The saga of the mixed up email continues

In May 2015, I wrote about the risks of handing out your email address and making a mistake. (That post appeared on facebook at the time).

Well, it appears that the person handing out my gmail address isn’t just one person; we now have a second.

Someone handed out my email address and applied for life insurance. And the agent promptly emailed the entire application packet to me!

This time, it had a phone number so I called the guy. After explaining (what seemed like an eternity) that I had his application packet, I asked him what his email address was.

His answer “amrith something dot com”.

Oh boy!

Google-Funded Free Wi-Fi Kiosks Are Scrapping Web Browsing Because Too Many People Were Using it For Porn 

Google-Funded Free Wi-Fi Kiosks Are Scrapping Web Browsing Because Too Many People Were Using it For Porn 

Really? They can’t put simple Web filtering in place? This is lame.

https://tech.slashdot.org/story/16/09/14/1945241/google-funded-free-wi-fi-kiosks-are-scrapping-web-browsing-because-too-many-people-were-using-it-for-porn

Memory regained

When I resurrected this blog, I lamented the loss of history and old posts from the time when this blog was hypecycles.wordpress.com and pizzaandcode.com.

Well, thanks to the wonders of the internet (and help from my friend Daniel Senie) I was able to recover all of the old posts and add them back to this blog!

History going all the way back to sometime in 2009 is now back online.

VizEat, a startup that lets you dine in a local’s own home, gobbles up €3.8M 

Really? Uber for your kitchen? Will they be regulated like restaurants? 

VizEat, a startup that lets you dine in a local’s own home, gobbles up €3.8M funding https://techcrunch.com/2016/09/06/vizeat/amp/

SETI has observed a “strong” signal that may originate from a Sun-like star

SETI has observed a “strong” signal that may originate from a Sun-like star

http://bit.ly/2cBQRO1

Continue reading “SETI has observed a “strong” signal that may originate from a Sun-like star”

VMware says, “We’re not dead,” updates Fusion and Workstation for free

VMware says, “We’re not dead,” updates Fusion and Workstation for free

http://bit.ly/2ci6KG3

An old blog returns

See an update to the content of this post at https://hypecycles.com/2016/09/14/memory-regained/


This isn’t my ‘new’ blog.

This blog actually started in ~2009 (it was https://hypecycles.wordpress.com at that time). The page history on the “about” page indicates that it was about July 2009. For several years, it was quite active; through about 2012 when I moved it to a different hosting location and it was then called http://pizzaandcode.com.

Then, it went mostly dormant and about a year ago I shut it down. Unfortunately at that point, I didn’t bother to save the old posts and things so all of that is gone.

Untitled-1

I use a service from statcounter.com and that has enabled me to go back and look at some of this history. I enabled statcounter in ~October 2009 on hypecycles.wordpress.com and the graph below shows daily traffic to the sites over time (through today).

So, in a sense this is the rebirth of an old blog. With a new URL (http://hypecycles.com).

Why you really should be careful when you hand out your email address

About three years ago I received an email from the large Indian Cell phone provider AIRTEL with the subject “Your airtel Bill for airtel number: 0444*******”. Now, I don’t have an AIRTEL phone number, and I figured this was odd but it looked like a real bill. I still have the email, billing period 11/4 to 10/5/2012. And that was the start of my saga.

It said my airtel ebill was protected with a unique password and all that so I couldn’t do much so I ignored it.

But I called the number and spoke with some dude. His name is also Amrith. And I told him that he must have accidentally given Airtel my email address so would he please fix it. He muttered something and hung up.

Shortly thereafter I received email from ICICI with a life insurance policy for “BEENA P”. There was some link which took me to their online site and I’d have to login and register and stuff which I didn’t have any way of doing.

Over the past three years I have received numerous emails from Airtel asking for payment on the landline which I replied to and said I wasn’t the person. Later I replied and said they should cancel the telephone line. They sent me email saying they were sorry to see me go. I called Airtel support and told them what was up and the dweeb I spoke with couldn’t figure out what to do with me so they said they’d email the customer. And yes, I got that email.

Over the years, I have canceled the phone service numerous times, it gets reactivated. I have received numerous statements for Beena’s insurance policy but now they send encrypted PDF’s with a password. The password is the first four letters of Beena’s name (BEEN) presumably and the date of birth as DDMM. OK, I’m bored but not that bored and I didn’t have the patience to try the 366 possible combinations to figure out what the right one was so I ignored it.

And each time this dipshit gives ICICI and Airtel my email address.

Today I got an email from ICICI wishing Beena P a happy birthday!

Would someone who knows someone at ICICI who has a slightly non-trivial job title please put me in touch with that person?

Oh, the PDFs which are all sitting in my GMAIL (we all know google never deletes anything) contain a policy number and all you need to create an online profile with ICICI is a policy number and a date of birth.

Waste water in your water bottle

Texas Town Turns To Treated Sewage For Drinking Water

http://rss.slashdot.org/~r/Slashdot/slashdot/~3/sfkixCAeC7c/story01.htm

Not a very high bar …

“He said there have been few complaints so far. A glass of the finished product, sampled at a downtown restaurant, tasted about average for West Texas.”

Web Browsing, Cookies and Privacy!

What with things like HeartBleed, keyloggers and other exploits that are possible on your machine, web browsing is inherently risk prone. When you choose to do something like “Online Banking”, you just brought these risks very close to your money. So you had things like passwords to keep you safe.

So here’s where I think Banks are going stupid, or they are being advised by imbeciles.

My bank:

  • requires me to login with my account number
  • and provide a password, which they never require me to change
  • and if they find a cookie on my machine, they log me right in!
  • and if they don’t find a cookie, I must answer three questions correctly before being allowed to login.

They are changing this as follows:

  • requires me to login with my account number
  • and provide a password, which they never require me to change
  • and if they find a cookie on my machine, they log me right in!
  • and if they don’t, they will send me an email, an SMS or a phone call and give me a one time use passcode.

In the old way of doing things, I effectively had four passwords and someone would have to compromise all four before he or she could login. And my browser deleted all cookies on exit, and only retained cookies for the session. With the new mechanism, someone who wanted to hack my account only need access to one password and either my telephone or the password to my email account.

How, pray, is this more secure?

Say no to pay-to-pitch schemes!

The dust-up yesterday in the Lean-Startup-Circle-Boston mailing list about yet another pay-to-pitch scheme is pretty distressing to me personally. I think it is unfortunate that these schemes are actually allowed to continue because they prey on the entrepreneur. Kudos to all who voiced their objections to this spam, and thanks to Abby for putting a stop to it.

I believe that pay-to-pitch schemes are a shame, and I continue to be appalled by them.

Not long ago I was a rookie entrepreneur, all wet behind the ears and looking for my first investor to fund ParElastic. And one of these “pay-to-pitch” schemes found their way into my mailbox. Naive as I was I asked for more details. Here’s part of an email I got in October 2011,

Wanted to confirm you received my previous email with the details you requested regarding the opportunity to have ParElastic recognized as one of the Top Innovators presenting to our leading group of investors at The New England Venture Summit, as well as make sure you’re aware that the first round deadline to apply is this Wednesday, October 26th. (Final deadline is November 9th).

Let me know if you’d like to submit ParElastic for a Top Innovator slot and I’ll send you the summary outline to fill out for our review.

I have also included below, an updated list of VCs confirmed to speak (more to be announced shortly).

So I sent off for the summary outline and here’s a part of the email that I got in response.

Fee to present: $1,485 (there is no fee to apply)

The deadline for company submissions is November 9th, 2011.

OK, I never pitched at NEVS 2011. I think it is a shame for people to actually attempt to gouge an entrepreneur almost $1,500 for the opportunity to pitch a bunch of potential investors. (The gall of it, to say it is $1,485, no fee to apply). I heard also of an angel group near Boston that charged entrepreneurs to have the opportunity to pitch. I swore not to pitch to such folks and I did not have to (luckily).

Many have written about the scourge of pay-to-pitch. From the Foundry Group blog, an article by Jason Mendelson, from Sajad Ghanizada’s blog, from the Driven Forward blog, from Fred Wilson’s blog,

I know the feeling of desperation at wanting to get funded and I’m thankful that there are plenty of things that one should consider first.

  1. If you, as an entrepreneur spend any money on a pay-to-pitch scheme, that is money that you don’t have available for what really matters; building a product, identifying customers, and building revenue. If you have a product, you have customers and some revenue and you wish to treat this “fee” as a cost of doing business, that’s one thing. But if you are not yet at that point, don’t waste your money on pay-to-pitch schemes.
  2. The value of an introduction to a potential investor is only as good as the person from whom the introduction comes. Build your network and get introduced to potential investors through your own network.
  3. There are many organizations in the Boston area (and the same can be said in most tech communities) that can help you much more than a pay-to-pitch scheme can. A list of some that I know of are provided below. If you know of others, please post a comment.
  4. There are any number of entrepreneur focused events in the Boston area each week, find one in a topic area that is best suited for your own interests and attend a couple. You’ll find not only a lot of fellow entrepreneurs but also many opportunities to grow your own network and meet potential investors and customers. They are also a great place to hire people to join your new enterprise.

Organizations that may be able to help you!

I’m proud to be associated with organizations like TiE Boston and in particular the TiE Challenge initiative.

Local groups like MassTLC organize an unConference (the next one is November 1st) and there are tons of opportunities for mentoring and networking. Yes, I realize that the unConference is not free but if you are a 1-3 person start-up, a $180 entry fee that gives you a one year membership to MassTLC is a whole lot more reasonable than a $1,500 entry fee for a single chance to pitch.

I have not (personally) been part of the many incubators in the Boston area but my company was for over a year a resident of Dogpatch Labs in Cambridge. Techstars  used to be in the same location as well.

There are many business plan contests in the Boston area. They are a great opportunity to pitch and all of the ones that I know of have been free. If you went to one of the many fine educational institutions in the Boston area, check whether your school has one of these. Maybe there’s a “venture forum” that is part of your business school?

I was incredibly fortunate to have been introduced to Foley Hoag LLP and I know that they have helped me and many first-time entrepreneurs in the Boston area.

My experience

My own experience has been that in the Boston area there are many very successful entrepreneurs who are willing and able to help, and they do this in many ways. And most of them participate in mentoring and angel investing as a way to give back to the community.

There are many benefits to building your own network and connecting with people through that network. Yes, I agree that it is frustrating and hard for many of us introverted engineer types to actually go out there and hang out with other people and try and make connections. And the pay-to-pitch schemes prey on this frustration and desperation.

There are many things should be much higher on your list of things to pursue, before you go fritter away good money on a pay-to-pitch scheme.

 

Say no to pay-to-pitch!

Normal
0

false
false
false

EN-US
X-NONE
HI

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:””;
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:8.0pt;
mso-para-margin-left:0in;
line-height:107%;
mso-pagination:widow-orphan;
font-size:11.0pt;
mso-bidi-font-size:10.0pt;
font-family:”Calibri”,”sans-serif”;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;}

Is this the end of NoSQL?

If it is, you read it here first!

I posted this article on my other (work related) blog.

I think the future for NoSQL isn’t as bright as a lot of pundits would have you believe. Yes, Yes, I know that MongoDB got a $1.2 billion valuation. Some other things to keep in mind.
  1. In the heyday of OODBMS, XML DB, and OLAP/MDX, there was similar hype about those technologies.
  2. Today, more and more NoSQL vendors are trying to build “SQL’isms” into their products. I often hear of people who want a product that has the scalability of NoSQL with transactions and a standard query language. Yes, we have that; it is called a horizontally scalable RDBMS!

Technologies come and technologies go but the underlying trends are worth understanding.

And the trends don’t favor NoSQL.

Ingesting data at over 1,000,000 rows/second with MySQL in Amazon’s cloud!

I just posted this article on my other (work related) blog.

http://www.parelastic.com/blog/ingesting-over-1000000-rows-second-mysql-aws-cloud

Just to be clear, this was with standard MySQL, InnoDB, and with machines in Amazon’s cloud (AWS).

The data was inserted using standard SQL INSERT statements and can be queried immediately using SQL as well. All standard database stuff, no NoSQL tomfoolery going on.

This kind of high ingest rate has long been considered to be out of the reach of traditional databases; not at all true.

AWS REST API in C

It turns out that not a lot of people attempt to program against the AWS REST API in C. I discovered this the hard way when I needed to do it.

You’d have thought that there would be some libraries for it; turns out that this isn’t the case.

libs3 is one but it isn’t particularly general purpose. And S3 turns out to be surprisingly unlike EC2 and other services. Also, Amazon’s own documentation is surprisingly bad.

So if you end up here because you want to interact with AWS in C, the tips below may help you.


I used libcurl; I’m sure you could do the same thing some other way …

The trick is in computing the signature of the request.

Assume that you want to execute the DescribeInstances API call.

You need to construct a signing request which must basically include an unambiguous representation of the API request. Since you may have many parameters to the API request, you must sort the parameters into alphabetical order first.

1. Construct the timestamp this way:

 411     static char * __aws_api_get_timestamp (char * buffer, int sz)
 412     {
 413         time_t t = time(NULL);
 414         struct tm * gmttime = gmtime (&t);
 415
 416         strftime (buffer, sz, "%FT%H:%M:%SZ", gmttime);
 417         return buffer;
 418    }

2. Every signing request must have 5 AUTHPARAMS; the documentation talks about 4 but there are 5 …

Version: This is the API Version. I've used 2013-08-15
SignatureVersion: I use 2
SignatureMethod: I use HmacSHA256
Timestamp: As computed above.
AWSAccessKeyId: Your AWS Access Key

While it isn’t an AUTHPARAM, you also need the Action in a signing request. That is the API name.

3. Construct the signing request.

The signing request takes the following format.

%sn%sn%sn%s

where the four strings are (in order)

(a) The submission method (POST or GET)

(b) The endpoint

(c) The path

(d) The request URL.

So, for my DescribeInstances request, the signing request is.

POSTnec2.amazonaws.comn/nAWSAccessKeyId=AKIVP30P3L0A5NKGTIQ&Action=DescribeInstances&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2013-10-13T20%3A55%3A06Z&Version=2013-08-15

Note that the method is POST.

The end point is ec2.amazonaws.com

The path is “/”

The request with the sorted attributes starts with my AWSAccessKeyId (no, that’s not my access key …) the Action which is DescribeInstances, and the other AUTHPARAMS.

Note that the string was escaped the way a URL would be escaped; you can see that in the timestamp.

You can now compute the signature for this; I used HMAC. Once you compute the signature for the request, you base64 encode the signature.

4. Construct the Request URL

This is nothing more than the request URL in the signing request with the base64 encoded signature tacked on. Of course, there’s no requirement that in the API parameters in the final request URL be alphabetically sorted.


That’s all there is to it!

Samsung Galaxy Note 8″ now $299 at Staples

I’m not sure whether this is a mistake or not but Staples stores are selling the Samsung Galaxy Note 8″ for $299.

The Web site still has the $359 price but stores are willing to honor the price for an online order.

I just got Best Buy to match the price 😉

Experts say facebook while driving more dangerous than DUI!

From an article in the Connecticut Post, see complete article here.

Really, we need a study by experts to tell us this?

In addition to the new law in Massachusetts, here are some other tough laws about distracted driving.

New Jersey: the “Kulesh, Kubert and Bolis Law,” after three distracted-driving victims.

The bill allows prosecutors to charge drivers who kill or injure someone with vehicular cellphone or assault by auto. It makes driving while illegally using the phone “reckless” instead of “careless” driving, a necessary change to allow for vehicular homicide, a felony, to be charged.

Utah:

Utah law treats driving while intoxicated with a .08 blood-alcohol level and driving while using a handheld cellphone the same.

Penalties can be as harsh as 15 years in prison.

 

Personal VPN How-To: PPTP

I’ve been annoyed by the fact that public internet providers are slipstreaming content, and also that accessing public internet access points is a potential security risk. I refer, for example to this earlier post on my blog. For some time now I have been muttering about a personal VPN and some months ago I setup one for myself. It has worked well and over the past several months I have occasionally tweaked it a bit to make it more useful. Others may have a similar interest so here is a simple how-to that will give you an inexpensive personal VPN.

Basics

There is a wealth of information about VPN’s and PPTP on the web. I refer you to the Wikipedia articles in particular, this one on the subject of VPN’s and this one on the subject of PPTP. A good article about another kind of VPN called OpenVPN is found here. For my purposes, I have found PPTP to be satisfactory and have resisted the urge to upgrade to OpenVPN.

Platform choice

I implemented my VPN solution two ways. The first was using my home Ubuntu machine as the VPN server. The second was using an instance in the Amazon EC2 cloud. I will describe below the mechanism for implementing a VPN in the EC2 cloud and provide a small addendum on how you could do this with a server at home.

Cost

Price per hour of t1.micro (click on picture for larger image)

If you run the VPN the way I suggest, on a micro instance in Amazon’s EC2 cloud, the cost is very low. I run my instances as spot priced instances and invariably a t1.micro at spot price is less than a penny an hour.

Here is the price graph for some months, I’ve carefully cut the data for the last couple of days off because the power outages in the Amazon us-east AZ caused the price to jump to a dollar and that makes the graph less attractive 😉 Seriously, that is an aberration, my VPN server is setup with a price cap of $0.02 per hour and it died when then price shot up. I restarted it manually at the standard price when that happened.

In addition, depending on how much data you send over the VPN, you will also be assessed a charge for data transfer. I have found that to be minimal. Since I run my VPN on my personal Amazon account (we also use EC2 for work), I get the benefit of the Free tier for the first year and the VPN hasn’t exceeded the free tier usage at any time.

Of course, if you run the VPN on a server in your house, you don’t have to worry about these costs; all you have to ensure is that you can reach the VPN server from any place. More about that later.

The How-To

Step 1: Launch EC2 instance to customize VPN AMI

I launched an EC2 instance based on the stock 12.04 LTS AMI provided by Amazon. A t1.micro instance is more than sufficient for this purpose. If you are using some other cloud provider or are planning to do this on a machine at home, get yourself access to a machine that has some recent flavor of Ubuntu or Linux and to which you have root access.

If you are doing this in Amazon, you must first setup the security group for this instance, before you launch the instance. Skip forward to step 6 in this how-to and setup a security group as described there and launch your EC2 instance using that security group.

Step 2: Install and configure the VPN Software

sudo apt-get update
sudo apt-get install pptpd

The configuration itself is quite straightforward.

First you need to identify the range of IP addresses that will be used by your VPN. This includes the IP address that your VPN Gateway will use, and the IP addresses for the hosts that connect to the VPN Gateway. For a variety of reasons, I chose to set my VPN Gateway at 10.40.1.1 and the IP Addresses it gave out at 10.40.1.20-10.40.1.50. This setting is in/etc/pptpd.conf, edit using your favorite text editor, remember you must be root to do this.

localip 10.40.1.1
remoteip 10.40.1.20-50

Your PPTP Server will hand out IP Addresses and DNS settings to clients. It is a good idea to set DNS Server settings in the PPTP Server so that clients can do name resolution. This is done in /etc/ppp/pptpd-options, edit using your favorite text editor, remember you must be root to do this.

ms-dns 8.8.8.8
ms-dns 8.8.4.4
ms-dns 172.16.0.23

I chose to specify above that the PPTP Server should hand out the addresses of the Google public DNS Servers and the Amazon public DNS Server. You can use any servers you want.

Finally, configure the PPTP Server with login credentials. You can setup as many users as you want on the PPTP Server, I chose to setup three. For simplicity, let me call them user01, user02 and user03. I use a random password generation script to make up the passwords, something similar to the one described here.

User name and password are stored in the file /etc/ppp/chap-secrets. Edit it with a text editor and add lines line these into it, one per user that you wish to setup.

USERNAME pptpd PASSWORD *

So, I added the following three lines:

user01 pptpd osvCylQX *
user02 pptpd TIRUssa3 *
user03 pptpd nJ6ljIBf *

Using this handy little script

#!/bin/bash
echo "user01 pptpd osvCylQX *" | sudo tee -a /etc/ppp/chap-secrets
echo "user02 pptpd TIRUssa3 *" | sudo tee -a /etc/ppp/chap-secrets
echo "user03 pptpd nJ6ljIBf *" | sudo tee -a /etc/ppp/chap-secrets

At this point, your PPTP Server is mostly ready to go. Just a couple of more things to take care of.

Step 3: Enable IP Forwarding and NAT

IP Forwarding is not enabled by default on Ubuntu. You can do that by editing /etc/sysctl.conf and then updating the system. Uncomment this line in /etc/sysctl.conf:

net.ipv4.ip_forward=1

and update system configuration

sudo sysctl -p

Update /etc/rc.local and add the following two lines to make NAT work properly. Update the interface name to suit; I used eth0, you may have to use something else.

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

Step 4: Making your server accessible remotely.

If you are using a server in the cloud, or if you are using a home machine, there is a chance that it’s public IP address will change from time to time. For example, your server in EC2 may be restarted, your home ISP may reassign your IP Address etc., I use a Dynamic DNS system to make my servers always accessible. Personally, I have had good luck with the DDNS service provided by Dyn. Even if you choose to use their free trial to begin with, if you use your VPN at all, you will have no problem spending the $20 per year for this very good service.

sudo aptitude install ddclient

Most of the configuration you need will be done during the installation but just to be sure, go and look at the file /etc/ddclient.conf.

You can use the handy-dandy configurator at Dyn to get the right incantations.

My /etc/ddclient.conf file has the following in it.

## ddclient configuration file
daemon=3600
# check every 3600 seconds
syslog=yes
# log update msgs to syslog
mail-failure=<my email address> # Mail failed updates to user
pid=/var/run/ddclient.pid
# record PID in file.
## Detect IP with our CheckIP server
use=web, web=checkip.dyndns.com/, web-skip='IP Address'
## DynDNS username and password here
login=<dyn user name>
password='<dyn password>'
## Default options
protocol=dyndns2
server=members.dyndns.org
## Dynamic DNS hosts
<HOST NAME>

Step 5: Restart the PPTP server

This is the final step to get the things all up and running.

sudo service pptpd restart

And you should be up and running!

Step 6:Setting up your firewall for remote access.

Irrespective of whether you are using an Amazon EC2 instance of a machine in your own house, you will likely need to tweak your firewall to make things work correctly. Amazon calls the firewall a security group, configure it to allow incoming connections on TCP Ports 1723 (and 22 for SSH). I also open ICMP so I can ping it to make sure it is responsive. On Amazon I also tend to leave all ports open for loopback.

ICMP ALL 0.0.0.0/0
TCP 22 (SSH) 0.0.0.0/0
TCP 0-65535 (this security group)
TCP 1723 (PPTP) 0.0.0.0/0
UDP 0-65536 (this security group)

Note regarding in-home setup: You can ignore the last two for your in-home configuration. Depending on the router of network access device you have, you may have to setup port forwarding rules. See the documentation for your router/access point for details.

Testing

First, attempt to ping your server from a client machine. Shown here from my Windows PC.

C:Usersamrith>ping hostname.dyndns.org

Pinging hostname.dyndns.org [107.22.65.185] with 32 bytes of data:
Reply from 107.22.65.185: bytes=32 time=23ms TTL=46
Reply from 107.22.65.185: bytes=32 time=23ms TTL=46

Ping statistics for 107.22.65.185:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 23ms, Maximum = 23ms, Average = 23ms
Control-C
^C
C:Usersamrith>

As you can see, my Dynamic DNS entry has worked and the name resolution is working correctly.

Then attempt to connect to the VPN. On Windows and Android this is relatively straightforward.I had a little trouble with Ubuntu. My Ubuntu machine is running 10.04 LTS, note that machines running versions of Ubuntu prior to 10.04 require additional configuration before you can make PPTP work properly.

Note for Ubuntu Users:

You may find that your VPN works properly from Windows and Android (for example) but it doesn’t work on Ubuntu. This is what happened for me.

You need to perform one additional configuration step on Ubuntu clients and that is to add a line into the chap-secrets file.

Here is what I have in my /etc/ppp/chap-secrets file on one of my Ubuntu client machines.

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
user01 pptpd osvCylQX *

It is basically the same line as you used in step 2 above.

With this line, connection from Ubuntu was effortless.

Finalizing your configuration

The setup above will come up automatically when the machine is restarted, it will automatically register with Dynamic DNS and should work well for you. For users of Amazon EC2, one final step remains.

Step 7: Make an image of your VPN Server

Use either the GUI or the ec2- CLI and make yourself an AMI. Then you can setup a script that will launch a persistent spot request for a t1.micro server using that AMI.

Once you make an AMI, shutdown the VPN server you created above and launch your AMI, I use this script.

#!/bin/bash

ec2-request-spot-instances -t t1.micro ami-<id goes here> --price 0.02 --instance-count 1 -r persistent -k my-ec2-keypair -g vpn-security-group

As you can see, I launch a t1.micro instance and am willing to pay no more than 0.02 (2 cents) per hour and I want this request to be persistent. It has worked well for me.

Common problems

1. Some sites don’t work, others do.

I used to have this problem and tracked it down to an issue with packet sizing. You should not have this problem if you correctly followed step 3 above. The two commands for iptables (the second in particular) was something I added to fix this problem.

2. Problems connecting from Ubuntu.

I used to have this problem and the “Note for Ubuntu Users” in the Testing section was the response. If you are using Ubuntu prior to 10.04, you will need to follow the additional instructions here. It would be much easier if you upgraded 😉

3. After rebooting my VPN, I cannot access it OR

4. From time to time I am unable to access my VPN.

The first thing to do is to make sure that you are able to ping your VPN server. If you configured your firewall the way I proposed above, you should be able to do this. Use the same name that you are providing to your VPN connection. If you are unable to ping the server, you know to start looking outside your VPN server, if you are able to ping your VPN server, attempt to SSH to it and make sure you are able to connect to it. This latter step is important because you want to make sure that you are in-fact pingingyour VPN server, not one that happens to be responding to the name you provided.

If you are able to SSH to the VPN server but not connect to it using a VPN client, it is time to start looking at the log files from the VPN server (/var/log/syslog) and troubleshooting your configuration.

I’ve generally found that if the initial AMI you setup works well, it is easiest to just restart the VPN server and go from there.

Laptop vs Mobile (from Fred Wilson’s blog)

http://feedproxy.google.com/~r/AVc/~3/v2vGh2MaFdA/laptop-vs-mobile.html

Interesting post. Now that I’m traveling more, I do face this dilemma.

The tablet (I’m using to post this) doesn’t cut it as a travel device. Not does the droid x2, nor my netbook. But since the option is straining my back and lugging a laptop along, I am making do with a netbook when I travel.

A universal dock in hotel rooms would be great. Better voice transcription would make devices better, even this tablet!

if this then that (@ifttt)

Great service called “if this then that” (ifttt). Allows you to create tasks based on specific triggers from one of about forty channels.

I’m thrilled that ‘starring an item’ in Google Reader is a channel.

When a trigger occurs, you can have ifttt generate a specified action.

I have one …

When I post this article, it will be automatically tweeted … Very cool, check them out!

My blog is all f’ed up

My blog has been all f’ed up for some time now, and I didn’t realize it. I’ve been reading stuff and tagging it on my tablet and in the past that used to make it pop up in an RSS feed that was displayed on my blog as ‘breadcrumbs’. But, somewhere along the way, all that fell apart.

  • Maybe it was because something changed in the way the bit.ly links were shared.
  • Maybe it was because the the ‘unofficial’ bit.ly client that I was using didn’t really work and therefore nothing made it to bit.ly and therefore to the RSS feed.
  • And Gimmebar did one thing, and they did it well. But they didn’t do the next thing they promised (an android app).

So, from about November 2011 when Google went and wrecked Google Reader by eliminating the ‘share this’ functionality till today, all the stuff I’ve read and thought I shared is gone …

Time to use twitter as the sharing system. That seems to work. I don’t like it, but it will have to do for now.

Do one thing, and do it awesomely … Gimmebar!

From time to time you see a company come along that offers a simple product or service, and when they launch it just works.

The last time (that I can recall) when this happened was when I first used Dropbox. Download this little app and you got a 2GB drive in the cloud. And it worked on my Windows PC, on my Ubuntu PC, on my Android phone.

It just worked!

That was a while ago. And since then I’ve installed tons of software (and uninstalled 99% of it because it just didn’t work).

Last week I found Gimmebar.

There was no software to install, I just created an account on their web page. And it just worked!

What is Gimmebar? They consider themselves the 5th greatest invention of all time and they call themselves “a data steward”. I don’t know what that means. They also don’t tell you what the other 4 inventions are.

Here is how I would describe Gimmebar.

Gimmebar is a web saving/sharing tool that allows you to save things that you find interesting on the web in a nicely organised personal library in the cloud, and share some of that content with others if you so desire. They have something about saving stuff to your Dropbox account but I haven’t figured all of that out yet.

It has a bookmarklet for your browser, click it and things just get bookmarked and saved into your account.

But, it just worked!

I made a couple of collections, made one of them public and one of them shared.

If you share a collection it automatically gets a URL.

And that URL automatically supports an RSS Feed!

And they also backup your tweets, (I don’t give a crap about that).

So, what’s missing?

  • Some way to import all your stuff (from Google Reader)
  • An Android application (more generally, mobile application for platform of choice …)
  • The default ‘view’ on the collections includes previews; I will have enough crap before long where the preview will be a drag. How about a way to get just a list?
  • Saving a bookmark is right now at least a three click process; once you visit the site, click the bookmarklet and you get a little banner on the bottom of the screen, you click there to indicate whether you want the page to go to your private or public area, then you click the collection you want to store it in. This is functional but not easy to use.

I had one interaction with their support (little feedback tab on their page). Very quick to respond and they answered my question immediately.

On the whole, this feels like my first experience with Dropbox. Give it a shot, I think you’ll like it.

Why? Because Gimmebar set out to do one thing and they did it awesomely. It just worked!

Google went and broke Google Reader!

A very nice feature of Google Reader (my RSS reader of choice) was that there was a simple button at the bottom of each article called “Share”, and the current URL would be added to a list of shared articles and an RSS feed could be created of that list!

The breadcrumbs feature on my web page relied on that; as I read things, if I wanted to make them show up in breadcrumbs, all I did was to hit the Share button. If I visited some random URL and wanted to share that, I used the “Note in Reader” bookmarklet. All very good. Till Google went and broke it.

Now all I get is this:

This sucks!

Others seem to have noticed this as well. A collection of related news:

Trick or treat the google reader changes are coming tonight

Save the Google Reader petition

Upcoming changes

 

All you ever wanted to know about the CAP Theorem but were scared to ask!

I just posted a longish blog post (six parts actually) about the CAP Theorem at the ParElastic blog.

http://www.parelastic.com/database-architectures/an-analysis-of-the-cap-theorem/

-amrith