November 2012 Archives

Now with 100% more Dogs!

|

When life gives you the Cone of Shame, damned-well better make use of it.

via Pleated-Jeans via gifbin.com

⚡ vs Ω

|

Like other bloggers, I like the style of linkblogging which John Gruber has perfected with DaringFireball.net. While we don’t see eye-to-eye regarding politics, he’s insightful when it come to Apple and tech. Unfortunately, I got tired of the politics’ slipping into what was a tech blog, so I stopped reading it. (Me? I mix tech and politics and religion and everything else. With that kind of variety, chances are I’ll offend one or two of my 18 readers thereby losing 10% of my readership every week.)

When John wrote a long piece, he used a star in the title to denote that it was all-original material and not just a link with commentary. Shawn Blanc of ShawnBlanc.net—and presumably others—have adopted this style as well. So have I.

For a while, I’d been using the ⚡ lightning bolt, but when I watched Downfall last night, I realized it was just too close to the Nazi’s lightning bolts. Even though the bolts are ostensibly used for high-voltage danger signs everywhere, and even though I’m an electrical engineer, I thought I should change to something else. (Hitler ruined not only the lightning bolts but the cookie duster mustache as well.)

So I chose the Greek capital omega, Ω. It’s the symbol used in a play on words for the unit of electrical resistance, the Ohm. (I’ve always been somewhat resistant to things—especially the current federal administration.) And it’s also the last letter of the Greek alphabet, a symbol which Christians use (along with the alpha) to represent Christ (see Rev. 1:8). Electrical engineer and Christian that I am, it seemed like a good symbol for my long-form pieces.

Unfortunately, it doesn’t have quite the visual impact of DaringFireball’s star or ShawnBlanc’s plus. But I like it.

When we last left our intrepid hero, he had just replaced the digitizer on his new-to-him iPad 2 with a brand-new digitizer, but had managed to make a mess of the display and somehow killed the sleep button. In this part of the story, our hero has ordered a replacement power button/mute switch/volume button flex assembly from somebody on eBay (iParts2, to be specific) and a batch of new adhesive bits to stick the display back on once the flex assembly was replaced.

At this point in the story, our hero drops out of speaking in the third person because it sounds so much like Facebook of a few years ago and because it’s a little too impersonal, even for me.

The only problem with the non-Apple part I ordered is that it doesn’t come with all of the same adhesive strips that the real Apple part would have. It does have the ones which are most important, though, and that’s what mattered. The buttons’ locator pegs were a bit iffy, but the buttons stayed where they are supposed to, and the part was less than three measly bucks, so I won’t complain.

Installation was pretty straightforward, if a bit nerve-wracking. This job is not for the faint of heart since you have to remove a PCB assembly from the depths of the iPad. That PCB has to come out in order to remove some tape and free the flex connector. You also have to remove the rear camera and other bits for a total of about a dozen screws. Keeping your kids and pets away from your neatly-ordered screws and parts is a good idea. iFixit has a wonderfully-clever magnetic mat which they sell just to hold the itty-bitty parts. Better yet, they’re including it for free with their big set of tools for Black Friday weekend, so go get it now while you can. (Mom? Dad? Christmas is coming soon.)

The instructions for replacing this flex assembly can be found here at iFixit. All I can add to the instructions is for you to take a picture of the way in which the cable runs around the top corner of the iPad. The closeups of the corner don’t show that routing well enough and I sorta’ made up the routing on my own. Here’s hoping that it works.

And if the plastic clip shown in Step 3 (“no mover” sic) should come out, don’t panic. Getting it back in isn’t too difficult. To get it back into place, use a small spudger to hold the button horizontal while you hold the bail with a pair of needle-nose pliers. What you’re trying to accomplish is to push the button away from the bail and hold the bail back with the pliers as you guide the assembly into its hole. Video would help here, but I’m not gonna’ take that thing apart again…

The repair of the cable was a total success. Until the very end, that is, when I was pressing the digitizer back onto the iPad and cracked it.

Sigh…

New digitizer is on the way, and I’ve learned just about all the lessons involved in doing a digitizer transplant. I hope I don’t find anything else to teach you, and I’ll be sure to update you on how the (hopefully) final repair goes.

Charles Kenny in Bloomberg Businessweek:

But what makes the experience of air travel truly abominable is the government agency ostensibly designed to ease anxieties about getting on planes: the Transportation Security Administration. Far from making travel safer, the U.S.’s approach to airport security is putting the lives of even more people at risk.

Where have I heard that before? Oh… right. Here. As in, here on this blog::

I’d have to venture a guess that even if we let people bring anything onboard an airplane, air travel would still be safer than the drive from home to the airport. 43,443 people were killed in 2005 while driving their cars. That’s over 200 Boeing 737’s full of people.

Six years ago.

I have long wondered about Israel’s claim to Gaza. This article summarizes the argument of John Piper wherein he makes a claim that Israel is not entitled to Gaza—at least, not right now anyway. To me, a non-scholar, it’s well-argued and Biblical. His final point:

Finally, this inheritance [of the Promised Land] of Christ’s people will happen at the Second Coming of Christ to establish his kingdom, not before; and till then, we Christians must not take up arms to claim our inheritance; but rather lay down our lives to share our inheritance with as many as we can.

If you don’t read the full text of Piper’s sermon, at least read the summary at The Gospel Coalition.

The Background

Our family shares an iMac and an iTunes library using one family user account. We use this account to sync all of our iDevices with music, apps and photos. Members of the family have individual accounts, and none of these accounts has access to the shared iTunes library, and that’s the way we want it.

I wanted each user to be able to access and edit the Aperture 3 library so that we each could drop E-mailed pictures into it (directly from Mail), edit pictures and share photos via E-mail (directly from Aperture). The “obvious” (but incomplete) solution is to move the family’s Aperture library from our shared account to the /Users/Shared folder and hold down option while launching Aperture to point to the Aperture library in the Shared folder.

Aperture gripes about the relocated library because the library has the file permissions (owner, etc.) of the shared account, and each user can’t do anything to it. Solutions tried by others include using Finder to add permissions for each user (via Get Info), changing group permissions (also via Get Info), and various command line incantations, none of which purport to be 100% successful, and none of which worked for me. The only solution which works, according to a long search of the Intarwebs, is to attach a second drive (or create a partition) and tell the Mac OS to ignore permissions on that drive. Without a second drive and without enough room to create a large enough partition, this option was out for me. Only in one place did I find somebody who claimed to have performed some command line fu which did the equivalent of ignoring permissions.

But that was enough for me to venture down into the depths of ACLs (Access Control Lists) to make this work.

The Warnings

Note that although I have tested the solution on my own Mac, I do not guarantee that it will work for you. You should… no, that’s not strong enough. You must backup your Aperture library before trying any of these instructions.

Even though the result of these instructions should be a shared Aperture library, only one user may access the library at a time, and Aperture 3 will gripe if more than one user tries to access it simultaneously.

Finally, if any of this makes you uncomfortable and you are uncomfortable with the steps below, don’t try them and just live with an unshared library. Hopefully, Apple will do something about library sharing in the future, and you probably can deal with the inconvenience until then.

The Solution

Step 1: Close Aperture.

Step 2: Move the shared Aperture library to the /Users/Shared folder, as you might expect. Any of the users can provide the source library as far as I am aware.

Step 3: Open Terminal and change directories to /Users/Shared.

Step 4: Execute the following command line fu for each user who is to share the Aperture library.

sudo chmod -R +a "user:username* allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit" Aperture\ Library.aplibrary

substituting the appropriate short username in for username above, and of course it’s all one line. (Spaces are not allowed in the ACL either, by the way.)

Step 5: Test the installation by opening the library (hold down option when you start Aperture to select the newly-shared library) in each user’s account. I tested the installation by adding a photo from each user’s account, making sure all other users could see and edit the photo, and ensuring that all other users could see the resulting changes.

Step 6: Put an alias to the shared library into each user’s Pictures folder so that iTunes will know where to look for the shared library. iTunes seems to be able to follow the alias nicely.

That worked for me and, as the saying goes, your mileage may vary, so please let me know if you have anything to add or encounter problems. Please don’t hesitate to contact me using the contact E-mail address buried over there under “Who is this Bill guy, anyway?”

It was going well until the very, very end.

I had almost (yes, almost) successfully replaced my new-to-me iPad 2’s not-so-badly-cracked digitizer, a.k.a. “touchscreen.” I learned a few things along the way, which I present here for you to use at your own risk:

  • It is damned-near impossible to remove the first iPad 2 screen you ever remove without breaking something. What you are doing, after all, is removing a tightly-glued thin piece of glass from the remainder of the iPad by bending the rest of the iPad away from the glass to get it started. The best way to do this is to use a flat but very stiff (putty knife stiff) plastic tool about 1/2" wide. Heat the glue as directed elsewhere and then place the edge of the tool just inside the plastic rim around the screen. Push straight down hard and you’ll bend the aluminum away from the display glass just a smidgen—just enough to rotate the tool into the gap you opened up. Once you do that, follow instructions elsewhere to remove the display in one piece. Mine did not come off in one piece.

  • This tool might be ideal.

  • Use a shop towel to work on. They’re soft enough, but cheap enough to throw away because you’re never going to get all of those sticky little glass shards off it. Work for a while until you gum up one, throw it away, get another, and continue. You won’t scratch the back of your iPad this way.

  • Apparently, it’s really, really easy to damage the power button cable. My power button (sleep button?) doesn’t work now. That’s where the “almost” above comes from.

  • You’ll get dust in between the glass and the LCD. I did the job as perfectly as I could and I still had dust in the way. The solution is to use canned air (or whatever they’re passing off as air these days) and to leave a bit of the digitizer lifted before sealing it up. Stick the straw into the corner of the display and simply blow the dust into the far edge of the digitizer. If you think about it ahead of time, you can probably dust things off before assembly.

It was in the process of dusting the display from the inside as I mention above that I messed things up. Instead of keeping the can upright, I turned it upside down accidentally. Did you know that what’s in the can is not air, that it’s actually liquid? Yeah, I knew that too, and the resulting mess inside my iPad proved it to me. Now I have a huge smudge caused by the liquid—plus condensation! w00t!—in between the LCD and the digitizer.

To fix this problem, I’ve ordered new adhesive and a new power cable. I figure that the slightly less-than-optimal adhesion, plus my newly-found digitizer removal skillz may mean I won’t have to order a new digitizer. Worst case, I order another digitizer, which I can afford to do about (hmmm… borrow… carry the one…) six more times before I would have been better off taking the thing to Apple.

I’ll report back…

I shut off Facebook and Twitter for the foreseeable future. It didn’t take long after the elections for most of the political rhetoric on Facebook an Twitter to settle down, but the Office Christmas Party Protocol continues to face formidable opposition from the most stalwart supporters of one party or another.

Given that I have been in a funk about the changing nature of this country and its citizens recently, I decided I’d had enough. Certainly, I’d broken the OCPP, too, adding to the noise. And that’s what it was: purposeless noise. Even the non-political content is as Dennis Miller described Twitter posts: “annotated burps.” I couldn’t say it any better.

The silence has been wonderful.

It was frustrating.

I recently added OpenDNS to my list of tools, important mostly because I’ve now got boys who venture out into the wilds of the internet and are learning the ins and outs of adware, malware and images of a “questionable nature,” to put it mildly. (You can discuss the merits of this parenting technique amongst yourselves. This is the choice my wife and I have made.) I simply changed the DNS address being distributed with the DHCP leases to point at my MacOS X Server (10.6.x—the last of the great server versions…) where I forwarded non-authoritative queries upstream to OpenDNS. And all was good.

Between when I did that and a few weeks ago, suddenly Dealnews.com stopped loading. About halfway through the page load, no matter the device—iOS or Mac OS—it would hang. Images wouldn’t load. They wouldn’t load no matter if I were using Safari or Google Reader or Reeder or nothin’. And thus began my quest.

First, I used Safari’s Develop>Start Timeline Recording to watch what was and wasn’t getting loaded. Neat. And it showed me that I was not getting any content from s5.dlnws.com (or its brethren, s1-s4, either). Easy enough. That content would be getting blocked by OpenDNS, certainly.

Except that it wasn’t. In fact, if I pointed my Mac at OpenDNS directly (without the MacOS X Server BIND in between), the page loaded just fine, no problems, no hangups. Using the tools on OpenDNS, I checked to see that the dlnws.com domain wasn’t being blocked. It wasn’t. So clearly, whatever was in the way was happening in my Mac OS X Server’s BIND. But… what? It was time for some conf file fu.

The next step was to figure out how to log queries of my DNS server. In Mac OS X, it’s BIND, so editing things associated with named—the “name daemon”—is the route to take. I added this code into /etc/named.conf. (I can’t find where I found this code, but Google reveals several possibilities.)

logging {
        include "/etc/dns/loggingOptions.conf.apple";

/* added by WNE to allow query logging*/  
        channel query_logging {
                file "/var/log/query.log" versions 7 size 10m;
                severity debug 3;
                print-time yes;
                print-severity yes;
                print-category yes;
        };

        category queries {
                query_logging;
        };
/* end of stuff added by WNE */

};

And I restarted named with Server Admin. Nothing.

Googling told me to turn on query logging. Most instructions tell you to do something like rndc querylog which won’t even work unless you sudo rndc querylog which doesn’t work because the connection is refused on port 953. Hiiiiiii-yah! More Google-fu was required to discover that Mac OS X Server’s default installation of BIND listens on port 54. (See /etc/named.conf if you don’t believe me.) So sudo rndc -p 54 querylog solved that problem, and I began to watch the log in /var/log/query.log.

Sure enough, queries for s5.dlnws.com were showing up. But I still had no pageloads! Seriously, what’s going on here? I mean, when I try it on the iMac from my command line, I get the right answer, don’t I? I get:

the-imac:~ eccles$ dig @192.168.1.4 s5.dlnws.com
;; Truncated, retrying in TCP mode.
;; Connection to 192.168.1.4#53(192.168.1.4) for s5.dlnws.com failed: connection refused.

Ah… I don’t get the right answer! But I did get the right answer if I asked OpenDNS—and I got a huge list of responses. Apparently, s5.dlnws.com is attached to a content delivery network (CDN) with lots of IP addresses. Hmm.

Again, applying some Google-D-40 to the problem (Do you like what I did there? I just invented it.) and I found that A.P. Lawrence had a similar problem, never quite solved since it involved his router. Mine involved Mac OS X, but it still pointed me to the crux of the problem: most DNS queries work using UDP (unsigned datagram protocol), but the UDP packet cannot be longer than 512 bytes. Clearly, this response was much longer than 512 bytes and dig was trying to do it with TCP (transmission control protocol—fancier and more reliable, but with more overhead than UDP), but it was being rebuffed at the gates. BIND wanted nothing to do with answering a query on TCP.

I did all the Google-suggested things, such as netstat and lsof only to discover that BIND was supposedly listening on port 53, both protocols. It just wasn’t paying attention.

The solution to the problem lay in one commented-out line in /etc/named.confwhich I uncommented:

        query-source address * port 53;

If you uncomment this line and restart DNS (using Server Admin or whatever your preferred method is), the problem is solved. Though BIND was listening to TCP, it only wanted to accept queries on UDP.

Problem. Solved.

And now I can shop the bajeebers out of Black Friday. Whew!

Ω 20%

|

My default tip is 20%. First, the math is easy—multiplying by two and dividing by ten are pretty easy. Second, I’m not looking for superb service to earn the 20%. Instead, I’m looking for friendly and competent. Do that, and you get 20%. Any less, and I’ll let you know it with a 10% tip. Still enough to pay you for the work, but not reward you for the service. Third… did I mention the math is easy?

This update is not PHP-neutral. Apple installs PHP 5.3.15 over your custom PHP installation.

I looked at the configure that Apple uses and it looks about like our usual configure info, save for a few options (see below).

So the steps required to make this all work with what we have from our previous expeditions, except this time I decided to try a 5.4.8 installation, which should keep us ahead of Apple for quite some time:

  1. Keep copies of the Apple binaries and how they configured their installation:

    $ php -i > ~/php-config-2012.11.08
    $ sudo cp /usr/libexec/apache2/libphp5.so /usr/libexec/apache2/libphp5.so.old
    $ sudo cp /usr/bin/php /usr/bin/php.old
    
  2. Get the 5.4.8 tarball and unpack it.

  3. Move the libpng headers around a bit so that configure doesn’t find old headers for use with the new libraries:

    $ sudo mv /usr/X11R6/include/png.h /usr/X11R6/include/png.h_old
    
  4. Append the new flags to the configure statement and configure away:

    $ ./configure  '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--disable-dependency-tracking' '--sysconfdir=/private/etc' '--with-apxs2=/usr/sbin/apxs' '--enable-cli' '--with-config-file-path=/etc' '--with-libxml-dir=/usr' '--with-openssl=/usr' '--with-kerberos=/usr' '--with-zlib=/usr' '--enable-bcmath' '--with-bz2=/usr' '--enable-calendar' '--with-curl=/usr' '--enable-exif' '--enable-ftp' '--with-gd' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr/local' '--enable-gd-native-ttf' '--with-ldap=/usr' '--with-ldap-sasl=/usr' '--enable-mbstring' '--enable-mbregex' '--with-mysql=mysqlnd' '--with-mysqli=mysqlnd' '--with-pdo-mysql=mysqlnd' '--with-mysql-sock=/var/mysql/mysql.sock' '--with-iodbc=/usr' '--enable-shmop' '--with-snmp=/usr' '--enable-soap' '--enable-sockets' '--enable-sysvmsg' '--enable-sysvsem' '--enable-sysvshm' '--with-xmlrpc' '--with-iconv-dir=/usr' '--with-xsl=/usr' '--with-pcre-regex' '--with-freetype-dir=/usr/X11R6' '--enable-zend-multibyte' '--enable-zip'
    

(PHP will gripe about ‘—enable-zend-multibyte’ and ‘—disable-dependency-tracking’, but I’ve left them in here so I can go back and investigate. Note that this may cause a problem—I just don’t know yet.)

  1. Use four cores to make PHP. It’s a lot faster to use the -j 4 option, and if you have more cores, make the number match:

    $ make -j 4
    
  2. Install.

    $ sudo make install
    
  3. Restart Apache.

    $ sudo apachectl restart
    
  4. Clean up what we did to the libpng headers:

    $ sudo mv /usr/X11R6/include/png.h_old /usr/X11R6/include/png.h
    

Done.

Alternatively, if you have already installed 5.4.8 before, all you need to do is:

  1. Keep copies of the Apple binaries and how they configured their installation:

    $ php -i > ~/php-config-2012.11.08
    $ sudo cp /usr/libexec/apache2/libphp5.so /usr/libexec/apache2/libphp5.so.old
    $ sudo cp /usr/bin/php /usr/bin/php.old
    
  2. Install.

    $ sudo make install
    
  3. Restart Apache.

    $ sudo apachectl restart
    

Done!

[This is the last political entry I intend to post on this site. I don’t have a lot of readers, I don’t have a lot of time, and I don’t get paid for my effort. I’ve only ever heard from one of my recent readers—and that’s OK!—and I don’t think that my voice does much but add to the noise. Might I recommend The American Spectator for superb conservative political commentary? I’ll continue to publish computing and thought pieces, but this election cycle has made me tired of national politics. WNE]

Dear Mr. Obama,

Your victory speech was elegant as always; you have the gift of the gab, truly. You used some words that I expect you to live up to lest they fall onto the heap of broken promises of your first term. These words were, “…whether you held an Obama sign or a Romney sign, you made your voice heard…”

Though you may have heard, my question to you, Mr. Obama, is Were you listening?

If you were listening, then what you heard is your country’s saying:

Stop letting the mainstream media do your work for you. If you are a man, if you are a leader, then you should be able to convey the message you intend the country to hear without having the likes of Rachel Maddow and Chris Matthews covering for you. Let them do their job. Let them be critical of you. Stop trading access for control of the narrative. Let the people hear the truth through Jefferson’s independent fourth estate. Man up.

You’ll make mistakes. Own up to them. The rest of us have to live with the consequences of your errors, so why don’t you? Stop letting the media cover for your mistakes. Man up.

Your way isn’t necessarily the best way. Your long-held socialist beliefs are not what the country wants. You, the liberal elite, Hollywood, and their ilk certainly want this nation to become a nation of redistribution. But it’s time you listen to other sides of the story. Mr. Romney and Mr. Ryan do have a plan which could work, but you’ll have to listen to them, to avoid letting your own biases block the path “forward.” It takes guts to listen to, respect and incorporate the other side’s points of view. Man up.

Vilification of the rich is great for short term political gain, but divides the country. I have yet to understand why the “poor” hate the job-creating “rich” but worship the do-nothing Hollywood elite, why George Clooney is revered, but Linda McMahon is reviled. If you want the “rich” on your side—and by your own admission, you must have the rich to fund your spending machine—stop pissing them off. Stop dividing the country with artificial class warfare. Unify.

Speaking of warfare, listen to this:

Stop creating artificial wars. Your “war on women” is a prime example of rhetoric for the sake of inflaming your supporters. It does nothing but push your supporters and your detractors further apart. It does not build consensus. Build consensus.

Get to work. 10 weeks of golf. Celebrity basketball games. Bragging about your beer recipe. All of these are great past-times and would be great features on Lifestyles of the Rich and Famous. But for a sitting President, they are inappropriate. You used your first term to prove that you’re just a regular Joe who is somehow privileged enough to hang out with stars and celebrities. Now get to work and do the job you were elected to do. Attend those briefings. Learn a work ethic befitting a president.

Strengthen this country’s defense. I do not believe it to be any coincidence that you and Bill Clinton ushered in horrific terrorist attacks. You must ensure that the world of terrorists does not see your peacemaking overtures (or whatever it is you’re doing) to the world of Arabs as indication that the US is soft on terrorism. Declaring that Al Qeada is dead does not make it so. Put ears on the ground in-country and build intel that we can use to hunt down and kill terrorists. Prevent attacks, and when warned of imminent attacks, pay attention, dammit.

Stop governing with czars and edicts. You are not a dictator, and you have no right to dictate. Only a complacent Congress has allowed this abhorrent mangling of checks and balances to continue. Do your job right.

Clean house. Your Vice-President is not a “happy warrior”—he’s the punch line to many jokes. He’s making a mockery of his office and acts the fool. Likewise, you have a staff containing tax evaders and cheats; I imagine that there are others with less-than-stellar records, too. Remove these people from office and put well-respected, well-vetted and centrist (mostly because neither the left nor the right will approve a radical of either extreme) people in front of Congress and into those jobs.

“It’s the economy, stupid.” Worry about social programs after the economy is fixed. Until we have a working economy, you can’t afford social programs. Your credit card is maxed out, and our house is so far underwater that our great-grandchildren will have no place to live in if you continue at the torrid pace you set during your first term. China is not our friend. Manufacturers must be encouraged to bring business back on shore. Likewise, stop picking winners. You clearly demonstrated that the government has no business in investing in technological fantasies, that “more money” doesn’t equate to “success.” You want to make good on that balanced budget thing? First, stop spending so you know how much you need to take in. Then tax. If you do it the other way around, you’ll never get what you need, the economy will continue to stagnate, and more generations will drown.

Innovate. If the private sector can figure out ways to manufacture items more efficiently, to break the laws of nature, to avoid paying taxes, to find new ways of doing old things better, then why can’t government? It’s because we’re asking politicians, not problem-solving experts, to fix the problems. Bring in experts from industry. Bring in the brilliant minds. Ignore their party affiliation. Leave the Hollywood elites at home. Let the brilliant people of this country solve the problems we face, because solve it they will… if you’ll let them.

Now hear this: Your victory wasn’t quite “decisive” as the mainstream media are so quick to report. No, you won through the grace of the Electoral College. The fact that you won by a thinner margin of the vote this time means that more people are listening, learning, and understanding the deficiencies of hiring a community organizer to do the job of a world leader. Unfortunately, not enough understood this problem and the net result is you get four more years to make good on the promises of your “one term proposition.”

For the rest of us who did understand, we are left praying first for our families, then for our country, and then for you and the rest of our elected leaders. Because in spite of the “us” and “them” rhetoric you bludgeon us with each day, we are all in this together.

Sincerely yours,

/Bill/

William N. Eccles

Ω NYC Shockers!

|

In the news, the NYC Marathon was cancelled. Wow, talk about your last-minute reversals.

Bad news for Obama, though: I hear Bloomberg will be changing his endorsement to Romney on Tuesday evening.

(Bloomberg’s always giving us the runaround. Now he’s running around in flip-flops.)