What to do with an old laptop?

Пост доступен на русском языке via Восстановление на Softdroid: Как вернуть к работе старый ноутбук.

After five long years using my trusted (and now extremely out of date) laptop, I’ve finally moved along to something better.

Old Laptop

Dell Latitude D610, Intel Pentium-M 750 (1.86GHz), 2GB RAM, 60GB HDD (using Truecrypt software FDE), 14.1″ 1400×1050 LCD, Windows XP Professional 32-bit SP3.

New Laptop

Dell Latitude E6510, Intel Core i7-820QM (1.73GHz, with Turbo Boost to 3.06GHz), 8GB RAM, 250GB HDD (using Seagate hardware-based FDE), 15.6″ 1920×1080 LCD, built in 3G HSPA modem for use when travelling, backlit keyboard, Windows 7 Ultimate 64-bit.

Mini Review of Dell Latitude Series

I’m not one to replace my laptop hardware often, but it was time, as I had less than a month of my 5 year warranty remaining and I was out of hard disk space. Plus, the old laptop was breaking down a bit too often for my liking. Motherboard replaced 4 times, LCD replaced 3 times, keyboard replaced 2 times, and HDD replaced once. To Dell’s credit, they never made any fuss and always promptly sent out replacement parts without making me run irrelevant diagnostic tests, but it was all getting a bit too much. I think the main reason I had so many problems was the poor placement of the exhaust vent on the Latitude D-Series chassis, which was on the back and always blocked by the port replicator, causing constant overheating. I was happy to see that on the E-Series chassis, the exhaust vent has been moved to the side instead.

I have yet to try out all of the new features of my new laptop, but I will say that it’s Fast (with a capital F). Especially compared to what I was using before. The screen is amazing and the backlit keyboard is icing on the cake, because these days I use the computer with the lights off a lot, due to having small kids around. Not that I need to look at the keyboard whilst typing, but it’s still cool to have nonetheless.

A Dilemma

However, I now have an old laptop in working condition which is sitting idle, and I don’t know what to do with it. First, I considered repurposing it as a training computer for my 3 year old daughter and installing a netbook OS as those should in theory be pretty basic and easy to use.

First I tried Jolicloud (PreFinal release), a netbook OS that seems to be getting generally good reviews in the blogosphere. I tried the LiveCD and was disappointed to find that the Intel wifi card in my laptop did not work (nor was I able to find any information online about making it work). So I just gave it a look-through offline, enough to get a feel about what it offers.

Then I tried Ubuntu Netbook Edition (version 10.04), where the wifi did work on the LiveCD. Overall a pretty similar experience to Jolicloud, which was not a huge surprise given they share the same foundations. Jolicloud seemed to offer a better out of the box experience (rather it would have, had wifi been working), but Ubuntu’s UI polish was much better.

However, finally, both options seemed somewhat underwhelming and I kept on thinking to myself, “What if I just put XP back on this thing?” After all, XP is now almost a decade old, very stable due to years of bugfixes and patching, and pretty snappy too. Jolicloud and Ubuntu, as netbook-optimised OS’, stand out when dealing with real netbooks which have very limited vertical real estate. However, with 1050 pixels on the Y-axis, the appeal of screen real estate saving features was pretty minimal.

After all this, I also gave up on the idea about using my old laptop as a training machine for my daughter. Makes more sense just to use the home desktop with Windows 7 and a regular keyboard and mouse rather than using Windows XP with a relatively confusing trackpad.

I think most likely, I probably will install Windows XP on the old laptop. The alternatives are underwhelming. Though, I still have no idea what I’ll do with it.

What’s your PAN? Anybody can find out!

Glossary for non-Indian readers: PAN – Permanent Account Number

The geniuses at the Income Tax Department in India have set up a website called:

Know Your PAN

In reality, it should be called Know Anybody’s PAN because that’s what you’re able to do, as long as you know their last name and birthdate, neither of which anybody would consider a secret these days. You don’t even need to know the first or middle name, the website will give it to you.

I can’t fathom why anybody would think that this website is a good idea because it effectively facilitates identity fraud. Besides forgetting one’s own PAN, I cannot think of a single legitimate reason why anybody would need to use this website. And let’s be clear; allowing people to check their own PAN is not a good enough justification to make this information public.

There are plenty of illegitimate reasons why this website would be used. First and foremost would be identity fraud. Knowing someone’s PAN is crucial if you want to engage in fraudulent transactions on their behalf.

While the internet can be a useful tool, sometimes people need to think about why a tool is really necessary and think about the implications before putting it online.

However, I suppose in India, a country where privacy laws don’t exist, and the concept of personal privacy is alien, it should not come as a big surprise that the government itself is facilitating identity fraud.

Just to try out the system, you could look up one of many common Indian personalities’ names and dates of birth on Wikipedia and the website will give you their PAN.

Belorussian Translation provided by PC

eJamaat and Data Retention

My religious community, numbering approximately one million worldwide has a centralised system for almost everything (both religious and non-religious). One of the non-religious centralised systems that has really irked me over the last couple of years has been the eJamaat system which is maintained by the religious administration.

The eJamaat system (update: now called ITS or Idaratut Ta’reef al Shakhsi) contains personal biodata (name, DOB, address, education, business details, levels of religious learning, blood type, family trees/relationships) of almost all community members worldwide. This system is mainly used to gather data about the community and also to perform registration for attendance of reglious events or sermons. Now – the administration seeks to make entering passport information mandatory as well.

Why does it irk me? It’s not because the system is not needed or because it performs no useful functions. In reality, there is a real need for this system and it is effectively used to manage registration for events. It irks me because of the administration’s compulsion for collecting data that is not required just for the sake of collecting it. Further, there is no disclosure as to how the information is used and no information about what steps are being taken to secure our personal data. For starters, communication is unencrypted because SSL is not used to secure HTTP conversations so any data entry is inherently insecure, especially if you do so over a public wifi signal.

When this system was first set up, I requested a copy of eJamaat’s privacy policy. It is not publicly listed anywhere and I never got a response. From this I can infer that either they don’t have one, or that it is not available for public viewing. In some jurisdictions the collection of this kind of personal data without a published privacy policy that meets certain guidelines is actually outright illegal (see below for details on relevant legislation within the UK).

I am genuinely concerned that if this data was to fall into the wrong hands, it would be a treasure trove for individuals seeking to engage in identity theft. With information including full name, father’s name, mother’s name (including maiden name), DOB, passport information, photographs, address, blood type, information about health conditions, business details, educational qualifications it is frankly quite scary to imagine what could happen if this information was stolen by a third party or misused by those with access to the data. Identity theft would be the tip of the iceberg.

It would be reassuring to the community if important information was disclosed (and more importantly followed) regarding what steps are taken to secure the data, under what circumstances data will be shared with other parties, if users will be informed in the case of a data breach, and also why data like passport information is required (personally, I can’t see a legitimate reason for this).

I think it would be naive to think that feeding all this information into a black box with no accountability is a good idea and that there will never be a major breach of confidentiality. With the scope of data contained, it is quite plausible that someone could call a bank and successfully obtain account information and effect transfers, or apply for a library card by post in someone else’s name.

I hope someone can demonstrate that my concerns are unfounded, but I doubt that will happen.

For those who are interested, the Data Protection Act 1998 is the most relevant piece of legislation in the United Kingdom to this discussion (and other countries may have their own equivalents). Accoring to the ICO, there are eight basic principles, which is to make sure that personal information is:

  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate and up to date
  • Not kept for longer than is necessary
  • Processed in line with your rights
  • Secure
  • Not transferred to other countries without adequate protection

[Source: Personal data, Personal rights – Data Protection Act (DPA) – ICO]

The page on legal obligations imposed on data controllers is also interesting:

  • Do I really need this information about an individual? Do I know what I’m going to use it for?
  • Do the people whose information I hold know that I’ve got it, and are they likely to understand what it will be used for?
  • If I’m asked to pass on personal information, would the people about whom I hold information expect me to do this?
  • Am I satisfied the information is being held securely, whether it’s on paper or on computer? And what about my website? Is it secure?
  • Is access to personal information limited to those with a strict need to know?
  • Am I sure the personal information is accurate and up to date?
  • Do I delete or destroy personal information as soon as I have no more need for it?
  • Have I trained my staff in their duties and responsibilities under the Data Protection Act, and are they putting them into practice?
  • Do I need to notify the Information Commissioner and if so is my notification up to date?

[Source: Personal privacy, legal obligations – Data Protection Act (DPA) – ICO]

Update 16 November 2008: I have been requested by a legal advisor to Dawat to temporarily remove this post while some issues are being worked on. Certain representations have been made which paint a positive picture of what is going on behind the scenes and if this is followed through it will be a very positive development for all eJamaat users.

Update 23 September 2009: eJamaat now has a privacy policy in place (see also locally archived copy dated 23/09/2009) which addresses many of the concerns stated above. It is good to know that positive steps are being taken and users are being told why data is being collected, why, and who will process it, and also how to opt out, and it is also being made clear that the entering of passport information is optional and not mandatory. The privacy policy is not perfect, it does not address how the data is being kept secure, but it is a step in the right direction.

Given that I was requested to remove the post only temporarily until action was taken, I am quite comfortable to put the entire post back online in the knowledge that action has already been taken (and there was ample opportunity to do so) and I hope that the privacy policy will be vigilantly enforced and that steps will continue to be taken to protect the privacy of eJamaat users.

One further step that I would like to see taken is for eJamaat to publish a list of organisations that they share our data with. In the privacy policy they mention that they only share information with organisations affliated with Dawat-e-Hadiyah but this could be a very extensive list and sometimes the distinction between being affiliated or not is an obscure one.

For example, the site Malumaat.com requires users to register with an eJamaat number and says that if incorrect information is entered then an account is liable to deactivation. This is interesting because it means that any one of the following cases must be true:

  1. Malumaat is able to access eJamaat records in order to verify that the numbers provided are correct. In this case, eJamaat is in violation of their own privacy policy because Malumaat is not an organisation which is affliated with Dawat-e-Hadiyah or Alvazaratus Saifiyah.
  2. Malumaat is not able to access eJamaat records in which case Malumaat is purporting to collect eJamaat numbers for a purpose otherwise than what they state and users have no guarantee about the privacy of their data provided (and in any case should be wary of providing unique personal identifiers to a site which has not issued them in the first instance).

Another point worth mention is that eJamaat, according to their privacy policy, does provide information to third parties. In this case it is legally incumbent upon eJamaat to ensure that the third parties they provide data to are also processing it in accordance with the protections that eJamaat is subject to otherwise the provision of said data to third parties may be unlawful.

One more easy improvement that could be made is to encrypt all website transactions using SSL (preferably EV SSL). At the moment all information entered by users on the eJamaat website is not encrypted and in this day and age there is no legitimate justification for this.

In short, the situation today is much better than it was a year ago, but data privacy is an aspect of data retention that needs to be continually addressed at every step of data processing and data sharing. A “write a privacy policy and forget about it” approach will not yield the correct result. The more users are reassured that their data is being sensibly and lawfully processed, the more comfortable they will be to provide sensitive data.

Guest Internet Access via FON Routers

A couple of weeks ago I was talking to Yusuf about setting up wireless internet access at my workplace for guests. In the past we had them plug into our wired network, but the downside of this is that unless you have very expensive DNAC equipment like InfoExpress, or have static NAC configured (very cumbersome), your guests are clients on your main office network and can wreak havoc if their computers have viruses or are otherwise exploited.

Network infection via guests is a real vector and one of which companies should be very afraid. Ideally guests would always be on a separate VLAN.

One way to acheive this is to use a FON router to sandbox guests into a separate VLAN. The FON routers have two SSIDs, a private one that is WPA2 protected that gives full access to the local network, and a public SSID that is (by default) completely separate from the main network and guests on this VLAN cannot talk to computers on the main network, only through to internet IP addresses.

Using the friends and family feature of FON, you can set up a custom username and password that your office guests can use to authenticate on the public SSID (multiple logins with a single credential is possible).

This kills two birds with one stone because you not only have secure access to your own network via WPA2 (which is generally considered to be unbreakable using today’s technology) and you offer guests wifi access to the internet without allowing them access to your internal network.

A couple of things are on my FON wishlist:

  • Seamless handover between FON access points on both public and private SSID
  • Proper resolution of NetBIOS names on the private SSID (even though its on a different subnet from the main network)
  • Better tolerance for old network drivers (this is a big one because in quite a few cases clients using older drivers could not connect to FON even though they could use other wifi networks – older Intel drivers in particular seem to be a problem)
  • More powerful customisation options for the FON portal
  • On the La Fonera+, allow the extra wired ethernet port to optionally connect to the public FON network instead of the private network

One other thing to bear in mind is that if you choose this solution, you allow anybody to use your bandwidth when authenticated through the FON network. Depending on your corporate policies, this may or may not be a problem for you. If bandwidth is the only issue, on the public SSID you can optionally limit this to as little as 512Kbps to make sure that guests don’t hog your pipeline.

Is Apple Wireless Friendly?

With the great success of the iPhone and iPod Touch, you’d think Apple would be sitting pretty as the king of wireless networking. Plus, Apple has a reputation for making relatively complicated tasks more user friendly by having more streamlined UI than the competition.

However, my experience with Apple’s networking products has been pretty disappointing. Not because they don’t work well (they do), but because they are the most confusing and user-unfriendly wifi products I have used, ever.

My first foray into Apple’s wifi products was the Time Capsule. The idea behind this is excellent, to have NAS built into the router so that backup for Mac users is painless by just having to flip a switch to turn Time Machine on. Whether the user is plugged in or not, this still works behind the scenes, eliminating the biggest barrier to having regular users back up.

The idea is great; the implementation, well, not so smooth. Out of the box, the Time Capsule seemed to work okay, until I tried connecting via wifi. This didn’t work at all, no matter what I did. It would connect, and then drop, and I’d then have to reset the router and then rinse, repeat, ad infinitum. I found others on forums had the same problems, with no solution. In the end, this magically started working a few weeks later with a firmware update to 7.3.1. That’s nice, but you’d think that basic wireless connectivity would have been better tested before release.

Today I picked up an Airport Express so that I could extend the range of the network to cover our entire apartment. This device also shipped with what I would consider broken firmware, and I had to upgrade to 7.3.1 before it would do anything useful. It’s now working okay (I think), but only after about an hour of tinkering.

My main beef with Apple is that the documentation is so simple. When it works, it works great. When it doesn’t work, you just have to scratch your head and go to Google, because God forbid Apple have any useful troubleshooting resources online to scare the non-tech saavy users away.

One point which I find thoroughly confusing is that the Airport Express has an option to either participate in a WDS or to “Extend wireless network”. Both of these options appear to be variations of the same thing, but I can’t figure out what the difference is between the two of them. A lot of people are asking the same question.

After a lot of searching, I still don’t know what the difference is, except that maybe the option to “Extend wireless network” is sort of like WDS on steroids. However, I have no idea and there’s no information on this that I can find. Apple doesn’t explain this anywhere either, even though both the options are obviously different.

The most important question I have which is as yet unanswered is whether either of the two options supports seamless handover of clients between different access points on the same network.

Long story short: Apple wifi products work great once they’re configured. Good luck trying to get them configured correctly.

hong kong to get 100Mbps net connection to homes

According to the South China Morning Post, HKBN, a broadband provider in Hong Kong is rolling out a 100Mbps consumer broadband service (paid registration required). Some excerpts from the article are as follows:

“Hong Kong Broadband Network on Tuesday unveiled a new 100Mbps broadband service it claims is the fastest for residential users in Hong Kong. The company also demonstrated a premium one gigabit per second service that will be available by the second quarter of next year.”

“However, users paying the $268 per month will benefit from the 100Mbps bandwidth only when browsing local-based content – for international content the bandwidth is limited to 20Mbps. Users wanting the full 100Mbps bandwidth for international access will have to pay $1,980 per month.”

“With HKBN’s new super-fast services upload and download speeds are the same.”

All prices are in Hong Kong Dollars. HK$7.8 = US$1.0.

This is really great news for all of us in Hong Kong. Being able to browse overseas sites at “only” 20Mbps is fine with me, especially if its coming with a price tag of only US$34/month. Also of note is that bandwith is symmetric, which is amazing.

This is what happens when you have a market that has over 10 broadband providers who fiercely compete for your business. They even plan to roll out GigE service to home users who are willing to pay for it.

AIM on nokia 6600

I’m looking for a version of AIM that will run on my Nokia 6600 (or AIM compatible client). The version on AIM.co.uk is freely downloadable, but locked to the O2 network. I found another version on my-symbian.com that looks the same, but costs USD20.

If anyone knows of a free solution, I’d be most appreciative if you could let me know. Ideally there would be a single client that supports AIM, ICQ and MSN simeltaneously. Something like Trillian, but that works on the Nokia 6600. I’d actually be willing to pay for something like that. If not, then free applications that support them separately would be good too.

UPDATE: After some more digging, I’ve found Agile Messenger. It does exactly what I’m looking for, and it’s free. It’s a Jabber based client, so it supports AIM, MSN, ICQ, Yahoo! Messenger, and the Jabber protocol. It also runs on pretty much any mobile platform. Also from Agile Mobile is the Agile Lie Detector. It looks so cool!

vonage tech support madness

So I’m trying to call my fiancee in India over my Vonage phone, and I get the following message from the Indian local-end of the VOIP call:

“This facility is not available on your telephone. [Insert Hindi version of previous statement]. [Insert Bengali version of previous statement].”

No matter how much I keep trying, it still happens. It’s not the first time either. But this time I was annoyed enough to call Vonage and ask them to please fix the problem.

My tech support conversation went something like this:

TS: Hi, what can I do for you today?

Me: Hi, I’m having a problem calling certain mobile numbers in India, I’m getting a message from your Indian local end provider saying that “This facility is not available from your telephone”.

TS: Sorry, we don’t provide voicemail in India.

Me: Yes, I know, it has nothing to do with voicemail. The message is from your local provider in India.

TS: I’m getting a lot of static right now on your end [probably because I’m downloading something while I’m on the phone], I’m going to push a new firmware out to you. I think that will solve your problem and your calls won’t get dropped.

Me: No, that won’t help me. What happens is that when I place a call from here, it gets routed to India, and in India, a local call gets placed from your VOIP provider to the number I want to call. That last step is failing. You can push me a new firmware if you want, but it certainly won’t help me solve my problem. Usually this happens at night or during the early morning, and when it happens it happens for hours at a time and I can’t get through.

TS: [It dawns on him that I might actually be having a real issue.] What times does this happen? It sounds like you’re trying to connect at peak usage times.

Me: It happens usually very early morning, like 2:00AM or so through the late morning. It seems unlikely that you’re getting a lot of calls placed at 2:00AM Central.

TS: Well, it’s probably a peak usage time issue.

Me: That’s possible. But it’s not acceptable to me that just because it’s a peak usage time, my phone calls should not go through. When I place a call, I expect that it will go through. Whether or not it is a peak usage time and you have the appropriate call capacity is an issue for your technical staff, not for me.

TS: [Is quiet for a few seconds.] I’m going to escalate this to our Tier 3 tech people, hold on a minute so I can get you your ticket number.

Me: [Waits.]

TS: Can I get the number you’re trying to call?

Me: 9198313xxxxx

TS: You mean 0119198313xxxxx?

Me: Yes. [Obviously.]

TS: Your ticket number is xxxxxx.

Me: Thanks.

TS: [Seems like he’s waiting for me to say something, but then says:] Is there anything else I can help you with today?

Me: No, that’s all. Thanks.

TS: Bye, sir.

Me: Bye.

I’m somewhat hopeful that my issue might actually get resolved, but it would be nice if these tech support people didn’t treat us like idiots when we call in with a real problem. I thought it was pretty obvious what the problem was, but yet before he took me seriously, he tried to tell me:

a) They don’t have voicemail in India. Well duh…
b) He’d push a firmware update to me. This is going to help how?
c) It’s a peak usage time. Sorry, not my problem. That’s what I’m paying them to deal with.

And after that, I had to explain to him what the problem was. Nice reversal of roles there.

In all fairness, aside from this one issue I’m having with calling my fiancee in India (which as you can imagine is a big deal to me), I’m very happy with their service. The line quality is good, and I’ve not had any other problems. If any of you are planning on signing up for Vonage (yeah I know, my post is a shining review 😉 ) please do let me know, and I can refer you. We’ll both get a month free.