It’s a Sunday.  The afternoon sun is shining.  The birds are singing.  The cicadas are buzzing.  What a perfect day to mow the lawn, right?

I pull out my man-powered push mower that runs on neither gas nor electricity, but simply the power of my muscles.  (Because I’m so green … and because I can get away with it with such a tiny lawn.)  I’ve had this particular 20″ blade Task Force lawnmower for over a year now.  It’s not exactly the most fun I’ve ever had mowing a lawn (considering my last lawnmower was a powerhouse push mower with a powerful 6.5hp four-cycle engine) but I’ve only got a small yard now, and I’m being green.

It starts out like any other mow.  Only I’m halfway through now and I think I’m feeling something odd.  Only I’m not sure.

I’m three quarters of the way through the yard and I’m definitely feeling something odd.  The blades are spun by the wheels being pushed forward.  The blades spin free when the wheels move backward.  It’s a simple and nifty way to spin the blades by sheer manpower.  The force of the push spins up the blades.  But as I push forward now, the blades seem to kind of klang a bit before the spin. I’m sure of it now.

As I push the mower towards my shed so that I can take a look at it, it gives one last klang.  And now I just hear the gentle click-click-click of the freespin.  Only I’m pushing fowards, not backwards.  The blade no longer powers up when I push.  My lawnmower is dead.

Well drat!  That ain’t good!

Green proponents or just people with small yards may be quite familiar with this lawnmower.  It seems to be a popular one.  Until it broke on me, I didn’t entirely dislike it myself.  (What can I say? It’s a lot of work pushing a people-powered mower.)  I always kind of thought of it as the cream of the bad crop.

And as you look at the design, it looks built to last.  Except for the wheels and the handle tighteners and grip, it’s all metal.  It holds up well. … So I thought.

Then I get the wheel assembly apart.  It’s as simple as slipping a C clip.

On the inside of the wheel is gear toothing.  Which turns that black sprocket you see there.  That black sprocket is designed to move only in one direction.  When the wheels move forward, it grips, allowing the blade to spin up.  When the wheel doesn’t move, or moves backwards, it slips, allowing the blade to free-spin.  This way the blades don’t slow down just because you do.  And you can’t jerk moving blades to a grinding halt by moving backwards.

But wait.  What’s this?  While everything else important is made of metal, the sprocket that does all of this is made of plastic!

A quick examination of this cheap plastic sprocket, the heart of the blade spinning operation, the part that takes the most abuse, reveals the problem.  The inside metal catch that free spins one way and grips the other has torn this cheap piece of plastic to shreds!

I don’t care how any marketing guru cares to try to spin this one.  The most important part of this lawnmower, the part that takes the most stress and abuse per square meter of surface area, is made of plastic.

IT WAS DESIGNED TO FAIL!

And so the bad lawnmower has been thoroughly FUBARed by an intentional design by the manufacturer for it to break down.  There’s simply no other way to explain using a cheap plastic part at this most important juncture.

Is it even worth trying to get this thing repaired under warranty?  They’re just going to replace that god awful little plastic sprocket with another plastic sprocket.  The lawnmower is just going to fail again.  There is no “if”.  There is no question.  It’s only a matter of time.  It’s designed to fail.

If I were a blacksmith or a machinist I might try to die cast or machine out a new sprocket from metal that would last for years and years.  But I’m not.  I’m a tech geek.  I don’t have neat toys like that in my basement.  And frankly, if I were going to do anything to this lawnmower at this point, it’d be to strap a motor and a car battery to the bugger and make that sucker electric!  But I don’t have the R&D budget for that kind of tinkering, and frankly, the blade really isn’t so good at catching all of the types of grass and weeds in my not-so-perfect yard.

It’s time for something better.

Say hello to my little friend: The Black & Decker Lawn Hog 19″ corded electric lawnmower!

It’s my new best friend.  It’s the green lawnmower I always wanted.

Okay, so electric isn’t quite as green as human-powered.  It’s still a lot better than gas, so cut me some slack.  I could have spent like $450 (give or take) on a hearty battery mower.  Or $350 give or take on a severely underpowered battery mower.  But why spend that kind of money when I can get the el-cheapo electric that uses a cord instead of a battery?

I’ve already taken the new mower out for a spin.  Man is it so much better than that stupid man-powered mower.  Now mowing the lawn is literally as easy as, say, using a vacuum.  Really!  That sucker is light!  It just glides across the lawn.  Never have I felt a lawnmower push so easily.  Even my last gas hog, a self-propelled push model, didn’t move this easy.

And starting it is a breeze!  No more yanking a cord.  No problem starts.  It just whirrs right up!

As I pushed it to its knees, I found that you also can’t kill it.  You just can’t.  Electric motors may spin down, but unlike gas motors, they don’t stall if you push them too hard.

There are only two problems I’ve seen with this mower.  The first is true of any corded mower: the cord.  What happens when you run over a cord?  I don’t want to know.  I really really don’t.  Fortunately you literally just plug in an extension cord into the mower, so if you run over the cord you can easily replace it should you be squeemish about splicing it.  (Call me squeemish.  I tried that once as a child, and it wasn’t pretty when I plugged the spliced cord back in.  I’ve been leery of electricity ever since.)

The other problem is the mulcher.  The blade on this sucker is like half fan blade,  half lawnmower blade.  It really sucks up the grass.  Which means that, of course, it’s constantly trying to push the motor to its knees because it’s constantly trying to dice up way more grass than it should at one time.  Now the solution is simple - use the bag in the back instead of mulch - or whenever you hear it struggle, just lift the nose of the lawnmower up a smidge to break the vacuum so that grass can escape.  Both are fine solutions to such a simple problem.  But it’s still a minor nuicanse.

But hey, if those are the worst two things I have to deal with to use such a great and green lawnmower?  No worries, mate!  I’m so very sold.

My only ponderance at this point is whether or not the battery-powered mowers are as smooth as this corded mower.  Battery devices run at slower speeds to save energy.  That might suck.  Worse though, a battery for a device with that much of a motor has got to have some weight to it.  Will a battery version push as effortlessly?  I don’t know.  It’s so lightweight that it’s almost ridiculous.  It’s great!  I’d hate to see that feature lost by adding a battery.

So, thanks to a judicious expendeture of money and a great company like Black& Decker, my lawn has never been so easy to mow.  And I still don’t use gas!  In a way, I’m actually almost glad that the Task Force mower was designed to break, because now I’ve found something infinitely better.

Okay, so I’ve been using Mozilla Firefox 3 for a couple of days now.  And’s here’s my basic impression: Mozilla is full of crap.

There are supposedly all sorts of new and improved features.  Safer?  Maybe, though I’ve never really had a problem with that in Firefox 2.  Smarter?  More annoying so far as I can tell.  It’s full of new bookmark features that I don’t want and wish there was a way to turn off.  The only thing smarter as far as I’m concerned are the new icons which look smarter, as in snazzier, not more intelligent.

But one thing that Firefox 3 most definitely is on my computer, is slower.  Everything I do is slower.  Not faster, like Mozilla claims, but slower. S - L - O - W - E - R.  Slower.

The most annoying thing of all is that now is that it’s so slow to close that when I close it and open a new session, I keep getting this error message:

And so I wait.  And try again.  And sometimes it eventually works.  And sometimes I have to wait more.  Eventually it finishes closing, and eventually I can open a new session.  But I’ve never even remotely had this problem with Firefox 2.  This is most assuredly a Firefox 3 “feature” to be this very slow to close.  The error simply is, Firefox 3 is slow.

(For those of you wondering why I do this, I have a  1920×1200 resolution.  I thought it would be nice to put some of my various web-mail and forum links on the desktop, grouped next to Mozilla Thunderbird, since I have so much unused real estate.  So as I check each, I close each one when I’m done and open the next.  Perhaps strange behavior, I know, but when you have more bookmarks than you know what to do with, you start looking for interesting new ways to make the important ones stand out from the general mish-mash.  It worked absolutely fine with Firefox 2.  But the “faster” Firefox 3 is so much slower that it no longer works so well.)

This is just one example.  As I said, everything in Firefox 3 seems to be slower.  Firefox 3 takes noticably longer to start up.  Pages take easily twice the time to load.  It’s like my hard drive got downgraded.  But it’s not my hard drive.  It’s Firefox 3.

And for what?  A bunch of gimmicky features that I’d rather remove.  What I’d rather have is a Firefox Lite.  If I want stupid features that make my browser crap I’ll use Internet Explorer, thanks.

Honestly, after “upgrading” to Firefox 3, I’m seriously considering switching to Opera.  Firefox 3 is just that bad.  (And no, I’m never going back to IE until Microsoft learns from their mistakes.  You do not force the menu bar to be the second bar from the top.  It’s the first.  It’s always the first.  And the GUI bloopers just get worse.  It’s like Microsoft forgot what a GUI is even there for, which is to be intuitive.)

My advice?  If you haven’t made the mistake of upgrading to Firefox 3 yet, then don’t.  Stick with Firefox 2.  It’s faster.  It’s just as functional.  And it’s not as cluttered with features.

Border Gateway Protocol (BGP) is not about showing your passport when you come from Mexico into the United States.  It’s about the internet.  It’s about the very core of the internet and how billions of randomly placed computers can somehow all communicate together.

When your typical every day web surfer types in the name of the website they want to go to (like InsanIT.net) what happens is that a Domain Name System (DNS) server looks up the name of the website that you want to go to, and returns back to you the actual IP address for that website.  Because the internet doesn’t connect to other computers by names.  It connects to other computers by specific IP address numbers.  But people don’t want to type in 127.000.000.001 to go to a website.  They want to type in InsanIT.net.  So a DNS server is just a big lookup table that automatically tells your computer that InsanIT.net is actually address 127.0.0.1.  (For those who aren’t aware of this, 127.0.0.1 is not actually InsanIT.net’s IP address.)

How does that relate to BCP?  I’m getting there.

The shortest distance between two points is a straight line.  But the fastest distance between two points takes a complicated look-up procedure.  Because you don’t want the loading of the webpage data to have to go from here to Shanghai and back just to get to you,you want the fastest possible route between your network and the computer that holds the web page you want.  So what happens is that when your request for the address 127.0.0.1 (to continue the above example) comes to your Internet Service Provider (ISP) to hit the great wide internet, the ISP’s typically has a router that consults a BGP table for the fastest route from you to the webpage that you want.

Now that BGP table is like any train station or bus route table in that it shows the best way for you to get from Point A to Point B.  But how is that table made?  It’s “easy”.  The table is made from “advertisements” of Autonomous Systems (AS).  Say I’m a big internet pipeline layer.  I have a BGP router.  I tell my BGP router to advertise to ISPs that my great wide internet pipe can deliver to Address A through Address C at a blazing speed.  ISPs pick up my announcements (in a completely automated way) and build their tables.

Now, here’s the kicker.  Here is where Wired has an interesting if not scary point.  Who says that I’m telling the truth?  Who says that my BGP router really can deliver the fastest route?  Well?  No one does.  It’s just assumed that all BGP routers are honest.  That’s how the BGP is flawed.  By design it figures that every BGP router tells the truth.

Why is this so important?  What is the worst that could happen then if my BGP router is intentionally lying?  So it just takes a little longer for my web page to load?

No.

What Pakistan semi-accidentally proved is that such a simple trick can be used not just to slow down the flow of information on the internet, but to completely block a website from being accessed by potentially  anyone.

That’s bad enough.

But at the recent DEFCON 16 “Tony” Kapela (data center and network director at 5Nines Data) and Alex Pilosov (CEO of Pilosoft) showed to us that it’s much much worse than that.

It turns out that you don’t have to break the internet when you do something like this.  You can actually engineer it to make the web page request go through, to keep the data truckin’ on.  But you still get to read all of that data as it passes on by.  You can snoop to your little heart’s content, with no one the wiser.  This isn’t just web pages we’re talking about.  It’s “secure” internet shopping and all of your credit card data.  It’s every last email.  It’s corporate espionage.  For any unencrypted data it’s a complete breakdown of all security.  The only potentially safe data is encrypted data.  And even that’s not 100% guaranteed as encryptions can be broken.

But, in fact, it can be even more malicious than that.  You can theoretically alter the data as it passes through.  You could, say, change what loads on a webpage.  Or what comes through in an email.  You could literally control what people see, and all without anyone’s knowing.

THAT is what has Wired (and so many security-conscious people) in an uproar.  The Border Gateway Protocol is inherently unsafe.  It takes a little more knowledge than usual to perform this kind of hack, and requires you to buy a BGP router and put yourself into the system, but it isn’t beyond the realm of possibility.  And once you’re in, you’re golden, because there are no errors.  Everything looks completely legit.  All because the BGP architecture is completely based on trust.

Stephen Kent (chief scientist for information security at BBN Technologies) has been working on solutions to fix this very issue for years.  He has even privately demonstrated a similar BGP interception for the Departments of Defense and Homeland Security.

So rest assured that this issue is not being ignored.  There are several possible solutions.  One day the BGP system will be based less on trust and more on security.

But until then, don’t ever assume that the internet is safe.  Your best approach is still the most simple approach: encrypt your important data.  Security doesn’t just happen.  You have to make it happen.

I’ve been using Grisoft’s AVG Free Edition for a few years now. I didn’t start there. Oh no.

First was Norton antivirus. It was okay … ish. But it really wasn’t stunning me. It let things through. It ran poorly. It wasn’t long before I was trying something else.

So I tried the next major name: McAfee. It made me long for Norton it was so bad. The resources that it consumed just to do absolutely nothing were stunning. My whole computer slowed down to a crawl. That went right out the window.

So, having wasted considerable funds on just antivirus software, I decided to give the freeware world a shot. I figured how much worse could anything there be? The two major pay-fors were utter crap. So long as a free AV package could meet the same low standard, I’d be sold.

That’s when I found Grisoft. I tried out one of their earlier versions of AVG Free. It wasn’t great, but it was better than both of the others. It used less resources and caught the same tests (from some old bad infected floppies) that I threw at it. There was one game where there seemed to be some programming collision and Grisoft would bring the game to a crawl after an hour or so of play, but later updates to AVG Free even fixed that. So it worked just as well as Norton as far as I could test it, but used the least resources out of all. And it updated itself daily. Who could ask for more?

Over the years it got better and better. Version 7 was a real treat. So much so that I was starting to consider actually buying Grisoft’s AVG package.

But then I “upgraded” to version 8.

And I use the term “upgrade” very loosely.

Because so far, it’s been total crap.

To start with, they totally screwed up the user interface. I think someone was trying to make it more modern. Instead they just made it even less intuitive.

Then there’s the updates. Or, more specifically, the lack thereof. Seriously. Literally every other day, somehow, the update process fails. Even right now, this very second, I’ve been trying to run it manually because the automated update failed. And I get only so far through the update process when BAM, their server fails. I know it’s not my server because I’ve tested it just to make sure. It’s not my server. It’s not my ISP. It’s not my firewall. It’s their server. It’s their product. It’s their failure. And I’m really f’ing sick of it. If they don’t sort this soon, I’m going to have to give up my years of loyalty to what was once a good product and go elsewhere.

But that’s still not all. There’s also the LinkScanner scandal. What do I mean? Well, Grisoft introduced into their AV product a new feature that pre-scans the links returned in common search engine searches. So say you search for something in Google. All of the results that Google gives you are pre-scanned by LinkScanner. This is a great feature for security. But webmasters pretty much hate it. Why? Because now all sorts of websites are getting what look like hits of real people reading their website. Only those real people aren’t real people reading their site. They’re just real people doing a web search, and those hits have nothing to do with people reading a thing. It’s all pre-scans for security. Good for web surfers. Bad for web sites. It costs websites bandwidth and very much skews their statistics to gauge their readership.

Well, supposedly Grisoft was going to neuter the LinkScanner to no longer pre-scan web searches. They weren’t even going to ask users which was better, or leave it up to them. Rumor was they were just going to disable that feature because of the noisy complaints of the very few web pages that noticed. (You can tell it was such a big scandal since so few administrators even figured it out.)

That was the rumor anyway. I’ve still to see it happen. Of course that could be because I can’t get Grisoft’s AVG Free 8 to update. But meanwhile, my web searches all still pre-scan the returned links. Which, by the way, I like. And yes, I do own InsanIT.net. I’m okay with this product. I even hope more AV suites offer something similar in the future. Anything that makes the web safer for surfers is okay by me.

But the point is, it’s a weird scandal, with a stranger lack of a resolution.

And, of course, there’s Grisoft’s AVG logo itself. A picture is worth a thousand words:

Does this logo seem in any way familiar? Well, considering that it’s just a Microsoft Windows logo spun around 180 degrees, it should look pretty darn familiar. Maybe Grisoft is intentionally trying to create a familiar feel, but I’m not sure which concerns me more, getting that close to a copyright and trademark infringement of a blatantly familiar logo, or that maybe it was just “by accident” and they’re really that uninspired over at AVG.

So what does it all add up to?

I used to be a big fan of Grisoft. At a time when Norton and McAfee were, well, less than stellar, Grisoft offered a completely free antivirus solution that was infinitely better.

But today, times have changed. And Grisoft? What things they have changed, have all changed for the worse.

They do not inspire in me the confidence to pay for their product. And their free product is just darn close to pissing me off for the last time.

These days, there are other fish in the sea. I’m thinking it’s time for me to head back to open waters and search for something new. And if you’re considering using Grisoft’s AVG, I invite you to do the same.

You bought yourself an iPhone from Apple.  You decided to password protect your phone in case evil insurgents try to use it for nefarious means.  And you slept better at night, knowing You Did The Right Thing.

Until you read this.

As reported by the MacRumors: Forums, breaking into a password protected iPhone is as easy as 123.

1) Tap “Emergency Call” keypad from passcode entry screen.

2) Double-tap home button.

3) Tap blue arrow next to contact’s name.

“You now have full access to applications such as Safari, complete Contacts list, SMS, Maps, “full” Phone access, and Mail by accessing various entries on the Favorite’s page, i.e. tapping their home page brings up a full, unrestricted Safari.” says greenmymac.

Can anyone say “Oops!” over at Apple?  I sure know that we can say it here.

A workaround to prevent this horrendous security snafu is to disable the home button double-tap.  (Settings > General > Home Button > Checkmark Home)  In the mean time though, Apple sure better be working on fixing this security blunder, because never has a hack been so easy as this.  It makes Microsoft look secure!