grack.com

Slashdot is mentioning a new exploit that affects SP2 only.  It’s basically another “remote command execution” letting anyone run anything on your system.  No mention of it on blogs.msdn.com or Scoble’s weblog.

The sad thing is that those using XP SP1 aren’t affected.  It’s only those who are up-to-date with their patches.

One year ago I was showing people Firefox to see how nice the browsing experience was.  Six months ago I started pointing out how IE was fundamentally flawed and how Firefox is more secure overall, but let people make the final choice to switch on their own.  Now, I think I’ll be actively recommending that people still using IE switch over.  Might be time to discuss installing a user-agent filtering transparent web proxy at the office too.

Read full post

Just to prove to myself that I’m still working on this cabinet, I started staining the sides with a black stain that I bought a few weeks ago at Rona.  This stuff should not be used in a poorly ventilated basement.

It’s looking good after the first coat, but it will surely need a lot more to get it the depth of black that I’m looking for.  I’ll probably end up having to put a really shiny topcoat on it to give it gloss I’m looking for.

I also discovered that I know absolutely nothing about sanding stuff properly.  Mental note: I need to research what the best grit of sandpaper is to use for the OSG plywood the cabinet sides are used for and what I should be using to prep the stain for a second coat.

Read full post

After a month of playing around with the Primus service, it’s finally starting to settle into a stable and reliable home-phone system.  My major problems in the first few weeks were (in no particular order):

  • (solved) Calls couldn’t be made after leaving the router up for a few hours.  All calls would result in a busy signal until the router was rebooted.  The problem with this was likely that the RTP connections were established by the first phone call and left up behind the firewall.  This problem was solved with a new WRT54GS router (see below).
  • (solved) Making calls while Bittorrent or other P2P apps were running would result in crackling on the other side of the phone call.  This was fixed by properly setting up QoS on the WRT54GS.
  • (solved) Phone calls were plagued every ten seconds or so by load popping noise on our side.  This happened whether it was plugged directly into the cable modem or behind a router.  From what I glean from Primus’ tech support and forums was that it was a bad interaction between their service and Shaw’s routers.  It seems to be working fine now.

All in all, the service is pretty good now.  I finished off my QoS tweaks this morning to get rid of any problems while we’re on the phone.  So far there don’t seem to be any excessive delay, crackling or echoing problems.

The biggest solution to the problem was changing out my old Linksys BEFSR81 router for a brand new WRT54GS.  I also took a leap and tried installing the upgraded Sveasoft firmware on it so I could take advantage of SSH and other utilities.

The BEFSR81 had a problem in gateway mode where it would drop stagnant connections from behind the gateway after a while.  This seems to be fixed in the WRT54GS (both stock and Sveasoft firmware versions).  In fact, I didn’t have to forward any ports whatsoever to get it working.  Very cool!

The other problem with the BEFSR81 was that it supported QoS, but not very well.  No matter what settings I tried, it wouldn’t give enough priority to the VoIP packets to survive while Bittorrent was running.  I had to set the upload/download maximums on the QoS page of the WRT54GS before I could get this to work reliably.  From what I’ve heard, a cable modem may queue up outgoing packets if you’re close to your maximum outbound rate.  This is pretty terrible for VoIP since packets need to reach the other side 100-150ms later to get a good quality call.

In the last couple of weeks, Primus has also been supporting the VMWI light on my Nortel Vista 350 properly.  The light comes on when we have voicemail and turns off once you’ve listened to it.  They seem to have preliminary support for emailing voicemail messages as .wav files, but it doesn’t seem to be working reliably.  It’s pretty nice to have an attachment in your mailbox to listen to whereever you are.  Saves having to remember the external voicemail access numbers as well.

I highly recommend picking up a WRT54GS or two and making these things part of your network.  It’s such a powerful little wireless router/gateway that it would be worth it at twice the cost.

Read full post

I signed up for Primus Canada’s Talk Broadband service last week.  Out of all the Canadian VoIP offerings, Primus was the only service I felt was up to the task of replacing our home phone entirely.

Talk Broadband is an MGCP-based offering.  This means that all your communication with the outside world goes through a central clearing house.  Contrast this with SIP, which is capable of working without a central server.

From the time that I ordered the service to the time they fully configured the service was about ten days.  They sent the VoIP gateway, a D-Link DVG-1120M, within about five days of ordering, but the service wasn’t provisioned for another five days.  Note that they don’t tell you your service isn’t hooked up - you’ll discover that by calling their technical support line.  If given a choice, I think I’d rather wait ten days and get phone service that’s ready to go.

The default configuration for the VoIP gateway is to place it between your current home NAT box and your Internet connection (basically using the VoIP gateway as the real firewall).  I’ve read reports that the QoS implementation in the gateway is pretty terrible - you won’t have much bandwidth available for surfing while making calls.  I decided to place the gateway behind my current Linksys router, a BEFSR81 w/QoS.

D-Link’s VoIP gateway can power your entire home phone system, but Primus considers this to be an unsupported feature.  All you need to do is plug the phone port on the phone into an existing wall jack.  It worked fine for us, but I had to disconnect the dead line providing service from the pole before it functioned correctly.  With the dead line connected, the phone would never be released after hanging up.  We have four phones on the home phone circuit, connected to the VoIP gateway, and no issues so far.

Thankfully, with a bit of configuration you can successfully run your VoIP gateway behind a NAT device behind a gateway.  Primus Canada’s FAQ mentions that you’ll need to forward ports 2427 (TCP/UDP for MGCP) and 16384-32767 (UDP only, for RTP) to your VoIP device.  No matter what I tried, I couldn’t get it working with this configuration.  Each number I dialed would result in a busy signal.  When I configured the Linksys box to place the gateway in its DMZ, everything seemed to work properly.  I’ll have to do some more research/packet sniffing to determine which ports the phone needs to receive.

The Linksys router I have has a good port-based QoS feature.  I connected the VoIP gateway to port “4” on the router and configured the QoS to give highest priority to any traffic on this port.  I made a phone call and started a high-speed FTP transfer from a remote site without any dropped VoIP packets or slowness on the FTP transfer.  Not too bad.

The real “cool factor” in the Primus service is their new residential “My Talk Broadband” online console.  From this console, you can see a history of all incoming/outgoing calls, play/delete/forward any of your voice mail and change options for their call-screening service.  I’d like to replace our answering machine with their voice mail service, but I’ll need to figure out a way to disable annoucement of the current time and caller’s number from the start of each message.  You can even configure it to send you email each time someone leaves a voice message.

From their web console, you can manage a directory of numbers that can be auto-dialed for you.  It’s a little bit strange - you pick up your home phone, click a URL on their site and it will connect you to the number directly.  I can see this being somewhat useful as a quick family phone directory.  I might see if I can set up an LDAP directory locally and tie it into this service.

More on this service as I discover what it can do.

UPDATE: See my Primus Updates + WRT54GS entry for more details on recent problems and solutions.

Read full post

This is one of the best Kevin Smith movies so far.  I wasn’t really a fan of Dogma or Jay and Silent Bob Strike Back, but I’ve been watching Clerks over and over since it first came out in the mid-90’s.  Chasing Amy was also one of my favorites from the View Askew series, but I’ve already strayed from the original topic too much not to end this post right ….  now.

Read full post