Friday, February 10, 2017

SSH Tunneling on AWS that really works

I needed to tunnel MySQL traffic through an EC2 instance. Pretty straightforward right? No. Page after page on google and stackoverflow will show you something like this:

ssh -N -L 3306:<Target Host>:3306

One key point it that is the login for the tunnel, not the target host. And even with the right login, it will not work on EC2. Here's what you need:

ssh -N -i .ssh/dev.pem -L<My SQL Host>:3306 ubuntu@

The magic sauce is the at the beginning which allows listening on ALL interfaces. The "-i .ssh/dev.pem" part is to use an ssh key for the login, which is required on AWS EC2 instances. You can add a -f flag to have this run in the background.

Use this to check if the tunnel is running:

lsof -i -n | egrep '\<ssh\>'

Thursday, October 8, 2015

Ergo Human Elite 3 weeks review

I've been using a Steelcase Leap at home for about 10 years. It's a great chair, but mine doesn't have head support and due to poor posture on my part, I've been getting some neck pain. So, I started researching alternatives and tried a number at the office furniture stores. I've read good things about the Ergo Human v1 and found it in the store. I'm not a big fan of mesh chairs. I tried the leather one and didn't like it, the head cushion in particular is too forward compared to the mesh one. I ended up preferring the mesh one. Looking online, I found that they had a v2 with 5 fixed recline positions and slightly smaller. This one is a little hard to find and quite a bit more expensive than the v1. While looking for the v2, I found the Elite. It's a cross between the v1 and the v2. It has 4 fixed recline positions, the same sizing as the v2 but a different mesh pattern. It's available only in black and mesh. The controls are more like the v1 than the v2.

I ordered it from the manufacturer, who's in Austin. I was hoping to get it quickly, being in Dallas, but it took a little more than a week to receive it. And it was shipped from California. The packaging though adequate was not impressive and nowhere as well-designed as the chair. Installation wasn't too bad, took about 45 minutes by hand and using the included allen key.

The chair bottom is a little stiff, my behind is sore at the end of an 8 hour day even with hourly breaks. The lumbar support though "adjustable" goes only up and down but not high enough, and I'm only 5'9". Depth adjustment and more height would have been very useful. I've ended up adding a small inflatable cushion to give me the lumbar support I need. This is a real pity, it makes a very nice looking chair tacky.

The head support was one of the main reasons I got this chair. The good: it reminds me to keep my head against it and not slouch or lean forward like I tend to. But, it's adjustability is also very limited, it moves up and down and tilts up and down, but really needs depth adjustment.

The hand supports are very adjustable in all directions and quite good, but not as good as the Steelcase leap. They are also a little looser than I'd like and they move with the slightest touch.

The recline tension adjustment wheel has a pull out lever which seems good in theory, but when you spin it it tends to bend inward making it somewhat cumbersome.

In conclusion, the chair is a mixed bag, but I'll probably keep it, as I can't find anything better.

Tuesday, September 29, 2015

AMH A409U 40" 4K Monitor Quick Review

I found the AMH A399U while looking for a new monitor. The initial order didn't go through due to some complications and I came to know about it after a week. I was upset to be without a monitor for yet another week, but a quick search on ebay for a 40" 4k monitor showed me the A409U. Turned out this was a newer and better, at least on paper, version of the 399U. It didn't have the shiny screen problem of the 399U (although there are matte versions available).

I've used it for about a week. It came with a US power adapter so no hustling to get an adapter. This was my first monitor that required assembly - minor pain as I was doing it by myself, but not too bad.

Here is my quick review.

- Looks gorgeous - excellent contrast and color!
- Minimum brightness is very good, this is often a problem with some device, I don't like death ray brightness
- Tiny Bezel
- Blacks are black!
- No light bleed that I can see, I didn't go looking for it, but I'm sensitive to it and it bugs me to no end, since I prefer to keep my editors with a black background

- Starts in Korean and is hard to change to English without fiddling around - it really should start with a language menu
- Buttons are in the back and really requires a remote for adjustment, the remote is kludgy and not particularly well designed (minor issue)
- The speakers emit 2 loud clicks on starting (at least with DisplayPort)
- The sub-pixel layout is BGR and requires some tweaking to get the display looking good, and still looks a little odd with small fonts as compared to my 30" monitors.
- There is uneven lighting if you have a plain solid color - this is hard to see in normal usage though
- Still a little shinier than I'd like - it's not as matte as I'd like, but it's not shiny and mirror-like either.

Although, there are many cons, they are minor, and I'd definitely recommend the monitor. The price to performance ratio is obscene.

Friday, January 30, 2015

How a Minimum Viable Product can hurt you

The idea of the Minimum Viable Product has become very popular recently mostly due the "Lean Startup" book. Obviously a great idea, but you have to tread very carefully.

I'd bought a Truly Ergonomic keyboard a while back. A "revolution in typing" is their claim. I wasn't really expecting a revolution. I like gadgets and keyboards in particular. I was prepared for the learning curve.

I connected the keyboard and started typing - the backspace key positioning was irksome, but quickly fixed with the remapper. I happily spent a little time remapping away.The remapper seems to be an MVP by itself considering how cumbersome it is, but more on that later.

When I started to really type, the "V" key wouldn't work - I thought that maybe there's a problem with the switch, I just tapped on it a few times and a little harder. It works sporadically. I then noticed a similar problem with the "F" key. Also, many times the keys would appear multiple times. Looks like a common debounce problem, which is tweakable by the remapper. I played around with various debounce values and none of them would make this keyboard usable. A little googling indicated that this problem is extremely common with this keyboard and the company support is virtually non-existent.

Obviously this is a small company with an idea to revolutionize keyboards (their words). They've invested time, money and effort in to designing and engineering. And following (incorrectly) the MVP approach they launched the keyboard despite very obvious flaws. The keyboard is downright unusable. If your product is unusable it is not a viable product, minimum or otherwise. Not only that, it ticks off your customers and users, who will bad mouth it and probably never come back. And when it comes to niche products like this, it's even scarier because there aren't that many customers to begin with and the community is well connected.

The remapper tool involves going to their website to do the actual remapping, then downloading a file and installing it using the firmware upgrade tool. This tool fails 2 out of 3 times, but shows a failure message on the 3rd time even if it succeeded. The remapper tool might qualify as an MVP as it serves it's purpose, though it's ugly and crude. What's funny is, that Truly hasn't updated this tool in a long time. There's no native tool which works seamlessly. They have not gone beyond an MVP for the remapper utility.

They've released an updated keyboard, but I'm not going to try it. I've lost faith in the company. They could have mitigated the problem with outstanding customer service, but they chose not to.

A Minimum Viable Product needs to work - it can have some bugs as long as it serves it's primary purpose and is usable. It can lack features, which can be added later based on user demand and feedback. But, if it does not serve it's main purpose, it's doomed to fail.

Tuesday, January 27, 2015

Why I uninstalled Bitdefender and went with ESET NOD32

BitDefender has been my anti-virus for a few years now. I used to use Windows Defender before that, but it doesn't seem to have kept up, giving other manufacturers a chance. After reading many reviews and tests, I chose BitDefender as it seemed to have the best or near detection rate in multiple tests. I uninstalled it today. Here's why.

I've been using a utility called File Menu Tools (FMT) from Lopesoft for a long time, it's a Windows Explorer Context Menu that allows many file and folder operations within Windows Explorer without having to install a third party File Browser. One extremely useful feature it has is a file renamer tool that covers every scenario I need, including regular expressions. Today FMT requested an update. FMT doesn't update at all regularly, so I let it do it's thing. It seemed to make many calls and downloads which I thought a bit odd, but updates are rarely done as well as Chrome (completely silent and invisible to the user, which might have it's own disadvantages). BitDefender detected a virus and deleted it. Good, but a little upsetting that this little tool seems to have been the culprit. I semi-correctly guessed that FMT has decided to include advertising software along with it's update, but BitDefender took care of it. Unfortunately, it was worse.

I checked Task Manager and noticed a few new processes like bbqLeads and others. I'd been set up with a proxy and all my internet traffic was going through the proxy. I ran a scan with BitDefender which pickup NOTHING. I manually then hunted down the processes, and tried a few scans through VirusTotal, and hits were from ESET NOD32 every time and a few with TrendMicro-Housecall. After manually cleaning up the mess for about 2 hours, I uninstalled BitDefender and downloaded and installed ESET NOD32.

To make sure that ESET can live up to it's expectations, I went to the Lopesoft website and tried to download FMT. The big prominent download link was immediately blocked. I tried the mirror, which happens to be the actual download. The download started, but just before it completed, ESET warned me about a virus and blocked it. Awesome!

PC Magazine was one of the sources that highly recommends BitDefender, and I've had respect for them. They claim that ESET has poor malware blocking, but don't really mention BitDefender's blocking abilities. I don't know if this is a conspiracy or things have just changed since the publication. But, I'll just take their articles with a pinch of salt going forward.

It's really sad that software writers have to resort to this nasty habit of installing malware, often sneakily to make money. The Apple and Android app stores are great proof that charging reasonable prices can make you money. $1 - $5 is the sweet spot. When software costs about the price of a cup of coffee, it's a no-brainer. Mobile apps are no less complex than a windows or desktop app, the effort involved is comparable. There's no reason that you should try to charge more or tarnish your reputation by installing viruses with your software. Obviously, more complex and larger software should demand higher prices - but simpler and smaller ones that are obviously one-man jobs would greatly benefit from the mobile market model.

Monday, December 29, 2014

What went wrong with the Samsung Galaxy S5

The S5 is Samsung's mainstream flagship device. The one that's supposed to be the biggest competitor to the iPhone. It really didn't work out that way. Article after article show other Android devices, such as the LG G3 or HTC One M8 as better than the S5. Where did Samsung go wrong with the S5?

Apple's primary claim to fame is their user experience, not just the software, but the hardware as well. Their devices are nice to look at and nice to hold. It doesn't matter if they lack some features and doesn't matter that they might be delicate. The sheer covetousness that Apple's devices exude is what sells the devices. Samsung hasn't quite got that yet. It still has the stodgy Windows Mobile manufacturer mindset.

The S5 has probably more features than any other device on the market - finger print scanner (which the iPhone has), waterproofing, heart rate monitor (arguably gimmicky), wireless charging (requires a separate charging back), micro SD card slot, removable battery and more. From a sheer feature count it's an awesome device. It has an awesome screen with the best contrast ratio on the market.

But, it's not particularly beautiful. Comparing the iPhone, the HTC One and the G2, it's the ugliest. And it does not fit nicely in the hand, it simply not a pleasure to hold. The metal edge with it's ridges feels uncomfortable and looks ugly and dated. The physical home button, which looks like a blind copy of Apple's is an anachronism. Ugly and not pleasant to use. The finger print reader is not as easy to use as the iPhone's which simply requires a press to wake and unlock. The S5 needs to be switched on and then swiped. It needs two hands to unlock easily. The swipe is somewhat finicky and requires careful movement.

Samsung needs to lose the look it adopted with the S3 and continues with the S5, and come up with something fresh that's easy on the eyes and on the hand. It should lose the mechanical home button. It should replace the swipe fingerprint scanner with a static non-swipe one - maybe on the back, and have it usable one handed. It should lose it's idiotic, overbearing and much reviled TouchWiz and go with vanilla Android.

Thursday, December 4, 2014

nginx + uwsgi + web2py: 502 Bad Gateway Error

I started receiving this on one of 2 load balanced servers. Nginx's logs showed this:
upstream prematurely closed connection while reading response header from upstream
I tried restarting uwsgi:
restart uwsgi-emperor
Uwsgi restarted fine, but the problem still persisted. Uwsgi's log showed this:
Fatal Python error: Couldn't create autoTLSkey mapping
This was fixed by doubling the memory in the uwsgi config file (/etc/uwsgi/web2py.ini) from:
limit-as = 512
reload-on-as = 256
reload-on-rss = 192
limit-as = 1024
reload-on-as = 512
reload-on-rss = 384
and restarting uwsgi.