Jun 18 4 The hidden root prompt in the Zyxel WRE 2205

The Zyxel WRE2205

The Zyxel WRE2205

The Zyxel WRE2205 (rebranded Edimax EW-7303APN V2) is a plug-formed wireless extender. What’s interesting to me about this device is its extremely small size. Many of my standard power bricks like are larger than this unit — but they don’t contain a small Linux minicomputer and advanced wireless functionality.

Trying out the WRE2205 for its intended purpose, I discovered that its wireless performance was quite subpar, slower than my actual Internet connection, but still very usable. Of course, that’s understandable. It has no antenna. So I replaced it with a faster AirPort Express, which can also act as a wireless bridge.

No longer needing the device for its intended purpose, I thought about how cool it would be to have an actual Linux plug PC I could SSH to and use for all sorts for home automation purposes, or leave it somewhere public, name the SSID “FreeWifi” and install Upside-Down-Ternet. The possibilities are endless!

So I started getting the desire to hack this thing. And having seen some bad router software in the many devices I’ve owned, I thought that there could be a chance of rooting this thing.

As anyone who’ve poked around with consumer network equipment knows, a good place to start is binwalk. binwalk is a utility that lists and extracts filesystems embedded in files like router firmware updates. What these “update” files actually do, is that they replace the whole contents of the operating system partition with a completely new version. This is why these devices may “brick” when cutting the power during an upgrade: it may not boot without all the files.

To my delight, binwalk came up with a squashfs filesystem embedded in the latest firmware update from Zyxel’s Web site.

simon@workstation:~$ binwalk -v wre2205.bin

Scan Time:     2014-06-18 22:44:24
Signatures:    212
Target File:   wre2205.bin
MD5 Checksum:  e2aa557aa38e70f376d3a3b7dfb4e36f

DECIMAL       HEX           DESCRIPTION
-------------------------------------------------------------
509           0x1FD         LZMA compressed data, properties: 
                            0x88, dictionary size: 1048576 bytes, 
                            uncompressed size: 65535 bytes
11280         0x2C10        LZMA compressed data, properties: 0x5D, 
                            dictionary size: 8388608 bytes, 
                            uncompressed size: 2019328 bytes
655360        0xA0000       Squashfs filesystem, big endian, 
                            version 2.0, size: 1150773 bytes, 445 inodes, 
                            blocksize: 65536 bytes, 
                            created: Wed Mar 26 04:14:59 2014

 

binwalk is so great that it can even extract it for us:

simon@workstation:~$ binwalk -Me wre2205.bin
Target File:   _wre2205.bin.extracted/2C10 
MD5 Checksum:  a47fd986435b2f3b0af9db1a3e666cf1 
DECIMAL       HEX           DESCRIPTION 
------------------------------------------------------------- 
1626688       0x18D240      Linux kernel version "2.4.18-MIPS-01.00 
                            (root@localhost.localdomain) (gcc version 
                            3.4st.localdomain) (gcc version 3.4.6-1.3.6)
                            #720 Wed Mar 26 11:10"

 

It's all the files for the park... It tells me everything!

It’s all the files for the park… It tells me everything!

We can see it’s a Linux 2.4 MIPS kernel. Good. “I know this”, as they say in Jurassic Park.

What we get is a directory containing the whole Linux system. What’s interesting is you can see the configuration and especially all the shell scripts. There are so many shell scripts. Also the source for the Web interface is of course included.

However, most of the functionality is actually not written with whatever scripting language it’s using. It comes from within the Web server, which apparently is heavily modified. The Web files mainly display some variables and send some forms. Not yet that exciting.

The Web server, by the way, is something called boa, an open source http server. Studying the config file, something interesting is located in the file /etc/boa/boa.passwd. The contents:

root:$1$iNT/snisG/y7YBVbw0tQaaaA

An MD5-hashed password, it seems. A kind of creepy thing because the default username for the admin user is admin, not root. And it’s referenced in the Auth directive of boa’s config file.  So Zyxel has their own little backdoor. I didn’t get to cracking that password, because I moved on to the /web directory, containing all the web files.

The Web Interface for the WRE2205

The WRE2205 Web Interface

The standard things are there, of course. The jQuery library (version 1.7), some JavaScript, some graphics and some language files. The standard header/footer pages (in this case, though, because Zyxel is stuck in the 1990s, a frameset), and so on.

Beginning to look through file filenames, two interesting ones were to find: /web/debug.asp and /web/mp.asp. None of these are referenced in the “public” Web interface. Having access to debug files is always a good thing when trying to break into something.

The first file, debug.asp, looks like a password prompt of some sort.

Screenshot from 2014-06-18 23:11:50
One might reasonably assume it has something to do with showing some different log files, despite the weird sentence structure. No clues in the config file, and typing some random passwords didn’t work (1). Let’s move on.   The next file, mp.asp, looks much more interesting:

Screenshot from 2014-06-18 23:17:08
There are several good signs here despite the rather minimalist interface. First, it actually looks like a command prompt: the text box selects itself upon loading the page, there’s a # sign, usually an indicator of a system shell. Here there was also a clue in the source code, the input field’s name is actually command. Simply entering nothing and pressing GO yields the following result:

Screenshot from 2014-06-18 23:23:08
Bingo. It seems to launch a shell script where the input box is the parameter. Let’s take a look at this rftest.sh fellow:

Screenshot from 2014-06-18 23:26:01
Lots of different debug commands that yield different things. So, entering ENABLEWIRELESS in the prompt would run /bin/rftest.sh ENABLEWIRELESS and return the output in HTML. (I have no idea what “interface” and yes/no switch does, entering eth0 doesn’t work, so maybe it’s an example?)

At the bottom there’s even a COMMAND command that allows us to execute any command. At least they tried to make this a little secure by limiting the applications you can execute:

    "COMMAND")    
         if [ "$2" = "ifconfig" ] || [ "$2" = "flash" ] || [ "$2" = "cat" ] 
            || [ "$2" = "echo" ] || [ "$2" = "cd" ] || [ "$2" = "sleep" ]  
            || [ "$2" = "kill" ] || [ "$2" = "iwpriv" ] || [ "$2" = "reboot" ] 
            || [ "$2" = "ated" ] || [ "$2" = "AutoWPA" ]; then
             $2 $3 $4 $5 $6
         fi
     ;;

But, at this point there’s really no point, since doing stuff like this will be completely broken in any case, and we can just do something like this:


And so we have full control. Since || means OR, and the rftest.sh command fails when there’s no valid command, the last command will be run.

As we can see from the above screenshot, the web server is running as root so now we have full control of the little plug computer. Software like wget comes preinstalled, so you can just go ahead and download shell scripts, an SSH server, or otherwise have fun on the 1.5 megabytes of space you have to play with. Good luck!

I kind of expected that I had to use an exploit or buffer overflow, get out a disassembler like IDA, or do a port scan, or do some more digging — but just below the surface there are some quite big security issues. Of course, you need to know the admin password since the whole /web directory is behind Basic authentication.

However, since the boa webserver is an old version with exploits available, you probably won’t even need that. We can assume it’s not a feature since it’s hidden. So with such a big hole, I wonder what else lies below the surface?

 

Footnotes:

  1.  I later found, by running strings on the http server executable, that typing report.txt shows some debug information.
 

Jun 15 0 Philips 272P4 27″ LED Monitor Review

The Philips 272P4 is a 27″ computer monitor with 2560 x 1440 resolution. It’s, from what I gather, the first 27″ computer monitor from Philips. I’ve now been using this monitor for half a year, and this is my experience with this piece of hardware.

Features

The 272P4 monitor has a lot of nice features which similarly priced screens do not. Of course, you need a panel and inputs, but Philip makes the experience nicer by not having to clutter your desktop with other devices. These are:

  • Built-in webcam
  • Built-in speakers
  • Built-in microphone
  • Light meter (Branded “SmartContrast”)
  • Picture-By-Picture and Picture-In-Picture (PIP) (Branded “MultiView”)
  • USB3 Hub
  • Headphone output

Also, notably, the screen can be mounted using a VESA mount. The screen includes DVI, HDMI and DisplayPort cables.

Physical looks

Philips 272P4 takes up lots of space.

Philips 272P4 takes up lots of space.

The display has a large bezel at its top and bottoms, bigger than other screens in its class. In general it looks pretty neutral and would fit in well in a business environment.

You can adjust height and tilt the monitor.

The stand of the monitor is made in a way that makes the monitor very deep. This means you have to place it further to the back, and if your desktop is less than 150cm deep, you will sit very close to the screen, which may cause eyestrains.

This can be solved by mounting it on a wall with the VESA mount, since it will remove the space taken up by the bulky stand.

Display Quality

The display quality, is not bad, and on par with most 27″ monitors in the same price range. I’m not using this monitor for print design, so I don’t know about calibration, but the contrast, brightness and overall picture quality (dark corners, etc) is comparable to the Dell 27″ and even the Apple Thunderbolt Display.

The display has some serious issues in DisplayPort mode. Connecting a 2013 MacBook Air to the display, the picture stutters. Every half a second or so, there’s a brief stutter. If you move windows around the monitor the stutter is especially obvious. Disconnecting the cable and re-inserting it a number of times seems to solve the problem eventually. Having to re-insert the cable (after re-inserting it to turn the monitor on) five times, however, quickly becomes fatiguing. Even when it works, changing inputs makes it stutter again, so you need to re-insert again.

Built-in menu and software

Philips 272P4 touch area. No buttons.

Philips 272P4 touch area. No buttons, invisible labels.

The first thing you’ll want to do when the monitor is plugged in is access the built-in menu of the monitor to make adjustments and see what kind of settings you can play with.

When you do that, you’re going to find out that the monitor has no actual buttons. There’s a small touch panel on the front (see image), and the area does everything: turning on/off, PiP, color/contrast, inputs, etc.

Having no buttons so your fingers can’t feel where to press makes it really hard to adjust changes, for example contrast and brightness, since you want to look at the actual monitor when changing those settings to gauge what you’re changing. Instead you need to repeatedly look at the touch area and position your finger carefully on the right area. The touch control targets are incredibly small, so even if you’re concentrating on touching the small area, it either doesn’t work since you missed, or you’ll press the wrong button anyway.

What’s worse, the button labels/prints are basically invisible in most lighting conditions. They’re not stamped, they’re light ink that you can only see in certain lighting conditions. The labels aren’t even visible in Philips’ product promo images. I’ve “solved” the invisible button problem by having a LED flashlight on my desk at all times to shine light on the touch area, in case I want to switch inputs or turn the monitor off.

Most other monitors have physical buttons on them. You can rest your finger on those buttons and know you won’t mistakenly press another button while you’re looking away. You can also see which button you’re pressing, and you’ll get physical feedback when the button has been pressed.

Inputs

The monitor has 4 inputs: 1x DVI, 2x HDMI and 1x DisplayPort. A lot of inputs is great, and display port is awesome since many laptops only have that port nowadays. Now I can buy a MiniDisplayPort to DisplayPort cable and not have to worry about adapters.

But I have to worry about adapters anyway, since the display won’t turn on when there’s a DisplayPort cable plugged in. Yes, you read that right.

If you connect a DisplayPort cable to the monitor, you actually can not turn the monitor on. Pressing the Power touch area will do nothing. To turn the monitor on when there’s a DisplayPort cable inserted, you will have to take the DP cable out, turn the monitor on (now the power button works), and put the DP cable back in before the monitor goes into standby.

The DisplayPort cable I use has a clamp, so you can’t just pull it out. You have to apply force in order to take it out of the port. Every time you want to start using your monitor.

Picture-In-Picture

I actually thought this was a cool feature, but, as it turns out, you can only use the DisplayPort input for the second screen in PiP mode. If you use HDMI and DVI, the second PiP-mode screen is always black. Basically, MultiView is a limited version of PiP.

Audio, Video, Microphone

The Philips includes a “speaker”, but it’s almost worthless. The sound is extremely “tinny”, very low, and voice doesn’t even sound good. For any serious listening, say, more than a couple of YouTube videos a week, you would want better speakers. Practically any “computer speaker” would do.

The built-in webcam is OK (any webcam is these days). It will give you an approximation of what your face looks like in 0,3 megapixel JPEG form.

Conclusion

This monitor is somewhat usable if you don’t use DisplayPort, the webcam, or basically any of the built-in features besides the actual screen. All the features do not fit together which creates a really bad experience for the end user.

However, some people might not even think about the issues I’ve put forward here. They might not notice that changing the settings requires some extra concentration, or that the picture skips when using DisplayPort (simply use another input, right?).

In fact, for the average consumer, these faults may very well be tolerable, and Philips has gotten away with producing this display and selling it. But show them a comparable display like a Dell or Thunderbolt Display, they’ll probably notice those faults.

I would sincerely recommend you do not purchase this panel. It is frustrating to use, and there are better ones out there for the same price. Don’t be fooled by the “extra features,” they are not worth your money. This is a good example on how to make bad hardware worse.

 

Mar 3 2 My new Roundcube theme

If you like dark colors, a simple interface and iCloud’s new redesign, my own personal RoundCube webmail interface skin you will probably appreciate my newly redesigned RoundCube skin.

From the GitHub Repo:

This is my personal skin for roundcube. I’m bad at naming stuff, so I just called it “fredsted”.

I wrote it to be a little darker than the normal theme, more flatter and more like icloud.com.

It’s based on the theme roundcube comes with, and I’ve made lots of modifications, so basically some of it is a whole new skin. You can see a demo at https://mail.fredsted.me/

Here’s a screenshot of the login window and the inbox view (click to see a larger version):

RoundCube login skinLogin Page


Inbox view
Inbox view

Fork or download on Github.

 

Dec 18 1 Monitoring the progress of ’dd’ on Mac OS X

On Linux, to view the progress of the file/disk copy tool dd, you could send the USR1 signal to get a progress output. This apparently doesn’t work on Apple’s OS.

However, with Activity Monitor, it’s easy to see the progress of dd when, for example, copying an operating system image onto a USB (which can take a while…). Simply compare the size of the image with the “bytes written” column to get a good idea of how much progress it has done:

dd progress with Activity Monitor

If you need to view more detailed progress, or use dd lot, you can try installing pv, a utility which echoes the amount of data piped through it. One would use it with dd like this:

dd if=/file/image | pv | of=/dev/disk8

That would render something like this, letting you know the progress:

1,38MiB 0:00:08 [  144kiB/s]

Also, with pv, you could specify the –size parameter to get an estimation of the time it will take to finish. pv can be installed with, for example, Homebrew.

 

Oct 29 0 Can’t Install or Launch NetBeans on OS X Mavericks?

After installing OS X 10.9 Mavericks, NetBeans 7.3.1 stopped launching. I tried upgrading to NetBeans 7.4.

As it turns out, after upgrading to Mavericks, you need to update your JDK as well. Just download the latest version here.

After doing so, you will at least be able to install NetBeans 7.4 and launch it.

 

Oct 24 0 Airport Utility 5.6 Dies with Mavericks

As all good things must come to an end, the older, more feature-rich version of the Apple’s wireless router management software has stopped working under Apple’s new operating system software update, OS X 10.9 Mavericks.

I occasionally use the older version of the tool to configure my AirPort router from Apple, and now I’m forced to use the new now which doesn’t do as much.

Error message when launching the utility on Mavericks.

Error message when launching the utility on Mavericks.

So if you like to use some of the more advanced features of your AirPort, you’ll have to keep a version of Mountain Lion around for now.

Until we find a fix.

Update: And here’s the fix. It’s a lot to go through to view your router logs. Also see this.

 

Sep 24 0 Getting rid of automatic update notifications in OS X

500x1000px-LL-ea60b2f3_ScreenShot2013-06-19at10.14.00PMTo put it bluntly, automatic update notifications in Mac OS X 10.8 Mountain Lion right now are a pain in the butt. Apple really wants you to update your stuff, understandably. But the way it’s done is annoying. Adding to the damage, that little notification doesn’t ever go away by itself, and it’s hard to turn off properly.

So here’s a few methods to help you deal with this annoyance.

The annoying: Swipe the notification to the right 74 times a day.

Drag and swipe the notification to the left with your mouse. It’ll disappear, but it’ll be right back in a few minutes.

The insecure: Just disable automatic updates.

Doing it this way is kind of like going to the root of the problem. But unless you remember checking for updates manually, it can be a bit insecure if you forget installing a critical security update. To disable update checking, just go to System Preferences ➞ Software update and remove the check from “Automatically check for updates”.

Another way to make sure update checking is completely disabled is to, yep, block it in the firewall. To do this, navigate to System Preferences ➞ Security and Privacy ➞ Firewall (click the lock at the bottom) ➞ Firewall Options (you might have to turn your firewall on, which you should have anyway) ➞ + ➞ AppStore.

Clicking the arrow on the right reveals a drop down where selecting “block all incoming connections” will block App Store from checking updates. Keep it like this until you feel like updating. Maybe put an event in your Calendar so you don’t forget it.

The temporary: Hide a specific update.

To hide an update, right click on it and click Hide Update.

Hiding a Mac App Store software update

 

The little less temporary: Disable Notification Center for a day

A little known feature, scrolling up in Notification Center reveals a hidden button. From here, you can enable the Mac equivalent of Do Not Disturb mode (“Show Alerts and Banners”). It only disables it for 24 hours, though, so you’ll have to do it the next day.

How to disable notiication center temporarily

 

Tip: you can also ⌥ (alt)-click the Notification Center icon to do the same thing.

The Permanent, but Insecure (updated)

The last possibility to get that little annoying notification out of your way is to simply turn automatic updates off. To do so, open your System Preferences, click on “App Store” (4th row), and un-check “Automatically check for updates”.

You’ll need to check for updates manually by going to the App Store app. Maybe add a repeating event in your calendar to remember?

How to Disable Automatic Updates in Mac OS X

 

Apr 28 2 Fixing slow FTP login with ProFTPd on your Virtualmin server

Recently a few users on a Virtualmin server have experienced issues with slow FTP logins. It took a long time to login and often wouldn’t log in at all.

To correect this, first log on to the Webmin interface on http://yourserver:10000. At the top left, click Webmin.

A bit further down, under Servers, select ProFTPD Server.

Under Global Configuration, select the Networking icon.

 networking

Then you’ll see a screen with a whole bunch of settings. Set the following options to No:

  1. Set Lookup remote Ident username?
  2. Do reverse DNS lookups of client addresses?

options

Now click save, and on the ProFTPd page press Apply settings on the bottom. Your logins should now be instant.

 

Apr 5 1 My Essential Software

A list of software I install on new computers that I’ve jotted down so I don’t forget. I’ll keep it updated.

General

  • TextMate – general text editor
  • Textual – IRC Client
  • Droplr – one-click sharing of files & screenshots by dragging to an icon
  • Twitter
  • VLC – Media Player
  • XBMC – Media Center
  • uTorrent
  • HomeBrew – Mac software repository
  • Dropbox
  • KeePass – Password management

Development

  • OS X Server – Web server got removed in Mountain Lion
  • XCode – for dev tools and iOS dev
  • Coda – PHP, HTML, CSS development
  • SQLite Professional

Benchmarking

  • BlackMagic Disk Test – Great for testing if your SSD if working properly.
  • GeekBench – Good for testing if your processor is overclocking properly, and comparing with other similar computers.

Design

  • Pixelmator – Image editor

Fun

  • Steam – Games!
 

Feb 26 7 Finally, there’s a native KeePass app for Mac (Almost)

Password storage is incredibly important to me. Since I began seeing friends and others get their identities and online lives taken away because of reusing and/or using weak passwords, I started taking password security extremely seriously.

When I chose the utility to use for this, I had a couple basic requirements.

  1. It had to be open source, for obvious reasons
  2. I had to be able to access my passwords on all my devices (iPad, iPhone, MacBook, workstation)

Things like 1Password and Lastpass didn’t fullfill the first requirement, although very handy because of browser integration and the mobile apps. So I ended up choosing a combination of the KeePass framework and Safari+Mac OS X keychain for my password storage needs, with KeePassX for my client, along with a mobile app, MiniKeePass, that syncs my KeePass database using Dropbox. As an added bonus, the iOS mobile app is open source as well.

I use KeePass as my primary password storage database, and Safari’s password saving feature for sites I access often, like my blog and reddit account.

I’m very happy with this solution, but unfortunately the Mac KeePassX currently has a very ugly, un-Mac-like user interface. I’ve been waiting for something which incorporates the native Mac user interface controls.

And, finally, today stumbled across this KeePass Mac client developed by Michael Starke from Hick’n’Hack Software. It seems like it’s in very early alpha, but it can load KeePass files and display their contents, so the basis functionality is almost done. It seems like it’s using the MiniKeePass framework library for its backend functionality. I cloned and ran it immediately as I’ve been wanting this ever since I started using KeePass for storing my passwords.

Unfortunately I can’t seem to be able to copy passwords yet, and there’s no detail dialog when you click on a password entry.

But since, as of writing, the last commit is 13 hours ago I’m sure this functionality will be added soon. I’m just so happy someone is making this. This definitely makes me want to learn Objective C properly so I can contribute to this project! If you know ObjC, you should definitely go add some pull requests!

 

Here’s a screenshot from the release I just built:

Screen Shot 2013-02-26 at 5.59.35 PM

Compare this to the current KeePass:

Screen Shot 2013-02-26 at 6.20.28 PM

 

Feb 23 3 Sync your SSH config across your machines using Dropbox

Here’s a little time-saving tip for Mac OS X/Linux users: if you work with lots of different Macs and servers daily, store your SSH configuration file in dropbox, and create a symbolic link to it so you can sync it across your computers.

With this, once I add a new machine to my SSH config, it’s immediately available across all of my computers, my workstation, laptop, work machine, etc. I’m terrible at remembering hostnames and IP-addresses, so this comes in handy as I acquire control over more and more servers.

Also, you can of course extend this method to sync other types of configuration files, like your git config or bash profile. Dropbox is a neat tool!

Step 1

Create a folder in your Dropbox to store files like these.

mkdir ~/Dropbox/configs

Step 2

Move your ssh config to this folder. I just call it ssh-config.txt instead of simply config for easier access and as to not mix it up with other configuration files.

mv ~/.ssh/config ~/Dropbox/configs/ssh-config.txt

Step 3

Create a symbolic link to the new configuration file.

ln -s ~/Dropbox/configs/ssh-config.txt ~/.ssh/config
 

Feb 21 0 Google’s new Chromebook Pixel: Impressive, but who is it for?

Google just announced the Chromebook Pixel. It’s a $1,300 laptop with a an extremely high pixel density, limited local storage and made of machined metal (probably aluminium).

There’s a few problems, though.

You can’t install apps

The core idea of the Chromebooks is that they’re entirely web-based. You run all your apps through a browser. That means no high performance applications like Photoshop and 3D games.

If you want to edit photos using that high resolution screen, you’ll have to use web apps with limited functionality.

The other meaningful tasks you might want to do with a machine with specs like these, development, gaming, design, simply isn’t possible. While you can run webbased IDEs like Cloud 9 in your browser, you can’t install a real IDE like Netbeans, Eclipse, etc. Not to mention virtual machines and multiple browsers.

Only 32 or 64 GB storage and only 4 GB RAM

Usually, I’m not the one to complain about specs. I’m of the opinion that upgrading your laptop is largely passé. However, for a laptop with this price tag and resolution, I’d say 4GB is the bare minimum, especially when working with large documents in Google Docs which seems to get ridiculously slow when working with large documents.

Google does a lot to emphasise the free 1 terabyte free cloud storage you get with the laptop (only for 3 years though).

If you’re in a place that has no internet, you can’t put a couple HD movies on there. There’s imply no room.

It’s expensive

The Retina 13″ MacBook pro is only $200 more. Compared to all the extra functionality you get with a Mac, the chromebook feels too expensive.

Google’s other ARM based Chromebooks are much cheaper – think $6-700 less, and that price makes sense. For the price, the Pixel feels like a vanity product for rich people.

You need to be connected 24/7

Since the Pixel is cloud based, you really need to have a reliable internet connection available whenever you’re going to use it. That comes with a price, though. The HD moves you would want to watch would consume even the biggest LTE data plans quickly, or you would have to make do with the slow internet connections in McDonalds or Starbucks. For a mobile device, this is a big problem.

But it’s not all bad

The Chromebook Pixel is an interesting device. It’s certainly a beautiful device. While obviously designed to be a competitor to the Retina MacBook Pro, there’s still some upsides to it:

You’ll probably be able to install Linux, like many do with the existing chromebooks. This lets you install applications on your machine, making it not totally cloud-dependent.

I’m also hoping there’s a way to upgrade the storage. 32GB or 64GB is simply way too little, even with 1 TB cloud storage. For now, this is basically a $1300 Web browser with a puzzling target group.

 

Apr 13 10 InstaDJ – YouTube playlists on the go

I made a website that lets you create YouTube playlists easily – and share them, too.

Everybody is online nowadays. Nobody uses CDs anymore. So at parties it’s common to see a laptop hooked up to a stereo where people go up and select songs on YouTube during the night. It kinda sucks though:

  • Music starts and stops randomly as people get drunk and start searching for songs while another is playing.
  • You need to get up and change the track when it stops.
  • It’s too hard to make a playlist on YouTube. You can’t really make one on the fly.
  • What’s more, you have to be logged in with your Google ID to make playlists. I don’t want random people to mess with my account (e.g. Gmail), especially drunk people.

Sure, there’s Grooveshark. But people who aren’t nerds can’t figure out how to use Grooveshark and will just go to YouTube instead. It’s too easy to interrupt a playlist, especially when you’re drunk. The add to playlist button is easily missed.

Grooveshark is also missing many songs due to silly record companies.

Other sites exist, I know. But no matter which one you use, people will inevitably go to YouTube because it’s got all the content and it’s what people know and love.

Even other “Youtube DJ” sites exist. I’ve been through a few. They either a) require login, b) are hard to use, c) can’t autoplay, d) don’t work.

So I got fed up with all this and made InstaDJ. It’s a dead-simple Web site where you can add YouTube videos to a playlist on the fly. Even drunk people get it.

InstaDJ allows you to search and queue YouTube videos, using a simple interface everybody understands, in a way which doesn’t interrupt the music.

What it does

  • Search YouTube videos
  • View user uploads and favorites
  • Queue YouTube videos
  • Auto-selects HD video if available
  • Generate URL to playlists
  • Share playlist
  • It’s free and there’s no ads
  • Easy to use, minimalist interface

I even find myself just using InstaDJ instead of playing music from my iTunes library.

Don’t you want to try it out? Just click here to go to InstaDJ.com.

For the technically interested, it’s built with the YouTube API, Twitter Bootstrap and jQuery. Enjoy.

 

Feb 10 0 Mac OS X Lion’s full screen feature is misunderstood

Many people complain about Mac OS X 10.8 Lion’s full screen feature on dual monitors. Essentially, the full screen button removes some window chrome, along with the Dock and Menu bar, so there’s more room for you to work.

This is really practical on small notebooks like the 13″ MacBook Pro and the 11″ Air where the screen resolution is very low as is the ratio of chrome-to-content.

Full Screen mode is a way for Apple to

  1. make it easier to work a Mac with low screen resolution and
  2. make iPad users feel welcome on the Mac since iOS is one-app-at-a-time.

When you fullscreen a window in Lion with multiple screen(s), the secondary screen is covered in the linen texture and you’re unable to use it, except in a few programs like Pages where you  drag toolbars over to the linen-covered screen.

Example of Mail.app in Full Screen mode

Example of Mail.app in Full Screen mode

Many people think it’s a bug and are waiting for Apple to fix it. It’s not a bug. People expect the full-screen feature to be somewhat analogous to the Windows maximize button, but it’s not.

Full Screen was intended for people that got an iOS device and wanted to try Mac OS X out, and for their computers with small screens, like the 11″ and 13″ MacBooks, where screen real estate is valuable.

Typically, when you have a dual screen setup, you have lots of pixels to work with. 100 pixels for window chrome doesn’t matter when you’ve got 2 1920×1200 screens. Quick access to the dock and menus is more important than saving a few pixels. There’s no real shortage of space on a dual-screen setup, so you don’t have to make a compromise like you can do on low-res screens. Basically, you don’t need full screen on dual-screen setup if you’re a power user that haven’t migrated from iOS, or don’t have their 11″ or 13″ laptops.

This explains the linen texture: Full Screen is meant only for single-app usage. For concentrating on a single thing, like iPad users are used to on their devices. If you need serious multitasking, you need the dock and menu anyway, and there’s no real need for Full Screen mode. You can use the green button (which isn’t maximise, but rather “make window size optimal for content”).

Update – in Mac OS X 10.9 Mavericks, Apple made changes to the Full Screen mode so each screen is a completely separate space whereas before both screens were the same space. You no longer swipe once to change both screens, you change space for each screen. This probably fits better with most peoples expectations of Full Screen.

 

Aug 23 31 Mediacenter PC Review: Zotac ZBOX ID41

In this article I’ll be reviewing the Zotac ZBOX ID41, which is an inexpensive mini PC from Zotac that particularly appeals to media center owners and budget-constrained customers.

It doesn’t have a built-in tuner, but ships with the ION 2 chipset that allows it to play Full-HD video, rendering it a great PC for HTPC.

Read the rest of this entry »

 

Jul 20 1 EXC_BAD_ACCESS on the Mac, programs crashing on startup

Recently I’ve had some trouble with a few applications — mostly Premiere CS5.5 and After Effects CS5.5 — crashing on startup, others not. Sometimes it worked after a reboot, but mainly it didn’t.

But now I’ve found the solution: You (probably) have bad RAM.

You can try downloading the Memtest boot cd, burn it with Disk Utility and launch it on boot by holding down the alt key. Memtest is a very sophisticated tool which checks your RAM for errors. As it turned out, it reported that I had over 300.000 errors. I’m not a RAM expert, so I don’t know if that’s a lot (probably is though), but I quickly took them out and replaced them with some old sticks, which Memtest didn’t report any errors with. After that, the programs worked fine.

I didn’t find relevant results on Google for EXC_BAD_ACCESS, so now people can hopefully solve this issue quickly.

 

Jul 2 10 MacBook Pro SSD and Optibay experiences

The MacBook I’ll be using in this article came only came with 2 GB ram and a 120 GB harddrive. By todays standards, that’s painfully little for a professional laptop. To get a little more life out of it, I decided to upgrade it to 8 GB ram, a 1TB HDD for storage and a 60 GB Vertex 2 SSD for OS X and applications.

An optibay

So how do you fit two disk drives in a 13″ laptop? More after the jump.

Read the rest of this entry »

 

May 26 0 Great iOS 5 concept video

iOS is the operating system of Apple’s iPhone and iPad devices. On YouTube and other sites, you can see UI designers coming up with ideas for the next version, iOS 5. However, this one from Swedish firm Color Monkey is probably the best I’ve seen. I really hope Apple incorporates these ideas. They’re seamless, don’t clutter the interface and, most importantly, have the somewhat same style as the existing iPhone interface.

You can tell there’s some talent behind this video. It’s beautifully made, too. The examples are really great and animated in a beautiful, smooth way. I don’t like the “hanging sign” effect they used on the smaller text, but that’s a matter of taste i suppose!

Interested in how iOS 5 might look? Take a look:

 

May 25 0 A spoof of British independent films

Films like those of director Guy Ritche and Green Street Hooligans came to mind when watching this fake trailer spoof the British film industry. I found it really funny! Favorite part: “Why is there so much space over my head?”.

 

May 2 0 How to remove a Facebook question from your profile

It’s simple. Just navigate to the question via your profile and click “Unvote”, per the picture below. Then your answer will disappear from your Facebook “Questions” profile category.