Securing your Top Secret Private Data

We live in a digital world of usernames, passwords, account numbers, pins and secret questions. Most people would have account numbers and passwords used for online banking, online credit card statements, superannuation account, PayPal, investment portfolios and other services linked directly to their money.

The problem with this is you either need to remember all of the account numbers and login details for each service, or store them somewhere in case your memory fails. Relying on memory is probably not a very good idea. The more services you have, the more chances you'll get something mixed up. And it's probably a good idea to change some passwords every now and then in case you get compromised (maybe someone looking over your shoulder when you logged in from a public place, maybe you used an untrusted computer which could've had a keylogger installed, etc).

So what do you do? Write them on a piece of paper and store them in a safe in your home? Possibly, although it needs to be a pretty serious safe (too heavy to steal, fire-proof, flood-proof). A piece of paper anywhere else would be a bad idea. Things can get lost or go missing and either end up in the wrong hands, or simply lock yourself out of all your services. Perhaps having a duplicate stored in a second place would help prevent the latter, but that just doubles the chance of loosing it.

How about storing this information digitally? Having all your private files in a text document on your laptop is asking for trouble (computers get hacked, laptops get stolen). But what about securing your file somehow? Perhaps with something like TrueCrypt that allows you to encrypt any file/folder using industry standard algorithms that have yet to be broken?

This could work, although there's a few things you need to be very careful about:

1. Encrypted files are only as strong as the encryption key used to lock them. This means you need to use a very strong password (i.e. long and full of random letter and numbers).
2. You need to make sure you never forget this long and complex password. If you do, you'll permanently lock yourself out of your own encrypted files. You either have to memorize this, or go back to step 1 - where do you store it?
3. Files can get damaged, deleted, corrupted. You need to have reliable backups. Using something like Dropbox to store your encrypted file could work well here. Not only will your file be synchronized between your computer and the net, but Dropbox will also keep a revision history so in case TrueCrypt causes a corruption, you can easily rollback to an older version. But actively putting your top-secret file out there is like asking a bunch of bank thieves to have a go at your safe - winner takes all.
4. All your data is now locked by a single password. If you access your encrypted file from a compromised computer with a keylogger installed, your password may fall in the wrong hands. Worse, if your computer is compromised, the temporary decrypted file may get transmitted to the other side of the world without your knowledge...

So what's the best solution to this problem? Well if you have a giant safe in your home/office, that's probably the easiest option. Otherwise you need to get a little creative. Maybe write things down on a piece of paper but use stenography to disguise the data (like take only every 3rd digit or 4th letter, the rest is just random filler, or have a paper template with holes in it that reveal the real characters and store this template in a different location).

Going down the digital path is dangerous. It's almost impossible to be sure that you're accessing your data from a secure machine... If you're really paranoid you may opt for something like TrueCrypt with a super complex password, and run it only from inside a Virtual Machine that you use for nothing else. To prevent keyloggers maybe you need to use a password and a secondary keyfile, or copy-paste a few parts of the password to confuse keyloggers...

Anyone else have any ideas that they're willing to share?

The Future of Mobile Phones: Android vs. iPhone vs. WinMo (and the rest)

Let's face it. The iPhone was a huge success. It sold relatively well throughout all regions it was released in and it helped to redefine the purpose and usefulness of mobile devices as a whole. The iPhone is more about fun, entertainment, convenience and utility then it is about making phone calls or sending messages. It's partially all about making web browsing on a mobile phone tolerable, but really, it's all about the AppStore. Having easy access to thousands of free or cheap games and apps is what made it a runaway success.

Sure, Symbian and WinMo had third-party apps support for many years prior, but these never really took off. The apps were either hard to find, hard to install, expensive or just plain ugly and boring. Apple turned this around by making everything easy, cheap and fun for the 'average' consumer (i.e. not an IT geek who knows to troll through symbian forums looking for jars compatible with their phone JVM version, download these to their PC, transfer via bluetooth, go through phone interface to install to memory card, etc).

Since the AppStore runaway success, every other manufacturer has started to follow suite by promoting online stores of some sort. None are really quite there yet in terms of application numbers, big name developers, or ease-of-use.

Another key reason for the AppStore's success (besides ease of use) is platform standardization. The iPhone has had the same screen aspect ratio, resolution, sensitivity and accelerometer from the beginning. This ensured that if a developer made an app for the 2G, it would work on the 3G and 3GS. Or in other words, the newer models were all backwards compatible as not to fragment the consumer base, and confuse the 'average' Joe.

So what's happened in the last two or three years? Google's Android has come out of nowhere and threatened to knock the iPhone off it's pedestal...only that it still hasn't happened yet. Sure the Nexus One is cool and tricked out with all the latest technology (even though the capacitive screen seemed a little unresponsive to me in comparison, but maybe it was only my unit). It supports multitasking. It's an open model where you can download and install any app without the developer having to go through Apple approval. It will soon support flash. It has an App Store that's growing in size (although it doesn't yet have the big name developers that iPhone enjoys).

Has Android taken over? Depends who you ask, but I'd say no. Will it take over? Hard to say, but again I think no. The main reason for this is fragmentation. Every manufacturer that's adopting Android is trying to differentiate itself by customizing the interface, implementing their own widgets and extensions, creating their own form-factors, using vastly different internal components and input methods, etc. If you're an Android developer wanting to make a game, what standard do you follow? What screen res and dimensions do you optimize for? What touch-screen sensitivity thresholds can you rely on? What physical buttons can you consider as available? What minimum CPU/GPU capabilities do you have to play with? How sensitive is the accelerometer (if there is one)? What Android versions will you target?

iPhone avoided all these problems from the beginning which is why it experienced the explosive AppStore growth and why it's still number one three years later. But does that mean the iPhone will continue to dominate? Maybe, but maybe not. The AppStore success may end up being its ultimate downfall. Apple makes a fortune by being the sole reseller of third-party apps, around 30% of each sale I think it was. This means it's in their best interest to funnel customers into the AppStore (an iPhone without any Apps installed is nothing but a very, very mediocre feature phone). Rejecting Flash from their browser could be one example of this. Flash would potentially give users access to hundreds of thousands of existing online Flash games that Apple cannot monetize. Just look at the new iPad. What good is a tablet intended for casual web surfing, entertainment and productivity if you can't access over half the content out on the internet? No, wait, let me guess...Flash is evil... you don't really need it...there's an app for that!

So if Apple may fall, and Android may burn out, who'll be the next big player? Nokia has been flogging the Symbian 60 platform for a few years too long. They finally realized they couldn't compete with this forever so turned it loose and made it open-source, leading to Symbian^3. I think this'll head more or less the same way as Android. Every manufacturer that picks it up will feel compelled to mod it into their own image, and as such fragment the platform into oblivion. Nokia has also been working on Maemo, with the N900 being the first Maemo 6 device. This managed to generate a bit of a cult following, but never made it mainstream. Since then, Nokia teamed with Intel and merged Maemo with Moblin to form MeeGo, which now natively supports the cross-platform Qt framework... Where will this lead? Who knows, but it seems the plans for MeeGo are a little too ambitious. Intel and Nokia want to use this thing in pretty much every new device they release, from mobiles to netbooks to in-car navigation systems and more. It seems to lack a specific purpose. It may end up taking off eventually (although I doubt that too), but not any time soon.

Samsung, not to be outdone, have gone out and developed their own open mobile platform as well, i.e. the new Bada which will first appear in the Samsung Wave due for release in a few months or so. Samsung is throwing a lot of focus on this at the moment and it has the potential to do well. The core features supported are already very impressive (pinch-zoom Bluetooth 3, Flash integration). It will be interesting to see how this develops in terms of other manufacturers picking it up. Will it become another fragmented Android? Will any developers feel inclined to jump onboard? What differentiates this from Android, MeeGo and the new Symbian^3 releases?

Microsoft hasn't given up either though. While their older WinMo 6/6.5 series has been dying a slow and painful death, the code monkeys have been busy in the basement cooking up Windows Phone Series 7. This actually looks very promising for a few key reasons:

1. Microsoft is releasing 3 form-factor standards for manufacturers to follow. These come with recommendations for minimum CPU requirements, RAM, screen res, aspect ratios, physical buttons, etc. This means Microsoft understands fragmentation is bad and is trying to retain some control over the OS. This is great news for developers.
2. Microsoft is restricting interface customizations to within certain boundaries. This hopefully means that manufacturers won't be able to use Win7 but make it look exactly like a Bada or Symbian or HTC Sense or some other phone. While manufacturers want to distinguish themselves through software, this is bad for consumers. Again, fragmentation. By keeping things consistent, customers that buy a Win7 phone can immediately recognize it as one and can feel comfortable navigating through the UI.
3. It will support Flash.
4. Microsoft is pushing for seamless integration between Win-PCs, Win-Phones and the XBox. The same development tools can be used to code, compile and release the same application across all three platforms with minimal to no development effort. Again, great news for developers. Also great news for those who enjoy games on their iPhone. Microsoft has a good chance at encouraging small arcade game developers at cross-releasing titles across all three systems. Something Sony should have actively encouraged and pursued for a long time now.

So will Windows Phone 7 be the next big thing? It's anyone's guess really. But it seems Microsoft has been following the triumphs and pitfalls of others and are trying to combine all the best aspects together into something that benefits consumers and developers above manufacturers. Perhaps this is the start of true separation between software and hardware for mobile phones. It's time for manufacturers to step aside and let a software company handle the interface and just focus on building low-cost, reliable hardware. Let me buy a phone the same way I buy a PC, i.e. based on hardware specs alone. Let me choose what software I want to run on it later.

UPDATE: New details have emerged showing Windows Phone 7 running full 3D games as developed through XNA - same tools and APIs used to make XBox games (Direct 3D is supported). This gives me great confidence that WinPho7 will give the iPhone AppStore a good run for its money in terms of big developer games (something that none of the other mobile platforms have even come close to). Microsoft seems to be going in all the right directions here.

Sony thinks we're lost little sheep

If you know anything about the PSPGo, then you also know it's one of the strangest products ever released. See, the PSPGo is basically a smaller version of the original PSP, with pretty much the same features and same hardware except no support for UMD games. Instead Sony wants you to login to their online store to purchase and download all games. But not all UMD games are available for download, so you have a smaller range to choose from. And you can only purchase from their store for full retail price, with no refunds available. With physical UMDs on the other hand, you can rent from a video store, borrow from a friend, buy second hand for peanuts, etc.

So if a consumer already has a PSP, there's absolutely no reason to get a Go, unless you just want something a tiny bit smaller. The original PSP can still login to the online store, can still play all of the new online only games, but can also play the full range of UMD games. Plus all the accessories and cables for the Go are not backwards compatible with the original, so you'd have to go out and buy duplicates of everything just because Sony wants to bleed you dry.

Maybe the PSP Go is intended for new customers then. But it costs about $100 MORE than the original PSP at retail (not to mention that the original can be picked up dirt-cheap second-hand now), and it does less.... I've never had a PSP before, and I'm not really interested in buying a 6 year old console unless I get a really good deal for it and really cheap games. My best option right now would be to get a classic PSP for which I can get cheap UMDs from gaming store bargain bins whilst still being able to connect online and download exclusive PSN content.

So if the Go is not a good option for existing customers as it makes no sense to upgrade, and if it's not a good option for new customers as it costs more to do less than the original PSP...then what is the target audience?

Sony recently released a statement saying that consumers were 'confused' by Go and that they're intending to 're-communicate' with us, presumably to tell us how great it is and why we should all be buying one...

I don't think consumers are confused. People just saw through how bad a deal the Go was and decided to keep their money in their wallets, or perhaps get an iPod Touch instead which offers much better entertainment value with it's collection of online games without even intending to be a gaming console. It's baffling that a company as big as Sony has such little understanding of consumer needs. They had the opportunity to release a killer hand-held online gaming console to dominate the iPhone, DS and the rest, but completely stuffed it up due to their greed and over-inflated prices.

IE6: The Thorn in Every Web Developer's Backside

As a web developer I've spent my fair share of time trying to figure out why certain things don't work as expected (or don't work at all) when dealing with IE6. Today was just another one of those days... After fixing a few issues I though I'd start a list with all the little annoyances one may face when needing to support IE6.

CSS Attribute Selectors

IE6 doesn't support them so don't use them. The one I ran across was applying styling to input checkboxes. Normally you'd do something like input[type=checkbox] which works in most browsers, except for IE. There are several hacks to get around this, but easiest method is to just attach a class to all elements that you'd use attribute selectors for.

Display Table-Row and Table-Cell

IE6 (and 7) doesn't support them so don't use them. I had some JS code that would selectively display or hide a table row depending on the state of a checkbox. To hide a row you just set display:none to the TR element. To show it again you could set display:table-row to the TR but IE6/7 gets confused and jumps off a bridge. The simplest cross-browser work-around is to set display to empty-string to re-show the row. This effectively removes the none style and defaults to the browser inheritance model, whatever that may be.

Detecting IE6 and Hacking

Had a weird case where a jQuery UI floating dialog with an image inside would get stretched to 100%, but only in IE6, every other browser worked fine. I tried setting some absolute widths on the dialog, but due to the box-model bug this produced inconsistent results on different browsers. I had to implement a variable width property using browser sniffing. Did this using jQuery as follows:

iAmIE6AndISuck = function() {
return $.browser.msie && $.browser.version < 7;
}

Yes, yes, I know, the $.browser object is deprecated in jQuery in favor of feature detection. Doesn't matter though, it's unlikely they'll ever remove it. And if they do, I may not upgrade my jQuery library, and if I do, I can just change my wrapper function to detect IE6 some other way when the time comes.

Upgrade from Win7 RC to RTM without Formatting

Anyone with Windows 7 RC needs to start worrying about the expiration date. According to Microsoft, from:

• Feb 15th, 2010 - you'll start getting tray notification notices to upgrade.
• March 1st, 2010 - your computer will automatically restart every two hours!
• June 1st, 2010 - computer restarts every two hours, plus black desktop, plus Windows Activation popup.

This effectively means that you need to get rid of RC by March 1st, which is less than two weeks from now. There is no officially supported way to upgrade from RC to final RTM without doing a clean format and clean install. This is obviously a pain as you loose all installed applications and settings.

There is however an unofficial workaround to doing the upgrade such that you loose nothing. It can be done as follows:

1. Get your hands on an official Win7 RTM DVD or iso image (and an official key). Note down the version type, i.e. 'Basic', 'Professional', 'Ultimate' or 'Enterprise'
2. Boot into your Win7 RC machine that you want to upgrade.
3. Click start, type 'regedit' and press enter.
4. Navigate to Computer\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\Current Version.
5. Notice the two keys on the right labeled 'ProductName' and 'EditionId'. These will most likely have the values 'Windows 7 Ultimate' and 'Ultimate' respectively.
6. You need to replace the 'Ultimate' word in both these keys with your RTM version type, e.g. 'Professional'.
7. Copy the content of the Win7 RTM DVD to a folder on your hard-drive, e.g. C:\Win7RTM. If you have an ISO, extract the ISO using 7-Zip or a mounting program.
8. Navigate to C:\Win7RTM\sources\ and open the file cversion.ini.
9. Change the value of MinClient to 7100.00. Save the file and exit.
10. Execute C:\Win7RTM\setup.exe and select Install. If asked to download Updates, you can select Yes, it shouldn't affect the workaround.
11. Select Upgrade when prompted, then accept the License and wait for the Compatibility Check to complete. This will list what programs are likely to break after the Upgrade. (In my case, it detected iTunes, the ATI drivers, and the ATI Control Center. They still worked fine after the upgrade though).

Once the upgrade is complete you can delete the C:\Win7RTM folder. I've tried this on two machines so far, going from Win7 RC Ultimate to Win7 RTM Professional and I haven't experienced any problems yet. Try it at your own risk though. I'd suggest you still backup your important files first just in case something goes horribly wrong.

NOTE: I take no credit for this solution. I simply compiled the information from here and here into a simple step-by-step process.

The Google Buzz Buzz

There's been a lot of talk about Google Buzz over the last week, and not because of how great or revolutionary the service is, but rather because of the shortsighted privacy considerations that went into its initial release.

In short, Google Buzz is a location-based Twitter like service where you follow a group of people and you can see their current locations and tweets. Likewise you have a group of followers who see your last location and tweet.

While cute in theory for some (not my cup of tea), the issue with this was that upon enabling the Buzz features, Google would automatically build you a group of people to follow based on your most recent and most frequent GMail conversations (along with some other services). While this is an easy way for you to get started with Buzz, it also reveals to the world who you correspond with most via GMail.

This could lead to many awkward social situations in cases were people wish to keep who they talk to secret for whatever reason. It seems baffling that Google did not think of this, or if they did they chose to dismiss it as unimportant. For a company that's diverging out into more services than you can imagine and wants to unify all these under a single user profile, privacy and security should be the number one consideration.

This Buzz incident was a huge mistake, and a huge realization for some that Google can't be trusted knowing too much about you. What makes it worse is that they explicitly gave away potentially sensitive information about you without even realizing the consequences. This may raise a lot of doubts in some people's minds. What if their next service somehow shows the world or my 'friends circle' all of my Chrome synchronized bookmarks? Or what if my most recent document titles get exposed? Or what if my GPS location data gets shown to people I don't want it to?

I hope Google will take immediate action and spend more time on use-case scenarios, what-if analysis and user evaluations before jumping in with new services via their old 'it's-a-beta' philosophy. They're getting a bad rep for being an anti-social geek company who doesn't understand the consumer...wait, wasn't that Microsoft?

From YUI to jQuery UI

Last year I started a large project and chose YUI 2.7 as the main JavaScript library for creating a rich UI. I primarily used the Dialog, TabView, TreeView and DataTable UI widgets for CRUD admin. The Event utility was used for creating a custom event bus and Connection Manager was used for core Ajax communication. Later during the project's lifespan I discovered the beauty of jQuery and slowly started to use some of the core features for elegant cross-browser DOM manipulation. This eventually lead to my desire to completely phase out YUI in favor of pure jQuery.

But why abandon something that already works? YUI did a fine job, but the API structure and markup just feels like too much work to get simple things done. I abandoned the YUI DataTable very early on in the project as it was taking way too many lines of code to get simple grids up. The TabView, TreeView and Dialogs were working fine, but the default sam-skin stylesheets were not playing nice with a set of external template styles and required a lot of hacking, which lead to cross-browser inconsistencies.

With jQuery UI on the other hand, the online Themeroller was fantastic! I was able to customize my own theme matching the template color pallet and simply drop-it-in. The jUI widgets worked correctly with my external style definitions with minimal hacking required.

Another great thing about jQuery is that the whole package is made up of 2 .js files (core & ui), 1 css file and a few images. The YUI package on the other hand was over 400 files. These can be minified and combined to some extent using their online package builder, but the whole framework just feels a lot heavier.

Refactoring the project took about a week but the end result was worth it. The application is now noticeably snappier and the UI components are consistent across all browsers. Listed below are some jQuery tips and tricks I learnt along the way.

POST Form via Ajax

I've seen a lot of examples on the internet where people use jQuery selectors to manually pick out the values from every form input element by name and build the query string. This is totally unnecessary! Posting a form via Ajax using jQuery 1.4+ is as easy as:

    $.ajax({
     type:'post',
     data: $("#my-form-id").serialize(),
     url: 'localhost/process.php',
     error: function() {
         alert('ajax call failed');
     },
     success: function(data, status, XMLHttpReq) {
         alert('ajax call returned ' + XMLHttpReq.responseText);
     }
 });

This is a generic function that'll work with any form. Just wrap this in a utility method passing in the form id, the error callback and the success callback and you're done. No need for instance specific code picking out input element values, etc.

jQuery UI TreeView Equivalent

The current jQuery UI (1.8) does not have a native Tree widget (although one is in the works). Fortunately though, jsTree is an easy to use plugin that gives you the same functionality and more.

PHP Array to JavaScript Array

This one isn't jQuery specific, but I've seen a lot of crazy methods for converting a PHP array for consumption in JavaScript. The following is a one-liner way of doing it:

<script type="text/javascript">
  var jsArray = <?=json_encode($phpArray)?>;
  console.log(jsArray);
</script>

$(document).ready()

Don't ignore this. Use it whenever you're doing any DOM manipulation whatsoever. This is especially true if you want IE6/7 to work correctly. Not using $(document).ready() can lead to race conditions that will only manifest on some browsers (usually the client's) leading to whole-page crashes or other random behavior.

jQuery Custom Events

Using custom events in jQuery is very easy. The most basic form of this is:

//to subscribe to some randomly named event
$('body').unbind('myEvent').bind('myEvent',function(){/*do stuff*/});

//to fire an event
$('body').trigger('myEvent');

The above code first unbinds (unsubscribs) any descendant of body who was previously registered to a custom event labeled 'myEvent', and then subscribes an anonymous function to this event. The second line is usually executed at some later point, perhaps after an ajax form post, that triggers the event. The unbind is not strictly necessary, it very much depends on your application architecture. It's possible to have multiple listeners for the same event by design. Just be aware of this and make sure your events are being consumed the way you think they are. If you only ever want one listener, it should be safe to unbind first just in case.

Delete all .svn metadata on a Windows system

This is just one of those solutions that you come across and you just want to save for later because you know you'll need it again at some point in the future.

So you have a project in Windows which was stored in an svn repository and still has all the .svn metadata in every folder within. You want to clean this up and get rid of all the meta, perhaps to version control in a different system, or upload to FTP or whatever.

Easiest way I've found is to copy-paste the code below in notepad, save it as delete_svn.reg, double-click the .reg file to add the code to your registry, then simply go to Windows Explorer, right-click your top-level folder, and select Delete SVN Folders from the context menu. You'll see a cmd prompt pop-up for about half a second and you're done! Now why is it that trying to do a search in Explorer, then trying to delete the files via the Explorer UI takes about 100 times longer...

Anyway, here's the code:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shell\DeleteSVN]
@="Delete SVN Folders"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shell\DeleteSVN\command]
@="cmd.exe /c \"TITLE Removing SVN Folders in %1 && COLOR 9A && FOR /r \"%1\" %%f IN (.svn _svn) DO RD /s /q \"%%f\" \""

Oh, and I didn't come up with this. I pinched it from here, so full credit goes to the original author.

Laptop with two external screens

I use my laptop as my primary work/study/home PC. The laptop itself has a fairly small 13.3" screen but compensates with a high resolution of 1440x900. At work I also have a 17" Dell desktop LCD with a native res of 1280x1024. I've been using this as an external second monitor for a full year now. Doing this is simple enough, just plug in the VGA cable into the laptop's VGA port, hit WinKey+X in Windows 7, choose connect display and select extended desktop.

Extending the desktop on two screens allows you to move application windows between the screens freely, so you could have say Firefox open and maximized on the external screen and Microsoft Word open and maximized on the laptop screen. The productivity gains from doing this are quite significant. Instead of having to Alt+Tab between applications you can just move your gaze from left to right. This doesn't sound like much, after-all hitting Alt+Tab only takes about half a second. Switching gaze however is far less intrusive on your though process and allows you to retain focus much better.

So if having two screens is good, three must be even better, right? Only problem with connecting a second external screen is that my laptop (and most laptops ever manufactured) only have one VGA port. Fortunately though, all is not lost. Here's where the Skymaster USB to VGA Adapter comes in, or more accurately USB to USVGA as it supports a maximum resolution of 1600x1200. The device is basically a small external video-card that connects to your PC via USB and has a VGA port attached to it (or DVI/HDMI via an additional bundled adapter).

I had my doubts as to how well this would work, especially after reading some old articles about similar products where the image was choppy and low res. I bought it anyway though, and glad I did! Setup was extremely easy. Just take it out of the box, throw the driver CD that comes with it in the bin, connect it to the laptop via the supplied USB cable, let Windows 7 automatically detect the device and download and install the needed drivers, connect the screen, hit WinKey+X again, choose to connect display, select extend desktop and you're done!

You may also want to right-click the desktop and go to screen resolution, then make sure the two external screens are both running at their native res, and also drag the screens to position them in the right positions relative to their real physical locations (Windows got this wrong by default (it's impossible for it to detect) and my mouse would move through the left edge of my laptop screen and appear on my right monitor).

Performance-wise, the USB to VGA adapter is good but not perfect. When moving the mouse pointer there's a slight microsecond lag at times, but it's barely noticeable. Otherwise image quality is as good as the other external screen, running at 1280x1024. YouTube videos seem to play without any noticeable lag, although I'm not sure how well a full screen DVD quality video or a game would play. Having said that though, my laptop has a 1.2GHz ULV CPU, so maybe this would work better on a more powerful machine (I notice more cursor lag when my laptop is busy doing other stuff so it's probably using some sort of software emulation).

As for productivity, it's the bees knees! I can put my Chrome browser on the left screen, my Netbeans PHP development environment on my laptop screen, and my Firefox browser pointing to my development site on the right screen. This way I can quickly Google some APIs and code snippets, copy-paste over to my development environment, hit Ctrl+S to save and look over to the right where I refresh my development page and see the effects immediately. Sweet!

Minimalistic Ubuntu Virtual Machine with VirtualBox on Win 7

I've been meaning to create a minimalistic Linux Virtual Machine that I can clone and adapt to particular needs for a while now and today I finally got around to doing it:

• Download VirtualBox from here (free for personal use).
• Download an Ubuntu Minimal CD Instal iso from here (I used 9.10 x32).
• Open VirtualBox and create a New virtual machine by following the prompts (I gave mine 384MB RAM and a 7GB dynamic disk (this is the MAX size)).
• Once the VM is created, click on settings and tweak whatever you like. Select to mount your Ubuntu ISO in the storage area.
• Start the VM and at the Ubuntu installer boot: prompt type cli and press enter.
• Follow the installer wizard selecting appropriate values (I selected to install on entire HD with no LVM).
• Once the installation is complete, unmount the ISO and restart the VM.
• Once at the Ubuntu terminal:
• >>sudo gedit /etc/apt/apt.conf
• ----ACQUIRE {http::proxy "http://username:password@proxy:port/"}
• >>sudo aptitude install xorg ---(the graphical core)
• >>sudo aptitude install xfce4 ---(minimalistic window manager)
• >>sudo aptitude install gdm ---(graphical login manager)
• >>startx ---(load the window manager)
• At this point you may want to shutdown the machine and create a clean snapshot.
• Fire the machine back up and install remaining packages you're interested in, e.g:
• >>sudo aptitude install firefox

The snapshots allow you to change between different states of the machine so you can have multiple Firefox versions in different snapshots that all branch from the clean install.

And for anyone thinking of using the Windows 7 Virtual PC VM instead, not such a good idea. I tried installing Ubuntu 9.10 minimal on my Win 7 Pro x64 laptop within Virtual PC. Installation completed successfully but after a restart I was greeted by segfaults. Turns out this is a very common problem that can be worked around by assigning more ram to the VM image, but even then you get no guarantees of things randomly failing.

Windows 7 Hard Disk Thrashing

I recently noticed my Windows 7 HTPC has been spending a lot of time doing 'something' with the hard drive, but I had no idea what. That is, the hard disk activity light would keep flickering constantly and you could hear the disk churning away. This also resulted in choppy Live TV playback as the HD needs to be used to record & play simultaneously.

I tried disabling Microsoft Security Essentials, turned off the disk defrag service and SuperFetch. Restarted several times for good measure as well but problem persisted. I then opened up the Resource Monitor and had a close look at the Disk tab. This shows a list of processes and their real-time hard disk read and write data rates.

Sorting by read speed I noticed many instances of wmpnetwk.exe. The disk activity pane showed that this program was opening up a lot of my mp3 music files. A quick Google search revealed that this is the Windows Media Player Network Sharing Service. This is used to stream music and videos to other devices in your house like an XBox or PS3, but I never explicitly turned this on and I don't use the functionality.

Disabling the service resulted in a significant reduction of HD activity. The two processes left that were reading and writing to the disk were ehrecvr.exe and ehshell.exe. ehrecvr is the Live TV component of Windows Media Center and ehshell provides core WMC functionality. If ehshell is creating too much excess activity, try restarting WMC or check to see if WMC is scanning for new libraries or trying to perform its optimization, etc.

If none of the above apply to you, just try to use the Resource Monitor to identify the processes and services that are hurting your HD. Identify what files they're accessing. Google to see what they do if not sure and shut them down if not needed.

rm - too many arguments

I was trying to delete about 55,000 files in an Ubuntu directory the other day. Something along the lines of:

rm -f *

This failed with a "too many arguments" error. The root-cause of this seems to be a little involved, but the simple one-line workaround is:

find ./ -name '*' -print0 | xargs -0 rm

Australia's Internet Filtering

Australian Labor Senator Stephen Conroy (Minister for Broadband, Communications and the Digital Economy and Deputy Leader of the Government in the Senate) is the champion of a new policy to implement ISP level internet filtering in Australia.

The way this works is the government will compile a list of URLs in secret that they think us Aussies should be shielded/protected from and will distribute this blacklist to all ISPs. ISPs will then be required by law to block access to any URLs on this hidden list.

A similar filtering system is used in other countries such as China, Cuba, North Korea, and Iran. If this policy gets approved, we'll soon be joining the ranks with the above. The government will get to control what we can and cannot access.

The publicized intention of the filter is to block people from highly malicious websites, but that's just the cover story to gain the parent vote and conservative older generations vote. Those that actually have a clue about how the internet works know that this is total rubbish. These things are all done underground via peer-to-peer applications and encrypted distribution networks. Blocking URLs will have no impact on truly malicious content. Instead, the government will be able to slowly start banning access to sites that they think make us unproductive, or are bad for our local economy, or bad for spreading radical views, etc.

China for example blocks (or have blocked) access to sites such as Youtube, FaceBook, Twitter, Google Web Albums, Google Docs, and pretty much any other social networking site. The Australian filter will obviously not start out by blocking these, but how far down the track do you think it'll take before we slowly get there? If people are willing to step back and accept this filter, the government will slowly push the boundaries further and further as it sees fit to further its own agenda.

If you think this is a bad idea, then you need to take action. See http://stephen-conroy.com/ for a list of email addresses you can contact to make yourself heard, or head on over to this Whirlpool thread for a very active discussion on the matter.

Google Nexus One Released

The highly hyped Google Nexus One phone has finally been revealed today and is now available for purchase directly from http://google.com/phone. That is, if you live in the US, UK, Hong Kong or Singapore. The rest of the world misses out for the time being as Google will not ship to other regions (although some imports are sure to trickle through).

Google has stated that they're looking to expand this to Verizon in the US (it's all about the US) and Vodafone in UK/Europe in the near future. No word as to other regions just yet, but it appears what Google is trying to do is enhance the public presence of Android and increase general public awareness.

That is, Google is offering to sell Android phones directly through their web-pages where customers can choose one of many Android models from different manufacturers and one of many different carriers available in their region, or outright unlocked. The Nexus One (HTC) will be just one of many. Likewise, T-Mobile, Verizon and Vodafone will be just the first of many carriers that will be directly linked.

It would also make sense if Google took this opportunity to ensure some sort of conformity for all phones sold through this distribution model. That is, all running the same version of Android with the same interface and receiving updates simultaneously. This consistency is much needed if the Android Market Place App Store equivalent is to have any chance of explosive growth. At present, it's impossible for developers to predict what Android version people are running, what hardware is available, how much memory, how much graphic processing power, screen resolution, size and ratio, keyboard or other input methods, etc.

As for the Nexus One itself, full specs are available here. Reviews so far are good but not great. There's nothing particularly revolutionary about the phone or software, just a marginal hardware upgrade over the Droid and Milestone. Other phones will be available in the coming months that match and surpass it's specs including the HTC Bravo and Sony Ericsson X10.

If you're lucky enough to be in one of the regions that it's available in then it's a good outright buy. But if you have no choice but to import via other channels, then it's probably best to wait a little longer to see how this new distribution model develops. Although, knowing a little about how Australian telecos work I wouldn't hold out for a carrier plan any time soon. Best us Aussies can hope for is that Google decides to ship the phones to us unlocked for full outright price.

Microsoft Office 2010 Free Beta

The Microsoft Office 2010 Professional FREE beta is now publicly available for everyone to download. Whilst trying to install this I got an error message stating that "An Office 2003 installation on your computer is corrupted and setup cannot continue. Remove or repair Office 2003 product and re-run setup." This was on my Windows 7 Pro x64 laptop.

I did indeed have Office 2003 installed but I had removed it via the control panel Add/Remove programs before running the downloaded Office 2010 beta. I then tried the Microsoft Office Removal Wizard utility which deleted a whole bunch of other files and assured me no Office 2003 remnants were left but the error persisted (be careful with this tool as it will delete everything in your c:/temp or any-other-drive/temp folder, Office related or not).

Turns out the cause was Visio 2003 which is also part of the Office lineup but is installed and removed as a separate product. After uninstalling Visio 2003 the Office 2010 installer worked like a charm, even though again Visio 2010 has to be downloaded and installed separately (the beta is available here).