Dreami's Blog

Thoughts and notes of a geek

Don’t give away crap T-shirts — December 30, 2016

Don’t give away crap T-shirts

I’ve recently been given some T-shirts from events and organizations. And I think they’re all crap. Why? Absolutely no quality.

See, my father used to have a little side project, selling clothes to businesses. Usually that included some T-shirts with a logo printed or embroidered. So I think I know a bit about T-shirts.

If you’re planning an event and thinking of giving a giveaway, then please check your budget and sort something out that’s actually ok at that value. I’d rather have some little gadget or invention than a 5$ crap T-shirt.

They’re only gonna end up at the local mission center and given away to some family that’s got nothing. Well, if you wanna help those people then just tell that some part of admission is gonna be part of a donation. You got yourself a better image basically for free, as you were gonna spend that money anyway. And I don’t have to take a T-shirt home only to be disappointed again.

Now on the other hand, if you really wanna do T-shirts, then invest a bit. I think the best thing is to just sell them. At the price of normal events (I’m not talking about several hundreds of dollars to special events) you should be spending that money on, guess what, the actual event. So if one wants to have a T-shirt, you can just sell it separately.

A post about naming — December 7, 2016

A post about naming

Naming things is quite hard. See, I didn’t find a name for this blog post. And apparently if you get a child, you’ll realize how much people you actually hate when choosing a name.

Now some companies do it great by just naming stuff like it is. Or if they don’t, they at least stick to it.

A good name is the iPad. Everyone knows what an iPad is. Another name is Excel. You don’t know what Excel is by looking at its name, but Microsoft stuck to it through the years.

Now there are other companies, like Google. The product was originally named Chromecast and the API was named Google Cast (other products can use that API). They then said that OEMs had to call it Google Cast if they use that feature in their products. Now, they changed it again and it’s called Chromecast built-in. Now the app on your phone, for the actual Chromecast device, was originally called Chrome Cast, then Google Cast and now Google Home.

Enough of that, you can read the full story here. At least its name implies something related to movies and theaters and the rest goes from that.

Now I recently bought one of those 21:9 monitors from Asus – the ROG PG348Q. It has a little LED at the bottom of the stand that casts the ROG logo to your desk. I didn’t actually intend to use it but I didn’t even find it in the menus. I even thought, maybe it’s disabled somehow because I didn’t connect it properly.

download

Turns out, this thing is called “LIGHT IN MOTION”, What the actual fuck? It has no motion, it just looks like the ROG logo with some weird robotic stuff around it. Anything like “ROG logo light” would have been so much better.

So please, if you’re a product developer, give it a good name.

The Grand Tour is great so far – here’s why  — November 19, 2016

The Grand Tour is great so far – here’s why 

So yesterday the first episode of The Grand Tour (GT) has premiered. Why is that so important? GT is sort of the successor to Top Gear (TG). Why is that?

In 2015, near the end of series 22, it became public that Jeremy Clarkson had punched a producer for not serving the hosts warm dinner. He was then fired (or technically, his contract wasn’t renewed) and the show was taken over by Chris Evans who then did another series this year with almost no one watching it.

Hammond and May left with Clarkson of course and the three were then approached by the new big ones: Netflix and Amazon (Prime). And Amazon Prime won them for at least 3 seasons as for now. The season airs in 12 episodes and it’s a new episode each Sunday (no binge-watching sadly).

Sidenote: Amazon has just announced they’re going to expand worldwide by December. They’re going in big with this one.

Now yesterday we could actually see what that brought us. And it’s great. Let me start with a quote from the Telegraph:

Somewhere out there you could almost hear Chris Evans locking his bedroom door from the inside and sobbing.

First of all, the three are just the same. Snickering about, leaving each other behind, unfair challenges and so on. That’s what killed Top Gear and that’s what Chris Evans will never understand. Top Gear is as much about cars as Michael Schumacher is the Stig (he isn’t). Most of all, it’s three blokes doing what all blokes would if they could.

There are a few differences from GT to TG. The BBC has ordered Clarkson not to use some of his keywords, so there’s no “On that bombshell” and “some say”. And the Stig is apparently trademarked.

First of all, there’s no studio anymore. They’re travelling around the world in a tent, so this episode they were somewhere in the USA, next episode’s stop is Johannesburg.

They’ve built a new track in England, mostly consisting of the Isn’t-Straight (cause it isn’t straight) and hired a new test driver who had to be American. I don’t like him yet but let’s see what’s to come. TG series 1 had no James May, so there may still be some changes.

The Reasonably Priced Car is gone and replaced by a new celebrity feature which they didn’t show properly in the first episode, you’ll see why.

The first episode is called “The Holy Trinity”. No, it’s not the three blokes. It’s about stuff they promised on Top Gear but was never shown. Let me just say hypercars and that will be it, you’ll have to see it.

For comparison, I watched the last episode of proper Top Gear first, where there’s just May and Hammond left. I hadn’t watched that yet because it was said to be too sad, so I waited until the new series. Let’s just say, GT starts where TG ends.

So you can fairly say that The Grand Tour  is the successor to Top Gear. I wonder how long they’re gonna let that corpse lie around before they scrap it, but we now have something better.

Facebook has a spambot problem (for real)  — November 5, 2016

Facebook has a spambot problem (for real) 

Seriously, why is this still a problem? This has been going on for months and I reported countless accounts and they were not even banned, even though it’s completely obvious. Ok, let’s start from the beginning. 

Have you ever had a photo in your feed that was cropped just at the point where things would get real? And it was liked by a friend? It looks something like this

Now there’s quite a weird thing about it. It has 2.7 thousand likes, but no or almost no comments. Isn’t that a bit weird? I don’t know how the comment-to-like ratio is, but it sure is above 1/1000th.

Now there’s a reason for that. You see, there’s a link on the top to get the full image. And that leads you to this instead of that image:

Why would you need to give an app permission to your profile, just to look at an image? Keep in mind that the actual image is not visible even after giving permission. 

The thing is, this app then likes pictures on your behalf. Even though Facebook says “This won’t allow it to post content on your behalf”, liking is apparently no problem. 

And most of the time it’s not pictures of cats and dogs, but pictures of boobs and the like. Now don’t get me wrong, I’m not prude and I don’t say you’re wrong when liking pictures of boobs. But you certainly don’t wanna let your grandma and aunt Barbara know, or your coworkers. 

I still don’t get why Facebook doesn’t allow you to post naked people on your timeline but there’s nothing wrong with bots liking such things on behalf of the users. 

Additionally, the user cannot see it himself. Facebook doesn’t show things you liked on your profiles timeline. It’s just on other people’s feed. 

To get rid of this, go to Account Settings / Apps and delete anything you don’t know. Or disable and re-enable “Platform” to get rid of everything (you may  need to log in again to sites, but nothing is lost). 

I would really like if you, as a reader would help in getting this fixed. Report this to Facebook and if you’re OK with that, share this post with your friends so they know what’s happening. 

Warranty is worth nothing if replacement take weeks — November 3, 2016

Warranty is worth nothing if replacement take weeks

We need to rethink our replacement strategy for wares that can go bad but users still need them. I’m strictly thinking of consumer stuff here. And yes, it’s a first world problem but I think this is the next hindrance of consumer trade, like all the other things we actually solved now (customer not present when packet arrives and such) 

Let me make an example. Your smartphone goes bad, it doesn’t turn on again. Woo-hoo, at least here in Switzerland you got 2 years of warranty, so no problem at all. Let me make clear, the phone is completely and obviously broken, there is no way the manufacturer’s not gonna take it back. 

So you go to your phone store and tell them your problem. They’ll happily take your case, but you’ll have to wait 4-5 weeks. Say what? 

So you then get a replacement phone. But guess what, my phone setup is not that simple. Sure you could restore a backup if it’s an iPhone, but even different Samsung models (which I use) have problems restoring to each other. 

So for me as a customer, this means going through a 2 hour setup twice in a span of 4 weeks. That warranty hasn’t helped me at all in my convenience. 

Or my next case. My computer mouse broke, again pretty obvious, it doesn’t click right anymore. Some clicks are missed, some not. If you plug it in for a minute, you could give the customer a replacement model and of he goes. You then deal with the manufacturer, put together a package and all the papers. 

Remember, you have packages and all that stuff available. You’ve got machines and label printers. You’re sending out thousands of packages each day. 

So my idea of the next great company is just that. I’ll come in the store, return the defective item. The store promptly checks my item and issues a new one. The happy customer is now out of the process. 

The store then handles shipping back to the manufacturer and restocks all the replacement items that come back. And yes, this is some money lost temporarily, but you’ll end up with a happy stuff-buying customer.  

Of course, that includes two preconditions which you can check by phone:

  • Is the replacement item on stock
  • Is it easy to check if it’s broken 

It’s what we do at our company for B2B. Why can’t this be a thing for B2C? 

“How to hack any PC in 2 minutes”… with physical access  — October 8, 2016

“How to hack any PC in 2 minutes”… with physical access 

Can we please get a little knowledge out to all the script kiddies? If you’re in physical possession of a device, hacking it is not difficult. Let me make it a quote so people skipping will read it 

Hacking with physical access is like climbing over a garden fence

There are many tutorials on YouTube if you search for Hack Windows PC or the like. Most of the time it’s some teenager searching for help in getting more computer time or one that wants to stalk his crush. The second one is actually worrying. The tutorials are often like 

  • Boot some tool / into fail-safe mode
  • Change Windows Password
  • Reboot, log in 
  • Do whatever you want

Now you might say “yeah, Windows/<insert OS> is broken, they’re so stupid, haha”. Well, they’re not. You could just as well read the hard disk and get to your data. Oh you use a BIOS password? I’ll just take the disk out and analyse it in my computer. Oh you use a disk password in your BIOS? Same thing. 

The only thing that actually works is encrypting your disk, known as full disk encryption. But I could do other things then. I could install a physical keylogger on the back of your computer where you never actually look. Or if I’m desperate, I could take the disk out and wait several million years to decrypt it. 

Even IT security appliances have stuff like that built-in, even on purpose. There’s a password reset procedure for almost any device that will not wipe the data. Usually, you can do something until 30 seconds after boot or you can press a button during boot that will take you to a special shell. You can then connect via a serial console (a separate cable port) and do some pre-defined tasks. Why is that? You got access to my switch configuration then, right? 

Well, those manufacturers think the same. If your physical access layer is broken, there’s nothing you can do. So any protection would actually be useless. So let’s do it the other way and make it easy for administrators to reset passwords in case its forgotten, or for some lab machine where the user forgot to reset it afterwards. Of course, there are others like a single-sign on (SSO). device, where physical tampering will wipe the key to decrypt all the passwords. But then too, it’s a cat-and-mouse game between detecting a physical break-in to the machine vs. opening it undetected. Cause once you’re in, you can tamper with it. 

Another important aspect is that devices have to trust their environment. It’s like kids, they trust you to navigate them through the first years of their life. If you tamper with the SSO device and the break-in fuse didn’t trigger, you can do whatever you want. You could apply logic analyzers to the mainboard (while running) and find stuff out about it. Of course there are counter measures, but generally the device has to have a trusted base workspace. 

So if you ever hear someone “Hey, I cracked that computer over there” you can just say “Oh cool. Anyway, …” 

Disturbed’s top song is… The Sound of Silence — October 4, 2016

Disturbed’s top song is… The Sound of Silence

Hello darkness, my old friend
I’ve come to talk with you again
Because a vision softly creeping
Left its seeds while I was s

And the vision that was planted in my brain
Still remains
Within the sound of silence

I think almost everyone knows these lyrics, at least the start of it. Now according to Spotify these are the most heard lines of Disturbed. Let that sink in for a moment. The “heavy metal band”‘s (according to Wikipedia) most heard song is a cover of The Sound of Silence by Simon and Garfunkel.

disturbed-sounds-of-silence

Here’s that particular version:

Now that goes to show that a band’s most popular song is not necessarily a band’s best song. I don’t know if that’s already naïve to think, but it’s just another great example.

Another example of this is Metallica’s Nothing Else Matters. While they’re a heavy metal band too their most popular song is a ballad.

ESXi – Move VMs between datastores (the dumb way)  — September 23, 2016

ESXi – Move VMs between datastores (the dumb way) 

I’m using ESXi for a lab setup. After it got really slow, I added some disks. I then had to move some VMs to the new datastore. Now that’s quite easy if you have a vCenter and such stuff, but not on the free ESXi. How do you do this in the easiest way possible if you don’t care about performance? This will work but blow up the disk to the thick provisioned size. 

Prerequisites

  • ESXi (version 6 in my case)
  • More than one datastore
  • SSH or local console access to the ESXi host
  • The second datastore must be at least as big as the VMs you want to move (the capacity, not the current, actual size)

Follow along this plan

  • Power down the VMs you want to move
  • Connect via local console or via SSH to the ESXi. I prefer local console since the move may take quite a long time and there’s a session timeout on SSH
  • The path to the datastores is /vmfs/volumes/<datastore-name>. So in my case it was /vmfs/volumes/datastore1 and /vmfs/volumes/datastore2. Don’t worry about the weird names when you actually cd there, the names are symbolic links
  • Now I said move in the title, but for reasons I’ll suggest you’ll copy first. So if you want to move my_vm from datastore1 to datastore2:
  • cp /vmfs/volumes/datastore1/my_vm /vmfs/volumes/datastore2/
  • This will take a long time since it’s copying the whole hard disks, even though they’re zeroed out. Be patient. I suggest you follow along on a second terminal (ls in the new directory).
  • Unregister the VM (it’s still pointing to the old location)
  • Register the VM in its new location
  • Start the VM
  • It will ask if you copied or moved it. The actual question: should I generate a new MAC address? As long as you don’t start the old machine, choose “I moved it”. This ensures your interfaces don’t get mixed up. I tried this with my firewall, so it works.
  • Your machine is ready again!

Now if everything worked out, you can delete the old directory on the old datastore since it’s not needed anymore.

Again, this is much easier if you’re on a vCenter and I don’t think that’s supported what we’re doing here. But it works.

How to take notes as a CS student  — September 20, 2016

How to take notes as a CS student 

So I’m now in my 3rd term of studying Computer Science. I’m only doing that part-time, that’s why it’ll be longer.

As people are now starting their studies as well, I wanna talk about how I take notes and organize my stuff. It basically follows the principle of “don’t make me think”. There may be better solutions to parts of that, but I like to keep the number of tools I use to a low number, since I don’t want to be searching around.

Math/paper heavy lectures

I’m now officially done with all courses titled “Math” but I don’t know what’s to come. In these kind of lectures, you’re handed a text script which the lecturer follows more or less. During the lecture, he’ll work on the chalkboard.

For that kind, I print out the text script and take it with me in a folder. I like the ones with four instead of just two holes, all the paging around does take its toll during a term. I then take my notes on my notepad and after I’m done with a page or the lecture, I put that page approximately where we were in the text script in that folder. That way, I can scroll through the pages and have a copy of what was written during the lecture as well as just the theory behind it.

I’m doing the same for exercises. I’m doing it on paper and then I’ll sort it in right behind the whole script. That’s because exercises are not always in the script, so there’s no direct connection. I like to keep things the same way.

Why do I use no computer? I found out that it’s quite hard to write math on a computer (not talking about LaTeX, I’m not quick enough yet) during a lecture. Simple pen and paper always works.

Presentation lectures

Note: I’ve revised this part of the post in a new post.

There’s the other type, where there’s a PowerPoint presentation and you’re handed the file before the lecture. The lecturer then goes through that presentation, explains things, but it’s mostly included in the presentation.

For that type, I’ll have sync scripts that sync the presentation from the server down to my machine, so I have everything ready. I then open the presentation that’s currently on the projector and print it to OneNote. That’s where I keep all my things stored and it’s my main tool besides pen and paper (hopefully that’ll be more and more).

Using OneNote for lecture notes

There’s a few things to consider when using OneNote

OneNote does not actually store your PDFs. When you print to the OneNote printer, it generates an image of every page. That image will then be pasted into your notebook. OneNote actually performs OCR on everything that you print to it, you can have that text back with the “Alt text” feature. Also, the text is searchable.

The only bad thing is that you can’t click on links or anything like that. On the other hand, it’s stable and not depending on any kind of interpretation anymore. Just this week I was having problems with formulas from a Word PDF document. It was showing up in Adobe Reader, but not in the printout. I used the “Print as image” feature, found under Print/Advanced, since it’s gonna be a picture anyway.

The reason I use OneNote that much is sync. I usually open a new notebook for each course on OneDrive and then open that one in the mobile apps if I ever need to check something. I don’t have to sync PDFs around where I only have a limited edit tool and everything’s the same on each device.

In OneNote, you’ll have three levels of organization. You’ll have a notebook, which is the actual  file. You’ll then have sections, including a list of pages. Those pages can be indented on the page list.

So I usually create a section for lectures and one for exercises. I then put each lecture file into its own page (make sure to disable the splitting of pages on large printouts) and name it according to the filename. For the exercises, I use one page for each as well. When I get solutions, I print that out as well and indent it by one under the exercise page.

On the screenshot above, you can see my recently completed statistics course. You can see two sections for lectures and exercises and the exercise pages on the right. One page for each exercise, solutions indented by one.

Is it the best solution? Maybe not. Is is a working solution? Definitely yes.

Smartphone UX: don’t go back automatically  — September 18, 2016

Smartphone UX: don’t go back automatically 

I think you encountered this before. Some apps go back to a previous screen automatically for easier use. Now this is a useful feature, but not if 

  • It didn’t work that way before 
  • It doesn’t go back immediately without displaying the unneeded screen 
  • The user has a physical back button too  instead of just you displaying one on the app 

Two examples

Facebook thought it was a very good idea to go back to the previous screen after playing a video. But only after a little delay. Now, think of this: do you ever close a video before you watched it through? I do, and that’s usually a bit before the end. So there’s two flows here

  • I close the video myself with the back button and end up on the previous screen at the correct position, usually a new page I discovered and want to watch through all its funny videos 
  • The video closes itself but out of intuition I also press the back button (I was a split second late) and I end up on my news feed. I then have to go to the page again and scroll for ages

They did fix it now and reverted to you being in control of the back button, but that took a long time. 

Now another example I just encountered: Quora 

I reported an answer because it was just copy-paste from some “10 things to consider if you start a listicle” site. You have a screen to choose your reason, then it displays a little message at the bottom (same screen) saying it’s reported. Remember, you still see the reason screen. Then it automatically goes back. Now again, I was backing out myself a split second late and ended up on the feed. 

Note that almost all of this violates “forgiveness”. That means that in a touchscreen environment should expect your users to make mistakes or mistypes, more than on mouse and keyboard. Also, there should be a better way to get back to where you were on a long list of posts on smartphone apps.