Month: August 2013

Broken Nike FuelBand

The wife recently bought a Nike FuelBand which she was loving. However in about 4-5 weeks of regular usage, the strap on it broke and the links which hold it together fell apart. The device itself is working, but it cannot be worn now as it won’t lock making it quite useless.  😥

I was quite surprised as this is supposed to last more than this given both what it is meant to do and the cost of the device as well. Now this is an expensive paperweight.

Here are a few photos. This is what it looks like now, and cannot be locked, making it useless:

WP_20130824_005

This is how it was when it broke and fell apart – we tried to rescue and pick up everything we could, but it seems there is a very small spring inside which is lost. This spring is crucial for the ‘lock’ and which acts as a rocker. Without this spring, this is useless.

DSC02506

This is I was trying to figure it out how to put it together and when I figured the small metal part (silver in colour) needs a spring which rocks it up and down. When one locks and unlocks this that spring is what is acting and allowing you to open and close this.

 

 

DSC02508

This is how the broken piece looks like after I put it together, everything looks OK, except it won’t lock.

DSC02505

I am not very happy with this situation right now – if this was a year after using the Nike FuelBand, perhaps I could still understand but 4 odd weeks of usage and this breaking is not acceptable.

I don’t have much hope in Nike, as where I am currently living, this is not sold and I am sure they would try and squeal out of trying to replace this or fix this.

Advice from NSA on how to protect your data from NSA

No, there is no typo in the Subject, this advice is from NSA and should be good if you want to secure your data from NSA. The Register had this excellent write up on Guardian could have protected Snowden. I also like what The Register say:

Use an old-fashioned air gap. Be paranoid

You also could Steganography, using something like SteganPEG, but that is more obscurity, rather than security. The advice from The Register is sound and essentially is good if you are interested in protecting sensitive data. There are essentially four steps parts to this.

  1. Encryption – whilst it might seem hard to the non-geeky (I think we need to find a name similar to ‘Muggles’ – some reference for non-techy folks – of course in a good and constructive manner), it is not very hard. You should use something like GnuGP and create a asymmetric key pair (i.e. a pair of public and private keys). I would recommend you use a RSA based key pair which is 4K bits in length, using a SHA2 512 as the hash function. You should also consider the expiry date for this no more than a year, which will prevent some old keys lying around and being recycled or compromises.
  2. Use Clean Machines – You don’t know what is lying around on that OS and machine – could be some keyloggers for example. It is best to start with a brand new machine, which you re-install. You could either use the Security Enhanced Linux distro, or a harderned version of Windows or something else; NSA has a handy guide. You should also look to use something like BitLocker or TrueCrpyt and use that on a VM which you have built from scratch and is running on that clean machine.
  3. Moving the Data Securely – I think, this is the most difficult thing to do. The only way you can come close enough to do this is using Tor and a hidden service. Of course all the entry and exit points to Tor would be monitored and cannot be trusted. If you don’t know much of Tor, you can read up this guide.
  4. Using a Hidden Service – Use your clean machine only to interact with the absolute minimum to download data and then ensure it always remains disconnected from any network.

I also think the amount of data and information that Google and Facebook has one someone is scary. I like how The Registered ended their article with the quote from one of the UK government security staff:

You would not believe the hoops we have to jump through to access an email, all the legal paperwork that needs completing, when Google has everyone on file and no one blinks an eye

Securing you DokuWiki

After my WHS died and I moved to a Synology DS413 and using that as a ‘home server’ and have been extremely happy with it! The only thing I miss is backing up the Windows machines automatically (as WHS did), but overall I think this is better, flexible and more powerful compared to WHS.

I needed to look for a new wiki software. I recently moved from ScrewTurn Wiki (which was great BTW, but then is a dead project now) to DokuWiki which is perfect for my needs. I run two wiki’s at home and has much of our day-to-day things we as a family need. There are some sections of the Wiki, which are sensitive and I don’t want anyone one the network getting to it. I wanted to authenticate the user and once they login only then get to that.

As it turns out, securing your DokuWiki is quite simple. If you are interested in a similar setup then here is what you need to do:

  1. Disable the registration option on Configuration settings. Some details on this can be found here.
  2. Update the ACL (more of that here), there is a user group called ‘ALL’; set the permision for this group to “None”.
  3. For the user group “User”, change the permisions to Edit.

Securing DocuWiki

This will ensure only logged in (and of course authenticated users) can read and edit and a anonymous user cannot see anything.

The only catch in this is that you need to manually maintain the users (e.g. add new users); my userbase is very small at home, so this is not a challenge at all.

Automated Code Reviews with Visual Studio?

I have been thinking of doing some code ‘smelliness’ test, and am keen to automate code reviews (as much as possible).

I am interested to know what tools have you guys used? I want to use the tools to find the low hanging fruits and know off the 80% of things and then we manually look at the more interesting aspects, which the tools don’t (or can’t) pick up.

Ideally, I would like this as an add-in to Visual Studio, which can run as part of a build and depending on how one configures it, can get to a gated check-in and/or work-items being created in TFS which then can be assigned and tracked.

What I am thinking is to complement the likes of FxCop, the built-in Visual Studio tools. There was TeamReview which I had looked at some point in the past, but we never got it running successfully. I have not had a chance to see it since then.

Someone has also attempted some of this via this, but it does not seem to go anywhere.

Surely, there someone has already build this which we can look into?

10 things extraordinary bosses give employees

Got a really good read from Jerome, fellow Avanade colleague – ten extraordinary things bosses give their employees. Not surprisingly, good bosses care about getting important things done. And exceptional bosses care about their people.

  1.  Autonomy and independence
  2. Clear expectation
  3. Meaningful objectives
  4. The true sense of purpose
  5. Opportunities to provide significant input
  6. A real sense of connection
  7. Reliable consistency
  8. Private criticism
  9. Public praise
  10. The chance for meaningful future

More details here.

LeapMotion SEHException

If for some reason when you try and run your code and you get a PINVOKE exception (like the one below), then most likely you don’t have the LeapMotion binaries in your Debug (or Release) folders.

System.TypeInitializationException was unhandled
HResult=-2146233036
Message=The type initializer for 'Leap.LeapPINVOKE' threw an exception.
Source=LeapCSharp.NET4.0
TypeName=Leap.LeapPINVOKE
StackTrace:
at Leap.LeapPINVOKE.new_Listener()
at Leap.Listener..ctor()
at HelloLeap.MyListener..ctor()
at HelloLeap.Program.Main(String[] args) in c:\Users\amit.bahree\Documents\Visual Studio 2013\Projects\HelloLeap\HelloLeap\Program.cs:line 14
at System.AppDomain._nExecuteAssembly(RuntimeAssembly assembly, String[] args)
at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()
InnerException: System.TypeInitializationException
HResult=-2146233036
Message=The type initializer for 'SWIGExceptionHelper' threw an exception.
Source=LeapCSharp.NET4.0
TypeName=SWIGExceptionHelper
StackTrace:
at Leap.LeapPINVOKE.SWIGExceptionHelper..ctor()
at Leap.LeapPINVOKE..cctor()
InnerException: System.DllNotFoundException
HResult=-2146233052
Message=Unable to load DLL 'LeapCSharp': The specified module could not be found. (Exception from HRESULT: 0x8007007E)
Source=LeapCSharp.NET4.0
TypeName=""
StackTrace:
at Leap.LeapPINVOKE.SWIGExceptionHelper.SWIGRegisterExceptionCallbacks_Leap(ExceptionDelegate applicationDelegate, ExceptionDelegate arithmeticDelegate, ExceptionDelegate divideByZeroDelegate, ExceptionDelegate indexOutOfRangeDelegate, ExceptionDelegate invalidCastDelegate, ExceptionDelegate invalidOperationDelegate, ExceptionDelegate ioDelegate, ExceptionDelegate nullReferenceDelegate, ExceptionDelegate outOfMemoryDelegate, ExceptionDelegate overflowDelegate, ExceptionDelegate systemExceptionDelegate)
at Leap.LeapPINVOKE.SWIGExceptionHelper..cctor()

On the other hand if you get a SEHException from LeapMotion (something like the one below) then the issue is either you don’t have the right version of the assemblies (e.g. you are compiling a x64 version, but have the x32 binaries, or vice-versa).

System.Runtime.InteropServices.SEHException occurred
HResult=-2147467259
Message=External component has thrown an exception.
Source=Your.Some.Assembly
ErrorCode=-2147467259
StackTrace:
at Leap.LeapPINVOKE.Controller_EnableGesture__SWIG_1(HandleRef jarg1, Int32 jarg2)
at Somewhere.In.Your.Code bin
at Some.Assembly in d:\Data\src\SomeCode\YourFile.cs:line 23
InnerException:

The solution is simple in both cases to copy the binaries (which can be found in LeapSDK\lib) to the Debug and Release folders.

WordPress 3.6 and IE10

I don’t know what WordPress thinks of IE 10 (running on Win 8), but when I upgraded to WordPress v3.6, and I login to the Dashboard, it does not like IE running in compatibility mode and shows me the following. It would think I am still running IE 6! Also whilst I don’t get this with the compatibility mode switched off, everything does not work correctly and one has to use either Firefox or Chrome.

Wordpress 3.6 and IE10

Adding an user in Ubuntu – Why is it so difficult?

I installed the latest version of Ubuntu (13.04, Raring Tail) on a machine at home to check it out (it was running CentOS 6.4 before that). Setting it up was quite simple, but I am not sure if I like the too simple UI. I don’t want an uber-geek only-shell mode, but the CentOS I thought was the right balance.

Anyways, when I first added a new user, there was no way I could set a password which was very weird – not a permanent or temporary one! And there is no way one can then login. I don’t think this is user error, but then if it is a bug, it seems like a big one!

So I had to deleted the user and then added them back (via the shell sudo adduser user-name-you-want command) and then set the password. If you want to change the password, you can also use passwd user-name-you-want in a shell).

But the most irritating part of this was adding the new user to have root access. It took me a little time to figure out. But in the end it turns our the root (or su) group is called “sudo” and it is part of this group that the new user needs to be in if they need root access.

To modify an existing user, you use the following command in the shell sudo usermod -g sudo user-name-you-want where of course sudo is the group name.

Now, we got there in the end, but why does it have to be so painful like pulling teeth! If this is supposed to be easy for the average user, surely they are missing a trick.

Sleeves and LeapMotion

I have seen this a few times now so I know it is not a one off, but it seems that the sleeves of my shirt seem to throw off the Leap Motion sensor and it detects it as another hand – and ends up showing three hands.

I thought it was my watch which might be causing some issue, but that was not it. It goes away when I am wearing a t-shirt, but the tracking is quite off when wearing a full sleeve shirt.

I have been meaning to record a video, but not had a chance to do it yet. I was wondering, has anyone else also seen something similar?

%d bloggers like this: