Sunday, May 4, 2014

Happy May the 4th!

For all of you Star Wars geeks, happy May the 4th! (get it?)

Tuesday, April 22, 2014

Home Network Perimeter Security (or what can I do besides that old WiFi router?)

Home networks - gotta love them.  Where would we be without WiFI?  Can't even fathom this!  Just like anything else, we need our networks some TLC, including security.

Your home router fulfills a bunch of tasks, including assigning IP addresses to your local devices (that's called having a DHCP server), managing WiFi connections, and firewalling which really interests us today.  A firewall is the part that keeps (or tries to) keep the bad stuff on the Internet and outside your network and there are plenty of choices out there, let's review them from weakest to strongest.

  1. Old WiFi router from the "heydays": we all had one of those, generation 1-type devices.  Think of the trusty Linksys WRT54G, old D-Links and such.  Their firewall technology is known as "NAT" or Network Address translation.  NAT is primarily used to map traffic from your network to the internet so little Robert's iPad's traffic requests from YouTube are redirected to him and not to his sister's laptop, which is essential but from a security perspective, ouch, and I'll spare you the details.

    Consumer wisdom: ditch these old routers now, plus WiFi encryption on these may be limited to WEP or WPA (not WPA2), so your neighbors can decide to look into your network, not fun.  WEP & WPA are fairly easy to hack these days.
  2. Newer WiFi routers are much better as they're all equipped with "stateful" firewalls, where a whole lot more checks are done to validate if the traffic is desirable or not.  Make sure anything you buy is with a "stateful" firewall.  On the plus they're not more expensive :)
  3. Hacker firmware on routers is something that's being done and been there for a number of years now.  It all started with the Linksys WRT54G and open-source components (Linux stuff) which transformed into mature, stable and more feature-rich firmwares than the manufacturers'.  Even so that some WiFi router manufacturers now bundle some of these open-source alternatives as a default, the most common is DD-WRT.

    With DD-WRT you can take that $50 router of yours and turn it into a $150+ device from a feature perspective with multiple SSIDs, guest networks, VPN servers, PBX and soooo much more that the common user might just get lost in the process.  So here is my warning, if you can't format a USB key, stay away.  If you feel adventurous and are willing to read/post in forums and consult guide, give it a whirl.  I've used DD-WRT for years until recently when I upgraded my WiFi router but made sure that the new unit supports it.
  4. Recycled PC firewalls is what I use these days.  I had this AMD X2 350 with 6GB ram gathering dust which I converted to a full-featured firewall with a 2nd network card (you need 1 for your ISP, 1 for your network).  This is by far the most powerful security approach when you choose a firewall package which is complete & frequently updated such as Endian, Untangle, Smoothwall and Sophos Home UTM (which I adopted - free commercial-grade product, features & updates, can't beat that!).

    If you wish to go down that road, make sure you do your homework prior and you need to re-think your network to some extent because your wireless router is no longer the customs agent at the door.  You need to disable the DHCP server in your router to maintain WiFi otherwise the DHCP server in the firewall will compete with it and your network will just not work. 
Regardless of what you choose, make sure you check on a monthly basis for updates, nothing like leaving security holes wide open & unpatched to attract problems.  It's not like you have mission-critical information on your network but you still want to avoid problems.

A few parting items:
  • Look at your options based on your geekhood, emerging geeks should stick to commercial products or face the wrath of the spouse (been there)
  • If you have an old router, recycling is a good option, don't leave it in your network & don't trash it
  • For some old routers, check out DD-WRT, you might breathe some life into your gear for $0
'hope this helps, post comments for questions!

Thursday, April 10, 2014

Prog Thursday: The World is a Game by Mystery

This is *yet* another band I started listening to because of them playing on an online radio station, probably www.morow.com.   Without these stations, I'd be lost!

Now to the subject at hand: Mystery.  This is  a band from not too far from here, in the greater Montreal area and their lead signer is Benoit David (yes, the guy who took over from Jon Anderson from Yes from 2008 to 2012).

What caught my attention was the way the band sounds, smart.  Some prog band try too hard, but these guys have a great sound and as soon as I could I pre-ordered the latest album The World is a Game.  I'd say this is for fans of Pendragon and Marillion, it's just good.  So good I got the other album One Among the Living as well.   Here is a sample & one of the best tracks on the album:



Highly recommend you give this band a chance, you can buy it here.

Friday, April 4, 2014

Managing parental controls in a multi-platform household

Everyday parents out there have their kids go on the Internet with an assortment of devices found in the household and the traditional method of filtering are no longer efficient as they want to be installed locally on the device.

So how to you control the content your kids access through their iPhone / iPod / iPad / Android / Blackberry / Windows Mobile / PS3 / PS4 / XBox 360 / XBox One / Wii / Wii U / Smart TV / laptop / desktop / etc?

You filter centrally at the Internet access source: the router/firewall.  All the devices regardless of what they are need to go through that choke point, so let's capitalize.

Home-based routers come with some basic blocking tools for the most part, but since it implies you manually add sites one-by-one (augh), consider it pretty much useless.

How let's look at something much stronger, effective & free: OpenDNS.  This service is based on DNS entries (or the Internet equivalent of the white pages which translates domain names like google.com to an IP address like 74.125.226.99).  You need to open an account and you can use their parental controls, free, if you are a home user.  They even have a service named Family Shield (again free) designed to block adult web sites.  They also have a paid option for those who want support.  You need to replace your ISP's DNS entries in your router with the OpenDNS ones (easy trust me) and they have guides for most brands.

Once you set this up you need to log on their web site to configure your preferences (what you want to block, blocking message, etc.) and you're off to the races.  You also need their DNS updater software running on a PC/Mac which is "always on" as your ISP must give you a dynamic IP address (it changes on a regular basis) and OpenDNS identifies you with that IP address.  You get this software here.


I've recently moved from OpenDNS for other reasons than their ability to deliver, really geeky but that's for another day.  In my setup at home I don't use a WiFi router to manage my ISP but a commercial-grade firewall (Sophos UTM Home Edition) which includes content filtering.  I think it's decent and does the job but since this firewall is free for home use, it does not let me customize the blocking messages but no matter, we're only 4 in this household.  This method with Sophos is not for the faint of heart home user with issues installing a printer shall we say, it requires some basic networking knowledge.  But if you're willing to give this a spin you'll find it rewarding.  You need a PC with 2 network cards that will be dedicated to the role of firewall exclusively (unless you go with the VM, but that's another discussion!).

So what's the best method?  Education, talk to your kids.  Stuff found on the Internet is not always kids-friendly and you have to teach them that part before deploying stuff.  Then you geek out and install something.

'hope this was useful - leave comments if you have questions and/or suggestions!

Tuesday, March 25, 2014

Gandalf on Prog Rock

Too funny!

Die winter, die, and BBQ to the rescue

I think we've all pretty much have had it with winter this year.  Apparently 1 more week of cold weather and things should look up (where have I heard that one before?).  To do my part to bring back spring, I've been grilling on the deck with the winter unit as long as it's bearable outside.  Yesterday I grilled simple but tasty swordfish steaks on the winter unit, and the white stuff is not photo-shopped it is actual snow.  Everybody in the house is happy about this grilling rebellion of mine and it's easy to understand why.  Now have to plan dinner for tonight, bbq of course.



Thursday, March 20, 2014

LinkedIn Trick To Get Full Names

LinkedIn is an amazing tool but sometimes annoying when you're researching specific individuals, especially on your 3rd level.  To motivate you to upgrade your account, LinkedIn only gives you the 1st letter of the person's last name.

Here is how you get around that:

  • Copy the name as shown with the 1st letter of the last name (example: "John C."
  • Google this string: "John C. <company name> LinkedIn"
  • Results will include last name
Enjoy!

Prog Thursday: Van Der Graaf Generator's Godbluff

Going "retro underground" with one of my favorite albums of all time: Van Der Graaf Generator's Godbluff.   VdGG is not the easiest band to listen to, and they never hit the mainstream at their peak in the mid-70's, never hitting the spotlight of some of their peers (Yes comes to mind).

This is a guitar-drums-bass-keyboards-saxophone outfit, where you'd expect some jazzy stuff but no, not there, and this is part of the magic.  VdGG has a very intense sound and when I picked up the album "World Record" (follow-up to Godbluff) the guy at the CD store told me he would not charge me the rental if I did not like it.  In the late '80s & early '90s I could rent CDs.

Why VdGG?  I asked the store owner to take make me listen to something out of the beaten path and he made me a fan.  I own all the albums on vinyl (it was cheap when I was a student!) and most on CD.

Now this is my favorite but not all will like.  One of my brother's friends says returning his copy of the CD: "Thanks for wasting 37 minutes of my life.".  That says a lot.  Now your call try it with the 1st track of the album:

Leave comments if you like/dislike!

Where to buy:




Wednesday, March 19, 2014

Feeling handy with the dishwasher

Last Saturday morning I open the dishwasher to empty it from the overnight cleaning cycle and  found this abnormal amount of water at the bottom, so I decided to force a "cancel" and drain the unit.  Same amount of water afterwards.  Oooo problems problems problems, and I'm not the handiest handyman in the world.

After Googling for a while I followed some tips to unclog the unit but to no avail, the problem persisted.  So I decided to reach the parts I could not check out but after removing some easy parts it was obvious that I could not reach the parts I needed to clean, YouTube to the rescue!  Here is the clip I used to disassemble (not kidding) the whole unit:
You gotta love the intertubes for lending a hand, so I cleaned everything and found nothing which created obstruction for the water flow..  Enough of this, called a tech to take a look at it.  After poking at it for 5 minutes he spotted the red part which was misbehaving:
It was not moving, after years of use some dirt & such prevented normal usage.  What a relief, did not want to change a dishwasher which working fine and most importantly wash dishes by hand.  Problem solved.  Learned the inner mechanics of a dishwasher in the process so on a grand scale was worth it :)

Wednesday, March 12, 2014

Chocolate with bacon

No kidding, saw that yesterday at my local butcher's shop, so had to buy one to try it out.  We love chocolate in this house, in fact we buy no other desert (no cookies, store-bought pies/cakes except on special occasions).

Verdict: dark chocolate with salt is much better but this had an interesting smoky flavor.  But did not taste like bacon as you'd expect.  Worth a try though.  And it inspired my youngest to make this with Phoster:

Tuesday, March 11, 2014

Synology V5.0

Today Synology released version 5 of their OS for their NAS products.  I've been happily using a 212J for 2+ years now and I think this update is worthwhile beyond the cosmetic changes for one reason: Cloud Sync.

This new optional add-on lets you sync your public cloud folders with your NAS (Dropbox, Google Drive, Baidu but no Microsoft OneDrive - formerly Skydrive) in a few clicks (I use Google Drive - that was easy).  Will also let you fetch from the cloud if you delete locally or replicate the delete.  Really like it.

Other new things include the Quick Connect feature which intends to let you access your stuff from anywhere, Apple file performance has been enhanced and much more.  If you have a Synology NAS this upgrade seems worth it.

Wednesday, March 5, 2014

Little league wisdom

My son plays ice hockey and been doing so since the age of 5.  Loves it and it is a great place for kids to make friends, understand team concepts, leadership and that it takes to win.  Also good for parents, awesome place to network.

The dark side of little league sports is, well, ahem, people watching kids play.  Seriously folks, the odds of making pro are loto-jackpot level so buy a 6/49 ticket, and yes the referees do make mistake because they're humans (stupid humans!).

Next time you go see little league soccer, baseball hockey or whatever please keep it civil.  Here is a great sign in the arenas found around Chicago:

Tuesday, March 4, 2014

Computing: Less is More

When people I know ask me to look at theirs PCs, I try to focus that less is more.  So many PCs are stuck with crapware, spyware, toolbars no one wants and such.

Well today I ate some of my own medecine.  I took to Twitter, as I'm not as knowledgeable as I'd like and started exploring for Chrome add-ons to help me with the influx of information.  After installing a few, and a few others as well (while you're at it add this & that!), my desktop (i3 / 8Gb / ssd / discrete graphics) turned into a turtle.  AAAAARRRRRGGGHHHHHH!!!!!!!  Nothing worse than molasses.  After turning everything off, my CPU usage is no longer 98%.

Morale to the story, less is more.  Now I'll go back to my dog food.

Friday, February 28, 2014

Prog Thursday: Jolly

Who?  Jolly?  Never heard of them?  Neither did I not so long ago, now I'm a Jelly (that's how Jolly nicknames their fans).  Only 3 albums under their belt and already on the 2014 Prognation at Sea cruise should tell you something.

For the sake of labeling Jolly, think of them as "alt-prog-metal".  Or as I like say: think of Tool but happy, as weird as this may sound.

Caught these guys live a few months ago opening for Scale the Summit and The Reign of Kindo (me no likey but my buddy bought their CDs - they more jazz-prog).  Franly, they stole the show in my book, so the next thing I did was to check out their material online, listened to The Audio Guide to Happiness Vols 1 & 2 then went to iTunes to have my own copies of these fantastic albums.

You don't need to start with Vol 1 but it does not hurt.  Vol 2 is their best one yet, and it's amazing.  Designed with bi-neural tones (yeah had to look it up too) and this is supposed to make you happy.  Don't know if it works but the music is great so that makes me happy by definition.

If you like your prog creative & loud, this is worth your time.  Here is a playlist for  listening
pleasure:



Where to buy


Sunday, February 23, 2014

Windows 8.1 Spring Update coming

Good news - Microsoft will release a new update this spring which is supposed to bring back our much-missed Start Menu.  Finally, Microsoft listens to users, their original move to go for a revolution instead of evolution has hampered their adoption rate of Windows 8 therefore revenues.  I appreciate the place where they're at, no longer king of the mountain, and that should force them to innovate.

Alternately, I've been using Pokki as a replacement.  Does the job for now.  Looking forward to the spring update.  Curious to see what's going to happen with the new CEO as well.

GGGOOOLLLLDDDD

In the only Olympic contest which really matters (hey I'm Canadian) we won Gold!!!  No surprise but lots of nail-biting, and a few interesting facts in these hockey Olympics:

  • Canada won (yes that's interesting)
  • USA, Russia have no medals.  In many people's opinion, USA empty-handed was not supposed to happen, indeed a surprise. 
  • Latvia beats the Swiss team then loses 2-1 to Canada - and only 2-1.  What an amazing performance by this goalie.
  • Carey Price played over 150 minutes without letting one go in the net.  Locally you have 2 types of folks, those who love having Carey in the nets and those who claim we should have kept Halak a few years ago.  Guess the team made the right choice.

Thursday, February 20, 2014

Prog Thursday: Anathema's Weather System

Once in a while listening to online radio stations your head turns around, looking at the screen/app/speakers and you end up asking ""hatwhazzat?" - and Anathema's Weather System album hit the target right in the middle for this reaction.

To be fair I only own their last two studio albums (Weather Systems is the latest, We're here because we're here is the predecessor) so I have not been following them for a while (say like Riverside) so I'm a new fan, and am I ever happy to be one.

Anathema's sound to me is a mix of concepts, textures, melodies and beautiful arrangements, and for the majority (if not all) the album feels like a well put together piece of music where all the songs end up making a greater whole (think of The Beatles together Vs separately if you will).  Each following song takes off where the previous left, which is hard to accomplish the right way.

If you're into Porcupine Tree or Gazpacho, give it a whirl, it will prove to be quite satisfying.  Here is a YouTube clip of the whole album so you can kick the tires and wonder where this band has been all your life:


Where to buy:

Wednesday, February 19, 2014

Fix your home router - and I mean now.

Beyond your PC(s), what is the most insecure item in your home network?  Printer?  Naaah.  iOS device like your iPad?  Naaaah.  Android device?  Tempting but naaaaaah.  Wireless router which acts as your network security for Internet connectivity?  You betcha.

It hit the wire this week that Polish hackers used compromised home routers to stage man-in-the-middle attacks on banks, and I'm not surprised.  In laymens' terms, when you log onto your bank's web site, you let hackers in.  This article outlines the details, some geekspeak included but not too bad.

The real thing here for home users is how do I protect myself?  Here are a few avenues and really folks, it's not that hard.

  1. Update your home router's firmware regularly.  Either check monthly for firmware updates on your vendor's web site or subscribe to their newsletters if they offer some.  Vendors will plug holes for your devices, it falls on you to apply the fixes.  This is by far the easiest way &  does not cost a dime, just schedule it in your smartphone and you should be all set.
  2. If your level of geekhood is up to it, or if you want to take a chance, try an alternative firmware for your router.  What-is-that-thing-you-just-said?  Well for years now communities of hackers (the types who tinker with stuff, not the bad evil ones) have built firmware releases for consumer devices based on Linux.  The most famous/popular one is DD-WRT and if you're willing to follow the steps, the process is fairly easy to go from your stock firmware to the DD-WRT one.  You get a more robust level of security, additional feature and you know what - it's free.   Warning - you can brick your device.
  3. If you have an old PC (say a 1Ghz & up with 512Mb ram, 2 network cards & a small hard drive) you can build your own firewall, but on steroids.  Many flavors exist (Endian, Sophos UTM Home Edition, Smoothwall, Untangle & many others) and what I use is the Sophos one, bear in mind the ones I listed are all good choices.  If you have issues with running Windows 7/8 on a PC stay away from this but if you have the desire to know more, give these packages a whirl.

    Do you have network-based intrusion detection/prevention on your home network?  I do.  I don't have critical data but better safe than sorry.  For WiFi in the house I use a Netgear 3500L with DD-WRT (turn off the DHCP server on the router if you wan to do this otherwise you've got 2 competing).
Netgear & Linksys were the two identified brands, but don't rest easy if you use another brand.  The same problem will happen sooner or later I guess to others.

'hope this helps more than confuses, but if you have questions drop a comment below.

Stay safe!

Tuesday, February 18, 2014

BBQ section updated

For everybody's eating pleasure, I updated the BBQ section on the blog.  Feel free to head over, snoop & leave comments/questions.  We're still buried under snow but it does not matter, grilling is for all seasons!


Monday, February 17, 2014

Free shareware anyone?

Like everybody I like good free software (thinking of 7-Zip, GIMP, VLC & others) and once in a while you need a tool for a specific job like data recovery and end up in the world of shareware.  Problem is trial versions - not that they expire but they're crippled.  I hate that, I want to give a full kick to the tires before I buy.

Bu sheer luck I landed on Shareware On Sale and found a few tools which are worth it.  Subscribe to the daily newsletter and you'll be kept up to date of their new free (or almost free) offerings.  Even saw stuff from Cyberlink there, but not all is good, keep your eyes open & some will have adwarew.  Worth a peek at least and some Mac stuff shows up as well.  Enjoy!

Friday, February 14, 2014

Awesome ads

Being a bit of an ad junkie, saw this posted on Facebook and thought it was worth re-sharing.  In my book the Superbowl is there to enjoy ads, because setting up 2 mins for a 5 seconds play is just too looooooong. :)

Enjoy!


Thursday, February 13, 2014

Quick chicken fajitas

Here is a quick way to marinate chicken for fajitas:

  • Cut chicken breasts into layers
  • Mix in a bowl the chicken with eyeballed quantities:
    • Lemon juice
    • Olive oil
    • Roughly chopped garlic
    • Paprika
    • Salt
    • Pepper
    • Ground cumin
    • Ground Mexican chilies
  • Let it sit in the fridge 2 to 24 hours, the longer the better.
  • Stir-fry in a bit of olive oil, serve with the usual suspects
Kids love it last night, will repeat.  No rocket science involved to make a good family dinner.  Not the most sophisticated but appreciated.

Prog Thursday: Eloy's Ocean

Never heard of Eloy?  Don't feel so ashamed, most have not if they're born outside of Germany after 1975.  I heard of this band by sheer luck having beers in a bar talking to a friend of a friend, and what a great discovery that proved to be, since I now own the majority of their albums.

Eloy feels like a cross between say Genesis (concepts, melodies), Deep Purple (keyboards).  The top album in IMHO is Ocean from 1977.   Simply put: the rise & fall of Atlantis in 4 tracks totaling 44 minutes.  If you like the classic progressive rock era (Pink Floyd, Genesis, Yes, King Crimson, ELP, etc.), the "spacey" kind, you will find this album rewarding and something you will go back to.

Below is the YouTube clip of the whole album, give it a whirl.  Next albums I'd recommend in order: Dawn, Silent Cries & Mighty Echoes, Power & The Passion, Colors.

Where to buy:


Personal note: I always buy my music because musicians need to eat too.  Especially true where I listen to a lot of band which never make it to the mainstream, supporting them is quite important otherwise they'll just quit.  And frankly that's theft anyway, regardless if it's from an evil faceless corporation :)


Wednesday, February 12, 2014

LinkedIn tips for job seekers

My buddy Alex (and we actually met through LinkedIn) has published a free document to get the most out of LinkedIn when you are looking for a new job.

It's full of good stuff if your profile is on the "light" side.  If you don't advertise yourself, they can't find you.  And recruiters are all on LinkedIn.  Simple, no?

Grab your free copy by clicking here.

Stupid Cooking Trick

Last night was making an Indian beef-coconut stew which involved some green chilies.  Of course I did the most stupid thing in the world after cutting the said chilies, I rubbed my left eye with one of my hands.

Holy hot peppers Batman!

Never, I mean, never do this.  It hurts like you stick a stack of needles in your eyes.  No wonder crowd control forces use cayenne pepper sprays.

So I yelled out to my oldest to come over & Google me'up a fix to this issue and came up with this.  Pretty simple and calmed the pain down after a few minutes.  Remember the eye-rinsing faucets in chemistry labs?  I could have used one last night.

Tuesday, February 11, 2014

XMBC Media Center

In the living room the media center used to be a PS3 but in the last six months or so the DLNA client has just gone buggy and its hard to play a whole album without it stopping for no reason.

So I decided to make my own media center.

Bravery or folly? Not so much, a bit of Googling and tinkering brought me a very usable result. My U/I of choice is XBMC, if your have not taken it for a ride it's very cool & simple to use.  I did not want to put a full-blown PC by the TV, something more discreet was preferred and since its a media player, did not want to blow a fortune (you can get a brand-name device for $50+).

So I went the way of the Raspberry PI, a "system-on-a-chip" board with 10/100 networking, 2x USB & most importantly an HDMI port.  And it goes for $25.  Complement that with a SDHC 8GB card, electricals & a case from these guys along with their IR receiver (for the Logitech Harmony of course).

I tinkered for a while as there are 3 Linux distributions made for the RPi with XBMC and settled on OpenELEC, for speed & compatibility with the IR receiver.  Once set up I added NFS support to my NAS (Synology 212J) so access is as fast as possible, configured it and voila, a media center for the living room which outpaces most of the commercial ones.  The only think missing (for now I hope) is Netflix support.

Love it for all the features (including the weather but you could look outside), the flexibility & the overall look.  Performance is as good as any commercial product I've tried so far (limited to only a few brands).  Plus a bunch of add-ons are available (my wife is very happy that I put the Songza one), and supports Airplay (which I found choppy) so for now no AppleTV (can't stream directly the content of my NAS for music & movies as far as I know).

There is a new version coming of XBMC (13 codename Gotham), I'll get a new SDHC card to try it out so I won't mess up what I've got working.

Try it for fun on Windows, Linux or MacOS (even Android), time well spent.  Here is a sample pic of  the main U/I:

Hello, world, again

Over the years I've put blogs on & off online, and why not, I'm at it again.  Here is what I have in mind for this one:

  • Share home IT/tech stuff (always fun)
  • Share food stuff (we all gotta eat, let's make it fun!)
  • Share parenting / family information (always useful)
  • The occasional funny item (we all gotta laugh!)
  • Music suggestions (folks who know me will not be surprised)
Please subscribe, read & comment!

Thanks!
JP