Giving AT&T's recent announcements, I'm sure you've heard a bit about how they're changing the data plans to a metered method rather than "Unlimited". There's been a significant amount of backlash regarding the plan and that the loss of the "unlimited" plans will stifle future usage. Guess what - there's never been a truly "unlimited" plan - it's all basically a marketing trick. The providers decide what is a typical usage for their service, calculate some added amount on top of the actual cost (you know - profit - what businesses exist to do) and then deal with the people that go way above that.

A little background...

I worked for an ISP in 1999 / 2000 - not a large one by far, but we had 55k users, almost entirely dial-up and a few ISDN (ugh, I just threw up a little typing that) customers. On the dial-up side, we offered two plans - one with limited access (for some amount I don't remember - which no one used) and an "unlimited" plan for $21.95 monthly. "Unlimited" in those days translated to something like 1GB/month. Anything beyond that, and we would either throttle their connection, or just cut them off for the rest of the month. There were probably about 100 people that ever hit those limits (Napster...) but when they were running strong, it negatively affected the situation for our other users.

And here's the thing - if you take the literal definition of "unlimited", you can immediately tell it can't be true. Inherently, the limit, the absolute theoretical max of a full on 56k connection is about 18GB/monthly. There is a limit - but most people (not to mention equipment) wouldn't even come close to it (our average user then was maybe 100MB/mo) so it seems unlimited. It's a marketing term. It's there for convenience. It's so that 99% of the time, you overpay. It's not reality. It can't be. Get over it...

Now compare this to any other usage based system - ie, all the other utilities. You pay for what you use (more about this in a later post) at an agreed to rate (per gallon, per kilowatt hour, per ton of garbage, etc.) There are of course leases that include utilities so it may seem "unlimited." It's not - it's built into the price of your rent and if you go over expectations you can be guaranteed that there's an adjustment clause in your lease. And chances are, you're actually paying for more than you actually use. Does "unlimited" still sound like a great idea?

More about this later on...

My Australian Shepherd vs the snow...

Got this in the mail the other day, but haven't had much time to play with it yet. The software isn't the friendliest in the world but it works. And yes, it works in VMWare Fusion on a Mac. More to come. This is the 915MHz US Version, not sure the worldwide ones are shipping yet.

Gotta love the warning message...

This is the EZ430 Emulator

This is the RF Access Point

To program the watch, it needs to be taken out of the casing. This actually has some modding possibilities instead - putting this on the dog's collar could be fun.

Getting the battery out kind of stinks - had to use a paperclip as the included screwdriver didn't do the job.

This is the watch component connected to the EZ430 Emulator for programming. There's a couple of small SMT components that seem to get in the way when you connect the programming headers, but with a little fiddling it connects.

That's all for now - I'll put up some more on programming the watch, interfacing with it, and so on as I get some time to use it. Looks pretty cool especially for $25 US (Doubt it still works, but MCU2009-06 is the coupon code to try.

My background includes years of network and computer security and today I received a message from some family members asking me to verify a website / offer / etc.

First, let me say this is EXACTLY what you should do if you're not sure about a message. Don't open websites linked in it, don't send passwords, etc. Phishers are basically trying to get your information / identity / etc by tricking you into providing it.

To get into the details a little, there was an ad on Craigslist for a beta test of Verizon's new 4G network, and better yet it included the iPhone! As is typical, it used official sounding language ("The FCC requires us to run this beta test..."), language explaining the details ("It's a different credit check site because of tax purposes!", what?!?), and so forth. I'd show you the site, but considering I don't want these weasels getting any more attention, let's talk about some common things that happen in Phishing situations:

• Message / site looks sort of official
• Make outrageous promises or claims (ie, "Your account is suspended!", "Act now, time is limited!", "We'll run a credit check and let you know if you get in!", etc)
• Require more information up front than makes sense ("Fill out this credit check and we'll let you know if you qualify")

There's obviously a lot more that can happen but let's go over how to recognize / avoid these messages:

• Check the email address - The email will look official on first glance but usually doesn't make sense when you think about it. A real company will have their own domain name (ie, google.com, verizon.com, apple.com, etc) but Phishers will use emails that don't look quite right. For example, john.verizon@gmail.com - The guy is trying to make it look official but has no real access to the domain so they fake it.
• Even if the email looks legitimate, don't trust it. It's easy to spoof these and can even reference real people / email addresses.
• The domain name - Again, anything legitimate will use a real domain name. You want to see the company / domain name as the last part before the .com / .net / etc. For example, www.apple.com is real. www.apple.hosting.com is not. If you're not sure, try going directly to the real site (apple.com, verizon.com, etc) and look for the details you're after. If you're not sure, ask.
• Hiding the domain name - sort of. With HTML you can have a link say one thing but go somewhere else. For example http://www.apple.com may look like it would link to apple.com, but is infact linking to www.apple.hosting.com. The best way to see this is to move your mouse over the link, but don't click it. The status bar (at the bottom of the browser window) will show you the real address.
• Credit checks / etc - First, always look for a secure site (https:// in the browser bar) - if it's not there, absolutely game over. If it is, you want to make sure that no popup messages came through (ie, "Can't verify site identity, etc") and that all the above is true.

Unfortunately these aren't the only thing you need to watch for (we've not discussed XSS attacks nor browser based hacks / attacks) but these are all pretty easy things to check for and verify.

I've got a bit of an electronics hobby and my favorite place to buy cool things is SparkFun.com. Now, they've given me yet another reason to love them:

They're giving away up to $100 in free stuff (you pay shipping) on Jan 7, 2010.

More details are available at http://www.sparkfun.com/commerce/news.php?id=305 but this works out to a $100 discount running for a few hours or up to a maximum dollar value. I'll certainly be trying to get some gadgetry but even if I miss out this just proves how awesome of a company they are.

I've been spending a fair amount of time thinking about NUI or Natural User Interfaces. I've been an iPhone owner for almost 2 1/2 years, just picked up a Magic Mouse (though what I really want is a trackpad attached to my keyboard), etc. I'm getting really close to the point of building my own multi-touch table (thanks to the awesome guides at http://www.nuigroup.com) and am still excited about doing so. That said - take a look at this this:

http://www.ted.com/talks/pranav_mistry_the_thrilling_potential_of_sixthsense_technology.html

Not sure how I feel overall about a projector constantly illuminating the world around me, but it's a ridiculously cool concept. Now I just need one of these to look at resistor color codes and tell me what it is...

I've spent way too many years in networking / network security for this to be *that* surprising, but it appears the TCP 3-way handshake isn't the only way to set up a connection.

Take a look @ This Article for some interesting detail and a lot of comments on the subject.

After spending too much time pulling my hair out trying to compile OpenCV 2.0 on Snow Leopard, I thought I'd share what finally worked for me (well, mostly.)

NOTE: I'm just learning about OpenCV as a whole so these instructions may not work for your needs.

1. Pull the latest OpenCV from svn (build 2275 was version used at the time):
   • svn co http://opencvlibrary.svn.sourceforge.net/svnroot/opencvlibrary/trunk opencv
   • cd opencv/opencv
2. Create & move to the build directory
   • mkdir build
   • cd build
3. Base configuration - run 'cmake ..'
4. Specific Configuration - run 'ccmake .'
5. Press 't' to toggle advanced mode on
6. Change CMAKE_CXX_COMPILER to '/usr/bin/g++-4.0'
7. Change CMAKE_C_COMPILER to '/usr/bin/gcc-4.0'

   Make sure to disable FFMPEG support (note, this may cause issues for some people, but this was the only way I could make this work.) You may also want to build the examples and look at some other options.

8. Press 'c' to run the configure, then 'g' to generate the configuration. You may receive a message about needing to redo the ccmake as the CMAKE*COMPILER lines were changed. This is ok, just make sure the FFMPEG support is disabled.
9. Run 'make -j8'

   Once finished, this should give you working binaries in the /bin folder. You may want to test these before installing. NOTE: I have not yet gotten a full 'make test' to return all results passed.

10. If desired, install the code with 'sudo make install'

Of course, once I got this working I haven't had much time to play with it. But the facedetection program and several of the other examples work as expected on my MBP. One other note, if by chance you use my EyePatch program, make sure the camera is actually enabled or things won't work.

Added a quick update to EyePatch (http://github.com/mike/eyepatch) with Snow Leopard support.

I've got a VPS over on slicehost that I've been wanting to try Phusion Passenger (aka mod_rails) on - considering they've released a version with an nginx module I figured that'd be the best shot. Worked perfectly as described on my OS X system, but on my Ubuntu Intrepid slice, I kept getting the following error:

c: In function 'pre_config_init': /usr/lib/ruby/gems/1.8/gems/passenger-2.2.0/ext/nginx/ngx_http_passenger_module.c:527: error: ignoring return value of 'system', declared with attribute warn_unused_result make[1]: *** [objs/addon/nginx/ngx_http_passenger_module.o] Error 1

(among some others). The strange part was nginx would compile fine from the sources so it had to be the passenger module. A little digging showed the CFLAGS option for -Werror was set, which typically will treat a warning as a failure. Considering this worked fine on the Mac, I'm guessing some aspect of Ubuntu was a bit pickier. Removing the -Werror in the CFLAGS worked as expected, but forced me to lose the slick automation that is setup in the package. The following is a little convoluted, but should do the job - please note, this assumes you already have gem installed and ready, along with all the necessary build tools.

1. Login to your slice
2. Run "sudo gem install passenger"
3. Once finished, run "sudo passenger-install-nginx-module"
4. When given the option, select the defaults - ideally, this will work perfectly for you the first time
5. If it doesn't and you get an error similar to the above, rerun the "sudo passenger-install-nginx-module" command
6. This time, when prompted select #2 for advanced users
7. Point to the directory /tmp/nginx-0.6.36 for the nginx source
8. Point to /opt/nginx or whichever directory you like for the installation location
9. When given the option for additional configurations, enter the following (no quotes) "--with-cc-opt=-Wno-error"
10. Allow the installation to compile and answer any remaining configuration options

At this point, the compilation should complete and install to the desired location. You can also simply run the compilation manually if you'd like other nginx modules to be enabled / etc. I haven't done much with this yet so there may be some errors left, but hopefully this will be of help to someone.