Corsair SSD + Mac = pain

Until recently, having a 3 year old laptop was unthinkably slow. Yet today I find myself with a mid-2010 MacBook Pro. Not long ago, RAM and processors leapt past the point of being good enough. My long-in-the-tooth laptop is sporting a 2.66 GHz Core i7 CPU, 8GB of RAM, and half TB of storage. All of those specs are sufficient for my needs.

The problem with my old system was the performance of the spinning disk. Its laggard ways had me lusting after a new Retina MBP with 512GB SSD. I would have leapt, but two things held me back: Anand’s advice, and my employer donating a Corsair CSSD-F240GB2 to me. Dropping in a SSD made a dramatic difference. Instead of drooling after a new laptop, I was like a satiated diner, admiring the dessert menu, but passing.

I was content, until my Mac started to hang once a week with identical symptoms each time. Apps that did not need disk I/O (terminal & IM sessions) would keep running while those in need of disk would hang interminably. The only solution is a hard power off. I looked into it and Corsair offers a firmware update, principally to address wake-from-sleep hangs on Windows. The firmware updater is  Windows only. It’s worth a try, right?

My first stab was connecting the SSD to another Mac running Windows 7 in VMware, via USB. The update utility didn’t see the drive. To follow the updater instructions and connect via a Windows 7 computer via SATA and AHCI enabled, I would have to install Windows 7 via Boot Camp. Installing Boot Camp is generally easy: run the Boot Camp Assistant, let it carve out some disk space for Windows, reboot to the Windows install DVD and install.

Except I had a few obstacles:

  • I had replaced my DVD drive with the SSD.
  • Boot Camp Assistant will only allow a USB drive install of Windows on newer machines that ship without a DVD drive.
  • Boot Camp could not partition my disk because it could not move some files.

To get Windows installed, I had to wipe my spinning disk, clone my SSD back to it, replace the SSD with the DVD drive, boot onto the spinning disk, run Boot Camp to partition the disk, install Windows 7, replace the DVD drive with the SSD, tweak the registry to support AHCI on my SSD, and finally run the Corsair firmware update utility. Which still did not recognize my disk. My next SSD will not be made my Corsair. And it might be wrapped in a new rMBP.


monitoring exim with nagios

I was setting up monitoring of mail queues with the nagios plugin check_mailq and found it didn’t work on cPanel servers. Google led me to a few shell scripts that used sudo to run exim -bpc. I didn’t like that option so I dove into check_mailq, expecting to make a few changes to the code. Instead, I discovered that for exim, the check_mailq plugin expects to parse the input of a queue listing. From there, the solution was straight forward.

Edit nagios/ and set $PATH_TO_MAILQ = “/usr/sbin/exiqgrep”;

Add the nagios user to the mailnull group in /etc/group.

Add this to nrpe.cfg:

command[check_mailq]=/usr/local/nagios/libexec/check_mailq -w 100 -c 500 -M exim

Restart nrpe, and it works perfectly.


Nolisting is a spam fighting technique that works by listing an unavailable MX as the highest priority (lowest MX value) mail server. The idea is that any proper mailer will detect the unavailable MX and automatically retry the next highest priority MX record.

On Feb 7th, 2012, I dedicated one of my IPs to the job of not listening for SMTP traffic, set up a host record, and then configured a few mail domains with my faux MX as the highest priority.

On March 5, I removed the faux MX records. Over the course of a month, the half dozen users of these mail domains had all experienced the loss of valid mail and noticed. Undoubtably, they lost more valid messages than they noticed.

Before I removed the faux MX records, I did some sniffing of the SMTP traffic hitting my faux MX. During observation, most of the failures I witnessed were being sent by an application written using JavaMail. Apparently it’s popular with banks (for sending account notifications), news organizations, and online photo processors.

Which mobile phone carrier?

I have 4 lines with AT&T and am less than pleased. While data speeds are excellent, any call longer than 20 minutes will drop at least once. Coverage at my house is poor. AT&T’s voice quality is poor and has been for years.

My other major objection is their unlock policy. While AT&T will finally unlock iPhones after their contract is up, that still requires that I keep a 2-year old phone around for international travel. While exploring my options, I put together this TCO (total cost of ownership) comparison chart of the major US carriers (AT&T, Verizon, Sprint, T-Mobile) and a few resellers.

Mobile Phone Plans

The larger PDF also compares plans from Cricket, Virgin, and Ting. Pricing is shown for each plan with 1, 2, 3, or 4 phones.


  • The One Time Net value assumes the value of an iPhone 5 in two years is $250. If you purchased an iPhone 4 two years ago, that’s about what your handset is worth today.
  • Ting with 3,000 minutes looks outlandish, compared to 1200-1,600 for everyone other plan. That’s because Ting and Virgin have no nights-and-weekends, or mobile-to-mobile. I looked at my past 12-months phone bills to determine how many minutes we’d need.
  • An excellent related post, Which iPhone 5 for a Global Traveller

Adventures in legacy software

Today I opened M.Y.O.B. accounting files from 1999-2001. The files cannot be upgraded because they experienced some data corruption. The only way to access the files is to run the versions of M.Y.O.B. that they were created with.

The solution was to run Mac OS 10.6 inside a VM, which unfortunately, is a violation of the Apple EULA for Mac OS 10.6. Oops. The reason for using 10.6 is that it’s the last version of Mac OS X with support for Rosetta, the PowerPC emulator that lets Mac OS X apps written for PowerPC run on newer Macs with Intel CPUs.

Rosetta allows AccountEdge (the versions of MYOB written for Mac OS X) to run, but one of the files I wanted to access was from 1999, and it requires MYOB Accounting Plus v9, which is a classic application. For that, I turned to SheepShaver, a Mac OS Classic emulator, running Mac OS 9 within the 10.6 VM.

In summary, the solution was to run two emulators within a VM. With that, I’m able to run every version of MYOB within a single VM.

I also have a VM that runs AppleWorks, for those rare occasions when I stumble across a very old file that I would like to upgrade to the latest version of AppleWorks, so that I can further upgrade it to something that’ll run on Mac OS X Lion.

Also, since I couldn’t find one online, I also created a table of the MYOB versions, their marketing names, release numbers, and year of release.

Name Version Release DB ver. Year Company
MYOB 5 5.0.8 5 1994 Best! Ware
MYOB 6 6.0.1 1996 Best! Ware
MYOB 7 7.0.3 7 1996 Best! Ware
MYOB Plus 8 2.0.5 2 1999 Best! Ware
MYOB Accounting Plus 9 3.0.4 3.5 1999 MYOB LImited
AccountEdge 1 4.7.0 2001 MYOB Limited
AccountEdge 2 5.5.3 2001 MYOB Limited
AccountEdge 3 6.5.3 2002 MYOB Limited
AccountEdge 2004 4 7.5.0 2003 MYOB Technology Pty Ltd
AccountEdge 2008 8 12.0.6 2008
AccountEdge Pro 2012 12 16.1.4C 2012 Acclivity Group LLC


Scale is hard: gmail edition

Sometime on or about August 8th, IMAP access to Gmail stopped working for me. I don’t depend on Gmail so I ignored the error messages for 6 days. Then I simulated an IMAP session and was able to authenticate to Gmail, but after that, all IMAP commands timed out. So I looked to the Google Apps Dashboard which reported that everything was fine. Lies. Then I found the Gmail Known Issues page where I found this:

We are aware of an issue where users are receiving an error that ‘”” is not responding’ when using IMAP on their computers, mobile devices, or tablets. We are currently working on resolving this issue.

In the meantime, you can sign in to Gmail through a web browser. For Android and iOS users, you can also download the Gmail application in the interim.

Then I found the Gmail Forum within the Google Product Forums where many other users were reporting this issue. What I find interesting about this failure was that it took 7 days before my account access was restored and many users are still affected, 9 days later.


Mobile mapping isn’t good enough

Today I confronted a limitation of Google Maps. I’m in Buena Park and I need to be in downtown LA around 8AM. Last night, I consulted Google Maps on my iPhone for planning purposes. It answered 31 minutes. I also checked in a browser on my laptop, in case a feature existed that would let me choose a departure or arrival time that accounted for Monday morning’s typical traffic. There is no such feature.

Because of LA’s infamous traffic, I gave us 2 hours to assure we arrived on time. I also consulted Google Maps at 6:00AM when we departed. It offered up 38 min with traffic accounted for. I checked again after arrival and Google Maps predicts 55 minutes. The actual time: 77 minutes.

Perhaps the Google Maps time estimates are typically reasonable in typical cases and LA traffic is an edge case that is poorly handled (as I learned several times in the past week). However, I think this is a limitation of how Google calculates traffic times. It only accounts for traffic as it is at this moment. It doesn’t account for the typical traffic patterns that predictably recur on given days of the week.

This is where other competitors such as Waze and hopefully the new iOS maps app can offer a significant advantage by mining crowd sourced data to make much better predictions. This is almost certainly something we’ll see in a future version of Google Maps.

Microsoft Introduces a Challenger to the iPad

Another quarter, another iPad competitor. But the headline is misleading. I watched the announcement. Microsoft didn’t introduce anything. They merely announced the Surface. This one had better be good, Microsoft is running out of marketable words to name their tablet attempts.

The keyboard idea is clever. It’s original. It might even work. It will take up less space than my iPad plus bluetooth keyboard. But is it better?

Ballmer has been watching Apple product introductions. He was trying hard to channel Steve Jobs. The hushed invites. The buildup music. The decor of the stage and slides. The introduction and invites. The structure of the presentation. The lack of PowerPoint looking slides. The Jonny Ive inspired “design” video. Microsoft is trying really hard to be like Apple.

They talked about the Surface and the ability to do all our Windows tasks on it. But they didn’t actually demonstrate the tablet doing any of them. Lots of talking and hand waving. Here’s the NetFlix screen, here’s the, oops, hang on while I grab another tablet. What? A crash during the announcement? That’s not the part of Windows we want you to bring to the mobile computing world Microsoft. Sad, sad, sad.

They let journalists touch them afterwards. For 90 seconds. With the power turned off. No typing on the vaunted keyboard. If these products worked even modestly well, you can bet they’d have been showing them off, like Apple did at the iPad announcement.

The announcement reeked of desperation. They announced a product so buggy it can’t survive a live demo. It may ship in the 3rd quarter, but Microsoft isn’t known for nailing their ship dates. There’s no pricing, likely because they’re having trouble sourcing components in quantity, because a certain dominant tablet maker owns the tooling and factories that create all the hi-res tablet displays. They have zero third party apps optimized for a tablet, and little enthusiasm from mobile developers. They are paying developers of popular 3rd party apps to port them to Windows Phone 7.

The saddest part of all this is the powerlessness at Microsoft. Back in the 90’s, I recall Microsoft product announcements instilling a sense of doom in anyone competing in a market. Competitors scurried. Projects and sometimes products were cancelled at the mere announcement of a Microsoft initiative, because competing with Microsoft was certain death. Now Microsoft makes an announcement and it’s just sad. Memories of greatness are replaced with memories of PlaysForSure and Zune trying to compete with the iPod. Then the Danger fiasco, the Kin disaster, and the underwhelming Lumia trying to complete with the iPhone. Then there’s the list of Windows powered tablet flops, crowned by the HP Slate. It’s just sad.

What I find most telling is that Microsoft and Google have both publicly confessed that Apple’s integrated approach is best. The modular solutions they previously championed (hardware from them, software from us) are not good enough. Google bought Motorola and will soon announce its own hardware, and now Microsoft has announced their own.

I think it’s premature to declare the Surface an iPad challenger. But one thing is for sure, it’s going to get even tougher for HTC, Samsung, and LG to complete in the mobile computing race.

Flashback and Mac OS X security

I’ve had several people inquire about the security of their Mac, particularly since the media began exploiting the Flashback trojan with sensational titles and coverage that I refuse to link to. If you want a good summary of the Flashback trojan, Macworld has an excellent writeup: What you need to know about the Flashback trojan. As for what you should do, read on.

We need to remember that absolute security is impossible to attain. Safety and security are more accurately described in degrees. What we mac users are accustomed to is a greater degree of security than other PC users. So long as we employ a bit of caution when downloading, we can surf the big bad internet with very little concern.

That’s not so say we’ve had absolutely nothing to worry about. Every year, there’s been an exploit or two and the page view generators declare that “The Mac is no longer secure.” Never mind that no platform is secure. Such facts do not generate page views. Here in reality, we Mac users have seen three primary vectors of security exploits on the Mac platform: QuickTime, Flash, and Java.

  • QuickTime: There have been quite a few QuickTime exploits, often as the underlying open source applications discover and patch exploits. Apple has been pretty good about getting these patches applied and pushed out to users quickly. Software Update is easy to use so most users see and install these updates.
  • Flash: Flash is the gift (to those with malicious intent) that keeps on giving. For a while, it seemed that Flash Player needed to be updated every week to remain secure, where by secure we meant it had no known vulnerabilities. A few years back, I realized that nothing I cared about required Flash, so I manually deinstalled it. John Gruber has a few tips for going Flash free. The benefits I noticed from disabling Flash were the disappearance of animated ads, faster page loads, greater battery life, and a cooler laptop. I was pleased when Apple shipped Lion without Flash and Java. With Flash use on the decline, the internet is already a better place.
  • Java: For the same reason that Java is popular in enterprises (write once, run anywhere), Java is popular with malware authors. Apple has a history of slow Java updates which you can read about at Macintouch. The short version is that just like Flash, Java updates on the Mac require cooperation with a third party (Oracle, and previously Sun). That often delays the release of new features as well as security fixes for Java on the Mac platform.

The only web site I use that utilizes Java is one bank, and it uses Java only for its online check deposit feature. Since I rarely use that feature (there’s an App for that), and having Java enabled poses real security risks, I have little reason to have Java enabled in Safari. Apple has made it very easy to disable Java: Safari -> Preferences -> Security -> Enable Java and click that checkbox off. I recommend that everybody does the same. It is comparably easy to disable Flash and Java in FireFox, Chrome, and Opera. Doing so inoculates you from nearly all internet nasties.

In summary, Mac users can continue to eschew antivirus software and still remain reasonably secure, so long as we employ three basic precautions: apply security patches that Apple releases, disable Flash, and disable Java. This is the way it has been for years. The thing that has changed the most regarding Mac security is that now it’s easier than ever to live without Flash and Java.

Green built houses

With house prices and interest rates low, we are considering homeownership again. We have looked at hundreds of houses in the past year and found a half dozen that we really liked. What we haven’t found is a house we like at a price we like.

In 2011 we learned about three standards in the green building industry:

  • Passive House: limits household energy consumption to 120 kWh per cubic meter. A Passive House is very efficient and there are tens of thousands of houses built to this standard in Germany, Scandanavia, and Canada.
  • Net Zero: consume zero energy and zero carbon emissions annually.
  • Energy Plus: produce more energy annually than is consumed.

In 2011 we attended several green energy festivals. We toured a couple Passive Houses and the only Net Zero homes in the Puget Sound area. The cost of getting to net-zero is 15% more than building a traditional home. Our goal is to get as far as we can towards net-zero. A net-zero home has a monthly gas and electric bill of $0. Getting to net-zero requires reducing energy consumption through:

  • an efficient building envelope (super insulated, tightly sealed, oriented for beneficial solar gain)
  • highly efficient fixtures and appliances (LED lights, induction cooktops, solar water heaters, heat pumps)
  • a heat recovery ventilator (recover heat from ventilation air before exhausting it)

The other ingredient required to achieve net-zero is energy production. Solar has long (at least since the Chinese & Greeks oriented their buildings to face the winter sun 2,500 years ago) been the first answer for harvesting energy. Until the 1970s, the best available technology was exposing internal masonry to the sun. The thermal mass of masonry would warm up in the day and then give off the stored heat at night.

Using solar exposed masonry is still an excellent and highly efficient way to collect heat. The obvious limitation is availability of sunshine, which is often meager in Seattle’s heating season.

Retrofitting an existing house to achieve green building standards is more complex than building the house well initially. This has made choosing a house more challenging. I desire the ability to retrofit a house up to at least the Passive House standards. Some house designs make this more challenging than others. For example, I can’t easily change the orientation of a house to capture beneficial solar gain. Generally, houses are sited for the convenience of the builder rather than the long term benefit of the occupants.

In the meantime, we aren’t waiting for a new house to be more environmentally aware. We have reduced our household waste to less than one kitchen bag per week. The majority of food waste is diverted to my compost pile and the rest is recycled. I have replaced all our household lights with LED bulbs. In areas where lights were typically left on, I installed motion sensors with timers. We have a hybrid Ford Fusion and a Nissan Leaf, greatly reducing our gasoline consumption.