Monday, 16 June 2014

Why elance sucks (and others too)

After two month of working with elance, one month as a "free", one month as a paid one, here are some of my thoughts:

- Their commission fee is indecently high.
They do nothing for the bidder or for the client, except to provide a meeting point for those clients that didn't think about searching google for technology specific meeting points (e.g. a PHP specialized forum or a Linux job list) where they could find someone knowledgeable on the subject.
So, why have elance (guru, odesk, others) take about 8.75% - 10% of your money when any other company that allows you, e.g., to buy goods over the net using your credit card, have a comission of just about 2%-4%? What is their added value?
Nothing I'd say, just tools that you'll never need. Milestones for example, can be easily replaced by a common sense email exchange between client and freelancer. They offer an "escrow" payment to make sure the money exists but this is only for some jobs and not for all (besides, if the client is really looking for a freebie, he can refuse payments anyway, escrow or not, invoking that the freelancer didn't do it in due time or not up to client's standards). So none of these justify the high commission rate or the crazy 10$ per month paid subscription (add 5$ more for any other field of activity).

- elance has become an IT moral sewer.
If you analyse the daily IT jobs coming from elance, you'll notice that more than half of it pertain to create sites similar to competition's, spamming others or collecting email addresses from certain sources and feed them back the lists with poor guys that'll be spammed subsequently. Sometimes the freelancer is required to break captchas, use anonymous proxies or ignore the site's terms of use that specifies clearly that any site scrapper activity is not allowed. This is a method for western clients to pass the responsibility to countries that are known for illicit activities.
It's also "interesting" to point out that these type of spam / spam support jobs, get the highest number of bids from the freelancers. 

So how can you urge me sign the childish "elance pledge" that stipulates "freelancer integrity", when you allow job posting that are clearly requesting illegal activities and would worsen the world's (already bad) spam situation?

- There is unfair competition.
This problem is caused by the costs of living in various countries versus the rates you can afford to ask in those countries, but this was largely discussed on other blogs & sites unhappy about these freelancing websites, so I don't insist on it. I completely agree that globalization is not good in these cases and, as long as the Asian guys can also provide quality work, the European and American freelancers are doomed.
It is still highly debatable if the quality is indeed the same, and both parties have their best interest to pretend differently. The moral answer will be probably that it cannot be judged globally, based on race and location, only on case by case basis.

- Many requests for bidding are racist.
I can accept that some guys had multiple bad experiences with certain races (Indians fill elance preponderantly indeed because they are so many in the world, anyway) and don't want to work with them anymore.
Still, elance is allowing racism and do not moderate the job posting in any way (for those money they take) and I find it unfair, despite the fact that my chances get better in these cases (cause I am white, by the way).
The system is wrong and I don't want to give them free solutions (but there are some I could think of ;)

- Many requests for quotations are badly formulated.
This is another subject present on many of elance's detractors blogs / websites and unfortunately is true. Non technical guys try to say what they want and how they want it and it takes hours and many emails exchanged that will clarify the things up, and finally the job could be got by someone else, indirectly benefiting on your work.
In conjunction with the badly formulated RFQs, it formed a special breed of freelancers that bid no matter if they understand what's requested or not, just to win it and probably pretending more money afterwards.

- Many requests for quotations are for non-existent jobs.
As some other sites pointed out, there are some freelancers that use elance to get an idea about their their market value, by posting a fake job that would need their own skills and then analysing the received bids' money.
The job will never happen and the bidding freelancers will suffer a time waste, whilst the faker will eventually come to the conclusion that the results are not relevant: The guys from Asia will always have prices much less than Europe and US, and placing yourself in these ranges might not work because you cannot afford it, or because you don't know the client's preferences in terms of money/quality and if he thinks that everything that's american is better than everything else. So... it's a lottery.

So, all in all, I decided to give up this system in which a freelancer might earn some money, a client might get happy, but in which, clearly, elance is a winner the more people try their "services". 

The only question remaining is: can I do it better? Or, better, can we? 

What about a similar website that could be launched to put together the clients with freelancers that will intervene less (if at all) in the circulated money but more in the quality of jobs and the freelancer's moral virtues? What about a website that could request just a bit of money (eg: a 5$ yearly subscription or even donations from freelancers/clients) to finance its hosting and to give complete liberty to freelancers and users to connect, discuss, negotiate and pay/getting paid directly?
Think about it as an opensource platform that could be a benefit for those that can further find jobs through it. 

Ok, I don't know all details now, but still, anyone interested in starting such a thing? If so, let me know.

Wednesday, 9 April 2014

How to continue living with the XP zombie

In a previous post I tried to demystify the need to upgrade from the freshly retired Windows XP to a newer version, now that Micro$oft's support has been finally stopped.

But what can I do to protect myself, the "small office, home office" user, from the evil hacker that will attack XP computers, like a maniac, from now on?

First, you need to relax and to understand that you have never been completely protected anyway, unless your computer is not connected to the internet and you don't bring any files from the outside world, which is quite unlikely these days.

At most, you have been as protected as possible in a particular moment of time (and few minutes later you could have been exposed again by a new threat that no antivirus could catch for few days, before the next update).

So, we can continue to do our "best effort" in protecting our XP computer, as follows:
  • Install an antivirus and keep it updated.
    (In fact, if you had no Windows antivirus installed until now, please ignore this whole writing and Micro$oft's urge to switch to a newer operating system. It either means that you're an incredibly careful user, or that your don't care if you computer is already infected and you find "normal" the way it behaves.)

    When choosing an antivirus, ignore the marketing crap they throw at you and pre-installed trial versions that came with Windows, and ask yourself relevant questions like: what antivirus has the best detection rate? (i.e. which one finds the most of the viruses in the wild)
    You can search the net for this and you'll find out there are some independent testing bodies that test periodically the detection rate of all antiviruses on the market. Here is one but do your own homework. Then choose an antivirus that is in top 3 each month.
    . 
  • Sometimes, antiviruses cannot detect annoying malware (like that one that hijacks your home page in your browser). For this, there is a different category of programs, named anti-malware.
    Malwarebites anti-malware has (also) a free version for home use, that had great results for disinfecting already infected Windows, but I'm sure there are some others with good results out there. Beware though that some anti-malware programs are in fact malware themselves... so research a bit to see if it is legit or not, before installing.
    .
  • Backup your files now and then (or even regularly)

    Don't overwrite the last backup with the current one, better keep 2-3 backups on your backup disk or usb stick; if the last backup is compromised by viruses, at least you'll have the one before that's clean.

    Simply copying the files onto a stick from time to time is the basic form of backup but you can also use free tools like Micro$oft's SyncToy. Also, keep in mind to backup your emails and your browser history, bookmarks and saved passwords. Do a bit of research to learn out how for your specific set of programs.
    .
  • Have a firewall installed.

    If you're at home and using a router given by your ISP, then probably you already have a firewall on that router and you're protected, since they come preconfigured this way.
    .
  • If on the road and connecting to various hotel/airport/public networks, then you should install your own firewall product or, at least, activate the one that comes with Windows.

    Test your firewall by searching for "online firewall test" on the web. My choice is the one at Gibson Research Corporation (choose "Shields Up!" service, then click "Proceed" button and test your "Common ports" or "All service ports") but you can use others too.
    .
  • Use anything but Internet Explorer, use anything but Outlook.

    Firefox and Thunderbird to name two, are as intuitive to use as their Micro$oft counterparts (if not more), and inherently more secure.

    Maybe even use OpenOffice (or LibreOffice) instead of Microsoft Office? I'll write more about this and Linux in another post.
    .
  • Finally, educate yourself NOT to:
    • enter websites that are not well known (unless your XP installation is not so important for you and you keep it mainly for these purposes)
    • click "yes" or "OK" or "Download" buttons in any popup window offering to install search bars, emoticons etc. You can surely live without any of those.
    • double click any files received by email or any messenger, if you don't expect them, even if they come from a known friend. If your friend's computer is virused, it might be that the virus sent himself to you by email, without the human suspecting anything.
      So, save the attachment somewhere first and then right click on it and scan it with your antivirus. If ok, you can open it.
    • double click any executable file received by email or any messenger. I'd suggest you simply delete that email; almost nobody should send you executable files these days.
So, my proposal to all of you having Windows XP is: respect the above and resist the emotional pressure induced by the media to upgrade XP. Just out of curiosity (and for the sake of "science"), let's see how much time can we resist spending additional money if we're happy with what we have now. 

Think about it this way: If you switch now to Windows 8, it means you have to reinstall your computer and change your habits. Postpone this operation until something starts to go wrong indeed, if ever.

Need more incentives? For those more frugal, like me (and I know there are some out there), here are some direct costs for switching to newer Windows:
  • An upgrade from XP to Windows 8 costs 120$ but your computer might not support it or can become be very slow after, that means they push you implicitly to buy a new computer.
  • A new laptop that has the hardware for windows 8 (and windows 8 pre-installed) starts at of 446$ on Amazon.
  • A full Windows 8 license (no upgrade) costs around 120$.
  • Office 2013 Home and Business costs 279 $ whilst professional (with Access) is an incredible 500$ !!!
Depending on community response, I intend to build a small website where XP users can record their achieved XP afterlife duration, i.e. how many days/weeks/month/years their XP computers worked ok even if updates were no more provided by Micro$oft.

Myths about Windows XP's death

There is a lot of fuss these days about the end of XP's support on 8th of April, 2014. An almost apocalyptic image is created by many content writers and lots of specialists around the world have been invited in Micro$oft's flashmob, to scare the hell out of people and make them pay their dues to the software giant.
Fabulous amounts of money started to reveal, to give more weight to the whole problem:

"The UK government announced last week that it had negotiated a special deal with Microsoft to provide Windows XP support and security updates across the whole UK public sector for the next 12 months, at a cost of £5.548 million."
(I wonder if an investigation will follow and some important persons will be beheaded, since this 5.5 million transferred to Micro$oft are paid from the UK's budget due to someone's negligence and incapacity to migrate the public sector's computers to something else, in due time) 

"Microsoft has offered to provide special custom support for Windows XP after 8 April at a cost of $200 per device, which doubles to $400 per device after 12 months, and then doubles again to $800 the following year."
(Whoooa...)

Seeing all these, I have researched the web on this major piece of news in a try to understand if getting rid of Windows XP is indeed "a must" in the coming days or months, and what are the real risks of keeping Windows XP still running. 

Here is a list of the most frequent and major "Boo-hoou-hoous" I could find in a couple of hours (and some personal comments on each):

  • "As late as June 2013, Windows XP still held onto more than 30% of the world’s computers. It’s on 95% of American ATMs"

    Anyone knowing a bit about ATMs and banking knows that they're not exposed to the internet at all, and have dedicated lines (or VPNs) to connect to their bank. So, susceptibility to attacks is really low not to mention that the XP present on ATMs is a trimmed down version of the regular one.
    Still, bad choice of operating system, banks! Not paying licences to M$ would've lower your fees and could have attract more clients!
    .
  • "Estimates vary but it’s thought that as many as a third of the world’s computers are still running the operating system and Microsoft themselves have said that infections for XP will rise 66 per cent after 8 April."

    This sounds bullshitting to me. It's either that M$ put some time bomb in the latest XP update to affect exactly 66% and exactly after 8th of April, or they simply try to seed panic in the XP users. In both scenarios they want the users flocking-in, in an orderly fashion to the new Windows 8.
    .
  • "There's certainly a possibility of some vulnerabilities that were already known that haven't been exploited yet. From 8 April or 9 April you could see a number of attacks that people have been holding back"

    Judging the response time Microsoft historically had to vulnerabilities, I'd say this is a fake problem too. Besides, any evil attacker would launch his exploits as soon as possible, before someone else would do it instead of them, or the users would upgrade to the latest Windows.
    .
  • "Internet Explorer 8 is also no longer supported, so if your Windows XP PC is connected to the Internet and you use Internet Explorer 8 to surf the web, you might be exposing your PC to additional threats."

    Let's face it: this was the situation with the Internet Explorer since version 3 (that notably allowed hackers to take full control of your Windows computer). The problem is not only that Internet Explorer was historically badly designed and allowed attacks, but also that Micro$oft tried to give unfair competitive advantage to it over any other browser running on their operating system, by integrating it in the Windows itself (maybe you know that actually Windows Explorer IS Internet Explorer in fact). Through this "nice" move, the M$ specialists exposed the whole Windows system to attacks.
    So, whoever is seriously concerned about security, is not using Internet Explorer for ages anyway. I mean, I know there is a lot of marketing about how good and fast the new versions of IE are (but still...), but due to the horrible errors in its past, I prefer to use anything else: Firefox, Chrome, Chromium, Opera etc. Not that the others are completely protected but at least I believe that a big community of developers can react faster to a new bug than a bureaucratic corporation.
    .
  • "The antivirus is not enough to protect your unsupported XP"

    Actually the antivirus was never enough, never mind if Windows is supported or not.
    I wonder if Windows would be so popular these days if no antivirus exists. Think about it: Windows survived mainly thanks to the antiviruses on the market; antiviruses sprung into life and proliferated due to bad design of Micro$oft Windows, Micro$oft Internet Explorer and Micro$oft Office. Another factor is that people are too obedient and don't ask why they need to pay additional money on a 3-rd party program to protect Windows if they already paid for Windows.
    (Micro$oft had a fake attempt to integrate their own antivirus in Windows when acquiring RAV antivirus in 2004, but over a decade now, it's proved it was just a "kill the competition" move: RAV was the only antivirus on the market that ran on most popular Linux email servers. No RAV meant big punch to the penguin world.)
    Nevertheless, a good antivirus coupled with a firewall and some user education should be enough for any old and unsupported operating system. See the next post.
    .
  • "The new hardware (printers, scanners, etc) will not have have drivers for your old XP"

    This is unfortunately already true and the ones to blame are the hardware manufacturers that play along with Micro$oft to squeeze money out of people as much and as often as possible.
    Still, if your office setup (laptop, printer, scanner, webcam etc) functions perfectly right now and you have your hardware for years working ok, you might ignore for a while more these calls for spending money. Think about it when your printers break down for natural causes or due to planned obsolescence.
    .
  • "[...] technical assistance for Windows XP is no longer available"

    Hmm... that's a tough one. I'm sure I'll miss it...
    Have you ever been in contact with Micro$oft directly in a try to fix an issue with your computer? If so, maybe for one time only, and then you got the idea that it's a waste of time 'cause the technical support is inept and they just serve you boilerplate answers from their scripts.
    The best & more efficient way to fix anything with your Windows computer was always to search the internet because the power of people in need is always greater than of those call center scripts readers.
So... vat to do, vat to do?

Wednesday, 12 February 2014

email smtp/pop proxy solution

I need to have access to my email account when travelling and, surprise, my domain hosting company doesn't allow access to the pop/smtp servers from outside the country. Here is the result of a lot of research generated by their stupid setup:

1. Need to have a server allowed to connect to their pop/smtp servers. This will be an email proxy server. I have a Debian that is always online and has also a fixed internet IP address.

2. Sending emails:
For this I have installed emailrelay and configured it to my needs. The only problem I faced was to set it to run at startup, since it doesn't come with a /etc/rc.d/ startup script.

3. Receiving emails:
This is done on POP3 in my case and I found perdition that does POP/IMAP with loads of other options.

4. The final setup is like this:



5. Details:
- thunderbird is configured to connect to smtp/pop3 servers using non-standard ports: smtp on 60,0001 and pop3 on 60,002.
- My own debian server has installed emailrelay that listens on 60,001 and connects on 25 to the official email server. It also has perdition that listens on 60,002 and connects on 110 on the official email server.
- In case you don't have a fixed IP, you can use dyndns or similar service and use the chosen domain name in thunderbird.

There are loads of config possibilities but that's the way to go if you need email proxy. Both emailrelay and perdition have quite ok docs and senisble defaults so it should be no problem to set it up in 1 hr or less.


Thursday, 26 September 2013

Can not find any update image - android tablet upgrade alldro 2 coby MID 8024

This is about updating the Allview Alldro 2 (not Speed!) unsupported by Allview, piece of crap tablet. It is also known as Coby/Kyros MID8024 in US.

A bit about the tablet
- the resistive touch display is really... resistive to touch.
- the wireless connection is a massive piece of crap! What's the point having a tablet if, after you unlock the screen, it takes one minute until it gets connected to the wifi network? My current computer with SSD is booting and connecting much faster, so I'd say it's a major design fault and such product shouldn't be launched on the market.
- the pre-installed applications are crap and the promised access to the application store of Allview turned into bollocks as there is no such store.
- it connects to Google Play but Google doesn't know what the heck it is (!), therefore anything you try to install is "unsupported for your device". The solution is to find .apks for everything you need (e.g. skype, ym, players, etc). The elegant solution is to use Aptoide.
- the battery worn out in about 3 weeks and didn't hold for web browsing more than 10 minutes.
- the charging process was dubious from the very first beginning (e.g. the blue led is showing is 100% charged but when turned on it is only 60%; and other inconsistencies like this)
- The user support is non-existent. I tried to contact them about the charging issue and they didn't bother.
- The android updates were only one (ver 2.3 from ver 2.2). Then the product was considered completely unimportant and couldn't be found anymore on allview's website.

In a word, it's an emblematic Chinese product sold by a Romanian company that manages to add software issues to the built-in hardware issues. Besides, it is not cheap for this quality at all (about 200USD).
Nowadays, sure there are other better tablets on the market since the release of this old monster, and I can see allview selling about a dozen!
However I'll stay away from allview due to the fact they put on the market such a faulty product in the first place, they didn't have the common sense to answer their support request emails and then tried to erase any history of this tablet like it never existed.

This doesn't mean that I'd go for iPAD either, the highly overpriced snob choice.
I just keep hoping that one day, some company, will fill the midrange gap with a Linux tablet that would allow you access to the really free applications market and not the google regulated one.

Now about updating it
I found two update alternatives, one coming from Coby, one from a guy named Steev that apparently started from Coby's rom (despite the fact Steev says that rom is for MID7024 it worked well on Alldro2 i.e. MID8024).
I have tried them both to replace the Android 2.3 that allview provided for us a while ago.

My main objective was to get rid of "Films" stock application unexpectedly stopping (and returning no error whatsoever) when watching some online television streams.

The Coby's official ROM didn't impress me. Instead of quitting to the browser it the stream got stalled every 10 seconds for about 10 seconds, so not much of an improvement.

Steev's ROM is ok, and I got rid of interruption after installing Wondershare media application that can play various stream types and is more stable than anything stock.

It is very possible that Wondershare application solved my problem and not the ROM update but what's done is done. Besides Steev's ROM looks cooler and is rooted which is better anyway.

Can not find any update image - error message
During the process I have encountered several times "Can not find any update image" after restarting the tablet in update mode (Round metal button + Power button).
Nobody on the internet seemed to have a clue and all indicated that the SD card should be reformatted FAT32, replaced I or suggested that the users are stupid enough not to understand that they should unzip the files in SD's root.
I tried all these and various ROMs, same situation.

The solution was to use a SD card of 1 GB (I tried before with 4GB and another one of 16GB). This is the only good thing that came from allview on an old webpage with update instructions for upgrading to android 2.3. They said there: SD card should be of 1GB or less capacity. And they were right for once!