Saturday, April 18, 2009

ASA: Lessons learned

Inter Vlan Routing:

This was harder to figure out than I expected it to be:

1) With a trunk / ROS setup I believe both of these are needed. inter-interface should be enough for separate physical links.

same-security-traffic permit inter-interface
same-security-traffic permit intra-interface

2) Create a NAT exempt rule on both networks.

Source: Any Dest: Other same-security interfaces you want access to.

So if you had two local subnets you would need a nat exemption rule on both.

3) Create your dynamic NAT rule -- any/any.

This will allow all traffic between the subnets to flow freely but any traffic heading upstream will be caught by the dynamic NAT rule. This may or may not be the best or proper way to do it but it works never the less.

General thoughts on the ASA platform:

1) ASDM is more of a hindrance than a benefit. Maybe it's just my CLI bias but it's really difficult to do anything remotely complex using checkmarks and buttons. There's something about writing a carefully crafted command that has its own inherent procedural logic that allows you to understand things on a deeper level. I would encourage anyone using these devices to force themselves not to use ASDM at first. It's fine for quick changes once you have a better understanding of the platform but at first it makes things much harder than it needs to be.

2) I wish the command syntax was more IOS like. I feel like if they didn't want to completely replicate IOS 100% they should have gone a totally different direction. Having them be 90% similar is very confusing to me. Too often I am retyping commands simply because the order of arguments is slightly different.

3) Where the fuck is the "do" command? (see above point)

4) The packet trace command is a tool you should learn to use right away. This is something I would like to see folded back into IOS.

I still have a number of things to figure out -- security contexts, fall over, etc. I'll try to update this if I come to any other great revelations that might be helpful to someone else starting out with this platform.

Wednesday, March 18, 2009

iPhone 3.0 Recap

Seems like everyone forgets Apple is still a baby in the SmartPhone market. It's easy to argue they should have done this all quicker but it's only been 2 years. In software development you can either hire a ton of people and use the thousand monkeys model of development or you can build up a smaller team and just give them the time to get it right. Since iPhone sales weren't hurting at all I think Apple saw no problem letting the core iPhone software team take their time.

I would speculate that Apple probably spent about 12-14 months exclusively working on the SDK after the launch of the 1.0 firmware 2 years ago. That includes improvements to the core OS infrastructure and optimizing the various APIs for a mobile device with limited memory and clock cycles -- and of course battery constraints. All of the API work had to be done right the first time. It had to be consistent and it had to be forward thinking enough to ensure there was room for the platform to grow over the years. Apple doesn't want to make a tiny change in a core library and break 10,000 apps. They don't want to have a dozen different APIs that do basically the same thing and bloat up the OS just to provide backwards compatibility. This is a good thing and it's the same principals that have made OSX a great platform on the desktop side.

And let's be honest. The competition hasn't exactly been pushing out a lot of innovative updates. RIM & Microsoft are still struggling to catch up to most of the iPhone 1.0 features and usability. Android doesn't really seem to have much momentum at the moment. Looks like Google might already be losing interest in it. Not a good sign.

Arguably with all these iPhone competitors out there making slow, but steady, progress the SDK and third party application library are Apple's main competitive advantage. They had to put their priorities in order and make sure the SDK was bullet proof and good enough to attract developers -- and basically lock them into the iPhone platform for years to come. Some of these other features, C&P, A2DP, etc were simply not going to give the iPhone a dominant advantage in the same way the SDK has. Apple understood that and they will benefit from it even if users want to belly ache over waiting 2 years for C&P. You still bought it, didn't you? Point proven.

Tuesday, March 17, 2009

"“We had to struggle with the old enemies of peace — business and financial monopoly, speculation, reckless banking, class antagonism, sectionalism, war profiteering. ... Never before in all our history have these forces been so united against one candidate as they stand today. They are unanimous in their hate for me. And I welcome their hatred!" -- FDR

Friday, March 13, 2009


Is it intelligent to veto a bill over 2%? Should the passage of the bill be delayed by weeks to cut 2%? Should congress be tied up debating 2%? Should the President and leadership in Congress spend time trying to win the political battle? Over 2%? We frankly have more important things to deal with right now. In time hopefully the ear mark process can be reformed. The problems with the economy are definitely the main focus right now. Does anyone think slashing the 2% of ear mark spending is going to fix the economy? Of course not... Why are we talking about it right now?

Is it maybe a ploy to distract us from talking about the important things? A huge increase in science spending. A huge increase in funding for alternative energy programs. Huge infrastructure (road & bridge) repair projects. Spending for health care to keep people alive. If you're dead you don't care about the 2% of ear marks that were or were not cut from a federal budget. (such projects including side walk construction in a school district) Real reform to decrease pollution via cap & trade. Major changes in Iraq & Afghanistan.

Thursday, March 12, 2009

Apple TV 3.0 Wishlist

Based on loose speculation of a Apple TV update sometime in the near future:

New Home Screen: It should mimic the iPhone OS home screen. Icons for individual tasks on one page with a row of favorites on the bottom. Less nested menu navigation. (old, ugly, inefficient UI design) Should be easily navigable using the basic Apple Remote and giving icons a glow effect on selection. I envision a status bar along the top showing wifi signal strength, time, and notifications.

Home Screen Icons:

iTunes Store --> Renting/buying content.

Apple Remote --> Streaming content off local network via iTunes

You'd also have the other apps, YouTube, Photos, Settings, etc.

Additional functionality:

Safari: This would largely depend on implementation of the Wii style motion control patent that has been floating around. D-Pad style navigation with the Apple Remote simply wouldn't be usable. Should also support iTunes/MM syncing of bookmarks to avoid having to type URLs in. (Keychains too, on the Mac side at least)


Simple games (remember the motion controller patent?)

Streaming front ends to various services. Probably going to need Flash too. (not a big problem if we stay x86)

Interactive video apps. Kind of a choose your own story sort of thing.

Fantasy sports managers

Lots of stuff no one has ever thought of.

I would imagine the SDK would be fairly similar to the iPhone SDK although obviously targeting a different screen resolution. Being as the iPhone SDK is heavily abstracted from hardware porting apps shouldn't be too difficult. The biggest challenge would be scaling up to a higher resolution display for games -- however the Wii proves you don't really need good graphics to be successful in the gaming industry. Might not be too bad. An important part of this SDK would be promoting iPhone/ATV integration. For example, a Netflix app might allow you to watch a movie onscreen while you browse their catalog on the iPhone and start a new movie or que something. An RPG game might use the iPhone display for an inventory screen. The similarity in APIs would allow developers to write applications that did not depend on the iPhone as an accessory -- simply moving those controls to the AppleTV output. (kinda wonky but it could be made to work)

The obvious question is why would Apple allow competing services onto their hardware? They simply don't have a dominate position in online video -- no streaming presence at all. Unlike the music industry, where they got in early and dominated, they will have to settle with being a platform for other video services. The Apple TV could become one of the first devices that allows various services to pool together in one place. Would you pay $9.99 for the Netflix app? Probably. Would Apple like 30% of it? Yes. Even if it is a one time sale. (better than nothing from Apple's perspective)


Most likely something ATOM based. It's got the best mix of price/performence right now and a pretty good supporting chipset/GPU. (well, good enough for our purposes) I had speculated it might be something NVIDIA/ARM based but it's hard to beat the ATOMs price/performence ratio at this point. OSX is very platform independent so it shouldn't be a major issue targeting ARM and x86 for developers. Obviously the SDKs will have some major differences to deal with no matter what.

Pricing: I think a platform open to third parties is easily justifiable at $200-$250. Adds a lot of value to the device. It would probably be wise to support a much cheaper option too. Something like the AirTunes feature on older AirPort routers except video enabled. Something you control with an iPhone. $99 - no storage. Just a simple dongle you could hookup to any TV

iPhone 3.0 Wishlist

Spotlight: Indexing of e-mail, contacts, SMS, web history, etc. Extensible via SDK. It should include a way for apps to declare the type of data they can address. For example, if you were to SpotLight a street address all your GPS enabled applications would be offered in the search result list as something like "Search using UrbanSpoon" which would open that app and do a search.

Unified Inbox: Along the lines of what RIM does. Have IM, e-mail, call log, etc all go into one spot. It would not replace the individual apps but just collect their data together in one spot as an alternative view. Also extensible via SDK. So for example, you might have a new voice mail, 2 missed calls, an IM, and a notification of an application update from AppStore, along with some new e-mails all in one list. Touching any item would launch the native application.

Spruced up Lock screen: Either more information in the traditional "Today" style view or something fun and gimmicky like animated wallpaper or widgets.

Copy & Paste: I don't care about the feature. I probably wouldn't use it. I just want people to shut the fuck up about it.

MMS: Same deal. I've used MMS maybe once in my life. I don't talk to people who can't send and receive e-mail. It would simply shut people up and that would make me happy.

More UI customization: Just something as simple as color themes would be welcomed.

Better App Management: Something along the lines of Smart Folders by category and also a "most played"

Voice Over: Read the from/subject of a new e-mail, the text of an SMS, etc. Definitely an option, not a default. (lots of potential for misuse, annoyance and embarrassment) It'd be great for driving. Accessible to third party apps via API of course.

Widgets: Something you can place on your home screens. It'd be slick to have a page devoted to just random information without having to launch an app to find it. I would suggest with Widgets they run in a zoom-ed out mode (resizable though) and when you touch them they zoom in and/or display more information. Very light weight, very quick to switch between them

Saturday, February 28, 2009

Lack of Updates

While I only have a few loyal readers I do feel bad about not being motivated enough to write anything recently. I'd rather say nothing than say something that is not original or at least insightful. I also started this blog to experiment with longer form content and I haven't had the time to invest into it as of late. However if you combine enough short form content with long form content it all works out:

President Obama: He's doing exactly what he was elected to do. I don't know how much milage the Republicans are going to get out of "OMG! He's CHANGING THINGS!!!" given the fact that Americans, in a landslide, elected him to do just that. Obviously we were dissatisfied with the way things were going. We've certainly spent a lot of money in the last 8 years supporting the military industrial welfare state, building roads & bridges for Iraq, and cutting taxes for the most wealthy Americans in the name of "job creation" Maybe it's time we spent some money elsewhere. I know it's a crazy idea but since the old method wasn't working I fail to see any downside in trying another direction at this point.

Bi-Partisanship: The Republicans talk about their representation in government today like they didn't lose in a landslide at all levels. Bi-partisanship doesn't mean you let the minority rule. The great trick the Republicans always play when Democrats have power is to act like they deserve majority rule status. They certainly have every right to disagree with the President's agenda but it's very dishonest to act like they deserve more power than the American people decided to let them have in November. If you want to help us improve our agenda then fantastic -- welcome aboard. Don't expect minority rule to set the agenda though.

Music: I've been totally indulging in the Miles Davis & Gil Evans era recordings. I think I've probably listened to Sketches of Spain a dozen times in the last week. It's the type of record you could just leave on repeat forever.

Books: I'm presently reading Churchill & America. It surprised me that despite my interest in WW1/2 I have almost no knowledge of Winston Churchill. My boss recommended it to me as a good introduction. I have a massive biography on Churchill that I've just never got around to reading. I'm interested, just not THAT interested. I need something a bit more casual to start off with.

Work: Things have calmed down a bit after a few hectic weeks. I've got a few big projects lined up for mid to late March so I get a little mini-vacation from working too hard until then. Just cleaning up some things, trying to refine some things, and keep everything running smoothly. One of the major things I want to work on is to increase overall availability of the network. Without getting into too much specifics We're hanging around the 98% mark system wide. Some of that is simply out of our control but I feel like we should be able to hit 99% and maintain it.

Safari 4

I dig the Top Sites feature. I arranged each row (more or less) for a different class of site, blog, news, forum, work, etc. Hopefully in the future the thunbnails will update more often and will authenticate on sites automatically to get a proper thumbnail.

A broader comment on Apple's visual design: I enjoy spending my considerable time in front of a computer in an elegant and visually pleasing environment. I'm not sure it makes me anymore productive but it definitely makes things more comfortable working on a long project. A big factor is the participation of third party developers. They generally stick within the overall idea that apps should look good, be somewhat minimalist in their functionality, and fit into the OSX way of doing things. It's a much less disjointed experience than using Windows or Linux.

I fully expect blogspot to fuckify this image so:

Thursday, January 29, 2009

Testing new blog front end

The UI for the native blogger interface is pretty awful. Trying this thing called Blogo. It's alright. Not sure why anyone would spend $25 on it though.

It does have a full screen mode though which is a nice touch. I prefer to write undistracted.

Wednesday, January 28, 2009

New Monitors

IMG_0159, originally uploaded by jsz0.

Excessive? Yes.

Friday, January 9, 2009

Revising the Dock

After checking out the screenshots of Microsoft's Dock implementation in Windows 7 I think it's a step in the right direction for them. It's a little embarrassing to have to admit your main competitor was right a decade ago (2 decades if you count NeXT) but Microsoft has always done best when they copy something that works and add a few useful features on top of it. That's exactly what they're doing here and it's a pretty good implementation of the Dock. In fact, it's probably better than the OSX Dock which hasn't seen any significant upgrade in a while. The changes in 10.5 were largely irrelevant to how the Dock actually works.

What's wrong with the taskbar? Everything? It was fine back in 1996 when you had maybe 6 or 7 applications open if you were a power user and could afford 64MB of RAM to handle it. Today it's not uncommon to have dozens of windows open that you must actively switch between to complete a task. The taskbar simply doesn't scale and is not consistent. I could go into that more but it's pretty obvious so figure it out.

Managing this type of mess on a taskbar is nearly impossible. I've tried. It drives me insane. The lack of Expose doesn't help but that's another issue entirely. (the screenshot cuts off my second 20" display which is also full of windows) The Dock works by saving space combining launching & running tasks and always combining all associated windows of an application together. The bouncing Dock notification is also very useful as extra information can be included in the Dock page (such as transfer speed, unread message count, etc)

Having not used the Windows 7 Dock (only looked at it) I can't really comment on it outside of saying it looks like an improvement on the OSX Dock. The simplicity of the OSX Dock is nice but when you're dealing with say 8 Terminal windows a static text list of their names is less useful than a graphical thumbnail. The JumpList feature is somewhat available by right clicking a Dock icon but not implemented nearly as well and with flexibility.

Anyway, I'd like to see Apple do two specific things to improve the Dock:

1) Allow widgets to run in the Dock in the same style as avant-window-navigator on Linux. Avant started as a straight OSX Dock clone but has got so many new features via widgets that it surpasses the original. Different Dock icons could work as containers. So for example, all my audio apps could go into one container which would spiral out in the style of Stacks to show what was inside. A Twitter widget could popup a simple text entry bubble with a Submit button. Etc.

2) Thumbnail previews would help. Hover for a few seconds and get an Expose style pop-up of each window.

That's about it. Otherwise I think the OSX Dock is very functional and to the point. It would be a shame to see Apple let Microsoft beat them at their own game. The Dock is long over-due for some tweaks. The changes in 10.5 show all the fundamentals are there to make these changes. Someone just has to pull the trigger and decide the 10 year old Dock needs to be revised. We certainly have the GPU power for it. These options could all be off by default since the basic Dock configuration is fine for most people.

Saturday, January 3, 2009

Apple 09 Predictions

I enjoy predicting things:

iPhone: Probably nothing major on firmware. That's more of a WWDC thing. iPhone Nano, definitely this year but maybe not at MacWorld which has traditionally been a computer oriented product launch/refresh expo.

iWork/iLife Updates, hopefully iPhone & web compatible versions. They'd have an opportunity to land on a lot of Windows desktops with a good mobile version of iWork. The iPhone integration might come in the form of an iMovie app that can do basic video recording, editing and publishing. Perhaps some GarageBand instrument & remote controller stuff.

Desktops: I think this is where the biggest announcements will be made. It's the one area in Apple's product line that is seriously lacking.

New Mini: NVIDIA chipset. Probably not much cheaper but a better value at least. Maybe a little wider and taller.

Mac: Cheaper i7 based mid-range tower. Cheaper, not necessarily cheap. Probably still $1k+ or even $1500+

iMac: NVIDIA chipset.

New mice/keyboards: Anytime Apple refreshes desktops them seem to do new keyboards/mice to match. Probably a black key version of the aluminum keyboards and a new mouse -- maybe also aluminum. Perhaps with multi-touch. (basically a rounded/molded thermal sensor integrated into the front of the mouse)

Snow Leopard: Probably won't ship till April or May but there will probably be some new features announced. They may be focusing on core OS improvements but I'm sure there are some user oriented features we haven't seen yet.

Apple TV: Big changes but maybe nothing at WWDC.

1) Platform change to NVIDIA's ARM CPU.
2) It will run off the same code base as the iPhone OS with one common code base but some big GUI changes:
  • The current Apple TV GUI becomes the iPod app
  • The system boots up to an iPhone style home screen
  • Core apps like Safari, Mail, iTunes Store, Google Maps, etc get moved over with some UI changes also.
3) Multi-touch remote: Probably something similar to the size of the current Nano with physical buttons. So you track your finger on the screen constantly but you click a button instead of tapping. The TV UI will show a little trail of your finger movements on-screen. The remote itself will probably not have any display. The remote may be designed to flip on its side and be used as a controller with at least two easily accessible physical buttons on the edges.

4) SDK / ATV AppStore. This is the catalyst behind of all the above changes. The model that works for the iPhone would apply perfectly to a set top box. You'd have games of course, streaming media apps of all kinds. There's also a pretty good market for straight up utility apps -- home automation for example.

Moving the ATV to ARM means Apple doesn't have to do much work to make this happen. They already have the whole infrastructure / SDK in place for the iPhone. I don't think the apps would truly be portable between platforms due to UI differences and differences in processing power but it would be pretty close. The Wii has proven bleeding edge HD graphics aren't the end-all of gaming. Simple iPhone 1:1 ports wouldn't be bad at all -- with the option of developers targeting the ATV natively for more power.

Death Watch: I personally don't think Jobs is sick but he will resign as Apple CEO in 09. What we're seeing now is just Apple laying the groundwork. The rumor of Jobs being sick is perfect cover for it. They gotta take Jobs out of the public eye for a while to ease the transition. If investors see someone other than Jobs go out and launch a successful product they will be much less antsy when Jobs leaves. They'll understand it's not the end of the world as we know it. Jobs would probably still be involved in the more long-term goals of Apple, in the same way Gates is still involved with Microsoft, but someone else will be running the day-to-day stuff of a CEO.