Cornering A Bug

Posted on February 5, 2024 by bluedepth

I have a #MacBook Pro, my trusty old circa 2013 model, somewhat on the old side, running MacOSX Big Sur 11.7.10. It works well enough for everything that I need it for, a basic daily driver for work, most of all.

I spotted a great deal at #Costco, a 1 terabyte #SanDisk SSD device for a song and so I got it. Then after I unpacked it and setup #TimeMachine on it, so it would serve as a backup for my MacBook I noticed a curious bug. Once I had the drive mounted, it worked well, but when I ejected the drive, sometimes it would give me a error that it couldn’t be mounted. I went off to #Google to search, and came across a bunch of people who were experiencing very similar errors with their SanDisk devices. I found that after I rebooted my MacBook, the problem seemed to go away.

With complicated bugs, often times the trigger is either complicated or multi-step, and for a brief while, the problem with this drive returned. It would come and go, seemingly at random. Sometimes when I plugged it in, it would #mount without issue, and other times it would simply not, and off to #DiskUtility, where when I tried to force the mount, it refused with the cryptic error and only clear after a reboot.

I started to really concentrate on all the things I was doing, all the little mindless actions that I do at the start and end of the day, because something was causing this seemingly random bug to appear. One day, last week, I caught myself doing the very thing that triggers this bug!

I have my MacBook Pro, it’s plugged into a standard powered USB 3.0 hub, and then I have a 2TB standard external HDD and the 1TB SDD backup drive plugged into the USB Hub. When I eject the drives at the end of the day, and then unplug them both from the hub shortly afterwards, the drives will both re-mount without an issue. Every single time.

When I eject the drives, and instead pull the USB Hub off the side of the MacBook, after that, the standard HDD will mount without a problem, but the SanDisk SDD drive will always fail to mount with the cryptic error.

I don’t know for certain where this bug actually is, but my educated guess is that it has something to do with USB Bus Enumeration or perhaps some sort of flag that doesn’t get set properly either in my MacBook Pro, the USB Hub, or the SanDisk SDD device.

If you have a SanDisk SDD like I have, and it tosses random mount errors on Big Sur, give this a shot. Eject and then unplug the device, see if that doesn’t clear it up, because it did for me. #infotech

Dodgy Clouds

Posted on June 3, 2019 by bluedepth

The recent outage in the Google Cloud infrastructure has certainly revealed a fair amount of vulnerability in their cloud offerings. So many services were affected, and I heard some tales of Nest owners who couldn’t unlock their homes or control their HVAC systems because the system couldn’t function without the other side being up and running.

This has always worried me about cloud infrastructure and beyond that, into IoT designs. We have come to depend on much of this kind of technology recently, and it can be tough for those that understand how all this works to let things like HVAC controls and door lock security go off to be managed by a company without any sort of manual override.

Google Chrome and Ads

It isn’t the first time that Google has turned on us, they used to have as a company motto, “Don’t be Evil,” but then when they ran into a profit wall, they realized that they had to accept evil into their company to make more money. So now, Google is Evil. Recently, the details came to light in regards to how Google will be changing Google Chrome. They are going to disable a programming API that enables some ad-blocking software to function correctly. Honestly, I was expecting this sort of thing long ago. It was the perfect reason to look into moving ad-blocking away from the computer level and further into the network itself. At work, I use Cisco Umbrella, and that places a filter on DNS services. When I was playing around with Raspberry Pi computers a long while back, there was another GitHub project that caught my attention, and that was Pi-Hole.

Pi-Hole

The GitHub project, Pi-Hole is a very straightforward installation that provides DNS filtering for malware and adware based on community-developed blocklists. I originally used it on my Raspberry Pi until I discovered that the Pi wasn’t really all that reliable a platform. Since then I have installed Debian Linux on my original Mac Mini, and that machine, which also serves as a central entertainment hub for my household also provides Pi-Hole services. I have set my home router to refer to the Pi-Hole for it’s upstream DNS requests, so every device attached to my home network funnels all the DNS traffic through the Pi-Hole. In that installation, with all the DNS requests sent to the Pi-Hole, it has liberated my Google Chrome, and any other browser, on my computer, iPhone, iPad, or whatever without any settings to change or fuss around with. To that end, thank you, Google, for giving me the push to help eliminate ads throughout my home.

Sirius/XM Outages

In line with what happened when the Google Cloud malfunctioned, there was another event earlier today that posed a challenge for me, IT wise. I was driving into work and I often times listen to XM’s Channel 33, which is First Wave. I was enjoying all of that music, and the announcer mentioned the channel schedule. That reminded me that I have the XM app on my iPhone and I could stream the XM signal into my workplace just as easily as I can stream Spotify music. So then I tried to use the app and ran into Error 1025. What the hell is that? I eventually got into a chat with a Sirius/XM representative, and they told me that there were system level issues at Sirius/XM that was giving everyone challenges. I have to remind myself frequently that my first stop should be DownDetector.com! I browsed to that site while I was on the chat with the XM representative and there it was, Sirius/XM, with a huge complaint spike. I should have started there! Lesson learned!

The way of things, for cloud infrastructure and all these interconnected devices, will not go away anytime soon. While the settings that you have on your phone and computer might also be causing issues with connectivity, it’s important to always keep in mind that sometimes the biggest systems can also be more fragile. It’s important to keep sites like DownDetector in mind because if you are having a problem with a website, chances are so are a whole lot of other people.

Better Credit Card Security

Posted on March 17, 2015 by bluedepth

While talking with a friend, who is enduring some unpleasantness the conversation turned to issues with using credit cards to buy things, like food for example. That got me thinking, how would I design a really strong way to prevent data breaches?

Encrypt everything!

Well, perhaps not that, but hash everything. Here’s what I talked myself into, of course none of this is rational because nobody will effect a planetwide shift in payment processing based on what this yokel has to say, but still, here goes.

Issuing Bank sets up credit account, there are four key fields that are important for the classic transaction, name, number, expiration date, and CVV2. I think one could also establish a timebased one-time-password secret as well, it would operate like Google Authenticator functions. So you’d need a secret that the bank generated for their systems and the physical card too. You’d need a smart chip on the card so it could forward the TOTP code to the credit terminal at the point of sale.

The bank sets up a TOTP secret, so it’s named JQP Credit Card (or account number or whatever) and the secret is: 6B57078FB88A4DD73E447D2647DCEC7D04C3D887951BA6A2D8DBA294E0B60579. This number is forwarded to the credit card terminal. Right now it’s 726995, but in thirty seconds it’ll be something else. Since the credit card terminal and the bank share sync’ed time via time.nist.gov, there is no risk that there would be some sort of mismatch between the two.

The customer goes to the credit card terminal and swipes, a value is entered and a timestamp is recorded, all of this is already parts of a credit transaction. The terminal can read the name, expiration, CVV2, whatever from the magnetic stripe and the smart chip forwards the TOTP code, then the terminal assembles this into a EDI transaction:

JOHN/Q/PUBLIC#1111222233334444#1015#170#726995 and applies SHA256 to it, to create:

621d3dd5a66277a7ab3737f306728e3c4bc5f3cd20c8730c37cc61c6575de0ba

This is stored in a database and then forwarded to the bank with the timestamp, so it’ll look like this:

987654321#621d3dd5a66277a7ab3737f306728e3c4bc5f3cd20c8730c37cc61c6575de0ba#15.09#1426615839

So the bank will be presented with a Customer ID, SHA-256, they’ll have the total dollar amount, and they’ll have Epoch time, or the number of seconds from 00:00:00 UTC, January 1, 1970. This could be easily done by a Linux kernel by the output of date -j -f “%a %b %d %T %Z %Y” “date” “+%s”

The bank would then have everything they need, they’d have the secret key, which with the Epoch time from the transaction would give them the TOTP calculation, which would generate the answer 726995. Then they’d have the card details from the customer ID, the SHA-256, and the amount. They could then calculate the hash on their own:

621d3dd5a66277a7ab3737f306728e3c4bc5f3cd20c8730c37cc61c6575de0ba

And authorize the transaction.

Even if the card details were stolen by someone copying the numbers off the card, they wouldn’t get the TOTP secret. Plus the TOTP secret is changing every 30 seconds. If someone tried to run this transaction and guessed at the TOTP code, they’d generate this:
987654321#a1b714fba988632200c78a5b9021bca5b48f149b036aa901c03173f0f2de5399#15.09#14266158 and the bank would instantly detect this incorrect SHA hash and cancel the card and ship a new one.

This is rather involved but the practical upshot is, if a vendor kept these transactions in a database and someone stole the database to use for their own nefarious needs, the presence of the TOTP and SHA-256 would make the data in the database worthless because the TOTP has no predictable pattern if you don’t know the secret, and SHA-256 is very sensitive to even the smallest change in the input data that it’s hashing. This would free vendors, banks, and customers from risking PII leakage or identity theft.

I’ve also thought that this would be a great way to secure SSN’s as well for use with the government, they know your SSN and you know your SSN, so when communicating over a possibly compromised channel you can authenticate not with your SSN, but with the hash of your SSN.

John Q. Public, 123-45-6789 -> 01a54629efb952287e554eb23ef69c52097a75aecc0e3a93ca0855ab6d7a31a0

Forked Lightning

Posted on September 23, 2014 by bluedepth

My day has walked into the deep pitch of the Microsoft tar-pit. I’ll dispense with the usual protestations that this technology is horrendous and anti-human and deserves to be loaded into an airlock and blown out into space, en route to the sun for ultimate destruction.

My god this is awful.

It all started very innocently enough with an iPhone for an ex-coworker that was asking for a new password. I had backed up the ex-coworkers email from Office 365 and to get access to do that I needed to change the password. That was easily done as I am the admin on our Office 365 email system. I changed the password, I then went to my “backup” computer account and started Outlook 2013, set up the ex-coworkers account on that machine and then went to backup the email using Outlook 2013’s PST file backup routine – that all worked just fine. Once I was done, I copied the PST file to a NAS drive, and that was that. Then another coworker who had the ex-coworkers phone came in because the device was complaining about a bad password, I had changed it and I didn’t know there was a device in play that needed this password update. Hooray for never throwing away 3M sticky notes! So I put the password in and I got into a conversation with the coworker who had the device. I offered to delete the account of the ex-coworker and assign him the alias for the ex-coworker thereby ensuring that mail flows unimpeded to where it ought to go. Everything was all right and proper. So I went into Office 365 admin control and deleted the old user. Then I went to assign the alias to the other account so the mail would flow properly. Office 365 complained that the old account was still around and couldn’t establish the alias. Turns out the account lives in a 30-day penalty box and won’t actually be deleted until we all wait 30 days.

So how do you purge this account from this 30-day limbo? You can do so with a handy-dandy Powershell command called “Remove-MsolUser”. So I open up Powershell and start entering all the bullshit commands to get it connected to Office 365. Arcane and labyrinthine has nothing on this crap, I can’t even begin to estimate just how awful this really is. So I get the Powershell up and connected and waiting at the prompt. Then I enter the command as I see it on this website and I get an error from Powershell that it doesn’t recognize the cmdlet. Okay. So then I look into how to solve this issue, turns out I need to upgrade to Powershell 3.0. I find another website that helps me find the version of Powershell that I have installed, it’s a registry hack, so in I go, HKLM blah blah blah. Turns out I have Powershell Verison 2. I need 3. So I download Powershell 3.0 for 64-bit like I should, and it refuses to load saying I have a later version installed. I find another website and figure out how to get the version of Powershell from Powershell itself, turns out I have version 4.0. Fuckity-Ok! So then I move on, and find that I need two more downloads from Microsoft, the first is “Microsoft Online Services Sign-In Assistant for IT Professionals” and so I download it. I install it, everything is just fine. Next stop is to install the Microsoft Azure Active Directory Module for Windows Powershell. I’ve got all my ducks in a row and then this last install fails – “In order to install Windows Azure Active Directory Module for Windows PowerShell, you must have Microsoft Online Services Sign-In Assistant version 7.0 or greater installed on this computer. So then I looked at the Programs list in Control Panel and found the exact application that I had installed earlier, version 7.25! So what the hell is wrong?!? So I then rebooted, and repaired the Microsoft Online Services Sign-In Assistant and then rebooted again, then retried the installer and the same error. I then copied this error into Google and found an article that pointed me to “Microsoft Online Services Sign-In Assistant for IT Professionals BETA”. It installs and forces another reboot, of course. Once that bit was installed, which worked properly, gah, it was back to the Land of Eternal Stench, also known as PowerShell.

And only then, at the end are we finally successful. All of this for the simple little effort to dump an unwanted email account from our Office 365 system quickly!

I can’t believe it took this much to get through to this solution. I don’t really understand how Microsoft is still in business. This awful lack of quality in any other situation would spell certain disaster for a company. Microsoft is apparently charmed. Actually, it isn’t charm as much as monopoly. Microsoft has a lock on business computing beyond all rational logic and just like IBM in the 70’s and 80’s, once you are locked in, you are stuck and have to smile and thank your masters for dropping crumbs that they allow you to feast on. Even if their products are complete crap, they’ve got the lock and they are using it. Hello again, IBM.

Slogger

Posted on July 12, 2013 by bluedepth

Slogger

Every once in a while I run across something I’ve seen before but ignored accidentally until I see it in great big headlines and neon and stop to pay attention to it and discover that it does something I really really want. This particular afternoon it was the product Slogger from Brett Terpstra. The software is a Ruby script, and Ruby is a delightful programming language that I’ve had the pleasure of dabbling in. Nowhere near the level of Brett and the people who help him, but here and there, little things.

The need came from a simple Google query, IFTTT and Day One. Looking for some way to bridge that divide between the automatic web service that I’ve fallen in love with, IFTTT and Day One, the journaling software that works quite well and renders DropBox a “Killer App”. Dropbox is the glue that keeps my Day One system together, on my laptop, my desktop, and all my mobile devices. When I found Slogger it was a definite Eureka moment, the answer all in one place. I downloaded the code as the author describes and tried to set it up.

Monumental fail. Pieces everywhere, error codes puking on the screen faster than I could read, pages and pages of interpreter and compiler errors, all surrounding one “Ruby Gem” module called hpricot. I knew why this was fail-town for me, it was because I had installed XCode CLI tools in order to get the mac_google_authenticator PAM module built. That CLI package rendered my system retarded when it came to processing gem requests. In the Ruby world there is a system established for distributing software written in Ruby, it’s called ‘gem’ and you run it much like apt-get in Ubuntu, it’s really quite straightforward and never has given me fits – until. Everything was complicated by the fact that I couldn’t really find where XCode was on my machine, all the likely targets to search didn’t have anything relevant and my find command returned pages of errors and I didn’t have the patience to pick through a thousand lines of “Permission Denied” to find the one spot where the file was hidden.

Didn’t need to complain, as I knew the solution. Download XCode for real. So off to Apple, download the monster and install it. That satisfied hpricot, and everything else installed quite nicely. I set Slogger up, pointed it at my Dropbox and configured the plugins that I wanted. The initial run crashed and burned but I figured out why, it was an errant space in the line that points to the Day One folder, a symbolic link fixed that and I was again off to the races. Of all the plugins that I configured these were successful:

BlogLogger
facebookifttt
goodreadslogger
lastfmlogger
pocketlogger
rsslogger

Then there were the plugins I tried to configure but couldn’t:

fitbit
flickrlogger
getgluelogger

The primary problem with the fitbit plugin was that fitgem, the Ruby assistant program that you have to install is a phantom. You install it, it’s successful, and then it’s gone. No trace of it exists. You try again, poof, nowhere. Plus for the plugin setup there are API codes, User codes, and oAuth codes. I get the reasoning behind all of them and getting most of them was not an issue. I felt a little awkward creating an “Application” for just myself, it seems kind of a waste of effort to ferret all these bits and peices into a semiformal request procedure, but doing it wasn’t hard or cost anything, so what the hell. The part where it all falls apart for fitbit is where you have to get the oAuth token, since fitgem never worked and it’s invocation from slogger should have opened a web browser and asked for my approval, all of that never happened. I tried to be sporting and do the heavy lifting myself but all I did was irritate the API for fitbit and I figured, what the hell, I got most of what I was after and moved the fitbit plugin into the “unused” folder and forgot all about it. Abandon ship, y’arrrr!

Flickr is a pain in the ass. It’s Yahoo and as such, it’s kind of an Internet leper. You need your Flickr number, there’s a site that makes that easy, except it doesn’t work. Flickr username? Feh, either the one in Flickr or your linked Yahoo ID is meaningless. I half figured it was in the URL anyways, but then I thought about it and I don’t really use Flickr all that much beyond a solitary IFTTT rule and that’s precarious as it is. The only attractive part of Flickr is they gave out 1TB of storage. Still lepers tho. So, abandon ship! Y’arrrrr!

GetGlue was the last great effort. Much like Klout, it’s a site that makes sense sort of, but the name is utterly silly. GetGlue. What the hell? Why? Glue has nothing to do with TV or Movies. The only connection I could think of was celluloid and horses-processed-into-glue sort of connection. They give away stickers, what a wonderful bit of pollution that is, and as a gimmick seems dumb. The plugin needs an RSS feed for the GetGlue Activity Stream. It appears as though the GetGlue folks have moved away from RSS and towards “widgets” which seems stupid as in this application RSS is the answer and widgets are worthless. Alas, Google searching for the RSS feed method was fruitless. I was half hoping for something like http://getglue.com/user/bluedepth/feed.rss, where I could just craft it up and be on my merry way. No. You have to “View Source” to find it, which is stupid because that is so full of CSS flotsam and jetsam as to be utterly incomprehensible. Again, my ardor for that particular service was fog on a hot day. I don’t need it. I don’t use it. Whatever! Abandon ship! y’arrrrr!

So I tried the slogger script, it failed, tore out fitbit goop and then it worked. Then I went into my Day One app and mopped up all the mess that testing had made. The only oddity I noticed was the BlogLogger completely missed out on the text on my WordPress site that was between pre tags. Meh. Not really a reason to kick the entire thing to the curb, just something to honestly stop using. HTML is a right bastard, almost all of the time. CSS is a filthy abomination, but we won’t go there.

I would say that tonight everything will work as it should for Slogger, but I have to race to work tonight to turn everything off because work is going to exit-stage-left when it comes to the Internet. They are turning the entire thing off, at least for a few hours. I can’t wait for tomorrow, there will be lulz.

So, to Mr. Terpstra, thank you for slogger. I’m sorry the plugins didn’t work, that fitgem was a phantom, but at least most of what I wanted worked. So we sound a victory cheer, sort of. Yaaay!

photo by:

Silvia Viñuales

Google Authenticator

Posted on July 9, 2013 by bluedepth

Over the long Fourth of July holiday weekend I received an email from WordPress.com detailing news that they were now fully compatible with the Google Authenticator Two-Factor security system. I haven’t thought of Two-Factor in a long while and decided to look into how Google had cornered the market in this particular security market.

First a little background. The term Two-Factor security means that when you want to prove who you are to some service, called authentication, you usually just have to present two pieces of information, a username and a password. This combination not only identifies who you are and proves your identity through the shared secret of the password, but allows systems to remain as open as possible to all clients who want to connect – assuming that everyone is playing by the rules and nobody is trying to be sneaky or clever. Passwords are notoriously wimpy things, most people give up on complexity because they can’t readily remember the password and it’s not convenient so they select simple passwords like “12345”, “password”, or “secret” and leave it at that. The problem with passwords is that people who make them up are either lazy or don’t care about entropy or complexity and since a lot of your work and identity is being controlled using these systems, using these simple passwords is begging for disaster. Another issue that plagues a lot of people, and goes in with how naturally lazy many of us are, is that people will use one poor password on every site they go to and keep their usernames the same as well. The risk here is that when one service is compromised, all the other services are compromised as well and it’s a huge upward climb to get out of that mess if you find yourself trapped in it.

Cleverness works both against people in general, with thieves, phishers, and hackers as well as for people in general, with things like hashapass or applications like 1Password. Hashapass is a free service that combines the web address of a service with one single complicated password to generate a hash, which is to say, a value that is easily calculated from the combination of the single complicated password and the web address but done so in a way that going backwards is very difficult to do. If any piece of the puzzle is missing, it’s technically unsolvable. As an alternative to this there is 1Password, an application that I have become very fond of, and it uses a similar approach to hashapass. In 1Password one master password unlocks a database of all the sites and their individual passwords so you don’t have to remember a constellation of passwords, all you need is to remember one very good secure password and you are all set. There are a few other nice features to 1Password that I like, being able to generate very long random passwords and store them for me allows me to establish plausible deniability when it comes to my online identities. Because 1Password randomly selected a 32-character password for Facebook, I cannot be compelled, even under torture to reveal that password to anyone else. I just don’t know it. I know 1Password, but that’s not the right question so my account remains secure.

All of this I have collected and use, and I use it everywhere. On my MacBook Pro, my iMac at work, my iPad and my iPhone. 1Password makes it very easy to manage the security database and I’m quite sure that it’s secure. In my life, any more security is rather like putting more padlocks on a firmly locked jail cell, it’s rather silly and feels a lot like overkill. Then again, more security is always better, especially if it’s really clever and somewhat convenient.

Two-Factor security adds another component to the process of authentication. It augments the username and password combination. A password is something I know (or store using 1Password) and the second factor is something called a Time-Based One Time Password (TOTP). This is where the free iPhone app called Google Authenticator comes in. The app records a secret key from a site I wish to prove my identity to in the future, for example, Google itself. I set up two-factor, request a security token for Google Authenticator and set it up in the app. The key is transmitted by QR code, which means you can quickly acquire the long complicated random (hard to type) secret key using the camera in your phone. Once this process is complete the Google Authenticator app displays a six digit number that will work to prove your identity to the site associated with that particular entry and this entry only exists for 30 seconds at a time. This six digit password exists only once in any one 30-second period and there is no way to divine this password without having the Google Authenticator application with it’s stored secret code.

Having two-factor enabled in this way means that my username and password are no longer as important as they once were. Even if my username and password are revealed or compromised without my knowledge, the secret key that I have in my Google Authenticator app remains secure with me and the 30-second-long one-time-password additions remain a secret with me. What I know may be compromised, but what I have (the Google Authenticator) most likely won’t be unless someone steals my phone and finds a way to best the security on that device before I have a chance to wipe it remotely. If in the case my Google Authenticator becomes compromised, my passwords will likely not be because they are uncrackable, and so I am still secure.

Practically how does this work? When I want to log into Google Mail using two-factor, this is what I do. I open a web browser, I type in the address “gmail.com” and press enter. Then I enter my username and my password and then in the third field under the password is a box labeled “Google Authenticator Token” and then I grab my phone, start my Google Authenticator application and then read the six-digit number from my phone and type it in. The service logs me right on and after a few seconds, that six-digit password is no longer valid and is meaningless. I’m authenticated and the system did as it was designed to do. One of the nice parts of Google Authenticator is that the entire app is a mathematical operation, it doesn’t require the network at all to generate these numbers, so this would be a good solution for people who may not have a reliable connection to the network or have a data quota on their phone.

Of course, online authentication is just the beginning. I found a way, yesterday, to embed the Google Authenticator system into my Mac OSX Mountain Lion installation so that when I want to login to my computer at work or my laptop I have to type in my username, my password, and read the six-digit code from my Google Authenticator application. The setup isn’t difficult to get it to work. You need a compiled PAM module which I have (just ask if you want a copy) and an application which you use to create the secret key on your computer. With it all set up, and a slight adjustment to a settings file, even if I were to lose security on my password at work nobody could login to my account without my username, password, and GA token.

This arrangement works quite well and I’ve set it up for my Google accounts, my WordPress.com and .org blogs, Facebook, Evernote, and Dropbox accounts as well. Everything is secure, obnoxiously secure. 🙂

photo by:

MoneyBlogNewz

Barnes & Noble’s Nook Update

Posted on May 25, 2013 by bluedepth

They updated the OS for the Nook HD and Nook HD+ a few weeks ago and boy, what a difference does it make! These devices are no longer jailed to the Barnes & Noble's experience with their nascent App Store, but instead they are open to the entire Google Play infrastructure.

I've had an on-again/off-again love affair with the Nook series of eBook readers. I started with the Simple Touch and that lasted until the devices page turning buttons started going “hard of hearing” and I stopped using the device to read books when paging through became a maybe-yes/maybe-no proposition. I upgraded to the Nook HD, which is the smaller model that they offer and the HD+ is the iPad size model. The Nook has a bunch of really great features going for it, like having a place to insert a MicroSD card so getting a device with a big amount of internal memory is really quite meaningless, the bargain-basement model is good enough as the material that eats up the most space can be easily stored on the MicroSD card.

The challenge to really loving the Nook wasn't about the device itself, the device itself is built very well, almost Apple well, it's reliable and is smartly designed. The challenge I have always had with my Nook was the eBook reader software that B&N ships with their stock Nook devices. Please do not misunderstand, the app itself is exceptionally good if you are a general user, someone unlike me who is perfectly fine with the certainly competent eBook reader app. I however was not fine with the app. It came down to being ever so slightly irritated at certain little niggling issues that while I was using the device would wear me down. It's like having a very small pebble stuck in your shoe – you can walk without a problem, you don't limp at all, but you know there is a rock in there and over a long period of time it just irritates you and makes everything just a little less “right”. This stock app lacked some features which I really wanted. The primary feature was having the ability to configure the reader to use the font I prefer to have my eBooks rendered as. I have fonts I really find easy to read, those are OpenSans from Google and Helvetica Neue from Adobe. This was the little pebble in my shoe.

Then B&N let go of their Nook devices and upgraded them all to full Android devices that could use the Google Play Store as well as the B&N App Store. That night, after downloading the update and starting my Nook HD with this brave new world running on it I discovered just how incredible my Nook HD could be, freed. I found, bought, and installed a new eBook reader called Moon+ Reader Pro. The cost of the app wasn't too bad, at $4.99, it had a free version which gave you a taste of much of it's great features and once I saw just how perfect a match this eBook reader was for me I decided that I could spend the money on the full-blown app. This one app makes my Nook HD awesome as an eBook reader, and here is why:

Custom Fonts (!) – This was exactly what I wanted all along! It turns out that Helvetica Neue has a labyrinthine licensing model so I gave up on that font but instead switched over to my other favorite, Google's OpenSans. This font is freely available and it wasn't hard at all to find it as a “TrueType Font”, aka a TTF Font version. I copied the TTF Font file to my Dropbox and used another great Nook HD/Google Play app called File Manager HD to copy the file out of my Dropbox and create a folder for it in my Nook HD's file system called “Fonts” and copy the TTF Font file there. In Moon+ it was a cakewalk to navigate to my new Fonts folder, find OpenSans and that was it. Every eBook now is rendered in OpenSans, the way I really really like it to be.
Adjustable screen brightness with a swipe and font size adjustment by swipe – This actually wasn't something I thought I would really need until I found myself using it a lot. It's quite handy to skip out on having to adjust settings when trying to find the right font size and brightness to suit your reading preferences.
BookPlay – It's a feature of Moon+ where you can play a book, it slowly (with an adjustable speed) advances the lines of an eBook smoothly while your eyes fixate at the center of the screen and you don't have to paginate at all. The book automatically, slowly, smoothly advances along like a scroll attached to an adjustable winding player. I don't really know what the feature is called, but I call it BookPlay, and it's nice when I don't want to tappa-tappa to advance eBook pages on my Nook HD. The speed of advancement can also be set to a swipe adjustment, which I find to be really quite handy and super-clever.
Many canned custom themes and theme colors – You can configure the Moon+ app to switch display themes with all the settings saved per theme or turn off everything but color changing so the theme selection system does double-duty as a screen color picker. Sometimes I like reading black text on white backgrounds. Sometimes yellow text on a textured blue background and sometimes dark blue text on a black background. Each color theme is useful for different reading conditions. It's nice to be able to set my Nook HD to it's brightest highest contrast black-on-white for reading outside or on the bus on my way to work, then to the yellow/blue one for leisurely reading at home and then the dark blue on black to read in bed without staring at what amounts to a flashlight in the shape of a tablet.
Formats? Every format! – I have a few books in the B&N Store that I “bought” because they were “Free Friday eBook deals” that I took B&N up on when the opportunity struck. For those books I will gladly go back to the B&N canned eBook reading software and that's fine for those books. In general however I prefer to obtain my eBooks in the ePub file format. To that end, I have all my ePub books loaded on my MicroSD card, so they don't take up space on my Nook HD. Moon+ has a great bookshelf organizing metaphor and installing books that are stored on my MicroSD is a cakewalk. I love having all of my eBooks available and here's something that I've always been a little grumped about when it comes to the canned B&N eBook reader app, and that is, you have to get your books from B&N to have them in the B&N “Locker” so that you can make use of the “magic bookmarks” so you can pick up your eBooks on any device and read and when you stop that new place where you stopped is synchronized across all your B&N connected Nook apps and devices. This is really quite nice, especially when you have multiple devices or one of your devices has an exhausted battery but you don't want to stop reading your eBooks. There is no way to import your own ePub files into this B&N “Locker” system so you're shit out of luck. Moon+ returns this feature and makes it more generalized, open, and way more convenient. You can set up your “magic bookmark” sync with your Dropbox account! That's the way to do it! Have individual ePub files on Dropbox or on a device and use Dropbox to store the tokens needed to make the “magic bookmark” feature work without having to rely on the closed garden that B&N provides! This is so cake and eat it too, and I love crowing about that sort of thing when I discover it.
Reading Statistics – Moon+ also watches you read as you use the app and records your reading speed, how quickly you read books, and it also includes per-chapter ETA so you know generally speaking how long you have left in the chapter you are currently reading and a per-book ETA to let you know how much longer the book will last if your reading rate is constant. If you slow down or speed up, these values change and you can display them on a very thin status bar that is always visible at the bottom of your eBook screen. This little status bar can also display your battery level in your Nook, so you know how much juice you have left before you have to plug your Nook back in and charge it up. It's wonderful, for example, while reading “The Adventures of Sherlock Holmes” to know that the chapter you are currently reading has only 15 minutes left in it. That is quite a nice feature.
Access to Project Gutenberg – Moon+ makes it easy to connect itself to the largest collection of publicly accessible eBooks in the world. Project Gutenberg scans public domain books, lots of classics really, into ePub format and makes them freely available online. Moon+ has a interface to Project Gutenberg so the entire archive is just a few taps away and you can download your eBook right to your Nook and start enjoying reading, without having to pay one red cent.

All in all, for $4.99 Moon+ is a steal and makes the Nook HD a wonderful eBook reader. Moon+ has single-appedly eliminated any desire I had for the iPad Mini. That Moon+ only exists in the Android marketplace (Google Play) makes this one app the central pillar that tilts the playing field in favor of B&N and Android when it comes to tablets and reading eBooks. The iBook app for the Apple infrastructure is still quite good, as much as the B&N canned eBook app is for the Nooks themselves, but Moon+ blows it's competitors out of the water.

Google Reader RIP

Posted on March 14, 2013 by bluedepth

Google just announced that their RSS Service, Google Reader is slated to be shutdown on July 1st, 2013. This upsets me greatly but I’m not really surprised. There was never any real traction for the service and they let the web component of it languish in the past. There was some noise that they were going to integrate the social features into Google Plus. Good luck with that.

What does this mean for the majority of users out there? Nothing really. I would say that if Google is going to pull the plug, essentially pull the rug out from under their customers by surprise like this, is that you get exactly what you pay for. Google Reader was great, and it was free and now it’s a dead service walking.

I can’t really see Google Plus succeeding against Facebook. That’s the battle to come. So they are reorganizing their infrastructure and pointing it to failtown. Okay. I would say that if you use any other Google product, like Picasa or Blogger, that you should migrate to something else like Flickr or WordPress as soon as you can, because if they kill Reader, who’s to say what’s next? The only thing I am planning to use now is Google Mail, which may be the last refuge for these scoundrels. It’s best to leave of your own volition than to be unceremoniously tossed out on your ass by surprise.

Pretty As A Picture

Posted on March 12, 2013 by bluedepth

While screwing around with my blog today I did notice something missing that I used to enjoy from the Plinky site that I used to use for blog prompts for interesting things to write about. WIthin Plinky you could put a word down and search Flickr for images you could use in your blog. That was a really cool feature and it made including pictures in my blog very easy. I didn’t have to worry about stealing photography from someone else as it only used pictures that were released under the Creative Commons licensing model. Since I don’t make any money from this blog, the Creative Commons has really helped out.

So I went looking. I could still futz around with Google Image search which is annoying as you can’t define a default (only Creative Commons licensed) search that I could find – yes, you can go in afterwards and mark up an Advanced Search, but it’s annoying. In fact, I don’t want to ever leave the WordPress interface at all! So, thanks, perhaps, to PhotoDropper Plugin I won’t have to. I’ve seen some people complain about it but so far I haven’t seen any of the damage they have noticed on my blog. If the plugin behaves itself, I’ll enjoy it. Let’s see how it works with this post. 🙂

photo by:

Yogesh Mhatre

Very Far Around Robin Hoods Barn

Posted on March 10, 2013 by bluedepth

Oh the lengths you’ll go to include services such as Google+ that by design do not readily make themselves available for such things! First I had to find a way to link my Google+ profile to my Google Voice number, all to get a magic email address which I can only send using Google Mail so that the email will automatically end up on my Google+ profile. That part is done, then I went over to IFTTT.com and investigated how that might work. So I uncorked the WordPress channel and set it to watch this blog for new entries, when it sees one, it should collect all the details and then send those using my Gmail account to my Google+ magic email address. Now lets see if the damn thing works. 🙂

TL;DR: Now I have a way to publicize on Google+ from WordPress automatically.

Bluedepth's Journal

Thoughts & Opinions

Tag Archives: google

Cornering A Bug

Better Credit Card Security

Google Authenticator

Barnes & Noble’s Nook Update

Very Far Around Robin Hoods Barn