Category: Uncategorized

QTek S100

I have been talking about mobile phones quite a lot on this blog.

I’ve always been on the lookout for the optimal phone for my needs, which I finally thought to have found in the combination of the SonyEricsson K700i and the iPAQ hx4700 by HP. I used the phone (good usability, small size) for communication and the iPAQ for emailing and the PIM applications. The combination beared the risk of not having the PIM-Data ready when I needed it, but all other smartphone offerings out there where either too heavy, too user-unfriendly, too large or just too limited in their feature-set.

However, last week, the joystick of my K700 completely stopped working (I’ve never met even one person not having a broken joystick after about a year or so), so I needed a replacement.

SonyEricsson does not have any new devices to offer (the next one being the K750i, released in Q2 – about june or july, I suppose), so I was on the lookout to something different.

Then I found the QTek S100 quite by accident. You may know the device produced by HTC where it’s called “Magician” under the name JAM by i-Mate (or as SPV if you’re a customer of Orange, or even MDA compact at T-Online – it’s always the same device).

Size-wise it’s a bit thinner than the K700, has the same height, but it’s a bit wider. It runs Windows Mobile 2003 Phone Edition, so it can naturally be natively integrated in our Exchange-Environement. All known PocketPC-Software runs on it and it’s even powerful enough for watching videos (only at 320×240 pixels – the device has no VGA-Screen). It has a SD-slot which is SDIO capable, so I could use that for WLAN which the device unfortunately does not have built-in.

It comes with Bluetooth-Support which I’ve already used both for dialing into the internet and synchronizing with the PC.

I’m told that the MS-Stack is a bit limited, but it fits my needs.

The sound quality isn’t as good as with the K700, but far better than what I feared it’d be.

Usability-wise, this is the first Smartphone that really works for me. I’m as fast with the QTek as I’m with my K700. As I’m already used to the letter-recognition of the PocketPC, I’m quite fast in writing SMS too, though the device does have a special input-panel with T9 support.

What surprises me the most (which actually led me to write this article) is the battery lifetime: It’s now 5 days since I last charged it and it’s still 45% full. This is already longer than what my K700 did when it was completely new. I did not think I’d last longer than 2 days at most….

Additionally, as it’s a real PocketPC, you will have the device connected to your PC when you are in your office. So it will automatically be charged during the day, so battery lifetime would not even be that an issue.

For me, the QTek is a great device. Nearly the optimal phone (which I still have not found). The only things I’m missing are (in no particular order):

  • A standard 3mm headphone connector. The S100 has a smaller 2.5mm connector which doesn’t allow me to plug my headphones and use the phone as an MP3 player. I know that adaptors exist, but it would have been nice if it thad the right connector in the first place.
  • A VGA screen. This is unrealistic for this small screen size, but whatever…
  • WLAN-Support. Public WLANs are getting more and more common here. It would have been nice to connect to those.
  • A real docking station. Currently they provide only a USB-cable. A real docking-station would have been a nice thing to have
  • A real keypad. While the soft-keyboard is nice, an exdendable real hardware-keypad has the advantage of being usable even when not looking at the device.

That’s all. Small things. Not nearly as annoying as the problems I found in the P800.

So if you ask me what phone you should buy: For now it’s clearly one of those HTC Magician based phones as it combines the power of the smartphone and the known user interface of the PocketPC with the small size and battery power of a regular cellphone.

Hacking Hiltl

The Hiltl is an excellent vegetarian restaurant in the middle of Zürich. I eat there quite often because the food’s great, the waitors are friendly and they always have space for you despite being constantly full of guests (others seem to think the same).

What’s interesting from a technical point of view is their ordering system: All waiters are equipped with a Windows CE device by Symbol and use WLAN to communicate with a central server (two actually, but see later) to process your order, send it to the citchen and finally print out the receipt for you.

What’s even more impressive is the seemingly perfect user interface: The waitors are actually faster with those things than they’d ever be using the old-fashioned paper-way. Even if you have special whishes, they can enter them in an efficient way.

The only time papers are involved is when they print your receipt. The system automatically selects the nearest printer.

This is one of the secrets behind the incredible efficiency of the Hiltl allowing for an incredible throughput of guests while still giving them all the time they need to eat and chat. Actually, a table is ready for the next guest only about one minute after the previous guests have left.

The restaurant is devided into two floors. Both have a master-waitor which has control over all the tables. They communicate via radio.

So you see: This is the restaurant for a geek to visit: Good food and good tech in one.

Now, the Zyxel access point they had mounted to the roof of the restaurant somewhat itched me. I mean: It’s WLAN after all. And I know the devices they are using – I wrote some lines for them too. So, maybe I can get some insight, I thought.

Armed with a notebook and the right software, me and Christoph took our meal in the Hiltl today.

The bad thing first: They don’t even use WEP for their network. They just created and empty SSID but don’t even hide it. So we did not have to use a WEP cracking equipment.

The devices communicate via SOAP over HTTP on a non-standard port. Additionally, the server often pings the known clients to check if they are still there. Then there’s a misconfigured router sending out IPv6 packets which are not used in any way. Oh and a Win9x-machine is there too, announcing itself as a network browser.

There are two servers: One for ordering, the other for printig.

Unfortunately, the SOAP messages (especially those to the ordering-system) contain much binary data, so there’s not much one can do there without isolating one device and doing some known steps on it.

Unfortunately, our equipement was not running until after our order was taken, so I don’t even have a reference point.

The printing though, uses some clear text XML-parameters. I think, I could be able to print some funny messages to all of those printers.

As I see it, no authentication whatsoever takes place – besides a hard-coded registration of the devices IP-adresses. ARP-spoofing could help about that though.

Now… what do I want to say with this? I’m certainly not going to attack them as I really, really like their food and want to return there often for my nutritial needs. Then, it’s a matter of honor: They are so progressive and efficient that I just can’t punish them for their (quite obvious) security problem.

Still, for educational purposes, this little experiment was very useful. Maybe, another day, I will even try to decode those binary parameters – just to know how it would work, not to hack me a cheaper meal or so ;-)

The last thing to do for me on this posting is one thing: I ask you kindly to do the same thing as I do: Don’t crack the network there, but go there to eat. It’s really worth it.

WoW: Language Hacking

As I explained in my previous posting, I very much like to play World of Warcraft in the english version.

Now I got my hands on the US-version and installed it (after uninstalling the german version).

The problem came after patching to the current version: My account was not recognized anymore – no wonder: The game was connecting to the US servers while my account is on the european ones.

A bit searching for worldofwarcraft.com in the games directory revealed the string set realmlist [something] in base.mpq

As always, google was my friend and showed me the solution: Add

SET realmlist "eu1.wow.battle.net"

to the file config.wtf in the directory WTF of your WoW installation.

This lets you login to the european servers where your account is recognized.

Works well (at least until the next patch is released ;-)

Update: if you have a file called realmlist.wtf in the main installation directory, change that one, not the config.wtf as it will get overwritten on every launch. And additionally, you should set the server to eu.logon.worldofwarcraft.com instead – the older one was for the beta.

World of Warcraft

For the last three years or so, I was constantly thinking about those online RPGs, but the high amount of micro-management you had to do and the steep learning-curve, the newbie-killers and all those other factors led me to ask myself: “Why spending money for that kind of dubious entertainment?”

Then I’ve read many good things about Blizzards World of Warcraft: It was said to have a nice learning curve, few micro-management and to be entertainment-centered – now we where talking…

So I went ahead and bought it last tuesday.

While there were some problems at first when I tried to create my character (Blizzard was quite overrun by the many people trying it out here in Europe), they were solved the same day and since then I had no problems with long waiting lists or disconnects. So from a technical point of view, it’s very satisfying.

And then there’s the gameplay of course.

This is very well done: There are many small things where the designers have tried to minimize the problems other MMORPG seem to have: There’s no senseless doing stupid jobs with your alter-ego just to earn money (you earn money by beating quests which are somewhat diablo-like). There’s this concept of getting double experience points when you log in after a larger pause. Then, if you don’t want to play in a designated player-vs-player-area, it’s immensely difficult to be slaughtered by another player – if you get killed by another player, it’s entirely your own fault. And besides: Other players cannot steal your inventory.

While the game provides an incredible amount of options how to progress your character, it introduces them nice and slowly. I’m still quite the newbie (playing about 2 hours per day I’m now at level 9) and I never felt overwhelmed. Very nice.

The most interesting experience I’ve had so far was yesterday when I was having problems concluding a certain quest alone: The boar I had to kill was just too strong for me.

So I did the logical thing: I went to the nearest tavern and asked around if there was someone willing to kill that beast with me. I soon found someone and we succeeded. This is what I expect from a MMORPG – not forging horseshoes and selling them for much too less money becuase of ebay-caused inflation – each horseshoe taking about 1000 senseless clicks to build.

So WoW is definitely getting my $11 monthly after my one month trial runs out.

Oh. There’s one thing though: Here in Switzerlad, you just get the german version of the game. This is very unfortunate for me as I prefer playing in english realms. Now its quite difficult to talk about something with an other player if I just have my own translation of the german name instead of what’s on the screen of the other players.

This is partly my own fault – I could play on a german realm, but partly blizzards too – here in Switzerland, many of us are used to read and understand english – all the movies are shown in the original language (mostly english) with subtitles for example. I think, that many of us would really prefer to have an english version of the game.

I for myself will probably do as I always do: Use the CD-key of the german original with an english copy I get via other channels. This is not particulary legal, but not that illegal too, I think.

Please, Blizzard, if you hear me: Provide us swiss with an english version of your games in the future.

Check for update

I’ve seen many pieces of different software.

Many of them provide the user with a way to go online and check for new versions of the program.

Nearly all of them have the corresponding menu entry in the “Help”-Menu.

Why is that so? Checking for updates does not provide you with help. Maybe, just maybe it can fix a problem you are having – but it’s nowehre near providing help.

If I wrote software, it would have this option in the Tools menu or – if the application had none – in the File-Menu, though it’s misplaced even there. As is “quit” for example…

Security Tools

There was this security announcement today: Another time a Symantec product does not what it’s supposed to and actually executes UPX-Packaged .EXE-Files to find out whether they conain malicious code or not.

This is certainly not the best way to accomplish that…

So this is anoter point why I’m no fan of security software in place of user education (and regular flaw-patching): Such software creates a false sense of security (“should I click here? Oh well.. I have my NAV running, so nothing’s going to happen”) and may even open bigger holes when itself is not secure.

As it stands now, a educated user without NAV that receives an email with a prepared UPX-packaged .exe will just delete the file and be happy.

An educated user with NAV will delete the file too, but before he can, NAV will have scanned the email and thus executed the malware. This is a case where the infection comes from the software supposed to be preventing it.

It’s just like with firewalls: Why installing a packet filter filtering unwanted packets to open ports when you can close the ports in the first place?

Security is (mostly) a social thing (not counting exploits which must/can be prevented by updating the affected software) that can be achieved best using social skills, not software-barriers (as software has flaws – education at least has the possibility of achieving its goals).

So I’m not bashing Symantec (for once), but security-software as such.

AWStats

For the last five years or so, I’ve been using ModLogAn for my/our web analyzing needs: The tool is fast and much more powerful than Webalizer which I was using before modlogan

Getting it to run was a bit difficult at first (requiring a hacked GD library and all that), but this gradually got better. Since then the tool does a wonderful job (except one broken release about three years ago).

With all this buzz about the phpBB.com incident which happened because of a hole in AWStats, I wanted to give said tool (in a fixed version – of course) a shot.

The gentoo ebuild is tightly integrated into webapp-config which I’ve not used before, so the installation was somewhat difficult for me, but some symlinks here and there soon brought me a working setup.

I must say that I’m impressed of the tools capabilities: It’s quite fast (not as fast as modlogan, but fast enough), its CGI user interface profits from its dynamical nature (filtering long lists in realtime for example), the plugins provided with it are very cool (geoip, whois,…) and as soon as one understands how it ticks, it’s really easy to configure and manage.

Useful for some people is its possibility to update the statistics in realtime by analyzing the current rotation of the logfile. Another thing, modlogan isn’t capable of.

And finally it’s the looks – as always. awstats looks much more pleasant than modlogan does (even when using the template-plugin which has the nicest look of all of them).

I’ve not deceided yet whether I should replace the currently well-working modlogan-setup or not, but I’ve certainly analyzed the whole backlog of gnegg.ch (link to the tool removed due to gnegg.ch redesign).

IRC Clients

When my favourite game movies site (written about it here and here) went offline last week, I ventured a look into its IRC channel to find out what’s going on.

Chatting with the guys there was so much fun that I deceided that it’s time to get into IRC after all (I never really used it before, so I did not really have a big insight into this part of the net)

Soon after this decision, I began learning the ins and outs of IRC and the first thing I did was setting up a bouncer (IRC-proxy – let’s you be logged into a channel despite your client machine being offline. Very useful for getting an overview on what happened while you were away). There are quite many available, but the only one that seems to be still maintained is ctrlproxy

If you plan on using mIRC with it, go and install the current pre-release 2.7pre2. Older versions don’t let you connect.

Next was the question which client to use.

While mIRC is nice it has two problems: a) it’s single-platform. As I’m constantly using all three of Win/Mac/Linux, a single program would be nice so I don’t have to relearn all the shortcuts for each platform. b) It does not look very polished and cannot be made to do so.

Klient looks much better, but is still single-platform and has problems recognizing the state when reconnecting to the ctrlproxy (it sometimes does not notice that you are already in a channel).

virc looks better than mirc, but worse than Klient. Plus, it seemed a bit unstable to me. And it was slow displaying the backlog. Very slow. It’s single-platform too (and written in Delphi it seems)

irssi is single-platform too, but I could work around that by running it on our webserver and using screen.

A program that warns with

17:43 -!- Irssi: Looks like this is the first time you've run irssi.
17:43 -!- Irssi: This is just a reminder that you really should go read
17:43 -!- Irssi: startup-HOWTO if you haven't already. You can find it
17:43 -!- Irssi: and more irssi beginner info at http://irssi.org/help/
17:43 -!- Irssi:
17:43 -!- Irssi: For the truly impatient people who don't like any automatic
17:43 -!- Irssi: window creation or closing, just type: /MANUAL-WINDOWS

before starting it and with no obvious way to exit it (Ctrl-C, quit, exit – neither did work) is something I’m afraid of (quite like vim, though I learnt to love that one). So: no-go

Finally I ended up with X-Chat. It looks good, has all features I need, a big userbase, is maintained and is multiplatform after all.

There was this fuss about the windows version becoming shareware, but I can live with that as the tool is very, very good. For supporting it’s author, I gladly payed those $20 (I see it as a packaging fee – just like with those linux distributions), though you can get a windows binary for free here.

So for me, it’s X-Chat. And much fun in #nesvideos

Why I love the command line

Today I had the task to join together quite some mp3-files.

I had about 100 radio plays, each devided in three to six files which I wanted to have joined to one file per play so I can better organize them on my iPod

There are tools out there doing exactly that. mp3surgeon being one of them. All these tools a) have a non-scriptable GUI (meaning lots and lots of clicks) and b) cost money

b) would not be a pronlem if those tools would work for me, but because of a) they do not.

Then I found mpgedit a command line tool capable of joining MP3’s (respecting VBR-headers, but without recoding the new file)

As it’s usable from the command line, I could write a small script doing exactly what I wanted:

<?

$dir = dir(".");
while (false !== ($entry = $dir->read())) {
	if (preg_match('/^.+$/', $entry)) continue;
	$path = '.\'.$entry;
	if (is_dir($path))
 	    doJoin($path);
}

function doJoin($dir){
	echo "Looking in $dirn";
	$of = escapeshellarg("..\".basename($dir).".mp3");
	chdir($dir);
	$files = array();
	$d = dir(".");
	while (false !== ($entry = $d->read())) {
	   if (!preg_match('/.mp3$/', $entry)) continue;
	   $files[] = $entry;
	}
	$d->close();
	sort($files);
	$files = array_map('escapeshellarg', $files);
	system("c:mp3mpgedit_nocurses.exe -o $of -e- ".implode(' ', $files));
	chdir("..");
}
?>

Note that it’s written in PHP as this is the language I currently do most of my work with. And note that it’s very customized to just my needs. None the less it works very well and saves me from about 200’000 clicks

Now this is exacltly why I love the command line.