As I mentioned in my last post, I went away on a cruise last week. I really enjoyed it and it was a lot of fun. It was also pretty tiring at times, having to wake up (for what I consider) pretty early to go on the excursions when the ship docked or dropped anchor.

The Good

I’ll list the stuff I did before I get into the stuff most people don’t talk about when they go on vacation. The first day was at sea, and I spent most of it just exploring the ship. It was my first cruise so I was naturally curious about a lot of stuff. The ship itself was pretty neat; a marvel of human engineering and technological advancement. The next day we docked in Cozumel, Mexico where we did some snorkeling. We were also supposed to do some kayaking (in clear-bottom boats) but it was canceled due to high winds.

The next day we stopped at Belize, where we did a city tour and went to the zoo which doubles as a nature preserve. It was really cool and I really liked it. I also saw some fire ants which was an added bonus, and had my picture taken holding a boa constrictor. The day after we stopped at Roatan Island (Honduras) where we just relaxed at the beach and had a buffet lunch. I sampled some local beer from all the stops.

The day after that we arranged we stopped in Grand Cayman, where we had arranged a private tour. We were taken out to what’s known as Stingray City, where we could walk/swim among the stingrays and feed them. That was really cool and my favourite part about the trip. We finished off with some awesome snorkeling. The next day was a day at sea, but the weather wasn’t cooperating so most of the day was spent inside the ship. Then the next morning we arrived back in Tampa Bay, Florida and disembarked.

The Bad

Now onto the bad stuff. I hope those who were on the cruise realize what it takes to make the ship do what does, and what it allows its passengers to do. The amount of resources required to provide a floating city with power, air conditioning, and hot water 24/7 must be astronomical. And while all these people are enjoying their floating castle there are millions of people in the world who are without access to clean water, and yet we have access to it in the middle of the Atlantic.

Also the amount of excess when it comes to food and the encouragement to just keep getting more is rather absurd. At dinner order two entrees! Don’t worry if you can’t finish it, they don’t care. It’s included in your ticket, remember! Can’t decide which appetizer to order? No worries, just order them all! Don’t fret if you don’t like it, they’ll just take it away. Doesn’t cost you a dime!

Except it does cost. It may not cost you directly, but there’s a hidden cost. A cost to the environment and to the third world in general. I’m not saying don’t enjoy yourself; everyone is entitled to indulge, but at least do it with some awareness that there’s a lot going into that cruise to make it possible. So you can enjoy your fancy dinners, but get stuff you’re actually going to eat, or at least feel confident that you’ll enjoy. Or ask someone at your table if they’ll share it with you so it doesn’t go to waste. You wouldn’t want to be killed just to be thrown into the garbage.

So it’s been nearly a month since I posted about using the Dvorak keyboard. I’m using it at work and have been for a couple of weeks, so now I’m basically using the Dvorak keyboard 100% of the time. My speed has certainly increased, but I am still quite dependent on looking at the keys; I haven’t developed the muscle memory yet but I can feel it starting to take hold.

I’m ironically writing this post on a QWERTY keyboard on my laptop at my parents’ house (I’m leaving for a cruise tomorrow) and I am having significant issues using this layout. My brain has been wired to use the Dvorak layout and now I’m definitely having problems. I thought I’d be able to “keep” the QWERTY layout in my head but that’s clearly not the case. I’m not useless but I am nothing what I was; I can no longer touch type on it, that’s for sure.

I am having some issues with the Dvorak layout though. First, I’m finding myself always messing up the M and W keys, despite the fact that the M key is in the same position (only two keys have the same position – M and A). I’m also having issues hitting the F key with my right index finger. For whatever reason it feels awkward using that hand and actually feels better using my left hand even thought I shouldn’t be.

My last two issues: I’m having trouble with the A and O keys, mainly their positions. I feel it would be better if they were reversed. I think it would be a more natural movement. Lastly, I’m having problems hitting the S key with my right pinky finger. I view the S key as a “strong” letter and my pinky finger as a “weak” finger. It doesn’t feel natural hitting that key with that finger (yet).

I’m sure in time I will overcome these pitfalls. I actually think I am learning it quicker than I thought I would. I think come June I’ll be just as good with the Dvorak layout as I am with the QWERTY, with a lot more muscle memory. I am a little concerned about losing the ability to use to QWERTY but I guess that’s part of progress, right?

It’s been quite a while since I’ve written a post. I’ve just been so busy lately that I don’t have the time. But right now I’d like to sneak one in. I must warn you though, it’s a little bit of a rant.

I was at my parents’ house on Saturday for Easter; it was spending some time with family and enjoying a nice meal. While I was mingling with everyone my dad told me about his new Netgear router he bought. Specifically a WNDR4000. Since he bought a new router and had to set a new wireless password, I would need the new password for my phone. I went downstairs to check out the router and see my dad’s computer (he also recently bought an SSD for the first time). He told me the password and I was able to connect a few moments later.

Then we started talking about networking and sharing files. Eventually the conversation moved to him needing to log into the router to see some information. He tried the typical 192.168.1.1 address but the browser would never seem to load the page; it would just sit there at a white screen, trying to load. We tried on a different computer and were met with the same result. I double-checked the address through ipconfig and it was indeed correct.

I thought this was ridiculous, but the “fun” was just beginning. I mean, he must have already been in the router if he had set up his wireless password, changed the SSID, etc. We consulted the manual which instructed us to navigate to routerlogin.com which would prompt us for credentials. Okay… I thought that was a little odd, and, to be honest, baffling. It doesn’t make any sense to have to connect to an external destination to access a local device.

But fine, we’ll go to the website to log in. Except the website wouldn’t load. It seemed to be down. They offered a second website, routerlogin.net, which did the same thing. We tried from a different computer and the same thing happened. I even entered both websites into www.downforeveryoneorjustme.com and both came back with a “It’s not just you!” response. I just checked the sites now and I’m getting the same result. Except now when I try to navigate to the websites they redirect to Netgear’s support page – no place to log in or enter credentials.

Okay so how the hell are you supposed to log into your router? Like are they serious? So if their websites go down or become inaccessible for some reason I’m effectively locked out of my router? How could no one recognize that this was a terrible idea?

So I decided to call technical support. I wanted to find out what their back up plan was (if they even have one) for this situation, and, admittedly, I wanted to rant a little bit to someone. Perhaps a manager or some other higher up would listen to the recorded call and see that this in an absolutely asinine idea, and then abandon it ASAP.

I was met by someone on the phone with a thick Indian accent – a sure sign of outsourcing to India. Please note I have nothing against India, Indians, or the Indian accent; however, as a Canadian customer it makes it even more difficult to convey my problem and to receive information. In any case, he proceeded to register the router, which took about ten minutes. He told me the case number for the call and said if we were to be cut off he would call back within 60 seconds.

Eventually we got to the point where I could tell him the issue, that we were unable to log into the router through the designated websites and if he could provide an alternative. Instead of giving me an answer or any kind of useful information he proceeded to ask me a bunch of useless questions. I informed him the Internet was working correctly and the router was functioning as expected. He ignored me and kept asking useless questions, such as am I using a desktop or a laptop, how many wireless devices do I own, or am I using XP Home or Pro.

I understand they need to know some information to troubleshoot, but this information is not going to help. After spending nearly 25 minutes on the phone I started to get frustrated, especially when he asked me what my ISP was, what my modem was, and what model it was. I mean come on, you’re asking every question except the ones that matter.

Anyway, after about 30 minutes on the phone we got cut off. Either that or he hung up on me. In any case we didn’t receive a phone call in the next 60 seconds or for the rest of the night. Later I went home and Googled the issue. Apparently I’m not the only person who’s had this issue (not surprised there). And I found out in some cases that the router redirects 192.168.1.1 to their websites. Absolutely unbelievable. I advised my dad to return the router if possible and to purchase another brand. I’m quite partial to D-LINK, but Linksys would be my second choice.

- image from Wikipedia

I’ve wanted to learn the Dvorak keyboard for a while, but never got around to doing it. Then my interest peeked about a month ago when I read Matt Mullenweg is a Dvorak user (he’s the founder of WordPress). I was (and still am) also interested in the challenge itself – overcoming 20 years of muscle memory and habit is no easy task.

I started researching the Dvorak keyboard for a few weeks, and as I became more excited about learning it, I started looking for where I could buy one. Surprisingly I couldn’t find it anywhere. None of the major computer stores sold them, and there was next to nothing on eBay. I finally found an obscure website that sold one but it was $100 + shipping and tax. That was too much money for something I just wanted to try. Eventually I bought a couple set of stickers and used an old keyboard. I could have just rearranged the keys but this way was far less work.

Obsolete

QWERTY, the de facto standard, was important and applied during the time when typewriters were the way to do word processing. But we’re in the 21st century now, and while the QWERTY layout didn’t maliciously set out to slow down its users, it certainly didn’t help; its arrangement of keys was intended to reduce jams with typewriters, but that obviously doesn’t apply anymore with the invention and popularity of the computer.

We should be moving away from this old and outdated layout and use the more efficient Dvorak layout.

Benefits

The Dvorak layout has several benefits over the QWERTY layout. Simply put, the most used keys are placed on the home row, including the vowels. Other considerations include increasing the likelihood of alternating hands when typing, putting the most common letters on the right side (which is the strongest hand for most people), putting the least used letters on the bottom row, and reducing the likelihood of jumping over a row to type successive letters (known as “hurdling”).

These considerations allow the Dvorak design to produce less errors and reduce hand movement, thereby reducing repetitive strain injuries such as carpal tunnel syndrome. This makes the Dvorak keyboard a more ergonomically correct layout. It also makes it a faster keyboard since hand movement is reduced. The Dvorak design reduces hand movement by almost 40%.

Usage

I’ve been using the Dvorak keyboard for about three weeks now. As mentioned earlier, it’s difficult undoing 20 years of muscle memory and habit, and it’s been a challenge, but I’m starting to notice a signficant improvement. At first I hooked the second keyboard to my computer and alternated between the two, mostly doing typing lessons and quick chatting on MSN; anything that involved heavy typing I switched back to the QWERTY keyboard.

Eventually I decided that if I’m really going to learn it, I need to dive in head first. A week ago I disconnected the QWERTY keyboard and now I’m using the Dvorak full time. With that constant exposure I’ve noticed my huge improvement. I’m still far off from being “fluent” with it, but from what I read I should be fluent in about 2 months. I’m still using the QWERTY layout at work, but I am hoping with another week or two I can convince my boss to let me use the Dvorak design.

Some have asked me if I’ll “forget” the QWERTY layout. It’s possible, as I would like to move to the Dvorak 100% on PCs, but I’ll be using the QWERTY layout in other areas such as my laptop, smartphone, and my media computer. My intention, if possible, is to become “fluent” in both, with the Dvorak being my main layout.

I’ll post again in a few weeks with an update. Hopefully by then I’ll be using it at work and my speed will be nearly what it is now with the QWERTY design, and I’ll probably follow that post with another and by then I’ll hopefully have surpassed my current speed. At the very least I’ll know I was able to complete the challenge of learning a new keyboard layout.

CanSecWest’s annual Pwn2Own hacking competition took place March 7 – 9 this year. It went by relatively quiet this time around. Nevertheless, some interesting developments occurred.

Google Chrome

Google pulled itself out as a sponsor of the event, citing rule changes; full disclosure was not required by the exploiters. Instead Google hosted their own “pwn” competition named Pwnium. Chrome was hacked three times. First by the security firm VUPEN, who didn’t reveal their exploit and decided instead to keep it for their customers. VUPEN used two zero-day flaws to complete their exploit. Second by Sergey Glazunov, a Russian university student with two zero-day vulnerabilities. Glazunov’s exploit didn’t break out of the sandbox, though; it avoided it altogether. The third exploit was completed by a teenager who goes by the handle of “Pinkie Pie”; he used three zero-day vulnerabilities to accomplish his exploit and break out of the sandbox.

For the exploits that were revealed, Google released a patch within 24 hours.

Internet Explorer

Internet Explorer 9 was hacked by VUPEN using two zero-day vulnerabilities. The vulnerabilities exist in all versions of Internet Explorer from 6 all the way to the newest platform preview for IE 10 on the Windows 8 Consumer Preview. VUPEN is only revealing one of the vulnerabilities and keeping the other private for their customers.

Mozilla Firefox

Firefox was hacked by the team of Willem Pinckaers and Vincenzo Iozzo, who demonstrated a zero-day flaw. A patch has not been issued yet.

Safari

Unlike previous years, no one attempted zero-day exploits on Apple’s Safari browser. Some are attributing the low turnout this year to the change of rules of the event.