Guru Plug Server Plus, 512MB memory, 512MB flash storage, two Gigabit ethernet ports… I could run caching DNS, MediaWiki, Router/Firewall and openVPN services on this little guy and only burn 5W of power…

Amazing.

The old MicroServer GP has only 256MB of memory, a 20GB microdrive, and one fast ethernet port… I am running openSuSE on it now.

There are more details and ongoing discussion at:
plugcomputer.org

Classic AppleTV (160GB)

The new AppleTV also looks pretty cool, and at $99 it will likely be a market success, but it does not do 1080p; and I have concerns about it picking up all the internet media that I want.

The real media center is probably a Mac Mini, but it’s a lot more expensive.

Old AppleTV: 720p, 160GB drive, Mac OS X 10.4 with some bits stripped out $149
New AppleTV: 720p, no drive, iOS under the hood $99
Mac Mini: 1080p, bigger drive, full Mac OS X 10.6 upgradable, can work as a DVR with EyeTV $699

Let’s be comprehensive, and compare:
AppleTV (new $99) stream Netflix, iTunes, Flickr, YouTube, Internet Radio, MobileMe, etc
AppleTV (old $149) stream iTunes, Flickr, YouTube, Internet Radio, MobileMe, hack to play Boxee, XBMC, etc
Roku ($59, $69, or $99) stream Netflix, Amazon, Pandora…
Boxee Box (coming in November), plays Boxee content
GoogleTV software coming soon, on which media boxes?
Popcorn Hour ($179 – $361), plays many media formats, can even add a DVD or Blu-Ray drive
Sony Netbox ($130) streams Sony Bravia services (encapsulated Netflix, YouTube, etc)

Update:
Apparently all Profile 2.0 (aka BD-Live) Blu-ray players have an internet connection for upgrading firmware and streaming live audio and video from internet sources. Our new Panasonic DMP-BD85 streams Netflix, Amazon, Youtube, and Pandora… This essentially means that the streaming-only devices we are comparing above are redundant if you already have or plan to get a Profile 2.0 or newer Blu-ray player.

Classic (40GB and 160GB) Apple TV features:
stream youtube
stream internet radio (hundreds of stations)
stream audio, photos, video from iTunes computer on your own LAN
stream photos from MobileMe, Flickr – or sync them from iTunes on a local computer
stream podcasts from internet – or sync them from iTunes on a local computer
stream and sample music from iTunes Music store – or sync music from iTunes on a local computer
rent or buy Movies and TV shows and Music from the iTunes Music store (though that’s pricey)
preview all the trailers you want

With a patchstick hack – Classic Apple TV can also:
run XBMC to view local to disk, or NAS, or LAN movies/music in nearly any format
run Boxee to stream TV shows, podcasts from the internet – or play local media
run CouchSurfer to view internet websites and Flash content (requires extra hacking)

Frequently the router will lock up on pages other than Amazon’s home page; usually while doing DNS queries to get some of the many sub-domains Amazon uses… Occasionally the whole router will crash and I have to reset it to get it working again.

I am running hardware version 3.1 and firmware 2.51.0 (though I swear I applied 2.51.4 update successfully in the past, it’s reporting 2.51.0). While re-applying firmware update this morning the trusty old Linksys died and would not recover.

A mad scramble to get internet again led me to buy a D-Link EBR-2310 from a local Office Depot (how cool that Office Depot carries the entire D-Link line!)… which will give me time to recover the Linksys I hope, and time to research running a linux server with two network ports as a router and firewall.

http://homecommunity.cisco.com/t5/Wired-Routers/BEFSR81-crashes-when-accessing-amazon-com/td-p/333269/page/5 the second to last post on this topic is very informative, and it looks like a DNS specific bug…

I love D-Link’s new line of gear, especially their “EtherGreen” low power high speed gigabit ethernet switches… so I suspect this router from D-Link will be fine, but it only has a four port hub on the LAN side. The Linksys BEFSR81 had an amazing 8 port switch on the LAN side… excellent and still cheap.

This extreme price gouging was all very publicly exposed 8-10 years ago in news papers and on the news. I assumed market pressures and exposure would bring the prices into a reasonable markup, but I was wrong. We paid perhaps 24% more for the Blu-ray player and perhaps 14% more for the TV that we could have scored on the internet to both save on shipping and support the brick and mortar store. The receiver was a bargain because it was an “open box” item missing it’s manuals, pink noise sensing microphone, and it had a substitute remote as it’s original was missing… We got the speakers for less than internet pricing because we were buying so much stuff all together. Am I wrong to be all rant enabled over the cable and incidentals pricing practices? I know they have to make a living, so a reasonable markup on every item is perfectly understandable.

Best Buy:

• LG 55LD520 (deliberately chose older model for composite and S-video input and analog tuner)
• Denon AVR-1610 receiver (deliberately chose older model for composite and S-video input and TOSLINK/Coax inputs)
• Definitive ProMonitor 1000 pair of front speakers
• Definitive ProMonitor 800 pair of surround speakers
• Definitive ProCenter 1000 center channel speaker
• Polk Audio PSW110 subwoofer
• Panasonic DMP-BD85 Blu-ray player (chosen for being cheap, fast, and having good reviews)

Monoprice:

• 1.5′ HDMI cables at $1.83 each (source to receiver)
• 6′ HDMI cables at $2.91 each (receiver to television)
• 6′ TOSLINK cables at $4.41 each (television to receiver for broadcast sound)
• 3′ S-video cables at $1.25 each (LaserVision to receiver)
• 3′ coaxial cable with RCA ends at $.79 (LaserVision to receiver)
• 12′ coaxial cable with RCA ends at $1.87 (sub-woofer from receiver)
• 150′ of 14AWG speaker wire $$17.34 + $9.19 (speakers from receiver)
• RCA male to F female connectors $.83 each (connect sub-woofer through in-wall coaxial cable)

Already have:

• Pioneer LaserVision player (S-video and coaxial digital audio)
• Sony Playstation (composite video and RCA Stereo)
• Nintendo 64 (composite video and RCA Stereo)

An interesting find, if you are looking for home entertainment options, is that the most modern A/V Receivers and large screen televisions are dropping composite and S-video connectors and reducing the number of optical and coaxial digital audio inputs. The largest televisions are also dropping the analog (NTSC) tuners. For many people this will not be a problem, as modern Blu-ray and up-scaling DVD players all support HDMI (and new TVs and receivers have plenty of HDMI connectors). We have (and I suspect we are not alone) a lot of older gear that still needs to connect though, and it was hard to find gear that connects via S-Video and old fashioned composite video. I am not sure what newer XBox, Playstation, and Wii games connect with – I suspect it has all gone to HDMI give the dearth of older connections on newer model TVs and receivers. We also wanted an analog tuner because we use a ChannelMaster system to rebroadcast security camera feeds and our DISH satellite receiver throughout the house, having the analog tuner means the newer TV can pick that up too.

Update: I was able to mail order replacements for the missing remote control and pink noise microphone for $65 from NewRemoteControl.com, and I found a free PDF of the manual online.

One of my friends aptly calls the whole fiasco horseshit… and he’s correct… but I think it is manufactured horseshit.

I don’t think people are really all that offended by any new house of worship, or religiously sponsored community centers… I think this is a very carefully targeted and manufactured wedge issue meant to simultaneously depress mainstream American voters so they have lower voter turnout numbers this November 2nd while exciting the lunatic fringe haters so they are encouraged to vote because they are angry about something.

If everyone votes, it completely diffuses this sort of insanity.

Just like many other manufactured distractions, the facts don’t support the claims and assertions of the talking heads.

It’s not a mosque. It’s not that close to the former world trade center. Sufis (the sponsors for this community center) are generally not terrorists. Americans largely don’t really care in any case. Most of the blowhards talking loudest about this have the least facts (which is typical also for these manufactured wedge issues). Move on America… and remember to vote in November, when you don’t vote you let the most politically motivated on all sides have their say unchallenged. Be the voice of moderation and speak your mind.

Update: turns out I am not the only one who finds all this hoopla suspect, a friend pointed this out: Salon article “How the “ground zero mosque” fear mongering began”

Update 2: on a more humorous note: Outrage Over Plans To Build Library Next To Sarah Palin

Apple has released iOS 4.0.2 update for iPhone and 3.2.2 for iPad.

These updates fix the gaping security hole identified by the JailBreakMe tools, which may frustrate people who want to “Jailbreak” their phones, but the security patch is crucial; the odds are very good that someone more malicious would abuse the same holes soon (if they have not already).

Recommend upgrade as soon as possible, and refrain from using mobile Safari until the upgrade is accomplished.iOS 4.0.2 Update, strongly recommended

Virginia State Board of Elections information for Prince William County

It is time to start researching your choices folks.

If that application has location services enabled, or periodically reloads it’s data from the internet, or trickles in new advertising because it’s a free ad-supported application – you will continue consuming battery power and network usage.

If your screen is locked, your WiFi connection becomes unavailable, which means that the increased network usage is carried by the 3G network and consumes your data plan even though you are powering up next to your WiFi base station.

The temporary fix is to take the time to learn how iPhone multi-tasking works and shut down any unneeded applications that are running:

• double tap the home button to bring up the task bar
• press and hold any application that is running but you no longer want to be running
• then press the minus sign on that application to actually stop it from running
• target any streaming, location aware, and advertising supported applications first

Frankly, I am annoyed with Apple & AT&T that WiFi is shutdown when the iPhone screen locks. That needs to be fixed, but at least we can reduce consumption by closing down noisy apps and additional Safari web pages (we should block Safari anyway until the serious remote exploit security hole is fixed). I am also annoyed with Apple for not making it very clear that behavior had dramatically changed from older iPhones to newer ones. I had no idea I was still running all those applications (and am a little amazed that I had over 60 running simultaneously with no noticeable lag).

Links:
MacWorld Article on MultiTasking

Apple Sales Pitch (I wish this came with a warning about additional resources being used)

Original post and attempted solutions below the fold…

I got an SMS text alert from AT&T today warning me that I was getting close to my data plan’s limits!?

I deliberately converted to the cheaper 200MB/month plan when I got the new iPhone because I’d only used ~175MB in the entire 18 months I owned my iPhone 3G, which gave me an order of magnitude of cushion.

Suddenly I have used 1.3GB in only three weeks!? Needless to say I found this alarming, and we started looking at the detailed bills from AT&T more closely. Turns out my iPhone and my wife’s are reporting many megabytes of data every night while we sleep.

On the surface that is wrong, wrong, wrong.

First off, we are asleep. Our phones should not be incurring expenses without our permission.
Secondly, at home, where we sleep and our iPhones are idle – we have wifi; so data should be using our home network and not the 3G plan.

We have a mystery; what is using up so much data plan over 3G every night even though we have wifi available?

A google search turned up this Apple Support Forum thread, we are not alone:
http://discussions.apple.com/thread.jspa?threadID=2450738&start=0&tstart=0

If you have an iPhone, you are probably experiencing this too; check your detailed billing plan to find out.

If you are not experiencing unexplained late night data usage, please post the list of iPhone applications you have installed!!! Please. I am concerned that there is a trojan horse in amongst the many applications I use, all of which come through the iTunes Music Store, that transmits data late at night. I’d like to get points of difference for comparison, and to eliminate apps that are not doing this.

One common suggestion from that thread is that possibly Safari is waking up in the background of the new iOS 4 operating system and re-loading websites in Pages/Tabs that you have left open… They suggest closing all pages, then going to a new page (aka: “untitled”) before you exit Safari so this cannot happen. Just a theory, and an ugly one, but worth checking out.

Update: Many have pointed out that the reporting on AT&T service plans is not exactly a good indicator of when data plan is getting used, and I can accept that; but my usage still should not have jumped from ~10MB/month to 1.3GB in 3 weeks! That is what I am trying to find out about. The change is about when I switched from iPhone 3G with 3.1.3 OS to iPhone 4 with iOS 4. Many applications got upgraded around the same time (to work correctly with the new OS). Multi-tasking was added.

Update 2: one possible explanation is multi-tasking Safari… I was in the habit of exiting Safari with several pages open. That made resuming mobile web surfing easy and fast. One theory is that multi-tasking allows mobile Safari to wake up and reload those pages periodically; even when I am not on wifi… testing that by closing all safari pages before exit now…

If you want this website to link to your own site, send me an email or comment indicating so and I’ll review the request, but I won’t respond.

I am pretty sure that 99% of the link requests I get are spammers, but just in case… I wanted to cover it.

This is my personal site and I will only link to other sites if I really feel it’s necessary or pertinent…. otherwise… too bad.

Cross-site scripting hacks are potentially dangerous because they take advantage of your being still logged into a site (like Facebook, or your GMail account, or your bank) when you have closed or back-grounded that window and are visiting another site where the mal-ware lives… and the mal-ware knows how to manipulate the account you are still logged in on to do things you did not agree to.

Most commonly this is relatively harmless spam creation (the malicious javascript at MyLike.com checks to see if you are still logged into Facebook, and if you are it posts to Facebook as if you were doing it yourself, a bunch of “Likes” that you never really know about unless your friends comment about it), but it can also be used to pull information you did not with to share from your other accounts and even move money from your online banking account if you are still logged into it.

It is very important that you log out of sites when you are done with whatever transaction.

It is also important that you do not blindly trust all Javascripts and Flash executions that are coming in from random websites…. for this problem will be endemic as long as people allow javascript and flash execution by default on their web browsers.

HTML5 has great promise in eliminating the need for so much Javascript and Flash; but it is taking a while to catch on because web site designers are busy or simply too lazy.

For the interim, it is absolutely necessary to get a Javascript white-listing extension for your web browser; one that blocks all javascripts except those you specifically want to trust and run. It is also recommended you treat Flash content the same way and only allow Flash that you specifically trust; not as many Flash exploits have been discovered, yet… but they will show up as soon as everyone has blocked their Javascript security holes.

Sadly, there are not Javascript white-listing extensions available for all browsers, yet….

The one I know of is NoScript for Firefox, and it works much like Zone-Alarm (firewall) used to work for Windows (white listing applications that tried to get internet access, or black-listing them).

I’d love to know of other Javascript white listing extensions for other browsers.
So far, Safari has none. Firefox and all the Mozilla browsers can use NoScript. I have never tried Chrome, so I don’t know yet.

Running any white-lister requires a little patience, because using it properly means the default is to trust no one, and only allow those domains you know you both need and trust. That means that most websites will NOT work when you first install your white listing agent… and you’ll have to accept that the site is broken, or trust it’s javascripts explicitly… it requires a lot of patience at first and awareness.

It is, however, the only way to stop these crappy click-jacking cross-site script hacks.