to it easy enough.  We’re running the stable version: 4.4.  There are a few things I learned about the way OpenNebula uses Ceph:

  • OpenNebula uses v1-format RBDs (the Ceph default actually)
  • Since v1 RBDs don’t support COW clones, instance images are copied.
  • Copying a 160GB image in triplicate over gigabit Ethernet takes a while, and brought our little cluster to a crawl.

Naturally, we’re looking into beefing up the network links and CPUs on the storage nodes, but I’ve also been looking at ways to reduce the load on the back-end cluster.  One is through caching.  There are a couple of projects out there which allow you to combine two types of storage, using a smaller, faster block device to act as a cache for a larger, slower device.  Two which immediately come to mind: FlashCache and bcache.

bcache is on the TODO list, it has a few more knobs and dials to be able to play with, and shares a single cache device with multiple back-end devices, so might yet be worth investing time in.

Sébastian Han posted a guide on doing RBD caching using FlashCache, and so my work has largely been based on this initial work.  I’ve been hacking up a OpenNebula datastore management and transfer management driver which harnesses FlashCache and the newer v2 RBD format to produce a flexible storage subsystem for OpenNebula.

The basic concept is simple enough:

  • Logical Volume Manager, is used to allocate slices of a SSD to use as cache for back-end RBDs.
  • For non-persistent images, a new copy-on-write clone of the base image is created
  • A flashcache composite device is produced using the LVM volume as cache and the RBD as the backend
  • KVM/QEMU/Xen uses this composite device like a regular disk

The initial attempt worked well for Linux VMs, read performance initially would be between 20MB/sec and 120MB/sec depending on network/storage cluster load.  Subsequent reads would then exceed 240MB/sec.  Write performance was limited to what the cluster could do, unless you used writeback mode at which point speed picked up dramatically.

Windows proved to be a puzzle, it seems some Windows images have an odd way of accessing the disk, and this impacts performance badly.  In many cases, the images were of a sparse nature, with most of the content being in the first 8GB.  So I made sure to allocate 8GB chunks of my SSD, and performed what I call pre-caching: seeding the contents of the SSD with the initial 8GB (or however big the SSD partition is) of the image.

That picks up the initial boot performance by a big margin, at the cost of the image taking a little longer to deploy in the PROLOG stage.

For those who are interested, some early code is available via git.

bcache might be worth a look-in as it has read-ahead caching.  I haven’t done so yet.  I’d like to split the caching subsystem out and have cache drivers much like we have for datastore managers and transfer managers alike.  The same concept would work for iSCSI/CLVM storage or Gluster storage as it does for Ceph.

Mar 272014
 

Well, the search goes on. This saga started out initially as questions began about where MH370 had gone.

As if a large aircraft could just disappear into thin air.

There’s no question that the plane has crashed. Almost certainly it crashed out in the ocean, a particularly nasty stretch of ocean that’s home to some of the roughest seas.

Sure, they’ll have life rafts and other safety devices on board. Anyone caught out in the ocean for this long would be long dead by now. To the families of those on board, I do offer my condolences.

The question remains as to why this happened though. I was thinking about this, this morning. The plane was destined for Beijing. It is understood it crashed somewhere south-west of Perth.

Far be it from me to raise conspiracy theories, but it got me thinking: was someone on that plane trying to take an Al Queda-esque swipe at Perth?

Update: Discussing the thought here, we rather suspect the 2 hour long recording on the flight recorder will be largely silent. It’s too far west for Perth, although there might’ve been intentions to alter course later. Something caused the course for the autopilot to be set down south, and the plane flew more-or-less dead straight. There are questions being raised about one of the pilot’s marital situation, which might hint at a suicide attempt. I guess I’ll stop here, and let the authorities do their investigation.