CERT, a US Federal government agency tasked with cyber-security research, has issued an alert advising consumers to stop using various models of Netgear routers. These devices are subject to a trivially simple command injection exploit. Ars Technica has a nice overview of the matter.
Normally I’d have literally nothing to say about this, since it simply doesn’t impact us. Wanna know why it doesn’t impact us?
We don’t use a consumer router that runs closed source firmware. We don’t think that you should either. In fact, you probably shouldn’t let your friends and family use that junk either.
Perhaps this holiday season, and all of the travelling & visiting that goes along with it, presents an opportunity to help someone unsuspecting secure their home network.
Continue reading “Netgear Routers Hailed as Dangerous – Here are some alternatives worth considering”
It seems that Apple has pressed the world into abandoning one of the oldest standard connectors still in use, the 3.5mm mini-jack. Apple, Samsung and others are now offering mobile phones sans mini-jack, much to the delight of the Bluetooth Consortium and those who make adapter dongles.
I’m not going to waste any more ink, digital or otherwise, with respect to the logic of abandoning the ubiquitous little connector. Enough has been wasted on that already, and it changed no one’s mind.
That said, I am able to comment on the shoddy state of the 3.5mm jack in the past generation of mobile phones. The mini-jack on two of my last three my last mobile phones became defective. Both of those phones, a Nexus 4 and Nexus 5, were made by LG, so perhaps the problem is specific to them.
I have other devices that don’t seem to suffer this fault routinely. Of course, it’s also possible that I don’t used a wired headset as much with those devices. Still, over the years I can’t recall as many simple mechanical failures of the mini-jack as I’ve seen with recent mobile phones.
My suspicion is that the lowly mini-jack simply doesn’t get much respect. In the drive to pack more junk into ever thinner handsets, the elderly connector gets squeezed to the point where it’s mechanical integrity can’t be sustained. It’s not a complicated thing. I suspect it’s just gets ignored. Even under-engineered.
It’s a pity since there very reason that the mini-jack has survived this long is the fact that it can be both robust and cost effective. Not to mention that fact that there are millions of existing headsets that use the little devil.
If someone should decide to not include a mini-jack, I get that. I may not agree, but I understand the decision. To include a poor implementation is another matter entirely.
Until very recently I was seriously committed to Google’s Nexus line of devices. From the Galaxy Nexus onward, with just one exception, I carried a Nexus Series mobile phone.
I was so happy with the Galaxy Nexus, and Nexus 4 after it, that I jumped on the first generation of the Nexus 7 tablet in 2012. Similarly, my experience with that tablet was good enough that I bought the Nexus 7 2013 edition immediately upon it’s launch.
Later, when Google stopped offering them, I even bought a spare! I regret not purchasing the HSPA+ capable version when I saw it offered by Expansys at a discount.
Continue reading “Undecided: Replacing a Nexus 7 Tablet”
Over the years I’ve come to admire 802.3af standard power-over-Ethernet (aka P.O.E.), even for small- or home-office applications. What follows is an introduction to the topic, and some novel ideas about its use in possibly unexpected applications.
IEEE 802.3af Power-over-Ethernet is the industry standard approach to delivering DC power to network attached devices. Given a P.O.E.-capable switch, or a P.O.E. inserter, DC power is delivered over the same Ethernet connection that provides connectivity. Thus one wire is all that’s required to a distant device on the network.
Continue reading “SOHO Tech: Power-Over-Ethernet is Awesome!”
In many ways I’m not a fan of meta; social media about social media, conferences about conferences, blogs about blogging, etc. However, in an effort to stay in touch I do follow a few sites, including ProBlogger. Yesterday’s news dump included their post, "Should You Move Your Blogging Site to HTTPS?"
In general, I appreciate their recommendation that bloggers adopt HTTPS. Since the guest author is an SEO specialist, he presents the argument from an SEO perspective. He notes that very soon Google will warn Chrome users when they arrive at a site that isn’t secured.
While the author hints very generally at some of the mechanics of moving to HTTPS, he fails to mention Let’s Encrypt. That’s a pity since the project has been a godsend to many bloggers, myself included.
When Lightningbase, my glorious host, offered integration with Let’s Encrypt back in February I jumped on it immediately.
The setup process was blissfully simple. Just a few clicks in their admin portal initially, then use a search & replace plugin to bulk change the root of every link in the database. Voila! Done.
The certificate auto-renewed at the 90 day point. There’s been no looking back.
Uptake of Let’s Encrypt has been growing, with 16 million active certificates at present. It’s supported by a long list of hosting providers.
What I don’t understand is why ProBlogger removed a comment I left about Let’s Encrypt. I don’t really understand how a post encouraging people to use HTTPS could fail to mention the newest approach to easier implementation via a free, automated, and open certificate authority.
This is a bit of a trip though time. In my past life, involved with broadcast technology, I travelled extensively. One of my many trips involved an evening driving from Boston up to Burlington, Vermont with a sales associate. It was a nice ride in his Saab 900S, and my first experience with Saab.
As the afternoon wore into evening and we lost the light I came to appreciate a particular feature of the Saab dashboard. It had a “Blackout Mode.” With the press of one button all the dashboard and console lights went out. That is, everything but tips of the tachometer and speedometer.
With blackout mode engaged driving the dark, empty highway was a lot easier on the eyes. It was a nice feature. It spoke to a thoughtful design team.
Continue reading “Feature Idea: Blackout Mode in Consumer Electronics”