Rantings by Nick Buraglio

I’ve not updated in quite some time. The main reason being that I’m too busy/lazy to recompile php and need xml support to use mobile apps to compose and post….the second reason being that I’ve been using twitter a lot. You can follow my [using random] rantings and thoughts here if you’re interested. If not, I should be updating this from time to time as well with more [hopefully] well thought out, in depth stuff. Until that next post, here are some twitter stats:

I’m frustrated. I really love my iphone. I’ve had one since the beginning, but I am feeling a bit of device envy for some of those “other” phones out there. I really like that I am basically carrying a unix box around in my pocket, and that I can install apps and sync calendars and contact and get email…..and that it all works seamlessly from my mac.
Many of those things are actually pretty straightforward and widely available…..if you have a PC. Now, RIM has released the new mac Blackberry app, and it works pretty well…it’s like 2002 for mac users with blackberries!
This is the niche that the iPhone filled.
Unfortunately, all of the politics and apple-ness has also come with that nice package. They want to control the user experience, and for the most part they do a fantastic job of it. I’ve always been a big apple fan, even when their OS sucked (and how; remember OS7?), but I’m also a control freak. I want to be able to tweak….without violating some arbitrary user agreement.
I want to be able to run the apps that I want to run, not what some carrier or some hardware company wants me to run. So, to that end, I will be considering all other devices that can perform similarly when the time is here to upgrade.

Lets go over a few things.

Here are the things that I am looking for:

Media support of mp3, video, audiobook
Full mac support for adding media (music, video, audiobooks)
Support for secure syncing of contacts (via either mac or OTA)
Support for secure syncing calendar OTA.
Secure email support of more than 2 accounts (activesync or imap).
Ability to install all available apps [easily, without a hack].
Unix based operating system
802.11g wifi
3g cellular support
>=2.0mp camera
ability to lock screen with code
video recording capability

Extra points for:
Supporting my existing provider (AT&T)
expandable memory
user replaceable battery
*not* having to jailbreak or hack device to unsupported state to accomplish all requirements

So far the contenders are:
Nokia n900
Motorola Droid
Palm pre
LG eve(?)
SE Xperia X10(?)

Does anyone else have any suggestions?

I got interviewed for the WCIA channel 3 news for a cell phone tracking/hacking follow up story. They cut out a lot of the interview for other content, but I still had a few comments.

Finally, finally, finally. The iPhone 3.0 OS that was announced this week is finally adding features that the original iPhone should have had. Features that some of which, other than a software addition, were always possible, not new, but nonetheless unavailable.
The features include:
Exchange 2007 remote search support
MMS
Copy/Paste
Read and compose email and text messages in landscape
…among many others.

Some screenshots, linked via BGR:

We’ve finally stepped out to 2004 with the addition of MMS. MMS is a luxury, I agree, but i used to use the heck out of it and the fact that it wasn’t available on such an elegant device such as the iPhone was, frankly, stupid. The argument that we should “email photos” holds no water since (being very generous) only 20% of people have smartphones that can get email.
Copy/Paste is also not new, but was something that I could understand not being in the first rev of the iPhone. The touchscreen implementation was completely new and I’m sure it was hard to get that aspect just right. A little late, but Kudos, apple.
Exchange 2007 remote search support….ehh, I don’t really care that much but I may care more if I have to switch to exchange for work email. Lets just hope we can have more than one ActiveSync account since now google offers a push calendar solution that I’m pretty much fully invested in.

Official apple page on the subject.

This looks pretty slick. I can’t wait.

Once again the pfSense team has given the open source and commercial community another great release of their marvelous firewall software. CHECK IT OUT, DONATE, or HELP OUT!

I have a few cron jobs that run on my home mac machines and I like to get the notifications generated from the MAILTO parameter. Well, a while ago (I believe after the comcast acquisition of insightbb), this stopped working. I did a little debugging and it is my belief that port 25 is being blocked outbound from the comcast network. Many people speculatethis, and as a network engineer I think it is actually a good idea. First, port 25 isn’t *really* the port that you should be using for host to mail relay. I was always taught that the submission port was best practice per RFC 2476 . In practice, many folks don’t use this port simply because since as far back as I can remember documentation has always pointed end users at port 25.
So, long story short, something I wanted to do for a long time was to set up a special account under my google apps that can be used to relay and record this data, as well as be used for things like an email wild card for my domain.
I was about to embark on hacking up the postfix installs then I came across this macosxhints article.
It’s a very handy walk through of doing exactly what I wanted to do, relay mail on port 587, over ssl through my ISP to an externally hosted email account.
Very handy.

These guys are rocking right along with the Layer 7 QoS stuff for pfSense.

I can’t wait to get some time to test it.

I’ve been revisiting IPv6 a lot again lately, and one thing I wanted to do was to get my home network back running IPv6 again after having it off for a while. IPv6 isn’t that hard to understand, configure, route or use, it’s just different and I need to know it well for my job so this is a good excuse to play around and re-read some of the books I bought years ago on the subject.
Since my lovely provider, Comcast, has no plan to deploy v6 yet I turned to one of the several IPv6 Tunnel Brokers. I had used the Hurricane Electric Tunnel Broker service a lot when first pawing at v6 years ago, and my tunnel info was still there.
OK, Tunnel up. Reverse DNS delegated and working. Router Advertisements flying all over the network and modified EUI-64 addresses all looking good.

# ifconfig
lo0: flags=8049 mtu 33208
groups: lo
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0×5
vic0: flags=8843 mtu 1500
lladdr 00:0c:29:38:49:eb
groups: egress
media: Ethernet autoselect
status: active
inet6 fe80::20c:29ff:fe38:49eb%vic0 prefixlen 64 scopeid 0×1
inet6 2001:470:1f07:447:20c:29ff:fe38:49eb prefixlen 64 pltime 604786 vltime 2591986
inet 192.168.209.11 netmask 0xffffffc0 broadcast 192.168.209.63


inet6 2001:470:1f07:447:20c:29ff:fe38:49eb prefixlen 64 pltime 604786 vltime 2591986 being the important string in there.

…..Flash back like 12 months. In an effort to be a little more conscious of money as well as environment, and out of good old fashioned cheapness, I took down my nice rack of servers, powered them all off, saved up my pennies and got a really nice 24″ iMac, packed to the hilt with RAM and disk with the idea of using one of my copies of vmware fusion to run my FreeBSD, OpenBSD and pfSense stuff on.

OK, time for the fun…..geting some v6 stuff to work through my network, over wireless, using vmware fusion with the gust OS in bridge mode….uuuumm, nope.
Hmmmm, why could this be? It’s just a network interface, right? Wrong. After troubleshooting this for a while and seeing nothing in packet dumps from anything outside of the box I decided to hit up my the smartest place I know to look, Google (yes, I used http://ipv6.google.com).
Low and behold, I found this post.

Apparently wireless interfaces are a problem, and as so tersely stated more than once in that thread “VMware policy is to not comment on unannounced products, features, or timelines”.
Crud. Well, I’m running vmware fusion 1.1.4 still….maybe I’ll see if it’s supported in 2.0, but not tonight. That would make life too easy so I’m not counting on it.

A lot of folks have asked me about the Blackberry Storm. Well, it looks like an impressive device, and if I still had Verizon Wireless and didn’t already have an iphone 3g, I’d very likely have one of these.
Rumors were flying about initial firmware issues, sluggish behavior and general buggyness, but it appears that they’ve been working on the problems and have fixes either on the way or already here. Howard over at Howard Forums did a decent review, check it out here:

The only caveat I can think of is that there has always been poor mac support for Blackberries, so if you’re a Mac user like me, you may want to check the options.

I’m not really sure how I missed this, probably because it’s some students doing the work, but nevertheless, it’s very exciting.
This is something that has been unavailable for the most part under *BSD, but available for quite some time under Linux. I personally don’t like iptables and find it much less elegant than pf, both in implementation and practice so seeing this work is very encouraging and I can’t wait to test it out.
Adding this into pfSense is a very exciting thing!

Add this blog to your RSS reader to keep track!

BGP, QoS, L7, pf, CARP (and OSPF if I can get off my butt and finish the GUI), pfSense is going to take over the world!