Juxtaposition, the Blog

Ugh. Came out this morning to my car in my driveway to go downtown and found both right-side windows rolled down. Hmmm... I didn't do that. Go around to the driver's side and both of _those_ are rolled down too. Grrr.

Fortunately, it did not rain very hard so there was little water that got in the car. And fortunately there is no visible damage and nothing was taken (there really wasn't anything to take except some pennies)

And now I find via a Google search that there are some hacks that can cause the windows to all electronically roll down with a screwdriver in or near the keyhole. Lovely. This system does not seem to require the key with the transponder chip in it to operate. Maybe someone with a valet key or some kind of master can trick the lock into rolling down the windows.

Looks like I'll be disconnecting that wiring and maybe even replacing the keyhole cover with a blank plate like on the passenger side to cover the hole entirely. Either that or leave the car unlocked for the next guy.

So, ABC news polled 514 people by telephone to try to find out if people support the new backscatter x-ray machines. They are reporting now that people support them "2 to 1" over those opposing them. However, if you look at their sampling methodology (available on a PDF on their site), you can see that they actually skewed the question. Their whole focus was on determining support _in lieu of the privacy issues_. They did not, however, include any questions about the support if there were _risks due to radiation_ They asked questions about how informed users were about possible risks, but only generically and treated it as if it was relegated to just opinion.

Here is the question they asked that the 2-to-1 figure is based on:

"The Transportation Security Administration is increasing its use of so-called
'full-body' digital x-ray machines to screen passengers in airport security lines.
(Supporters say these machines improve the ability to spot hidden weapons and
explosives, and reduce the need for physical searches.) (Opponents say these machines
invade privacy by producing x-ray images of a passenger's naked body that security
officials can see, and don't provide enough added security to justify this.) Which
comes closer to your own view - do you support or oppose using these scanners in airport security lines? "

Here is the question they asked about health concerns:

"As far as you're aware do you think these new scanning machines may pose a health
risk, or do you think that's not a serious concern?"

As if the health risks are just some kind of matter of opinion? Why not ask a question like,

"Researchers have shown that these machines emit X-rays in high enough doses that are concentrated at skin depth and may well increase the risk of cancer (skin, testicular, etc.), which will knowingly result in harming people each year -- more than the machines might save from terrorist attacks. Given this information, do you think that their usage is justified?"

http://abcnews.go.com/Politics/abc-news-washington-post-poll-air-travel-security/story?id=12215139

Medical practice quackery has to be reported to the FTC, http://www.ftc.gov/ftc/contact.shtm as I just did to a chiropractor that claimed they could help with "ADHD", "Bedwetting", "PMS", "Asthma", "Ear infections", "Colic", and even "Allergies" The FTC "wizard" is a bit cumbersome, but you eventually get 3500 characters to describe your complaint after about 50 clicks.

http://skepticblog.org/2010/01/14/get-fed-up-report-medical-quackery-to-the-fda/

Update: Forgot to link to a great paper summarizing the common false claims made and a summary of the current evidence for each claim from the New Zealand Medical Journal Chiropractic claims in the English-speaking world

I've been looking for QoS pointers for Google Voice Chat. I've found that it works great on my DSL until I also am attending a web conference over Webex at the same time. Then I can still hear fine, but upstream I'm told my voice cuts in and out.

So, I figured it's time for some QoS Settings on my router.

It appears that Google Voice Chat uses HTTPS for signaling but an XMPP extension called Jingle that uses RTP over UDP for the actual call data.

I cracked open Wireshark to analyze the traffic and see communication with servers on the 74.125 network, which is owned by google (a /16).

Destination: stun.l.google.com (74.125.155.126)

So, for now, I have enabled Expedited packet status for any UDP packets going to and from that network. Will have to run another test later to see if it helped dramatically.

One troubling thing that I noticed in the packet capture is that not all of the data is protected by confidentiality protection. I suspect there _may_ be some encryption for the RTP data because Wireshark did not detect any RTP sessions. However, one packet every once in a while revealed the phone number that I was calling. So anyone on your wireless LAN or along the wire can see who you are calling. They may even be able to intercept that packet and play MITM by routing your calls through them. Who knows.

Here's a redacted version of the ascii portion of the data packet contents:

0 0+12065551212@voice.google.com

Came across this quote today that is more cerebral than the quip about "We're all atheists -- I just go one god further than you"

"when you understand why you reject the gods of other religions, you'll understand why I reject yours."

• Call Block Unlimited:  http://www.appbrain.com/app/com.mrnumber.blocker  Highly configurable app that lets you set policies for how to handle incoming calls.  I used this when on vacation to send all calls not in my contacts list to voicemail.  Shows an alert of which calls were blocked.  Very nice and free!
• App Brain App Market:  http://www.appbrain.com/app/com.appspot.swisscodemonkeys.apps  Install this and never open the lame Google Market app again.  This does everything that the Google market should do but doesn't.
• OurGroceries:  http://www.appbrain.com/app/com.headcode.ourgroceries  This app has a lot of promise for sharing grocery list ideas between my wife and myself.  Even can input recipes and then add ingredients to store lists from those.  And allows you to check off items as you buy them so you won't miss anything.  Very sweet!
• EStrongs Task Manager:  http://www.appbrain.com/app/com.estrongs.android.taskmanager  This is a very fast task manager that has the best UI of any that I've seen so far.  I rarely use one these days but when you've got to kill a task, this is a slick one for doing the job.
• Dropbox:  http://www.appbrain.com/app/com.dropbox.android  Dropbox is about the easiest way to synchronize files from your desktop to your phone wirelessly.
• Wireless Tether For Root Users:  http://www.appbrain.com/app/android.tether  This was sooo cool.  Lets you set up your phone as a wifi access point to allow Internet access to devices nearby.  Used it this weekend and got better performance than the DSL (not saying much as this place must have been on the far end of the line from the central office)
• JuiceDefender (free):  http://www.appbrain.com/app/com.latedroid.juicedefender  I have found after lots and lots of testing that the #1 killer of battery on the HTC Hero is constant use of the APN (mobile carrier data network).  The more apps you install that synchronize data, the worse this gets.  It's not so bad if you stay in one place where you have good cell coverage.  But if you are in an area of spotty coverage, your battery life will go down the toilet.  It seems as if whenever you get even the weakest data link back, all your apps that need to synchronize data light up and overwhelm the terrible connection and pretty much do this all day long.  When at work, my battery would not last long at all (22nd floor with poor coverage) but at home it would be great.  That's how I figured it out.  I stopped using task killers since they can be worse for your battery life and use JuiceDefender.  I used to have Wi-Sync plus to do the same thing, but that has apparently been abandoned.  

I have been meaning to write up instructions on how I updated my ROM and kernel on my CDMA HTC Hero to fix some annoying performance issues and overcome the internal memory limitation to be able to install more apps by installing them to the SD card.  Since this phone will not officially get 2.2 Froyo, I needed to do something to keep the phone relevant.  I had already ran into the max size of apps installed so was forced into taking some action.

1. Root your phone.  If you are running the latest 2.1 OS (version 6), the vulnerability in version 5 was patched so you cannot use that to root your phone anymore.  However, I just found a new method of rooting the phone that works like a charm and is even easier. It's called Universal Android Root http://forum.xda-developers.com/showthread.php?t=747598  Download the latest apk.  Enable USB debugging and plug your phone into your PC.  Use the ADB command from the android SDK to install the app.  

   adb install UniversalAndroot-1.6.2-beta5.apk
   

   Once you get it installed, find the universal root application and launch it. It was pretty intuitive. It even has an option to just root the phone temporarily until you reboot, which is nice for keeping your phone as pristine and secure as possible if you prefer.

2. Install a new recovery image.  You need this to be able to perform nandroid full system backups, flash new content, wipe content before reflashing, etc.  http://forum.xda-developers.com/showpost.php?p=4898505&postcount=1  This is the one I use on my CDMA Hero.  You may need to install the flash_image program to your phone first and make it executable if it does not exist yet.  Here is one set of instructions on this thread that will be useful:  http://forum.xda-developers.com/showthread.php?t=660396
3. Obtain the updated Sprint ROM and other files to update your phone's ROM to one that contains lots of goodies, including superuser access control, apps2sd (allows you to run and install apps to your SD card prior to Froyo), Wifi tethering, etc. but is based on the actual Sprint stock ROM package.  The thread is here with downloads and instructions:  http://forum.xda-developers.com/showthread.php?p=6825435#post6825435  You will need:
   • HeroCSprintODEX_2276516A2SDFin.zip - the actual ROM files.
   • nework.fix_signed.zip - I found that I needed this patch to fix some additional sluggishness
   • phonedialer5odex_signed.zip - I needed this to back the dialer to version 5 to fix sluggishness of the latest version. I actually put this on my wife's phone that has the stock ROM and it works great.

   Other optional updates that I recommend:

   • framework_update_signed.zip - this is some eye candy that is simple but slick for the UI. Does not use theming so is safe with ODEX file versions.
   • ZenKernel-HTC-08122012.zip - http://forum.xda-developers.com/showthread.php?t=750170 - with SetCPU (from the market), allows you to overclock your kernel. But, most importantly, it fixes the lock screen lag that is soooo annoying. Optionally, use one of the 691 kernels (meaning 691 mhz) but reports are that there is still lock screen lag so I don't use them.
4. The ROM comes with the HTC_IME keyboard mod that you can enable. But it has v25. I recommend updating it to v27 which fixes some bugs. http://forum.xda-developers.com/showthread.php?t=624416  The HTC_IME keyboard is a modded HTC keyboard that adds some cool features and fixes nagging bugs and performs better than the stock HTC keyboard.  It adds voice input and smileys which are also kind of handy.  No Swype keyboard that I can find yet for the Hero...  Oh, get the lo-res version for the Hero since the screen is not high res.

When installing the ROM, I did not enable JIT as I have no compelling reason to do so that I'm aware of and it sounds like it may have some downsides that I don't want to incur.  I did enable app2sd though, which requires you to reformat your SD card so that you leave a partition for a linux ext filesystem for installing the apps to.  See http://forum.xda-developers.com/showpost.php?p=7021325&postcount=2 for apps2sd generic setup instructions.  Basically, if you have your SD card partitioned for it, it will be enabled.

To install the zipped ROM images, you do NOT need to unzip them.  Just copy them to your sdcard and you can install them from the recovery boot image as-is.  

Other ROM notes:

• Comes with Titanium backup for root users, which can back up _anything_ on your phone.  I have yet to try a full backup, ROM flash, then restore to see if it saves me from having to redo my apps and settings every time I reflash but plan to do that sometime shortly as I would like to try one of the unofficial Froyo 2.2 builds for my phone (i.e. this one http://forum.xda-developers.com/showthread.php?t=731659)
• OMADM force close.  I never had this problem, but watch for it and update if need be:  http://forum.xda-developers.com/showthread.php?p=7723243&highlight=adb#post7723243
• With a rooted phone, you can remove some apps that you may never use.  I did this before to avoid some apps that insisted on starting on boot that I never used like Sprint TV.  http://forum.xda-developers.com/showthread.php?p=7077498&highlight=adb+reboot#post7077498 for one way of removing them.

I'm sure that I am missing some subtle things that were not initially obvious to me (most instructions are fairly high-level and assume you know some basics about adb commands and other things).  If I missed any, I will fill them in.

Here is a good primer to get you started called "Take Control of your HTC CDMA Hero"  http://forum.xda-developers.com/showthread.php?t=717416

The Blue Angels were recently in town and I couldn't believe the kinds of Facebook rants or other kinds of rants I heard from people complaining about The Blue Angels.  I've heard it every year since I was a kid, but I have noticed some different camps.

Anti-millitary

There seem to be quite a few people who use The Blue Angels to channel their disdain for all things military.  I'm not the biggest fan of the war machine myself, but we do need the military.  And from my perspective, The Blue Angels represent some pretty cool -- even if the planes are old by today's standards -- technology that is really quite amazing to watch.  And the skill that the pilots have is really something to behold.  I don't see how it glorifies war or anything like that.  Although I could see how someone who was prone to think that way beforehand would look at them through the same mental filter.  

Anti-noise

These people complain about how noisy they are.  I feel sorry for them that they don't see how _cool_ those loud engines are.  I love the roar of the engines (sidebar:  having 4 take off in formation just yards above your head is pretty freaking sweet).  But my guess is that these people might complain about any kind of thing and The Blue Angels are just a convenient thing to complain about.  Seriously, the planes are in town for 3 days and only fly for an hour each day and may only be near you for a few minutes at a time.  It's not like they built a naval air station in your neighborhood that will be loud every day forever...  Come on people!

Paranoid / Risk-averse

This camp has the people who claim they think that the planes flying basically anywhere are too dangerous.  The "what if they crashed into someone's house" crowd, if you will.  In the past 20 years, there have only been 4 incidents so they are rare events.  But you're surely free to have your opinion and you can keep yourself safe by being nowhere near them if you want to try absolute safety.  But realize that you are probably going to die in a car crash while trying to escape the highly unlikely plane incident you fear most.  Humans are terrible judges of relative risk.  We just never evolved that as an innate ability yet it is something we need to make good, sound decisions in daily life.  So, save yourself but leave the rest of us to make our risk/reward decision and enjoy the spectacle!

I can't believe this hasn't been fixed yet.  I was not about to reset back to factory defaults and I had been meaning to root my phone anyhow so went this route.  It was difficult to find a solution that did NOT require resetting to factory defaults.  Enjoy.

Issue 3477 - android - HTC Hero - can't sign Gmail account if user skips signing when initially using the phone. - Project Hosting on Google Code

referring to my comment 37 above, and 16 ...
(1) First you need to root the phone. I had to Google how to do this, I found the solution (for 2.0, not 2.01) on some German site (yes, careless, I know).
(2) Then, you need a a terminal app (such as "Better Terminal Emulator"). With the terminal app you can navigate in the file system of the phone. However, you need root access (above) to be able to see the folder "/data/data/[and so on]". Without root access you cannot navigate to this folder. Then you need some Unix-fu to navigate to the correct folder, and remove the correct files. Look up the commands "ls", "cd", "rm", and "rmdir" (my Unix-fu was just sufficient, thank fate). Maybe a file manager app would to for step 2, I don't know. The process is likely slightly different for each phone (mine's a Milestone).

I think it is disingenuous of this article to have "Apple" in the title.  It was an AT&T server with a stupid application that used AJAX calls to obtain email addresses by ICC ID.  And since the ICC IDs are apparently sequential, the group was able to iterate through thousands of them to obtain the information.

Then AT&T decides to claim as well that the researchers who discovered the flaw did not contact them.  It sounds like AT&T is lying.

Apple's Worst Security Breach: 114,000 iPad Owners Exposed