Friday, April 30

Snort 2.8.6 segfaults

Putting this post up for the people who will Google the error.
If you get an error that looks like something like this:
"segfault at 0 ip b7955947 sp bfa35d70 error 4 in libsf_engine.so.0.0.0[b7953000+8000]"

When you start Snort after you have upgraded to 2.8.6 from 2.8.5.3 (or whatever)

This means you are running 2.8.5.3 SO rules with the 2.8.6 engine. You need the 2.8.6 rules to run with the 2.8.6 engine.

You can get the rules here: http://www.snort.org/snort-rules

Make sure you read this post too: http://blog.joelesler.net/2010/04/new-vrt-rulepack-changes.html

Fun with profile_rules

I received a rule in my inbox today from StillSecure, and to be honest there wasn't anything wrong with it, but here was the rule:

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"WEB-ATTACKS HP Digital Imaging ActiveX Control CLSID Access Attempt"; flow:established,to_client; content:"clsid"; nocase; content:"697F5209-0494-11D6-A2B0-0060B0FBD872"; nocase; distance:0; content:"Save"; nocase; pcre:"/<OBJECT\s+[^>]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*697F5209-0494-11D6-A2B0-0060B0FBD872/si";classtype:attempted-user; reference:url,exploit-db.com/exploits/12367;sid:2012881; rev:1;)

So I started thinking about that pcre.  That's a pretty intensive pcre, and what does it do for us?  Checks order and formatting?  Okay.  I can see that, but as an experiment, I wanted to see how much faster that rule would run if you ran it natively in pure content matches.

I wrote the following:
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"WEB-ATTACKS HP Digital Imaging ActiveX Control CLSID Access Attempt"; flow:established,to_client; content:"OBJECT"; nocase; content:"classid"; distance:0; nocase; content:"clsid"; distance:0; nocase; content:"697F5209-0494-11D6-A2B0-0060B0FBD872"; distance:0; content:"Save"; nocase; distance:0; sid:1000000; rev:1;)

All content matches, just using distance to stack the matches.

I threw this in my snort.conf:
config profile_rules

(Excerpt from Snort manual about rule profiling:)
Snort can provide statistics on rule and preprocessor performance. Each require only a simple config option to snort.conf and Snort will print statistics on the worst (or all) performers on exit.

My Snort is already compiled with the correct performance monitoring tags, by the way.

This is what I got:
Rule Profile Statistics (all rules)

==========================================================

Num      SID GID Rev     Checks   Matches    Alerts           Microsecs  Avg/Check  Avg/Match Avg/Nonmatch   Disabled

===      === === ===     ======   =======    ======           =========  =========  ========= ============   ========

1          2012881   1   1          2         0         0                 148 74.2        0.0         73.3          0

2          1000000   1   1          3         1         1                  29 9.7        8.6         10.3         0

Look at the bolded numbers above.  The first is the rule with the pcre, the second is the rule without the pcre.  The one without ran in 29 microseconds (against a pcap).  The first rule, with the pcre ran for 148 microseconds!  Less Avg/Checks too.

So I wanted to see what would happen if you took out the distances (because the formatting of webpages can be wonky and the words can move around)
Rule Profile Statistics (all rules)

==========================================================

Num      SID GID Rev     Checks   Matches    Alerts           Microsecs  Avg/Check  Avg/Match Avg/Nonmatch   Disabled

===      === === ===     ======   =======    ======           =========  =========  ========= ============   ========

1  2012881   1   1          2         0         0                 148 74.2        0.0         73.3          0

2  1000000   1   1          3         1         1                  29 9.7        8.6         10.3          0

3  1000001   1   1          3         1         1                  25 8.4       16.1          4.6          0

Again, the rule was faster, but it had double the amount of Avg/Matches.

Just an interesting experiment, and I'm definitely not recommending you start running out and removing your pcre, I just thought I'd try that out.

However, my point in this post is, use profile_rules.  It's there for you and it provides you some great feedback!

Thursday, April 29

Thoughts on Flash by Steve Jobs

Thoughts on Flash.

In case you haven't read this today, Steve Jobs posted an open letter to all on the Apple website about Flash and Adobe.

Interesting read. Take a look.

Wednesday, April 28

Reinventing the Mainframe

From IRC today, my friend kraigus said this:
"I don't find it interesting that we're reinventing mainframes; I find it depressing and shittacular that we're just reinventing them, we're reinventing them _poorly_"

The conversation was about data centers and virtualization of machines.

Don't know why, I just liked this statement.
(Reprinted with Kraigus's permission)

Tuesday, April 27

VRT: Using Snort fast patterns wisely for fast rules

If you read my blog, chances are, it's because you have something to do with, or have heard of, Snort.  Check out the below link, because VRT shows you how the pattern matcher works, and how to make it bend it's will for awesome.

VRT: Using Snort fast patterns wisely for fast rules.

Monday, April 26

PulledPork v0.4.1 released!

New Features/changes:

- Flowbit tracking! - This means that all flowbits are not enabled when a specific base ruleset is specified (security etc...) but rather all flowbits are now tracked, allowing for only those that are required to be enabled.

- Adjusted pulledpork.conf to account for new snort rules tarball naming and packing scheme, post Snort 2.8.6 release.

- Added option to specify all rule modification files in the master pulledpork.conf file - feature request 19.

- Added capability to specify base ruleset (see README.RULESETS) in master pulledpork.conf file.

- Handle preprocessor and sensitive-information rulesets

Bug Fixes:

- 18 - non-rule lines containing the string sid:xxxx were being populated into the rule data structure, added an extra check to ensure that this does not occur

- Cleaned up href pointers, syntatical purposes only...

- Modified master config to allow for better readability on smaller console based systems

- Error output was not always returning full error

Be sure and go here to download the newest update!

http://code.google.com/p/pulledpork/

Be sure and read my other two posts in order to make sure you are fully up to date with everything going on.

New VRT Rulepack changes

There has been a lot of confusion between the rule update packs.  Some people would see the word "snortrules-snapshot-CURRENT_s.tar.gz" in the rulepack name, or the "snortrules-snapshot-2.8_s.tar.gz" name, and not know which ones to use, or which version of rulepack to use with which version of Snort, so hopefully with this change we've eliminated that confusion.  Now the Snort RulePacks are specific to "Version released".

What does that mean for you?

If you are using 2.8.5.3 and are updating to 2.8.6 (recommended)

You need to go into your oinkmaster / pulledpork / wget / any updater that you are using, and change the name of the rulepack you are grabbing to the version that is specific to your environment, so if you are changing to 2.8.6, you will not only need to update to 2.8.6, but you will also need to change your rulepack name to:

snortrules-snapshot-2860.tar.gz

If you are using 2.8.5.3, and are NOT planning to update to 2.8.6 at this time

You STILL need to go into your oinkmaster/pulledpork/wget/any updater that you are using and change the name of the rulepack you are pulling to the version that is specific to your environment.

In short, everyone that uses Snort will need to make this change.  For the next 30-days, the "snortrules-snapshot-CURRENT.tar.gz" and "snortrules-snapshot-2.8.tar.gz" links will symlink to the "snortrules-snapshot-2853.tar.gz".  So if you update to 2.8.6 you will need to change to the appropriate rulepack.

These symlinks will exist for the next 30-days.

If you are a Snort VRT rules subscriber (aka, you pay for it), the symlinks will be of use to you for 30-days, however, you are strongly encouraged to make the change now so that after the symlinks are removed, you won't get 404 errors.

If you are NOT a Snort VRT rules subscriber (aka, registered user, you don't pay for it, and you get the rulepack after the "30-day free window" is lifted) you need to make the change.  So for example, if snortrules-snapshot-CURRENT.tar.gz is in your rule download URL, you need to update it to snortrules-snapshot-2853.tar.gz (or snortrules-snapshot-2860.tar.gz if you update).  The Symlinks will NEVER apply to you, as the new packages won't be available to registered users for 30 days.

If you are running a version of Snort that is < 2.8.5.3.

You will need to modify oinkmaster / pulledpork / wget / whatever update system you are using to remove 2.8.5.3 version specific rule keywords or Snort will fail to load.  Please update to 2.8.5.3 at least, or move to 2.8.6.

Snort.conf

The Snort.conf file that is in each rulepack is ALSO version specific now.  (Yeah!)

The rulepacks will also be significantly smaller because of the fact that since the rulepacks are locked to the version of Snort they support, only the SO rules for the specific rulepack version are included.  For instance, the 2853 rulepack will only contain SO rules for 2.8.5.3.

Also be sure and read the VRT blog for further information: http://vrt-sourcefire.blogspot.com

Snort 2.8.6 is released!

[*] New Additions
* HTTP Inspect now splits requests into 5 components -
Method, URI, Header (non-cookie), Cookies, Body.
Content and PCRE rule options can now search one or more of these buffers.

HTTP server-specific configurations to normalize the HTTP header and/or cookies have been added.

Support gzip decompression across multiple packets.

* Added a Sensitive Data preprocessor, which performs detection of Personally Identifiable Information (PII).  A new rule option is available to define new PII.  See README.sensitive_data and the Snort Manual for configuration details.

* Added a new pattern matcher and related configurations.  The new pattern matcher is optimized to use less memory and perform at AC speed.

[*] Improvements
* Addressed problem to resolve output obfuscation affecting packets when Snort is inline.

* Preprocessors with memcap settings can now be configured in a "disabled" state.  This allows you to configure that memcap globally, but only enable the preprocessor in targeted configurations.

Go to http://www.snort.org to download the latest release!  I have two more posts that will be coming out later today with further updates, so make sure you read those as well. Also, make sure you read the VRT blog for further information: http://vrt-sourcefire.blogspot.com

Backpacks are not people too!




This is the glamorous, Also looking at you Chicago. (via).

Thursday, April 22

Google Code Blog: HTML5 + Quake II

Google Code Blog: HTML5 + Quake II.

This is why Flash is on it's way out.

httpv://www.youtube.com/watch?v=XhMN0wlITLk

As a friend of mine said: "One little division of Adobe is working on Flash, the whole freaking internet is working on html5"

Fantastic.

Videos of Sourcefire, by TheAcademyPro

YouTube - SourcefireInc's Channel.

TheAcademyPro does some wonderful videos for us showing some of the aspects of the Sourcefire interface, working with Virtual Machines, just showing how easy it is to navigate around the Sourcefire interface.  If you read my blog and you are a Sourcefire customer, or just a plain Snort user who is interested to see how things work within Sourcefire, check out these videos.

There are a ton of videos in there, how to manage policy, make remediation alerts, etc.  Covering a bunch of different aspects of the Sourcefire interface.  Check it out!

How to make Mail.app go faster

For those of you that use Mail.app for a Mail client on your Mac..  This is one way to speed it up.

Go open your Applescript Editor and paste this in there:
tell application "Mail" to quit

set sizeBefore to do shell script "ls -lah ~/Library/Mail | grep -E 'Envelope Index$' | awk {'print $5'}"

do shell script "/usr/bin/sqlite3 ~/Library/Mail/'Envelope Index' vacuum"

set sizeAfter to do shell script "ls -lah ~/Library/Mail | grep -E 'Envelope Index$' | awk {'print $5'}"

display dialog ("Mail index before: " & sizeBefore & return & "Mail index after: " & sizeAfter & return & return & "Enjoy the new speed!")



tell application "Mail" to activate


This script came from here.  However, if you copy and paste it from that website you have to correct all the quotes and single ticks in the whole script.  Hopefully my above paste makes it better.

For background on what this does, this script cleans up the sqllite "Envelope Index" database that Mail.app uses to store it's list of emails and attachments.  If you clean this up, Mail.app starts and runs a TON faster.  Check out more here.

Wednesday, April 21

Steve Jobs gets a bad rap

I believe Steve Jobs gets a bad rap. Not about being secretive, or being a totalitarian in his management techniques (which, by the way, appear to work, did you see their Q2 numbers?).

But I think he gets a bad rap in his parking.

Yes, his parking.

If you read Mac Gadget blogs, Apple centric webpages, you see things like this.



You would simply think that Steve Jobs goes around parking in Handicapped spaces all day.  Totally untrue.  The other day, when I was ironically parked in the same space as the red car in the above picture, saw this, and took a picture.



See?  He doesn't always park in a handicapped spot!  Now, the lack of license plate?  That's a different story.

;)

7 Things I'd Love to Change About Meetings | Wise Bread

7 Things Id Love to Change About Meetings | Wise Bread.

A great article over on Wise Bread consisting of 7 things that they wish they could change about meetings.



  1. Beware of "Posting Meetings"

  2. Abolish Monday Meetings

  3. Finish With A Review of Actions Captured

  4. Make All Meetings "Standing" Meetings

  5. State The Purpose Of Every Meeting At The Start

  6. Bring Back Transit Time!

  7. If You Must Meet, Meet on Tuesday at 3pm


Click through at the above link to read the expansion on these points.

California hospital plans to utilize 100 Apple iPads

AppleInsider | California hospital plans to utilize 100 Apple iPads.

I knew this was going to happen.  I think the two verticals that will adopt the iPad the most (aside from consumer) is education and medical.  There is clearly a use case in both markets that could be huge.

Monday, April 19

Non-Apple’s Mistake

Loper OS » Non-Apple’s Mistake.

I don't know the guy that wrote this, but I think it speaks volumes.

Apple has a monopoly, it has a monopoly on good products. Apple has the best products because everyone else sucks. Not because Apple is great. It's because the products from everyone else are horrible.

Good article here please click the above link and read.

Sunday, April 18

A Flurry of Spycam News

Stryde Hax: A Flurry of Spycam News.

Got this off of Twitter from @chrisgates. Good article on the whole spy cam fiasco that has made national news lately.

Take a look.

Tuesday, April 13

What is a desktop? What is a server?

See the subject?

Posting this for a discussion on the blog, I was involved in this debate earlier today.  Didn't really participate, I thought it would be a good topic for discussion.

Please leave comments in the comments section below.  What do you define as a desktop, what do you define as a server?

Sunday, April 4

iPad review

My mother in law, whose extent of using the Internet is asking where the big blue "E" is, sat done with my iPad and in five minutes of using it, knew how, and was determined that she wanted one. (That is to say that technology is not really her thing, she's a very smart woman)

My three year old daughter, who has prior computing experience on my iPhone, used my iPad for sly of about 3 seconds and was watching videos and playing games on it.

My wife, who also has an iPhone, works on Windows and Macs everyday started using it right away.

Reminded me of that Staples commercial. "That was easy".

I swore to myself that I would approach this device (writing this blog post on it, on the virtual keyboard too) with an open and objective mind, not to be an Apple fanboy, and really use nothing but this device for, say a week, and really give it a good review. I figure the only way to give a good review about this device is to do just that, and see, once and for all, if you really could replace a laptop with it.

Of course there are going to be the people marching with their picket signs proclaiming that the iPad is the end of the net book, "the end is nigh!!!". I am not saying they are wrong, but I am also not proclaiming that they are right either. This device clearly fills a void, that before it came out, we never knew existed.

We never knew what a nice interface for the mobile phone looked like until the iPhone came out either. Remember the interfaces of the Palm Treo and Blackberries before the iPhone came out? We never knew what a touch interface would yield us. Now look at the world, 3 years later, and you'd be hard pressed to go anywhere and not see at least a dozen iPhones on the way to your destination. Even in New York City, where AT&T's coverage is, frankly, horrible, you still see iPhones on almost everyone.

The iPad is similar. You never knew you had a need or a want for a device like this one until you pick one up and use it. For me, when sitting on the couch during the first 10 minutes of having it, browsing the Internet, setting up my email accounts and answering a few emails on it, i said to myself "I get it".

Apple describes the experience in using the device "far more intimate" than using a smartphone or a laptop. Now I understand why they used that particular piece of terminology. It doesn't seem as if there is a barrier to using the device. Not in terms of learning to use this device, but in terms of interacting with the content. You don't have the perception that you are moving the mouse or typing on a keyboard to manipulate the information. You feel like, you are creating or moving the information.

It feels like Star Trek. Ever watch the next generation, when Data or someone was configuring something on the screen? That, was the iPad. That's what it feels and looks like. Minority report (not the big screen, the little one) style.

You want to click on something, you tap it. You want to move or scroll, you move the stuff on the screen with your finger. Want to type something, you just, go and type it.

I'll rate everything on a scale of one to ten.

Typing (6)
It takes a minute to get used to typing on it, especially when you are trying to hit the "a" key with your pinky (i keep hitting s). But after about 20 minutes or 10 emails worth of typing, you are whizzing through typing on this thing fast as heck. No problem. I can type almost as fast on the iPad as I do on the regular keyboard, the main advantage I have is the error correction. It takes a second, just like you had to get used to on the iPhone, to remember that you shouldn't back space, just keep typing and more than likely the error correction on the OS will fix itself. Same issue with the apostrophe on certain words. For instance, "hell" you have to type manually, otherwise it'll come out "he'll". But I can imagine, after typing on this thing awhile, I'll go back to a regular keyboard and try and type the double space shortcut (period then space), and I won't be able to.

Also how you hold it is important, personally I prefer to type in landscape mode, as in portrait mode, the keyboard is a bit too wide to use with just my thumbs. In landscape mode, I can type on it comfortably.

Videos (9)
Watching videos on this thing is phenomenal. I have watched several episodes of tv shows, both House and Top Gear. All in "high definition" and all looked great. Now, the HD purists will complain that the resolution isn't high enough to be called high def, and the true 16x9 ratio isn't there, but it's a great device for watching content on.

Browsing (7)
Yeah, it doesn't have flash. No I don't care. I block flash in my desktop browser anyway, I prefer html5 for many reasons, the main being that html5 has never caused my fan on my laptop to kick on and run in overdrive. Flash always does. Try it. See how fast your computer heats up when you are using flash as opposed to html5. See how fast your battery dies in a comparison between the two. Otherwise browsing on this thing kicks butt. I have only encountered one problem on one website, where I couldn't scroll down, but the scrolling action was controlled by flash. So obviously.

Email (8)
Perfect client for writing a small email on. If you are one of those types who likes to write "War and Peace" length emails, then this might not be the device for you, even though you shouldn't have a problem, heck I wrote this whole long blog post on the virtual keyboard. But if you are like the 99.9% of email writers out there that answer there email in about 5 sentences or a couple paragraphs, then this device is just fine for you. The only two drawbacks so far that i see are, a) lack of universal inbox, which Steve Jobs himself said is coming and b) you cant move an email from one account to another.

Apps (6 for the iPhone apps that are pixel doubled, 8-9 for the iPad native apps)
While the pixel doubling for the iPad is good for iPhone shaped apps, some of the text can look a bit blocky, but they work just fine. My daughter had no problem playing her games, and you shouldn't either. I was testing out Real Racing over the weekend and it worked just fine. It was actually much better playing the game on a big screen instead of the iPhone. Some of the apps for the iPad that have been redesigned are great. I love them. Especially the Accuweather app. Beautiful. You can really tell the difference between the apps that were, from the ground up designed to work for the iPad, and the apps where they took the iPhone app, and just, made it bigger. I am sure, in time those apps will be redesigned now that the hardware is actually out.

Calendar (9)
It actually works, looks, and functions like a calendar. I use the iCal all the time constantly, and it's synced automatically with google calendar. On the iPhone, it worked great, it does work great, but the iPad is just, better some how. It looks better, it looks like a real calendar, or as well as real as a digital calendar can look. They real did a nice job with the presentation of the app, the top of it looks like you just tore off the day prior.

Contacts (9)
Same as above, it looks like a book, an actual contact book that might sit in that drawer under the phone in your kitchen. You use it like a book, it looks like a series of tabs on the left, and you can use it just like that.

Pages, Keynote, and Numbers (7)
These apps are great. I haven't gotten the chance to use Numbers and Keynote yet, but i sent the better part of today editing a document in Pages. (hey like i said, i really wanted to test the thing!). It's not as full featured as the desktop version, but it's a damn good word processor for the majority of documents that are going to be created. If my wife or my mother-in-law wanted to write a document, make a sign, or work on their resume, they could do so very easily.

iTunes, Videos, and Youtube (8)
They clearly designed this device to take advantage of the media in your iTunes library, or some deals that Apple is trying to make. This is a great device to watch videos on, as i already said, but the interfaces wrapped up in each of the above built in apps clearly make this a device perfect for consuming media on.

Speaker (8)
It's good. You can watch a movie, tv show, or whatever, and it functions great and has plenty of sound. It's not a 5.1 surround system, but it works great and it was actually a bit surprising.

Buttons (uh 10?)
Home button, volume buttons, and lock buttons just like the iPhone. However, the silent/ringer button has been replaced with a "screen lock" button. When switched, locks your screen in whatever position you currently have it in. Landscape or portrait, it just stays there. Useful if you are sitting at s strange angle on the couch or something and the iPad's accelerometer doesn't know if it's up or down or sideways.

Battery (10)

The battery is unbelievably long lasting.  I've been using it since Saturday, basically as my primary computer, and I've plugged it in once.  I've watched videos on it, I've browsed on it, I've played games on it, I've read books on it.  Just great battery life.

iBooks (8)

The books are great.  I've a couple free ones on my device here, and I've read about 100 or so pages.  The books work great in landscape or portrait, in sunlight, and in shade, inside and out.  The only thing about the iPad is that it weighs a pound and a half, which isn't a big deal, you just shift the weight from hand to hand every couple pages, unless you are a total sissy, or if you are 2 years old.  (My three year old little girl can hold it for a long period of time and not complain, so if that's any indication)

Screen (10)

The screen is beautiful.  Yes it gets fingerprints on it, but I have a little cloth from KlearScreen.com that I have had for years (since I first started using Macs), a newer one can be found in these kits.  I wipe the screen, it comes right off.  Something a little micro-fiberish takes everything right off, yeah, you could use a Tshirt too.  Glare on the screen?  People seem to think that sunlight would create a gigantic glare on the device, I disagree.  I think apps that have dark backgrounds are the worst culprit.  You read a book in iBooks, in full sunlight, no problem.  But if you are using the (AWESOME) Accuweather iPad app, which has a black background, it can be difficult.

Wifi (8)

I have read some forums online where people are complaining about the Wifi connectivity with the device.  It will start off at five bars, and then shrink down to 1 bar, then go back up again.  I have to admit, I was experiencing this at my mother-in-laws house, and her router is using WEP, Verizon FiOS Actiontec regular old wireless router with both B and G bands.  At home, I have two Apple WAPs running 802.11G and 802.11N.  The iPad communicates flawlessly all over the house, yard, and porches with a full five bars on either connection point.  Maybe this is a firmware issue (because apparently lots of people are experiencing problems), however, I..  am not, at home.

Now, as you'd expect let's address some of the downfalls of the device:

The Downfalls
No flash -- well, be that as it may. It is what it is, and I am sure, the longer the iPhone stays out, and the bigger the iPad gets, the end of flash may draw near.
No removable battery -- this was the big bitch about the iPhone when it first came out and it seems that people have largely gotten over this. You know, by plugging the darn thing in.  This isn't a phone, you don't need to trade out the batteries like you should need to with a phone.
No remove-able storage -- I don't know how this is that big of a deal. The iPad comes in 16 gig, 32 gig, and 64 gig of storage. If that's not enough space for you, then you might want to evaluate a cloud based storage solution of some type.
No Usb ports -- well clearly this is not a full featured computer. For the most of the audience and consumers out there, this could be a everyday useful computer. I think it's perfect for kids at school, for doctors, for lawyers, for my parents, for my brothers. Those of you that need to plug in your wacom tablet, or your thirty USB based devices, this isn't it. Apple clearly wanted the device to be stable and not susceptible tom third party drivers for USB devices and such.
Printing -- you can't print from it. Not natively, not yet. While it is certainly possible to set up a printer on the network and print wirelessly, heck I do it at my house, the iPad does notmhave the built in ability to print. Which kinda stinks. But, just like the iPhone, where someone wrote an app to be able to do just that, I imagine, given time, the iPad will be able to do the same thing.
No Camera -- The iPad has no camera, forward or back.  I don't think a back mounted iPad (like the iPhone) would be of much use, I mean, it would just be weird trying to take a picture with a device that big.  A forward facing one, so you could use it for video conferencing with iChat?  That would be AWESOME, and I wished they would have built it in, but alas, they didn't, so hopefully they do in a future version.
No Microphone -- It has a built in mic, I think the headphones are better.  I took my iPhone headphones (the ones with the mic built in to the lanyard) fired up the Skype app and made a call.  It worked perfectly.

I am sure there are more, if you feel so inclined to tell me what you think the downfalls of the device are in the comments, I'll be glad to update the post, and/or give my opinion.

In closing

I clearly believe that there is no way that you'll fully understand this device unless you use it.  There is clearly a market, and tons of potential for this device, and we'll see where it goes.

What do I recommend?

I recommend you get the biggest one.  64G.  You'll understand why once you have it, because you'll want to be consuming media on it, you'll want to be watching movies, have your apps, have your documents, have your stuff.  Especially those of you that are like me and travel a lot and want a device to use on the plane.  Get the biggest one.  The 3G vs. Wifi is a debate only you can answer.  Personally, I have a Mifi, so I have no need to have the 3G version, I use the Mifi as a Wireless access point, connect my iPad to it, and away I go.  Simple.

Overall Grade: 8

It's an excellent device, try before you buy, but you won't think you need one, until you use one.  Then, you won't know how you did without it.  It's the perfect couch device, bedside table device, and going to the bathroom device.

Friday, April 2

Note To Thieves: People You Rob Use Craigslist Too

A Story about a man who, much to his dismay, had his home broken into and several items stolen.  However, he was smart enough to think to look for his items on Craiglist, and found his computer.

Still looking for other items, but since he reported the man who he got his computer back from, I have a feeling that the rest will turn up soon as well.

At least the thieves didn't delete his harddrive.

Note To Thieves: People You Rob Use Craigslist Too - Houston Music - Rocks Off.

Google services on the iPad and tablet computers

Google today rolled out their new version of the Gmail web interface specifically for the iPad.  Looks pretty nice.


Nice side by side pane view, similar to the native iPad Mail app.


Read the post below:




Official Google Mobile Blog: Google services on the iPad and tablet computers.

AT&T has some shady billingness going on.

At my company we use a service named "Webex" to do remote presentations and conferencing.  So here you are, you join a Webex session on your iPhone.   See Cisco (the makers of Webex) made an iPhone app where you can view presentations and participate in an online presentation right on the Phone!  It's great!    You sign into a webex, and the webex app says "Hey, you want me to dial the conf number for you", Why sure!  You can dial the number, and then I can pop back over to the webex app!? Phenomenal.  Great technology, great to see it.
So it kicks you over to the Call screen where it proceeds to dial 8664693239 ,,<confcode>,,<attendee id>#  (commas are pauses in the Phone world)

The way that Cisco sends the number to the call app, inserts that space after the actual phone number, which makes the phone app format the aforementioned number as an international number.
So, the iPhone appears to dial the number as +8664693239.  You know what +86 is as a country code?  China.
So, that's not the problem, not the problem at all.  The iPhone dials the number correctly (even though it shows up incorrectly), you connect to the 866 toll free call and everything!
The problem is on AT&T's billing side, somewhere, where it receives the number under a different format, and the number on your bill shows up as 866-469-3239.
Know what it's billed as?  A call to +86.  Yup. China.

So, my most recent bill from AT&T showed a 200+ dollar call to China.
My question is, how common is this?  Is AT&T charging people like this for calls that aren't processed in the billing system correctly?  AT&T is just expecting people to pay the bill?  My bill was almost 500 dollars this month because of 4 or 5 calls like this.  (I do a lot of presentations.)
AT&T, fix your billing system.  Something is screwed up.

Thursday, April 1

Found footage: the first guy in the iPad line at 5th Avenue Apple Store


Someone should tell this guy that he could have ordered it and had it delivered straight to his house.  Just a thought.


httpv://www.youtube.com/watch?v=B4B3IjHP05o




Found footage: the first guy in the iPad line at 5th Avenue Apple Store.

OAuth access to IMAP/SMTP in Gmail

...another entry from Google on the "Openness" aspect of their solution.  They have implemented OAuth IMAP/SMTP for Gmail.  So instead of you having to pass a 3rd party website your username and password credentials, you can use OAuth to be able to authorize that 3rd party website to access the information in Gmail.  Nice Approach there I think.

Google Code Blog: OAuth access to IMAP/SMTP in Gmail.

Yale Daily News - ITS delays switch to Gmail

Many universities and businesses have switched to Gmail as an email processing, cloud based platform.  I like a lot of the features of Gmail, ease of access, simple interface.  But I'm not a fan of several things as well.

Yale was thinking about moving to Google Apps as a platform, and said that "everyone was so caught up in wondering how we can do it, and forgot to ask should we do it."

Interesting article.

Yale Daily News - ITS delays switch to Gmail.

Apples iPad: The Mothership Prepares for Launch

Stephen Fry comes to us from time.com regaling us of his tale of his recent visit to 1 Infinite Loop.  Stephen Fry is a great writer and tells a story about how he met and interviewed Phil Schiller, Eddy Cue, and Steve Jobs.  Then he tells us about his instant love with the iPad.

Many articles have been published about the iPad this morning that came up in my RSS reader.  I read Walt Mossberg's, I read Andy Ihnatko's.  Stephen Fry's didn't just tell a tale about the iPad, it told a tale about the design of it, the use of it, and the love affair he now has with it.

I have pre-ordered one, as I unabashedly like Apple products and clearly see a potential for this device (and as of this morning it has left China).  I'll be posting my own review of the device here for family, friends, and blog readers alike.

I have several family members waiting patiently to see what I think of it before they buy.

Check it out at the link below:

Apples iPad: The Mothership Prepares for Launch - TIME.