Gun Control Kills

What would have happened on 9/11 if this were truly the Land Of the Free.

What would have happened on 9/11 if this were truly the Land Of the Free.

For sixteen long years, libertarians have maintained that 9/11 would not have occurred if individuals weren’t Unconstitutionally denied their right to protect themselves.

Even if there were only one armed individual on each aircraft, they’d stand a good chance of killing a terrorist. The terrorist would be facing an unknown enemy from an unknown direction. Eventually the shooter would bring him down.

Continue reading

“Airport Security” Is Impossible

“Airport Security” Is Impossible
Ohio Scientific C8P-DF

Ohio Scientific Model C8P-DF

As a boy, when my friends and I played Star Trek in the back yard, I was always Spock.  The character held an “A7 computer expert” rating.  When questioned about his qualifications during Kirk‘s court-martial, he testified simply:  “I know all about them.”  He was an expert with a Tricorder, able to extend its functionality using primitive technology.

In 1979 (I was 14 years old), my father purchased his first business computer.  It was a state-of-the-art Ohio Scientific C8P-DF, notable for its dual 8″ floppy drives capable of storing a massive 275K.

I was hooked.

The first computer I owned was the venerable Commodore 64.  Even today, it remains the best-selling personal computer of all time.  It sold over 17 million units and boasted over 10,000 software titles.

Motorola Droid Tricorder App

Android Tricorder App

My current computer of choice is the Motorola Droid.  Aside from scanning for life forms, it embodies all the functions of the Tricorder — and considerably more.

I eventually made my career in computing.  I have touched IBM mainframes, AS/400s, servers, PCs, Macs, laptops, netbooks, blades, virtual machines, iPod/Phone/Pads, Androids, routers, switches, load-balancers, mass storage devices, and firewalls.

With a career in computing comes degrees (I hold both an Associate and Bachelor of Science in Computer Science) and certifications.

One of these is the CISSP or “Certified Information Systems Security Professional.”  I obtained this in the year 2000 — before the tragic events of 9/11.  I might also add that it is the single most difficult exam I’ve ever taken.  No college exam in any subject, nor any other certification, comes close to the difficulty of the CISSP exam.

A typical data center

A typical data center.

While the CISSP is devoted to security as it relates to information systems, a major part deals with physical security as it relates to data centers.  This is important, as today’s data center can hold exabytes of data.

An exabyte is a million terabytes: roughly one million times the amount of data found on modern commercial hard drives.  Indeed, it’s estimated that Google alone processes about 24 petabytes of data every day (only a thousand times the size of commercial hard drives).

Information stored in modern data centers can include everything from your financial and medical history to the blog you’re reading now.  Obviously, one of the jobs of a qualified CISSP is to make sure that no one can simply walk into a data center and access the data storage hardware.

It was while studying the physical security section of the CISSP that I realized that what’s called “airport security” is nothing of the kind.  In fact, “airport security” is simply impossible.

The concept of “airport security” is actually Access Control.  “Access Control” is a catch-all concept that basically boils down to the idea of controlling who can get into a particular area and who can’t.

The reason that access control is impossible in an airport is very, very simple.  The underpinning of all access control is this concept:

Deny access to everyone but a few individuals.

“Airport security” attempts the reverse:

Allow access to everyone but a few individuals.

This is flatly impossible.

No individual, company, military, or government has ever devised a method to allow everyone in but keep a few out.  Every single individual, company, military, or government in existence implements access control by denying access to everyone but a select few.

Imagine, for a moment, that the Secret Service were to emulate “airport security” as regards access control to the President of the United States.  Starting tomorrow, anyone who wanted access to the President could have it and the Secret Service would concentrate on screening out those individuals bent on doing him harm.

The President could count his life expectancy in hours — perhaps only minutes.

The Secret Service handles access control the only way possible:  by establishing a perimeter around the President.  This perimeter denies access to everyone and only allows through a select few that were screened.

Maintaining this perimeter when the President is in public is what causes Secret Service agents to have nightmares.  It’s why entire freeways close when his motorcade passes.  It’s why Air Force One exists instead of the President flying via commercial jet.

Access control in a public place (such as an airport) is by definition impossible.

I’m rather naturally prone to a certain level of paranoia.  It’s part of what makes me good at information security:  I’m willing to imagine that which the average individual will not.  It’s why I’ve engaged in a now 15-year-long series of mental exercises regarding “airport security.”

TSA Porn

This is not “security”.

Since the Oklahoma City Bombing, every time I’ve been in line at “airport security,” I have amused myself imagining ways to subvert it.  Nothing — I repeat, nothing — the Transportation Security Agency has ever put in place would deter me from causing death and destruction if I so desired.  This includes their most recent institution of invasive X-Ray machines and “pat-downs” that would qualify as sexual assault were it to occur anywhere other than airports.

Indeed, I’m absolutely certain that I could smuggle a small-frame revolver onto any aircraft I liked.  I’ll not go into details unless asked, but there is absolutely no barrier to a determined individual doing so if they wish.

Were airports to institute true access control, their makeup would change radically — and in the process violate every one of the Bill of Rights.

The precepts of physical access control rest on three pillars:

  1. Something you have
  2. Something you are
  3. Something you know

Something you have is usually a magnetic key card issued solely to you.  If lost or stolen, it is immediately reported so that it will invalidated and a new one issued.  Magnetic key cards are swiped or held against a scanner that then checks with a computer database to ensure that this key has access to the area being controlled.

Something you are is biometric data, usually hand or fingerprints (though retinal and other biometric information is becoming more common).  The user places their hand on a scanner which then checks it against a computer database to ensure that this hand/fingerprint has access to the area being controlled.  It’s cross-referenced against the key card to ensure that the individual associated with the key card is also the individual associated with the hand/fingerprint.

Something you know is usually a password or PIN that the user changes at regular intervals.  Password rules are typically enforced as well, so as to prevent the user from choosing one that is easily deduced.  This password is also checked against a database and cross-referenced with both the key card and hand/fingerprint to assure that all three are assigned to the same individual.

Let’s imagine an airport where true access control is implemented:

Firstly, freedom of movement would be restricted.  Anyone who wished to travel by air would be required to undergo an extensive background investigation of the kind usually associated with government security clearances.  This is at best a multi-month process involving reams of paperwork in which the passenger would be required to report everything from their blood type to their credit history.

A handprint.

If the individual passed the background investigation, they would then be issued a permanent air access pass.  Their fingerprints, hand prints, and other biometric information would be collected by the TSA and held permanently.  They would be establish a secure password, which they would be required to change every few weeks, regardless of whether they’ve traveled by air or not.

A "secure" airport

A truly secure airport.

Physically, airports would resemble prisons.  At the least they would be surrounded with high fences (optimally concrete) topped with barbed wire.  Optimally, they would be entirely enclosed, save for jetways, aircraft parking slots, and runways.

Passengers would not have access via car, limousine, or public transportation.  Commercial vehicles of any kind would be restricted to parking areas well outside the airport.

A passenger wishing to enter would swipe their permanently issued pass key, place their palm on a hand-reader, and enter their password.  This would allow them physical access to the airport facility, but not allow access to any boarding area or flight.

Diagram of a Man-Trap

Diagram of a man-trap.

The passenger would then enter a man-trap.  This is a hallway containing two doors.  Only one door will open at a time: the entry door are closed before the exit door open.  The interior consists of concrete walls, floor, and ceiling.

At this point, the passenger would be required to surrender their baggage by leaving it in the man-trap.  There would be no carry-on baggage.  It would be placed on a stand resting in front of the only other exit from the man-trap:  a suitcase-sized 6″-thick steel sliding door operated remotely.

Utilizing the pass-key/handprint/password again, the passenger would leave the man-trap.

Baggage Search

Mandatory baggage search.

An operator would then open the baggage door and baggage would be transported via conveyor to inspectors.  The inspectors would then subject it to a rigorous manual search prior to tagging it with a radio sensor for tracking and appropriate routing.

Meanwhile, the passenger would proceed to the boarding area for their flight, again utilizing the key card, hand/fingerprint, and password to enter the boarding area.  The system would allow entry only to the boarding area of the flight for which the passenger is booked.

When boarding the flight, the passenger would enter the jetway via the same method.  The jetway, however, would be another man-trap, allowing only a single passenger at a time.  Entry to the aircraft would be accomplished using the key card, hand/fingerprint and password.

The same methods would then be used at the passenger’s destination, in reverse.

That would be airport security.

Understand that anyone with training in access control knows that it is impossible to secure a public place.  Every officer in every military in every country knows it.  Every Secret Service agent knows it.  Every FBI or CIA agent knows it.

Every TSA agent knows it.

What is occurring now, with naked x-rays and pat-down-rapes provides absolutely no barrier to terrorists.  Every single individual who has ever had experience with true access control knows this, and that includes every President, Vice-President, Speaker of the House, Congressman, and Senator.

What, then, is the purpose of “airport security” if not to provide a barrier to terrorists?

It’s two-fold:

Firstly, the overwhelming majority of individuals in the United States has no experience with true access control.  Their experience is limited to their workplace, which may issue a magnetic key card.  By itself, a key card offers very limited security, but in the workplace, it’s typically adequate.

After 9/11, passengers realized that airports could be accessed by terrorists and demanded the Federal Government “do something.”  Since there is no way to implement access control at a public place, those in power chose to use the event to establish procedures that offer no barrier to terrorists — but that are mistaken as such by the general public.

Over the next decade, these procedures became increasingly draconian, to the point where we are today:  airports that afford easy access to terrorists while only violating the rights of all passengers in the process.

The second (perhaps unintentional) purpose of “airport security” is far more dangerous and sinister than simply making passengers feel safer:

It has conditioned almost an entire generation of Americans that their rights are taken from them any time government claims it’s for the “common good.”

In short:  it has conditioned us to be sheep.

Is there a solution to the problem of terrorists having access to aircraft?  Indeed there is, and it can be implemented without resorting to the means described above.  It costs nothing, and in fact will allow the TSA to be disbanded and all “airport security” to be torn down.

The Bill of Rights

The Bill of Rights

The solution is simple:  enforce the Bill of Rights on aircraft.

That is, instead of making sure that every passenger is disarmed, degraded, and treated like criminals, simply allow the Second Amendment to be exercised by anyone who cares to do so.

There is, after all, no wording in the Second Amendment that says “unless the Federal Government says otherwise.”

I’m sure there are readers who will find this an alarming solution, but consider:

Until 1978, any passenger could board any aircraft in America with any form of firearm.

You read that right:  from 1903 until 1978 — a period of 74 years — any American could board any aircraft carrying any weapon of his/her choice.  Knives, handguns, and rifles were permitted; either concealed, carried openly, or packed in a briefcase.

For almost a three-quarters of a century, not a single individual was shot, nor a single cabin depressurized by a stray bullet, nor a single aircraft flown into a building.

It’s true that aircraft were occasionally hijacked.  It should be noted that their success depended on the Federal Aviation Administration’s policy of complying with a hijacker’s demands.

In a post-9/11 world, no would-be terrorist would successfully hijack a plane filled with armed passengers.  They would simply overwhelm the terrorist, even if it meant injury or death to some passengers in the process.

The alternative — another 9/11 or worse — would be unthinkable to armed passengers.

Indeed, there is ample evidence that were aircraft filled with individuals capable of defending themselves with lethal force, a would-be terrorist wouldn’t even make the attempt.

Since a picture is worth a thousand words, I’ll leave you with the immortal contribution to this subject by the fantastic Scott Beiser.  Even if you place guns in the hands of the would-be terrorists, it makes no difference.

Scott Bieser September 11 Cartoon

What might have happened on 9/11 if this were truly the “Land of the Free”

The Droid Saga, Episode III: Rescue Of the ROMs

The Droid Saga

Episode III: Rescue Of the ROMs

It is a period of uncertainty on Bill’s Droid. Having been tempted by the power of Android 2.2, he manually installed Verizon’s pushed build of Android 2.2 FRG01B.

The networking stack was buggy and Verizon ceased the push immediately — but the damage was done:  the Droid was crippled. The Droid was eventually flashed back to Android 2.1 and then a “factory build” of Android 2.2 FRG22 was installed.

Peace returned to Bill’s Droid, but rumblings of discord continued. The Droid was now rooted, and the enormous power this represented could not be ignored …

Wireless Tether

I can’t adequately stress the sheer utility of Wireless Tether on the Droid. Now, no matter where I go, I can get on the Internet via any device capable of WiFi.

I also can’t stress just how well this works. If the Droid is itself connected to WiFi, tethered devices use WiFi; connected to 3G, tethered devices use 3G. Bandwidth is limited by the Droid’s upstream connection and/or the bandwidth limitations of WiFi.

This really works, something I had occasion to discover in a very concrete way.

As I mentioned previously, WiFi seemed a bit flaky under FRG22. It was better than craptastic FRG01B, but not as good as Android 2.1. It seemed possible that the networking stack was still buggy. To know for sure, the Droid would need a different networking stack.

ROM Manager

Enter ROM Manager, a program that makes installing different custom ROMs on rooted Droids a dream.

I’ve flashed ROMs on other devices. It generally goes well, but on the occasions when it goes badly, it usually goes very badly. I’ve bricked a phone doing it, and I’ve no desire to brick a second. I certainly couldn’t afford a new one right now.

Consequently, I’ve not flashed ROMs on my Droid. However, I’m now confident enough to at least bring it back to FRG22 that I decided to see if ROM Manager was as good as the Market description says.

It is. In fact, it entirely exceeds my expectations about what ROM management software can do. In fact, I’m not even going to post instructions for using it. They would be: download it from the market to your rooted Android device. Follow the instructions. It will reboot a few times when you make changes, usually warning you when it will do so.

Otherwise, just watch the text streaming past as ROMs install.

In a few minutes, the Droid was running the most recent release candidate of Cyanogen: version 6.0.0 RC2.

The utility involved in this ROM is fantastic. I have no idea how it stacks up against other ROMs, and I’m not likely to find out soon.

I might have, but after going to this ROM, WiFi was considerably better, but still not as good as Android 2.1. Furthermore, the 3G connection was really fast. Not HD video streaming fast, but much faster than under 2.1 or FRG22.

As I mulled over the possibility of a different ROM, there was another in a series of massive thunderstorms in central Iowa, USA. It was during this that I found the real culprit.

On two occasions, I’ve accidentally fallen behind far enough on my cable payment that the cable company cut my Internet connectivity. Because of how the network operates, this isn’t immediately apparent unless you power-cycle your router.

The router (and everything else in the house) power-cycled repeatedly during the thunderstorm as power blinked or was lost for a period of several minutes. When it seemed stable again and I started powering on my computing equipment, nothing would connect to the Internet. A quick check of the router revealed I was now on the cable company’s private network, which had only occurred before when they’d turned me off.

A quick check of my cable company’s Web site (via my Droid-tethered laptop) revealed that yes, I’d allowed my bill to go unpaid that long. A quick check of my bank’s Web site (also via tether) revealed what I already knew: that my unemployment-era bank account wouldn’t have the money to pay for reconnection and the back balance until Friday morning.

The reality is that my home network was stuck without bandwidth for at least a week. I could survive if everything except my laptop has no bandwidth. However, as an IT professional, my work and employability is badly impacted without a near-constant Internet connection.

Leave it to the Droid to save the day.

With the newfound 3G speeds combined with WiFi tethering, my laptop now had access to the 3G network. It’s not the 20MB of my cable connection, but it’s good enough to do work.

In fact, it’s so good that I’ve started to look at the feasibility of adding a second Android device to my Verizon account and dedicating it solely to WiFi tethering. With an Android device dedicated to WiFi tethering, I could eliminate the cable and its bill.

Technically, the drawback is significantly-decreased bandwidth. This has a drawback for me personally:

For more than two years, I’ve not turned on my TV except to use it as a monitor for a computer or game console. The only time it’s used as a TV are when my daughters visit, and summer visitation just ceased. They won’t be back in the house for months, so it’s just me.

(I’m unclear:  how disconnected with the TV culture does it make me that I was unaware that several channels considered important by teenage girls had really bad reception?  Furthermore, that when I looked at it and realized the cause was physical connectivity upstream, that my first thought was that it was probably decreasing my bandwidth?)

All my entertainment is via the Internet. I watch YouTube and Hulu a lot. If I find something I particularly like, I typically acquire it. When the BBC airs new episodes of Doctor Who, Torchwood, or The Sarah Jane Adventures, I have new HD episodes within a couple of hours of transmission thanks to BitTorrent.

(I’ve even kept up on the K-9 TV series, but I’ve yet to force myself to watch all the episodes. It’s not bad, just a bit too much of a children’s show. The Whoniverse will work with a children’s show like The Sarah Jane Adventures, but K-9 just feels forced.)

In any case, a decision to go 100% wireless means my sole entertainment source would be curtailed. I’m not sure I want to pull that trigger.

It’s technically feasible, however — possibly even financially so. If one purchased a newer, fastier, sexier Android device for personal use (Droid X, I’m thinking of you!), then the Droid could be flashed with a very simple, stripped-down ROM with only the WiFi tether app constantly running.

Oh, did I mention that the Droid can also do firewalling with DroidWall?

It’s true that Verizon is basically giving away a wireless tether device, the MiFi 2200. Unfortunately, it’s attached to their idiotic limited data plans. The smartphone data plan is unlimited.

The fact that this is so eminently possible proves the general utility of the Android platform. There’s no technical reason that one couldn’t produce a WiFi router using it.

In fact, if some bright cookie really thought about it, they’d mass-produce an Android device to do just that, only with one or more wired network connections.

At present, I’m crunching numbers. I probably won’t go through with it, particularly if I find a job that will easily pay my cable bill. I prefer 20MB/s on a largely empty spur of a cable modem infrastructure. Short of a job, this is a high-utility, low-cost way for an individual have high-speed Internet connectivity at the cost of a Verizon unlimited data plan.

Would that my power company was so eminently exploitable in terms of reducing one’s bill — though I’m also crunching numbers for converting most of the appliances and lighting in the house to USB

The Droid Saga, Episode II: The Revenge Of Flash

The Droid Saga

Episode II: The Revenge Of Flash

It is a period of chaos on Bill’s Droid. Having been tempted by the power of Android 2.2, he installed Verizon’s pushed build of Android 2.2 FRG01B to his Droid.

The networking stack was buggy and Verizon ceased the push immediately. Nevertheless, Bill’s Droid was bitten by the bug.  Networking — particularly wireless — was almost impossible.

The Droid is crippled, and it seems no hope remains to return peace and freedom to the Droid …

Having gotten sick of waiting for an official FRG22 to appear and fix my numerous FRG01B bugs, I decided to flash back to 2.1, then install FRG22 as blogged here. My results:

Upgrade

The flash/upgrade process worked like a charm.

Speed

Apparent speed of the device has increased dramatically. I’m not clear that it appears any faster than 2.1, but running craptastic FRG01B for a day has colored my perceptions.

Networking

The networking issues aren’t as bad. They are not fixed, however. My guage for this is YouTube.

I watch a lot of YouTube videos. Prior to the upgrade they would all consistently stream virtually laglessly. This was always particularly apparent at home where I have 20MB virtually to myself on a fortuitous cable modem infrastructure spur.

After the upgrade, YouTube videos are timing out a lot. They’ll first lag, then time out.

While YouTube is most apparent, it’s not just YouTube. All Web sites seems sluggish, on either Browser or SkyFire. I’m hope that this is impacting my Flash experience (see below).

I’m installing some specific networking tools to see if I can determine exactly what’s going on. I’ll post more as I do.

Apps

The Gallery works as advertised. I find this interesting, considering how badly broken by networking issues it was in FRG01B. I would expect it to have improved, but not to appear totally lagless.

Apps that need Internet connectivity vary. None respond as rapidly as under 2.1u1. Google Voice is noticably sluggish. Even the mobile Google Reader site, which used to be instantaneous, lags.

One of the few apps that appears unaffected is GMail.

Trap! is still a bit slow, but nowhere near as horrible as under FRG01B.

2D Graphics Bug

On the positive side, the 2D graphics bug introduced in the 2.1 upgrade has been corrected. LagTest consistently shows 60fps with no sudden dips down to 20fps.

Flash

As mentioned previously, I have coined a new phrase to describe my experience with Flash on the Droid:

Craptastically fraktacular.

It’s awful. Really, really awful. It’s as though Adobe, Google, Verizon, Motorola, et al, rickrolled us:

Look, Flash on the Droid! It’s frakking awesome!

It’s definitely not awesome. It is frakked, however — indeed, it’s craptastically fraktacular!

Since the currently-available Flash 10 is still beta, I’ll reserve final judgment. However, in the interests of science I can report my experience:

I dare you tou play Falling Girl on a Droid.

Users with desktop browsers are now glued to their screen by this strange, incongruous game.  They can’t help but click it and move the girl around.  It’s one of the oldest, simplest games on the Internet.

Droid users see a girl falling slow as molasses in January at roughly 2FPS.

The simple control of click-and-hold doesn’t translate into press-and-hold on the handheld. There’s no way to interact with the game.

Even if you could, it’s so laggy as to be pointless. It’s possible that this is to some extent due to networking issues, but there’s also an unfortunate flaw in Adobe’s basic implementation of Flash:

Adobe essentially made a browser plug-in like the ones they make for desktops. The problem is that the Flash content I’ve seen so far simply wasn’t designed for a handheld device.

Unfortunately, heavily Flash-enabled sites that look amazing in a Web browser on a 15″ display tend to look terrible on a handheld. Text becomes illegible, and zooming in and out to alternate between seeing the content and being able to interact with it becomes painfully tedious.

Worse, as mentioned with Falling Girl, there is no intuitive control substitution. Flash works great when you have a mouse to click and hold, or to hover over content for more information. It doesn’t translate to a press-and-hold. I’ve no idea how to “hover” with my finger without also clicking.

After dealing with this craptastically fraktacular Flash on the Droid, I no longer have any interest in learning.

One of two things needs to happen with Flash-heavy sites:

Redesign the content to include a totally separate mobile interface, or stop using Flash.

All the Flash content sitting out there that’s been around as long as Falling Girl? It’s pretty much useless on a handheld. They’re going to have to completely re-think everything.

Flash videos are another matter entirely. They lag in general, but this may be due to underlying networking issues. I’ll forgo judgement until networking works again.

The problem with Flash videos is that the player is simply embedded into the Web site, the same as on a desktop — complete with tiny, miniaturized, impossible-to-manipulate controls.

The only way to deal with embedded Flash video on a handheld device is the thumbnail-and-player approach used by YouTube. Tap the thumbnail and the fullscreen player launches, with appropriate handheld controls.

As it stands, embedded Flash video is useless simply because the video controls become too tiny.

I’m not usually much of an Apple supporter (please, let’s not get started: it’s a topic for another day, and my thoughts on Apple are more complex than you think). However, if what I’ve experienced in the last few days with Flash 10b3, Steve Jobs may have a really, really good point.

We’ll see how it turns out, but unless the finally-released Flash 10 is dramatically different, it may pound some nails into Flash’s coffin.I don’t know how it’s going to work out, but it will be an interesting show to watch …

Summary

This proves to me that FRG01B’s networking stack was indeed buggy as a cockroach nest. It’s not clear, however, that FRG22 entirely fixes the problem.

As mentioned, I’ve installed some monitoring and networking tools to watch what’s happening under the hood a bit more closely. I’ve also now become conversant with ROM manipulation. A side-effect of this was root access to the Droid, which I’ve lacked since the 2.1 upgrade.

This has had some interesting benefits, not the least of which was wireless tethering. I am extremely impressed that the next time I see my daughters, I’ll be able to offer them wireless Internet for their laptops and handhelds. I plan to make the incredibly tedious drive from my ex-wife’s Chicagoland home to my Des Moines-area house a lot more pleasant by allowing them to be constantly connected to the Internet.

The tethering works, too — which is a bit of a puzzle, in fact. I had my Droid connected to the home router (20MB pipe). The Droid’s Internet connectivity is laggy through this pipe. However, when I tethered my laptop to the Droid, the laptop’s access speed was limited only by the wireless connections. It was by no means 20MB, but it was a workable multi-megabit connection.

Beyond the benefits of root access, ROM Manager makes the whole ROM replacement process so much simpler It’s highly probable that I’ll experiment with networking stacks by installing a variety of ROMs to see if networking is better under them.

I’ve flashed ROMs for other devices, but I’ve avoided it on the Droid so far. The device had so far outperformed all my expectations and I was in no hurry to be on the bleeding edge. However, having been forced to delve into it, I’ve become intrigued at the variety of images available.

I’m still experimenting, but as always I continue to be amazed at what the Droid can do.

The Droid Saga, Episode I: Attack Of the Android

The Droid Saga

Episode I: Attack Of the Android

It is a period of peace and freedom on Bill’s Droid. While no system is perfect, Bill’s Droid is a model of efficiency and freedom.

Rumors have abounded about an upgrade to Android 2.2, said to be faster, squash many annoying Android 2.1 bugs, and most importantly to have Flash 10.

When Android 2.2 was released by Verizon for the Droid, Bill investigated installing it on his beloved Droid without waiting for the OTA upgrade …

Yesterday, I posted instructions to download and install the new, Verizon-pushed Android 2.2. Almost immediately, I was provided with a concrete example of why the bleeding edge is often a bad place to be. You’d think I’d’ve learned my lesson in January of 1996 when I rolled out Windows 95 to 300 workstations at nine sites.

To be explicit, I recommend that you do not upgrade to Android 2.2 using yesterday’s instructions.  I’ll see if I can piece this together so you can understand why:

A couple of days ago, Motorola DROIDs on Verizon’s network began being pushed an upgrade to Android 2.2. This was build number FRG01B.

Almost immediately, users began reporting problems. See this thread for examples, but they’re best exemplified by these posts:

For the love of whatever you consider holy, how can I get back to 2.1?

I’ve had the 2.2 update for a few days now and it is horrible. My phone is slower and it will take more time than usual to open up any apps. Then when there are multiple apps running the phone slows down terribly.

Also, any of the apps that play music or podcasts (including the default media player) will randomly stop for no reason.

My phone will freeze if I am doing to much on it and will take about 5 mins for it to respond again, then it will freeze. The freezing thing is a new issue as of yesterday, so far it has happened three times.

I want 2.1 back! It ran so much smoother than this crap. I wanna roll it back and wait for the update next week that will fix any of the 2.2 issues.

If this is 2.2…it was NOT worth the wait.

And:

Mine too is very laggy and freezes, my gallery is not working properly, the net might as well be dial up (im barely getting 1mb download when before I was about 2.)

That JIT compiler is BS if you ask me it sucked the life right out of my phone.

I called VZW and they sent me to Motorola. I asked Motorola about rolling back to 2.1, they can’t as of now but the customer service rep is looking into it and will be giving me a call back within 24hrs.

So to say I’m PO’ed at the moment is an understatement.

Anyway Motorola’s number is +1 (800) 331-6456. I say call em and give them a piece of you mind like I did. Also I encourage everyone to call and email Verizon and express how them taking the usb tether off is ridiculous (yea we have easy tether but it’s only a matter of time before that goes, in my opinion). Im sorry Im not paying 15 a month for 5GB, thats a rip. This is why people root their phones.

Motorola/Verizon/Google apparently saw the problem. The FRG01B push was halted — but not before those of us on the bleeding edge had downloaded and manually installed the patch.

Almost immediately, Verizon pushed a second update that brought the Android 2.2 build up to FRG22. It’s not yet known if this resolves the networking and other issues experienced by users.

Unfortunately, the FRG22 patch is not yet available in the wild. At least theoretically, it should eventually find its way to those of us who manually upgraded. Unfortunately, this may not occur fast enough to satisfy those of us affected.

After slightly more than 24 hours with the upgrade, I have observed the following issues. In large measure, they appear to be caused by networking problems:

  • Apparent speed of the device is slower. I’ve not timed it, and this may be more psychological than anything as I grow more frustrated. However, it does feel laggy. I’m not experiencing anything like the massive reported performance increase that Android 2.2 was supposed to bring.
  • I’ve got a 20MB pipe that runs a server, 1-3 laptops, and a variety of handheld devices as my daughters come in and out of the house. I routinely get 1.5MB torrent downloads for new HD Doctor Who episodes. My bandwidth is fine.As of yesterday’s force to FRG01B, the networking (wifi seems worst) has been at best slow. At least 25% of the time, it fails entirely.
  • YouTube is useless. I assume that because of the fouled network connection, the player simply times out on the stream.
  • The Gallery lags badly. I assume this is because of the fouled network connection attempting to load Picasa albums and ultimately failing.
  • Any app (and they are legion) that needs a good Internet connection is now unstable. Because the device can’t get decent network connectivity, timeouts are reached and the apps tend to fail.
  • I play “Trap!” — an addictive little game involving bouncing balls on the screen. The interesting thing about this app is that it’s one of the few affected by the 2D graphics bug introduced in the 2.1 upgrade.If anything, the performance of “Trap!” is worse under FRG01B than under 2.1.To be a bit more scientific, I downloaded the LagTest app to check results, and it seems to show that the 2D bug may have been resolved.It’s unclear, then, what might be causing “Trap!” to lag.
  • I’ve coined a new phrase to describe my experience with Flash on the Droid:  craptastically fraktacular.It’s just that awful.  I tried playing Falling Girl, one of the oldest, simplest Flash games out there. The girl falls slow as molasses in January at approximately 2fps.  The simple control of click-and-hold doesn’t translate into press-and-hold on the handheld. There’s no way to interact with the game.Even if you did, it’s so laggy as to be pointless. This may be due in part to network connectivity issues, at least with respect to streaming Flash videos. But Falling Girl is so simple that it ought to load very quickly with no further streaming. It shouldn’t be so pointlessly slow.
  • I’ve not experienced any problems with local audio, which I tested by running a playlist of several hours duration. I’m testing video by playing Star Wars. In both cases, I’m using Meridian rather than the stock media players.

I suspect that the only way to deal with this will be some bright cookie rooting FRG01B. Once done, ROM Manager should work, and one can revert to 2.1.

Short of that, if the FRG22 update resolves these problems, then Verizon/Motorola/Google needs to get it into the wild ASAP. If there’s an FRG22 that’s been pushed to some users as reported, we need that file right the frak away.

Update: Thu Aug 5 21:22:45 UTC 2010

Per our friends at AndroidForums, there is a fix on the way.  No doubt it will be in the wild in fairly short order. As soon as it’s available and applied, I’ll post more.

You know what it’s like? It’s like the Doctor‘s Sonic Screwdriver. You get used to it being able to do just about anything, flawlessly, no problem, every single time. Then it gets frakked up, and the next time you want to reverse the polarity of the neutron flow, it just makes a funky noise instead.

What the frak am I going to do if the Daleks show up before the fix arrives?!

Update: Fri Aug 6 16:41:43 UTC 2010

Having tired of the buggy FRG01B and there being no FRG22 patch in the wild, I decided to flash my Droid back to v2.1, then upgrade to FRG22 using the procedure outlined in this post. The procedure is as follows, modified for readability and taking into account my special circumstances.

Note that this procedure requires a Linux-based computer. I’m running Ubuntu 10.04 64-bit. The app referenced below is a 32-bit app, but should work provided you have the 32-bit libraries on your system. Ubuntu includes these by default.

Also note that, like it or not, this procedure will give you root access to your Droid.

  1. On your Linux computer:
    1. Download the 2.1 SP Recovery image (the file name is SPRecovery_ESE81.sbf)
    2. Download sbf_flash
    3. Download the Android 2.2 FRG22 release image (the file name is FRG22-Release.zip)
    4. Open a shell prompt (Terminal). cd to the directory with sbf_flash and the .sbf recovery image.
    5. At the shell prompt, type:md5sum SPRecovery_ESE81.sbfThis should return9b6a336cd8f067d4487935468c758d89.If it doesn’t, stop now, as you have a bad recovery image.
  2. On your Droid:
    1. Connect the Droid to the Linux computer via USB cable.
    2. Power off the Droid.
    3. Press and hold the Up button on the Droid’s D-PAD.
    4. Power on the Droid. This will bring you to a black screen with white text on the Droid.
  3. In the shell prompt on your Linux computer, paste the following command:chmod +x sbf_flash && sudo ./sbf_flash SPRecovery_ESE81.sbfYou may be queried for your Linux user password. If so, enter it. 
  4. The Android 2.1 recovery image will be flashed onto your Droid.
  5. After flashing, the Droid will reboot with a message that the battery is dead.This is a normal message at this time and no cause for alarm. The issue will be resolved in the course of this procedure.
  6. Please read this step and follow it closely: Without unplugging the Droid from USB, remove and re-seat the battery.This will cause the phone to immediately reboot.In order to complete the procedure, the boot process must be interrupted prior to boot.

    Therefore, when completing the re-insertion of the battery, immediately press and hold the X key on the physical keyboard.

  7. When the Droid boots, use the D-PAD on the physical keyboard to navigate to mount options.
  8. Select and choose Enable USB Mass storage. This will mount the SD card on the Droid as a flash drive on Linux.
  9. Copy FRG22-Release.zip to the root of your sdcard.
  10. Rename FRG22-Release.zip to update.zip.
  11. On the Droid:
    1. Use the Droid’s D-PAD to navigate to and then select Disable USB Mass Storage.
    2. Use the Droid’s D-PAD to navigate to and then select Install
    3. Use the Droid’s D-PAD to navigate to and then select Allow update.zip Installation.
    4. Use the Droid’s D-PAD to navigate to and then select Install /sdcard/update.zip (deprecated).
    5. This will install the “factory” Android 2.2 FRG22 build.
    6. When the install is complete, use the Droid’s D-PAD to return to the main menu.
    7. Reboot the Droid.

When this is complete, you should be running a bug-free version of Android 2.2. It should be the same FRG22 build that will wind up on all Droid’s via an OTA push.

It shouldn’t be necessary to worry about the contents of your sdcard, nor any installed apps, nor settings. All customizations are retained during the upgrade.

I’ve performed this procedure myself. As always, standard disclaimers apply.

This build seems to fix most of the bugs listed previously, particularly the faulty networking stack.

Flash 10 remains craptastically fraktacular. If this performance is any indication, Apple is right: Flash is no longer appropriate on the Internet.

Disinformation Experiment

Unless you’ve been living under a rock for the last few days, you know that our friends over at WikiLeaks have released an enormous amount of data regarding the US/Afghan War.

My initial reaction was to be both amazed at the sheer volume and impressed by the work done to make this information visible in a variety of popular applications.  Specifically, the data available is:

The Google Earth version of the data is particularly impressive. Download this file, decompress it with 7-Zip, load it in Google Earth, and prepare to be amazed.

Unfortunately, while the presentation of this data set is impressive, as an IT Security specialist, I would be extremely remiss if I didn’t point out that there is absolutely no vetting or fact-checking of this information. WikiLeaks isn’t providing original documentation, but rather an organized, electronic data version.

In short, we have no idea if any of this data is valid.

Consequently, to prove the point, I’m trying an experiment:

After examining the files, I’ve discovered that the word “cache” appears frequently. I have taken the Google Earth version of the document and via a simple search-and-replace, have replaced all instances of “cache” with “nuclear weapon”.

I’m now making this altered data set freely available to the public. Please download and distribute it as widely as possible.

The experiment is this: I’m curious how long it will take before the WikiLeaks data and my altered data are intermingled to the point that some idiot starts ranting about all the nuclear weapons found in Afghanistan.

It should be made clear that what WikiLeaks has stumbled across is the correct way to report news in the 21st Century: present it as a series of dates and times, corresponding to a location, and load it in Google Earth. Allow the user — not the news organization — to determine the relevancy of the incident to his/her daily life.

Beyond that, it’s necessary to vet and fact-check the news incident and make that data also available so that the user can draw their own conclusions.

In short, what passes for “news” in the 21st Century is little more than heresay from sources that cannot be trusted. The only solution is to simply make the data available to the public and let the individual decide if it’s relevant or accurate.

Unfortunately, what WikiLeaks has done is brilliant from the presentation perspective, but utterly useless as information. The sources appear to have been neither vetted nor fact-checked, therefore absolutely nothing they have presented is inherently valid.

Hence the explicit attempt to demonstrate this by making obviously-altered data available.

Note that no attempt has been made to disguise this file as the WikiLeaks version.  File lengths are different, checksum hashes will not match, and the applications used to alter the data set may have left footprints of their use. No attempt was made to conceal the fact that this is a doctored version of the WikiLeaks data set.

This is intentional. A corollary to the point being made by this experiment is that even though the data set is easily distinguished from the WikiLeaks version, it won’t matter.

Here is the link to the altered data:

Please download and disseminate as widely as possible. The point is to confuse the two data sets in order to make clear just how easily the original was altered. By extension, this should make clear that the WikiLeaks data set is no more reliable than simple heresay.

Please note: this file, in order to conform to the WikiLeaks release, is compressed in .7z format. You will need a program capable of decompressing .7z files. Such programs are freely available for all Linux distributions using the native package installer.

I’ve not used 7-Zip on OS X, but the code is UNIX-y, so I assume there is an OS X version.

For Windows, I recommend 7-Zip. It’s free, small, fast, and can work with just about any compression format you care to mention. Note that in Windows, the command-line version is significantly faster than the GUI version, particularly with large files.

Happy System Administrator Appreciation Day!

Friday, July 31, 2009, is the 10th annual System Administrator Appreciation Day. On this special international day, give your System Administrator something that shows that you truly appreciate their hard work and dedication. (All day Friday, 24 hours, your local timezone).

Let’s face it, System Administrators get no respect 364 days a year. This is the day that all fellow System Administrators across the globe, will be showered with expensive sports cars and large piles of cash in appreciation of their diligent work.