With great anticipation, I bought an Apple iPhone (actually my wife gifted it to me for my birthday...). But the excitement was very much there. The great features that were extolled on the video, while true and give an exceptional experience while listening to music and even listening to phone calls.

However the primary usage for people like me who do not like bluetooth and need to take calls while driving and long conference calls depend heavily on the hands free feature that the ear pods provide. Every time I try to use the handsfree for call and try to speak, all the participants start yelling at me to speak loudly. There is a very clear hissing sound in the call and lot of static that makes speaking on the call impossible.

Having spent so much money on research to get exceptional sound quality on sound, I wish Apple would have spent a little more time on QA on the mic. I will be soon going in an Apple store and demanding a replacement for the earpods.

Seems like Java is not ready to accept that Sun has been bought over by Oracle. I updated Java on my Mac OS and accessed a Java powered site and this is what I saw.

My in-laws have applied for US visitor visa and I am tracking their VISA appointment to see if we can prepone it so that they can come early to the US. I was at first impressed with the VFS (http://www.vfs-usa.co.in) website that caters to the US Visa requests from India for the controls that they had in place to ensure correctness and security. It would have never occurred to me to test those as I would have expected that any government website would tested and re-tested against vulnerabilities. When you think of how many people enter the US every year, how many leave to vacation at Mexico all-inclusive resorts or come to work here after working at Barbados all inclusive hotels, it is surprising.

I guess I was wrong. All I did was to enter my father-in-laws details on the website. While doing so I somehow entered the last three digits of his visa fees receipt number wrong and VIOLA!!! I was presented with records of three apparently related people who were totally unrelated to me or my father-in-law. I could have canceled their appointment or done all kind of mischief. Needless to say, I closed the web-page promptly after taking this screen-shot. It appears that at some point RAID data recovery will be necessary for those victimized by hackers.

Whether I should inform the US Visa department or not, I am not sure. But I thought I should publish this.

Have you ever come across a situation where you want to access another computer via its UNC (\\computer-name\share) and came across a "Network Path not found" error? Although not too uncommon, this errors can puzzle you in cases where you know all the services required for file sharing are running. I faced this issue the other day and finally after a bit of tussle, I managed to solve the problem. We were trying to access a computer at one of our remote locations and it was giving this error. What made this even more puzzling was that local users were able to access the same computer by using the UNC path. We tried all we could and knew but still the error was the same.

Then I searched on the internet and found some references and a very useful knowledge base article (KB article number 840634) on Microsoft support website which addressed this issue. Apparently somebody had enabled the firewall and the firewall is designed to block File and Printer Sharing from any network and allow access only in the same subnet in its default configuration.

To allow file and print sharing on your computers from any network, follow the steps described below:

1. Click on Start --> Settings --> Control Panel. If you are using the Windows XP Start Menu, you can find the Control Panel on the right side of the start menu.
2. Category view: In the category view, click on the Security center and then click on Windows Firewall to open the Windows Firewall configuration window. In the Classic view, you will see the Windows Firewall icon.
3. Ensure that the Do not Allow Exceptions check box is not checked on the General tab
4. Click on Exceptions tab and highlight File and Printer Sharing and click on Edit...to modify the settings. The file and printer sharing is done through port number 445.
5. Highlight the TCP 445 and click on Change scope... or just double click to edit it. In the resulting screen, select whether you want to enable for any network for just your network or for a custom list of networks. In case you choose custom list of networks, you will have to manually enter each subnet you want to enable for it to work.
6. Click OK your way out and now you should be able to access the computer(s) over the network using UNC path.

A word of caution: I don't recommend setting the scope to Any as is shown here. It means that anyone who can reach your network will be able to access the computer over the network. Either select just the subnet you are on or explicitly define the subnets that you know and trust that would be required to connect remotely using UNC path.

I finished upgrading my web server to better hardware and latest OS and web server just yesterday. Whether you get better hardware after you buy refurbished laptops or brand new PCs, upgrading will help your computer run better. Installation of FC6 was seamless once I found out that I could not run XEN on my computer because of CPU limitations. My CPU does not have PAE on which XEN requires to operate. So finally I figured out that not installing virt-manager solves my problem by installing a non-XEN kernel (Duh!!). So once that problem was out of the way, I moved on to the next task of migrating my web server to the new box.

Migrating a Plone website from one box to another is very well documented. However, there are some things to watch out for which I will post here shortly. After a lot of research and trouble-shooting, I finally managed to get the Zope and Plone working on my box. Since Apache is much more secure, robust and modular in management, I use Apache server as a front-end to my website and use URL re-writing to have Apache forward those to Zope.

Last week I moved my website to the new box and copied the re-write configuration from the old httpd.conf file to the new one and switched off the old one. I did not test Apache functionality trusting that it would work in the new setup, if it worked in the old setup. On trying to access the URL, the browser refused to serve the page instantly throwing up a Error 503 on the screen. At first I thought, it was the new Apache server which did not understand the re-write commands from older (2.0.54) version and tried to find out what had changed. I checked forums, website and even Apache release and change notes, but could not find anything that could possibly solve my problem. I worked for around 4 hours on a wild goose chase and then gave up. As the site traffic had also returned to normal, the urgency to upgrade was also not there till yesterday when my son kept on switching off the box as it was accessible to him.

So I started my work again yesterday; this time on a fresh FC6 installation inside a VMWare and worked through the Virtual Hosting Monster and re-write tutorial from the Zope book just to make sure, I was doing everything correctly. The VHM was working correctly, but as soon as switched on Apache URL re-write I started getting the same errors. So it was not my configuration file or version issue with Apache. I again searched for the same and this time I was a bit more successful. One of the forums posts mentioned something about the permissions being correct and it lit a light in my head and I knew the problem was not with Apache but with permissions issue. I checked my error log (which I admit I should have done earlier, but since I am not really "expert" in Linux, I didn't do it. Partly because I never thought of it and mostly because I didn't know the location. Anyway.) and found the following entries in the error_log.

[Tue Nov 14 16:03:53 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:04:20 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:22:17 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:26:44 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:26:47 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:28:08 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:28:12 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:45:43 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:47:14 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:47:17 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed

I checked the permissions on all the folder and didn't find anything that would have caused any problems. Suddenly a thought came to my mind to check the security level issue as I had faced issues with security level (firewall) in the past. The only difference this time being, I disable Linux firewall as I have hardware firewall. So I opened up the Security Configuration screen and started reviewing the SELinux policy settings. As I have already mentioned I am not an expert in Linux, I started experimenting with the SELinux policy for HTTPD Service by enabling one setting at a time and checked if Apache URL re-writing worked or not. The second option I chose to "Allow HTTPD scripts and modules to connect to the network" did the trick and the re-writing started flowing correctly.

I made the similar change in my production web server and happily it started working and I was able to move the website to the new server and switch off the old one. Because I am not an expert in Linux and these things are not documented anywhere, I thought I would add my two cents to the documentation and make Linux a better OS and usable to non-techie guys like me. Now that SELinux is an integral part of Linux (at the Fedora and Ubuntu flavours) I am sure many more people will face this same issue. I hope this will help them to save time and effort that I had to spend to get this issue resolved. If there is a better way of doing this out there, please direct me to it so that I can update my piece and knowledge.

My website runs on Zope + Plone / Apache / Fedora core 4. I am in the process of upgrading the OS to FC6 from FC4. As I have mentioned in my article in the Linux / Technology section, FC6 comes with Zope and Plone included. Till FC5 you had to download Zope and Plone and install and configure it. I had incorrectly mentioned in my earlier article that Zope takes the native root user and password for management. It is not so. You have to create a user account even before you start Zope for the first time. Zope starts without any problems if you try to start it before creating an account. However when you open the browser and go to the Zope page (http://localhost:8080) Zope tells you that you have not created any users and you must create one in order to manage the site. To create an account to manage zope run the following commands from the command shell from root login or su.

#cd /var/lib/zope/bin
#./zopectl adduser <username> <password>

Once the user account is created, you can start the zope instance from the same place with the following command.

#./zopectl start

In the previous versions and combinations, I had tried to make the zope as a service and start at the time Linux started. Since I am not a Linux expert, I could not do it at that time easily without writing a script. This time Zope is tightly integrated with the OS and it is included in the Service Manager (System --> Administration --> Server Settings --> Services) as a service. You can either start zope from there. You can also check the box next to zope so that it starts up every time I reboot my box.

Once you create the user and can get to the management screen, you can add a Plone site and you are on your way to create a great website. Part of the key when you build your own website is to have these tools.