System76 - The Rise of the Linux Desktop

System76 - The Rise of the Linux Desktop

I recently purchased a new System-76 Lemur Ubuntu 14.04 laptop.  I present my rationale for choosing this laptop over the Dell XPS-13 DE, and my first impressions.  I also side-bar a bit about Macbooks, iOS and the rise of Docker as a response.

Using a VPN for Everything...

I recently moved to Mexico from California because my job was approved for 100% telecommuting and, since I can do that from anywhere, why not Mexico?

Unfortunately, for me, I chose to live in a town that's a bit out of the way -- between Rosarito and Ensenada, Puerto Nuevo sports DSL as the only means of internet access.  Buh-bye cable modems.

I've been toying with the idea of using a VPN as a gateway to my ISP simply because of the legislation that's cropping up recently that enables our respective (not respectable) governments to spy on the internet traffic of it's citizens without due process.  And, I believe, this due process is a long time coming because this is (to the government) a new frontier who's sanctity has yet to be defined in the higher courts of law.  So, boys and girls, until that happens, Big Brother can pretty much do as they want.

And, they do.

Now, the prevailing argument that causes most of us to bleat our way through endless queues at airports waiting patiently for our turns to be molested is this: if you're not doing anything wrong, then why hide what you're doing?

Note that you'll normally hear the same thing from some street cop when he pulls you over and asks to search your car without a warrant; if you have nothing to hide, then why can't I search your car?   Well, it's a little thing called the Fourth Amendment to the Constitution (of the US)...

So the passive-aggressive kicks-up in me and I consider installing a VPN so that no one can track what I do when I am online.  Never you mind that what I do is so damn boring and mind-numblingly dull (for a living, mind you) that there's only a small fraction of the existing population that would even understand the particulars, it's just the principal of the thing.

Same reason why I use DuckDuckGo for my search engine instead of Google.  Why?  Because DDG protects me by not linking my searches to my identity.  Google is infamous for rolling over, exposing your soft underbelly to anyone waiving a law-enforcement letter-head demanding your emails and search and browser history from the beginning of time.  That same patriotic spirit that caused my forefathers to flip King George the finger is what still burns brightly in me today:  Because I can.

So, quick side note -- what's a vpn and why do I need one?

A VPN (virtual private network) is just that - it's a private network that exists within your existing network.

When you connect to the internet, through your ISP, you're establishing a network between your home machine(s) (also a network) and the internet (THE network).  All your requests are routed through your ISP and out to the 'net where their response is then filtered back to you.  An ISP, then, has the ability to know exactly what you request, when you request it, and how many requests you make.

An ISP can also filter and monitor your requests and can deny you access to certain internet-based resources based on the type, amount, or time of the activity.

For example, some ISPs throttle (reduce) your available bandwidth (the diameter of your data flow) if you exceed a set-amount of data downloaded within a period of time.  You have "unlimited" bandwidth but the reality is, once you hit some arbitrary limit determined by the ISP, things get a lot slower for you.  Unfortunately, a VPN cannot help with this.  Data is data.

Some ISPs record and/or block your ability to transact certain types of data.  The most notorious example of this would be P2P or bit-torrent packets.  While a mainstay of the gray (or darker) areas of software licensing, there's a legitimate use for bit-torrent packets (linux distros for one!) that should never be prevented from reaching your computer.  However, like most totalitarian regimes, your ISP may have an "all or nothing" policy with regards to filtering by packet types.

Another example of filtering is by content.  China is infamous for it's firewall of profound social cluelessness, filtering all (what the ruling regime considers to be) subversive sites from being viewed willy-nilly by it's population.

So, as you can see, ISPs wield a tremendous amount of power.  They can meter, view, and deny data packets based on their rules and how heavily influenced they are by corporations or governments.

VPN kind of takes you around all that by creating a private tunnel to what essentially is another ISP (network) allowing you to use the internet as dog himself intended: safely, securely, and without limits.

Allow me to explain...

When you connect to the internet, you establish a network (as I mentioned earlier) between your home machine (network) and your ISP (internet).   All subsequent requests are routed through your ISP and are subject to various levels of scrutiny and transcription.   Fine.

But, creating a VPN within your network basically does this:

  • establish a secure (encrypted) connection with your VPN provider
    • all data packets you send are directed to your VPN
    • all data packets you send to your VPN are encrypted
      • your ISP cannot decrypt the data in these packets; your ISP only knows that there are packets
  • all routing (DNS) requests are sent to your VPN provider
    • address lookups happen on your VPN, not your ISP
      • your ISP does not know where you are going
  • all data requests are sent to your VPN provider, not your ISP
    • request fulfillments happen on your VPN, not your ISP
      • your ISP does not know what you are requesting or receiving

An analog analogy for his is a spy movie where someone gets one of those electronic voice scramblers -- the person making the phone call (you) attaches the scrambler (encryption) device to their phone, inputs some unique code, and calls (ISP connect) their contact (VPN) who attaches their scrambler and enters the same code so they can de-scramble your voice while scrambling their own.  The phone company knows that a call is being made,  and how long the call lasts, and maybe even how much information is being transmitted, but they can't de-scramble or understand the conversation or know who's talking on the other end.

See?  This what a VPN does.  But it's only one thing a VPN does.

When I moved to Mexico, for example and as I stated about a thousand words ago, I experienced an unintended consequence of exchanging an implicit .us domain for a .mx domain.  US-based web-sites detect that I am not of the US and re-direct my requests, they automatically translate my web pages into Espanyol (which I don't speak), or they convert dollars into Mexican pesos.

By using a VPN, I can imply that I am physically in the US, and avoid all that unpleasantness.  Plus I still get to "stick it to the man" (or hombre).

So, finally getting to the point, yesterday, I signed-up for a seven-day trial offer with a VPN company called BolehVPN.  They use tunnelblick as their delivery vehicle for connecting to their VPN.  This was OK with me because I already have tunnelblick installed and use it for work.  All I needed to do was sign-up for a trail account, create my account, give them about $4 US for the 7-day trial, and download and install the configuration files for tunnelblick.

All this took about five minutes.

BolehVPN offers the following configurations:

  • Proxied - mainly used for P2P connections, servers are hosted in Europe
  • Fully-Routed - Secure P2P, anonymous surfing, and data security, servers in Europe and Canada
  • Surfing/Streaming - TCP and UDP for anonymous surfing and streaming content, servers are in the US and Hong Kong
  • TCP443 - http protocol over tls/ssl used for bypassing firewalls

What really sold me on this particular vendor, however, were these features:

  • no logging/monitoring of your traffic -- so even if they were hit with a disclosure order, they have nothing which ties traffic to you
  • compatibility with portable devices -- I had my iPad up on the VPN within seconds over my wireless
  • freedom to chose which VPN service best meets your needs at that time
  • Download speed reduction minimal - about 5%

Cons (so far):

  • some of their website configuration is out of date
  • forum data is dated
    • this could be a good thing -- service is so easy to use, no one posts questions!
  • Expensive - BolehVPN is almost 2x the cost of comparable VPN services

Will I sign with them for a year?

Probably not.  Based on cost alone, all things being equal, there's a lot of competition in the VPN services.  As such, if I can find a competing service that has the same performance as BolehVPN, then I'll probably sign with the other service and save myself about $40/year.

That's about it...hope this was helped you understand why a VPN is important and if you decide you need one, what your next steps are.

HTC Thunderbolt - The Honeymoon? Definitely Over.

First, let me begin by saying that I have been an Apple fan for a long time. In addition to using their computers, I was a first generation adopter of both the iPod and the iPhone.  I've gone through the original iPhone, the 3G and the 4. What I like about the iPhone can be summed up by saying that it represents exemplary engineering on top of a ghastly deployment.

After all those years of being an iPhone user with AT&T, I could no longer justify paying for AT&T's sub-standard cellular services.  The times I could complete a conversation on my iPhone without dropping the call, or losing call quality was an extremely rare event.  (And I live in the Bay area, home to AT&T which is touted as one of their major coverage areas....)

AT&T's cellular service is simply pathetic.  As a matter of fact, I deemed it justifiable to pay the contract cancellation penalty with AT&T to come to Verizon.  I never realized how bad AT&T service was, however, until switched to Verizon.   Within my first week of using my Thunderbolt, I experienced NO dropped calls, NO poor signals, NO service interruptions of any kind.  (Unless I was connected to an AT&T cellular customer...)

And, while Apple is, in my opinion, the best hardware engineer in the business, the other factor in my decision to move phone platforms was that Apple never quite got the whole synchronization thing down. (Pre-iCloud)  I really don't need seven different listings for my veterinarian in my address book.  Syncing services with Google have been working for me perfectly - and I don't have to pay them $99 per year to screw up my address book contents or my calendar.

So I dropped .me and my iPhone for a Google phone living in a Google world.  Since the Android requires a Google account, (Hey! I have one of those!), setting up my phone required that I only provide it with my account information and everything from that point was auto-magically configured for me.  Insta-integration with all my Google-based services.  Plus really cool stuff like Google Voice for messaging.


It's now been six months with the Android. Apple has just released their iPhone 4S...and, within a day, I find myself browsing the provider's pages looking/comparing contracts and service offerings.  What the hell am I doing?!?

The shine on this Android HTC Thunderbolt phone is definitely gone.  While I like most of the Verizon services, specifically the quality of the cellular coverage, I am really dissatisfied with some of their processes and, as far as the phone is concerned, the HTC Thunderbolt is a complete a total piece of crap.  I will NEVER, EVER buy another phone from HTC every again.

Problems with Verizon and the HTC Thunderbolt Nobody Talks About:

1. Crapware

I rooted my Android within a week of getting it.  Verizon pre-loaded the Thunderbolt with an amazing amount of crapware that they don't allow you to delete off their phone.  Seriously bad software.  That does nothing except eat tons of space in my memory store.  Once I rooted the phone (similar to the jail-breaking process for the iPhone), I was able to delete that bloatware and regain my lost storage for other applications.

2. Say My Name, Bitch!

Of course there's a problem with rooting your phone -- and that's dealing with Verizon's never-ending attempts to force software updates down your throat and to your phone.  Should you make the tragic mistake of leaving your phone "on" (which I do when sitting at my desk with the phone plugged into the charger) then Verizon assumes control of your phone by forcing your phone to accept updates over the network.

Since you've rooted your phone, said updates (which are image zip files stored to your cache) will not install after the download completes and the phone reboots itself.  All without any confirmation or interaction from your part.  Special, no?

When your phone reboots, you're presented with the broken-android symbol and you have to go into your root-tools menu to delete the cached files from your phone.  This removes the forced-download and allows you to reboot your phone into it's previously rooted state.  Of course, leave your phone on for too long and here it comes again!

There's no "off" switch to disable the forced downloads.  Verizon's attitude, gleaned from the forums, is that: "It's our network.  Suffer, bitch."

3. Random Reboots and Disappearing Apps

My co-workers claim that my phone re-booting itself (without an "upgrade" being pushed down) is because I rooted my phone.  After reading the complaints about the HTC Thunderbolt out on the etherstream - I beg to differ.  I think the HTC/Verizon mash-up operating system is just so crappy it crashes and forces a reboot.  I've noticed that this happens when the network flips around a lot.  I've also noticed it booting for no apparent reason.

What's also special is that apps just disappear off your phone following a reboot.  Once your phone restarts, you have to give it several moments of 4G time to restore whatever apps it randomly deleted.  Totally weird behavior.  It's almost like using a Windows operating system.

4. I've Lost My Network and I Can't Get Up

Several times with this Thunderbolt I've noticed that I'm stuck in 1G mode.  I try toggling the mobile network connection off/on to reset it, but it always comes back to the 1G network.  This occasionally happens when it gets stuckin 3G mode as well.  (Funny, I've never seen 2G...)

The only way I've found to fix this problem is to force a restart.  When the phone regains consciousness, it happily joins the 4G network.

5. Sucks like a Starving Vampire

Granted, the Gingerbread update is supposed to fix a lot of the issues with the HTC Thunderbolt's ability to drain your battery faster than a starving vampire in a blood bank.  I even upgraded, spending about $50, for a uber-battery, doubling the phone's weight and thickness.  It's worth it, though, having a battery that can last me on the train ride between San Jose and San Francisco.

There's entire web pages devoted to tricks and tips to prolonging the battery life on this phone all of which basically involve crippling, or at least diminishing, all of the features that justified the purchase of your phone in the first place.

I'm really hoping Gingerbread offers better battery life as, since I don't live in a winter-zone anymore, it's a shame to waste the hand-warming features of a rapidly depleting battery.


So...I un-rooted my phone so that I could get the Gingerbread update, replacing Froyo on this phone.  I have no idea why it takes Verizon so long to roll-out these updates.  Perhaps their visual basic programmers are having a hard time with all the Android unixey stuff.  Who knows?  I mean, you have to make sure that the user can't delete the fucking golf demo, right?

When Gingerbread was finally available for the Thunderbolt, the update lasted all of a day, if that, before Verizon yanked the update from the download stream.  It was as if they were like: QA testing?  We've heard of that...  The update was so bug-ridden that it was disabling or severely-impairing phone functionality.

Now, as of yesterday, they're starting to push the Gingerbread update back out to the users.  At a time when Google is announcing the Ice Cream Sandwich update (the successor to Gingerbread), Verizon, after one false-start, is now only 1 release behind on the operating system.

Tell me -- why am I paying premium rates for a phone Verizon and HTC can't keep current?

So, as soon as I come into a little cash, I think I will call Verizon customer services (snicker) and complain to them about this phone and their inability to provide a stable (or current) operating system platform.  I'd like to negotiate them into a new Motorola Android phone...Verizon seems ti play better with Motorola -- timely updates, better hardware, non thermo-radioactive battery, etc.

I want to stay in the Google universe because everything works there.  The iPhone is looking sexy -- but it's still not 4G...not yet...

Review: AZIO KB333BM Bluetooth Wireless Keyboard for Mac, iPad, iPhone

I have an iMac 27" I7 -- I wanted to try this keyboard because I needed to recover space on my desktop. I run my iMac in Windows via Bootcamp quite a bit when I'm not working/coding to play games so it was important that his kb also work under bootcamp. When I unpacked the keyboard, I was instantly disappointed in the style and construction. It's not quite as small as the mac wireless keyboard, measuring almost 2" wider and about 1" wider. It also has a cheap feel to it -- there's something rattling around in the antenna housing and the keys are a die-cut plastic. On Apple kb's, the keys are smooth giving the kb an almost rubberized texture -- they're also solidly mounted so there's no "play" or travel in the keys. On the Azio, the keys feel tactically different and there's a ton of play in the keys -- it's almost like they're mounted on swivels.

Installing the batteries was fairly easy -- but the battery door is cheap, thin, plastic. It's definitely a failure point over time. Pressing the connect button isn't easy -- the placement is on the bottom of the keyboard, along the back edge, so the button has to be recessed so you don't tap it during normal use. There's no tactile feedback when you do click the button to initiate a connect -- you have to flip the kb over to see if the blue light has lit.

When I went to sync the kb, I was in windows 7, and attempting the sync immediately brought the computer down with the BSOD. Seeing how it was windows, it didn't surprise me much so I re-booted into Leopard. Pairing the device didn't work -- when it asked me to type in the sequence of numbers, there was no feedback to the screen so eventually Apple asked me to identify the key to the right of the right shift key.

Which is an up-arrow. Which wasn't recognized by Apple as a key. Which meant I had to select from a menu of choice of what type of keyboard I had. So I selected the only viable option - US/English 101 key.

I rebooted trying to get into Bootmanager -- as the computer rebooted and I heard the start-up tone, I pressed and held-down the option key. The blue light on the kb flashed furiously for a second or two, then the machine booted me into Mac mode, bypassing completely the bootmanager. I re-paired the device by removing it and re-discovered. This time, without the feedback (which I realize may be an Apple issue and not an Azio issue), I just blindly typed-in the numbers without pause and the computer accepted the keyboard pairing.

Rebooting the machine, however, produced the same results as before - the kb was not recognized, not was my holding down the option key during boot, and again the Bootmanager was bypassed.

The keyboard itself feels cramped and awkward. The keys appear to be both slightly (about 1/8") smaller than Apple's kb, and they're set closer-together. There additional width of the keyboard is allocated to keys along the right side, two columns, F13-F16, home, end, delete, page-up/down, and the 4-arrow keys. Totally unnecessary to add these keys and increase the form-factor imo. Even tho this is advertised as a mac kb, they couldn't break the windows dependencies...there's also the unnecessary function key just to screw up your typing, right under the left shift key.

I'll try this kb out with my iPad -- perhaps it will encourage me to use my iPad more for text-input. Otherwise, this device is simply garage-sale fodder. If you want a smaller keyboard, then get the keyboard here on Amazon (Super Slim USB kb) -- it's wired, but it works well. Or spend the big-bucks and try the Apple keyboard.

tl;dr: Keyboard feels cheap and loose. Could not access bootmanager. Pairing causes BSOD in windows

Online Cloud Storage...Which one?

In a recent article, I wrote about cloud storage to use for my source-code repository.  I chose ZumoDrive as the tool to implement this because it allowed filesystem level access to my files from the desktop.  Or, in other words, my desktop sees the ZumoDrive like another physical device attached to my computer. However, in actually using ZumoDrive, I noticed some ... features ... that I wasn't too pleased with.  Instead of capping on just ZumoDrive, I thought I'd offer a narrow perspective on the capabilities and ... features ... of some of the more popular online cloud-based storage options.

My selection process was based on simply whether or not I could use the storage from my Mac.  Let's get started...

The first system tested was Memopal -- this solution is available on all platforms, (Windows, Linux, Mac, Android, iPhone), and offers 2Gb of free storage.  It advertises itself as "online backup and storage" as it archives your files in real-time to their remote servers.

You can browse any of your files online, using a web-browser, and you can also share these files with other users.  Memopal allows transfers of files that are larger than 1Gb, so using this service as a means to copy files to other users, because you can't send large attachments though email, make this a handy solution.

What's also amazing is that you can get 200Gb for only $49 per year.

What's not so amazing is that it doesn't provide you with desktop level access to your files so you can't use the offline storage as a real-time disk file system.  For my needs and purposes, I'm going to pass and un-install the product.

I have been a .mac (or .me) account owner since 2007 and have witnessed several upgrades to the service.  I was in the process of dumping my account when Apple suddenly extended my account until June 30, 2012 in anticipation of the release of their iCloud offering.

The iDisk, as it's referred to via your mobile-me account, is slightly more than 15Gb of online storage which used to cost you $99/year.  (You got other stuff besides the storage which supposedly made it a "deal", but Apple has been forced to re-price their offerings in order to remain strategically competitive with other cloud vendors.)  The iDisk is configurable from your System Preferences menu and, if you're one of the account holders at the time Apple froze the offering, you can no longer upgrade or increase your storage capacity.  What you had is what you have until the iCloud becomes available.

What's good about this storage is that it's accessible as a mount-point (file system access as a device drive) to your system which means you an use it finder, or through any application, to access your files.  It's totally transparent as a remote device.  I also like that I have to manually mount the device to access it so there's never any background "sync" happening to slow my system down when I don't need it.

The downside is the bandwidth limitation of 200Gb of data transfer per month.  If I'm doing a lot of development, I'd imagine I could hit that pretty quickly just checking-in, and then creating and modifying the existing code base.  So I've never tried to use my iDisk for anything other than storing static documents that I don't need clogging up my physical devices.

Because of the bandwidth limitation, Mobile-Me does not satisfy my requirements.

ZumoDrive is the software I initially chose to use as my cloud-storage choice for my source-code control.  ZumoDrive is also the reason why I am writing this article, wishing I had done my due-dilligence in evaluating the software before committing (svn pun) to it.

ZumoDrive offers you 1Gb of free storage which is easily expandable to 2Gb once you complete the "belts" in their "dojo".  Cute.  Basically a test-drive through the product, training in the Dojo advances you through the belts until your max your training at black-belt and you've doubled your storage to 2Gb.

ZumoDrive is software you download and install.  It's available on all desktop and mobile platforms.  ZumoDrive mounts on your desktop as a virtual drive, which meets our purposes of remote file-system storage.  Unfortunately, ZumoDrive caches a copy of your file(s) on your local drive and then updates the remote drive when not in use.  Like, when you're playing World-of-Warcraft and need the network bandwidth because, you know, it's not already laggy enough in capital cities.

If you've followed my previous tutorial and created a TrueCrypt container on your cloud drive, then the real downside of this system makes itself readily apparent.  Uploading a 500Mb file to the server at (average speed) 77Kb/sec is going to take a LONG time.  Changing the cache options to minimize the amount of diskspace stored locally didn't impact this -- the software still sees a single, 500Mb file.

While I love the concept of ZumoDrive -- MobileMe without the bandwidth constraints -- the local caching of the TrueCrypt volume murders the concept since it's doesn't see the files within the TrueCrypt container.

SugarSync is an online cloud storage system that offers a 30-day free trial.  You can get 30Gb of online cloud storage for $5/month or $50/year.  They have a 250Gb plan for $250/year which is sort of funny when you look at what Memopal was charging: $50 for 200Gb...

I'm not going to incur another monthly charge for online storage so, to be honest, I didn't even bother to download and install the product for evaluation.

TeamDrive offers 2Gb of free cloud storage.  From reviewing the product on the website, I knew it wouldn't meet my requirements, but there were enough enticements to the feature-set that I went ahead and downloaded and installed the 100Mb file anyway.  TeamDrive is accessed through a custom-application that's finder-like in it's UX.  You can also access the application my clicking on the relevant icon in the menubar.  TeamDrive offers collaboration and synchronization as it's main features.

The UX is intuitive although window's-like.  Since TeamDrive is primarily collaboration software, it keeps track of the users who are in your team.  Although I didn't think much of the product for what I need, I was encouraged to evaluate the offering because it had a feature I'd not seen before -- the ability to create and host your own TeamDrive server.

I've been using Dropbox for over a year now.  It's my primary means of transferring files between home and work.  I also like the fact that 1Password uses it automagically to synchronize itself.  Dropbox offers 2Gb of free cloud storage that is accessible from pretty much every known appliance available on the market today.  Dropbox provides you with a file-system mount point so that you can access your files via Finder making it perfect for what I need.

The only downside, for me, is that I depend on Dropbox for file storage for other things such that my available bandwidth is only about a 500Mb.  The upgrade costs are prohibitively expensive, especially when compared with other offerings in the industry.  Sorry, Dropbox, but $200/year for 100Gb is not a value-add.

The final note, for DropBox, is that it, too, views an encrypted file container as a single file.  Dropbox's upload/synchronization speed was even worse than ZumoDrive's at 55K/sec.

I also have an Amazon Cloud account -- which is 20Gb of free storage -- because I use Amazon's MP3 cloud on my Android device.  I mention it here because of the phenomenal amount of storage that you get for FREE.  I can only access my cloud storage through the web, which is ok since all I'm storing there are my MP3 files that I've downloaded (DRM Free - hear that, Apple?) from their music service. Unfortunately, I can't access the storage from my desktop...

Other Mentions:

I looked at these products but didn't bother with the evaluation since I could read, from the product descriptions, that they would not satisfy my requirements. -- 5Gb basic (free) solution limited to only back-up and recovery. - web-based back-up and recovery tool.  Free, but limited to 2-computer access and 2Gb storage. - pretty much web-based b&r and file sharing through the web ux.


What I want to do just isn't possible at the current time because of restrictions of my DSL and the way cloud services view a TrueCrypt container.  I've got a pretty good working overview of what's available and I explored a lot of solutions that were pretty damn exciting.  I also think that we're going to see the cloud marketplace evolve rapidly and those companies which are charging significant amounts per megabyte are going to have to rethink their pricing strategies or risk becoming fossil fuel.

I'm also excited by what Apple will bring to the table with iCloud -- I think that we'll be able to have file-system level access to our cloud storage but I'm also sure that the same limitations will apply for synchronization...