Felipe Alfaro Solana

In case you are worried about Bonjour sending advertisements onto the local network because it compromises your privacy or because you are worried about security, know that you can disable them. It is described in http://support.apple.com/kb/HT3789:

$ cd /System/Library/LaunchDaemons
$ sudo vi com.apple.mDNSResponder.plist

and replace:

        <array>
                <string>/usr/sbin/mDNSResponder</string>
                <string>-launchd</string>
        </array>

with

        <array>
                <string>/usr/sbin/mDNSResponder</string>
                <string>-launchd</string>
                <string>-NoMulticastAdvertisements</string>
        </array>

This post describes how to hack a US/CDMA 3G+WiFi Xoom Honeycomb OTA ROM image to be flashable onto a European/UMTS 3G+WiFi Xoom.

First, get a US/CDMA Honeycomb OTA image. I won’t tell you how to get it, but you’d better get it from an authorized source and make sure it hasn’t been compromised or tampered with. Flashing random ROMs downloaded from random Web sites is a recipe for disaster.

Let’s say the OTA image is named xoom-ota.zip. Proceed to unzip its contents:

$ mkdir ota && cd ota
$ unzip /tmp/xoom-ota.zip

Now, one has to edit the update-script to prevent the OTA process from trying to replace the UMTS radio with a CDMA radio:

--- orig/META-INF/com/google/android/updater-script 2008-02-28 18:33:46.000000000 +0100
+++ ota/META-INF/com/google/android/updater-script 2011-07-14 13:40:04.000000000 +0200
@@-53,10+53,6 @@
show_progress(0.200000, 10);
package_extract_file("boot.img", "/dev/block/platform/sdhci-tegra.3/by-name/boot");
show_progress(0.100000, 0);
-assert(package_extract_file("bp.img", "/tmp/bp.img"),
- package_extract_file("rdl.bin", "/tmp/rdl.bin"),
- moto.update_cdma_bp("/tmp/rdl.bin", "/tmp/bp.img"),
- delete("/tmp/bp.img", "/tmp/rdl.bin"));
assert(package_extract_file("bootloader.bin", "/tmp/bootloader.bin"),
moto.set_mbm_update("/tmp/bootloader.bin"),
delete("/tmp/bootloader.bin"));


Now that the patch has been applied, let’s re-zip the modified tree into a new OTA ZIP file:

$ zip -r ../update.zip *

In order to apply the OTA onto the Xoom you’ll likely need to install the ClockWorkMod recovery image, since at the time of this writing Xoom’s stock Android recovery can’t access the contents of the internal SD card partition. It seems, however, that Xoom’s stock Android recovery can access external USB storage devices.

In order to copy the hacked OTA image use:

$ adb push ../update.zip /mnt/sdcard

In order to install ClockWorkMod, you’ll need to download the recovery image. The easiest way is by installing “ROM Manager” into your Xoom from the Android Market. ROM Manager allows one to flash the recovery image on rooted Xooms automatically. If your Xoom isn’t rooted don’t worry as ROM Manager will still download the recovery image and place it somewhere under /mnt/sdcard/clockworkmod. From there, pull the image into your PC:

$ adb pull /mnt/sdcard/clockworkmod/.../recovery-clockwork-4.0.0.4-stingray.img

Then reboot the Xoom into the bootloader:

$ adb reboot bootloader

Once the fastboot protocol has been enabled (as shown on the screen):

$ fastboot flash recovery recovery-clockwork-4.0.0.4-stingray.img

Then reboot into recovery. It is important to reboot into recovery right away. Booting the system normally will likely reflash your recovery partition with the stock one, replacing ClockWorkMod. To boot into recovery, reboot the device:

$ fastboot reboot

Wait for the Motorola Dual-core logo, then tap the Volume Down key several times until the Android recovery option is shown on the top-left of the screen. Then press the Volume Up key to enter the recovery menu.

Once in the ClockWorkMod recovery, request to apply an update.zip image from the internal SD card partition. Navigate the menus using the Volume Up and Volume Down keys, and select an option by using the power button on the back. The update process will start and everything should apply smoothly. Next, wipe the cache and user data partitions, reboot and cross your fingers.

Suffice to say that you’ll lose 3G capabilities on your Xoom. It seems no one cares about Europe, not even Google, so Motorola still has Honeycomb 3.0.1 for us Europeans (instead of 3.1 or something newer like 3.2). And since 3.0.1 is so unstable and slow, I decided to upgrade to the latest Honeycomb build.

Perhaps one day people will take Europe seriously and release synchronized versions for the US and Europe (and also the rest of the world).

Aristotle once said: “Anyone can become angry – that is easy. But to be angry with the right person, to the right degree, at the right time, for the right purpose, and in the right way – that is not easy.”

Recently, I could not get db46 to install from Macports:

$ sudo /opt/local/bin/port install db46
...
Error: db46 requires the Java for Mac OS X development headers.
Error: Download the Java Developer Package from:
Error: Target org.macports.configure returned: missing Java headers

The solution consists of creating symbolic link to the installed files:

sudo ln -s /Developer/SDKs/MacOSX10.6.sdk/System/Library/\
  Frameworks/JavaVM.framework/Versions/CurrentJDK/Headers \
  /System/Library/Frameworks/JavaVM.framework/\
  Versions/CurrentJDK/Headers

Un día, un florista fue al peluquero a cortarse el pelo. Después, pidió la cuenta y el peluquero le contestó:
- No puedo aceptar dinero. Esta semana estoy haciendo un servicio comunitario.
El florista quedó agradecido y se marchó. Cuando el peluquero fue a abrir el negocio, a la mañana siguiente, había una nota de agradecimiento y una docena de rosas en la puerta.

Luego entró un panadero para cortarse el pelo, y cuando fue a pagar, el peluquero respondió:
- No puedo aceptar dinero. Esta semana estoy haciendo un servicio comunitario.
El panadero se puso contento y se fue. A la mañana siguiente cuando el peluquero volvió, había una nota de agradecimiento y una docena de barras de pan esperándolo en la puerta.

Más tarde, un profesor fue a cortarse el pelo y en el momento de pagar, el peluquero otra vez respondió:
- No puedo aceptar dinero. Esta semana estoy haciendo un servicio comunitario.
El profesor, con mucha alegría, se fue. A la mañana siguiente, cuando el peluquero abrió, había una nota de agradecimiento y una docena de diferentes libros, tales como “Cómo mejorar sus negocios” y “Cómo tener éxito”.

Entonces un diputado fue acortarse el pelo y cuando fue a pagar y el peluquero nuevamente dijo:
- No puedo aceptar dinero. Esta semana estoy haciendo un servicio comunitario.
El diputado contento se alejó. Al día siguiente cuando el peluquero fue a abrir el local, había una docena de diputados haciendo cola para cortarse el pelo gratis.

Esto, querido amigo, muestra la diferencia fundamental que existe actualmente entre los ciudadanos comunes y los miembros del Honorable Congreso de la Nación.

Por favor, en las próximas elecciones (2011), vota con cuidado…

Atentamente,
EL PELUQUERO

Did you experience problems with Firefox 4 beta and cookies? A possible cause is that in Firefox 4 beta, the cookie limit is now per-domain instead of per-host, so any single domain can now, by default, keep up to 50 cookies. For some Web applications. that might be set too low. When the limit is hit, Firefox will start “randomly” deleting cookies, which can cause problems, typically with Web applications that use cookies for Single Sign-on and login credentials.

The solution is to browse to about:config, and add (or modify it if already exists) an integer preference named network.cookie.maxPerHost. Set it to 500 or somesuch. You may or may not want to also set network.cookie.maxNumber (the default is 3000).

Does Google Chrome plug-in and extensions security model allow for a plug-in or a extension to hijack certain operations in the browser, like spoofing DNS name resolution?

What is the likelihood for an extension, like LastPass for Chrome, to hijack the browser’s DNS name resolution process in such a way that, when the user is redirected to a site like PayPal, in fact he or she is redirected to something that looks like PayPal but is not? If an extension or plug-in can hijack the browser’s DNS name resolution process, the browser’s address bar might read like http://www.paypal.com/ but the actual browser would have, in fact, established HTTP/TCP connection against another Web site that looks like PayPal’s but using a different, non-legitimate IP address.

On a clean installation of Eclipse and the Android Development Tools (ADT), and for a new Android project, when trying to edit the strings.xml file, a java.lang.NullPointerException is thrown.

To fix the problem, edit strings.xml directly, bypassing the GUI, by double clicking the file in the Eclipse workbench, then selecting strings.xml from the tab at the bottom. Then, replace the line that reads:

<resources>

with

<resources xmlns:android="http://schemas.android.com/apk/res/android">

This post is mostly a rant about Skype, the current state of VoIP solutions and proprietary solutions.

For quite a while I’ve owned an Android device. I don’t like proprietary solutions that force the customer into another’s hidden agenda. I don’t like proprietary solutions that change licensing or pricing unidirectionally without consensus. And I don’t like proprietary solutions that server a monitory instead of a majority. I use Skype because I make lot of calls to land lines in other countries. I haven’t been able to find any other VoIP provider that is easy to use and supports multiple devices (the only one close to this is Google Voice, but Google Voice is not yet available outside the US). They have PC software and software for iPhone and iPad, with little or no restrictions. But I am still waiting on Skype to release a native Android application for it (besides the existing one that only works on a very limited set of devices in the Verizon US wireless network).

I tried to come up with a non-imaginative, reliable solution to this. I tried Fring, but Fring does not support Skype anymore. I also tried Nimbuzz but Skype support does not work at all on Android Froyo (2.2). So the next natural thing to try was SIPdroid and SIP for Skype. Unfortunately, and contributing to my overall disappointment, SIP for Skype does not support subscriptions and, additionally, you have to run a business. Using SIP for Skype requires buying a channel subscription to allow for outbound calls (you will need as many channel subscriptions as simultaneous outbound calls you want to support), but channels do not support subscriptions, like unlimited calls to landlines, and they have their own credit line. When a Skype user places a call over SIP, the credit is withdrawn directly from the channel, and not from the user’s credit (the SIP credentials used are the channel’s not the user’s). Hence, even if the Skype user has a subscription plan, call to landlines will still have a variable cost.

Why does Skype limit support to Verizon US wireless network? Verizon Wireless states they have 70.8 million customers. The global wireless market, according to a research topped at 3.3 billion subscribers by the end of 2007. That means that Verizon was roughly 2.15% of the total mobile market at that time. Even if Android market share in the US is just a mere 9% according to Nielsen, it means there are lots of customers that are not on Verizon but using Android and still are incapable of using Skype.

So please, Skype, release Skype for Android now, with no artificial limitations based on some murky, strange and obscure requirements from the Telcos. And stop blaming other’s like Fring. No one else but Skype is damaging the Skype brand for not supporting all platforms, unrestrictedly. Remember that Skype makes money because of its customers, and not anyone else. Serving your customers should be Skype’s only mission.

Beginning with OpenSolaris b134 it is now possible to do a text-based installation. Some of the main differences between the new text-based installation and the LiveCD-based installation are:

• The text-based installation supports serial console.
• The text-based installation performs a minimal installation. X11, GNOME and many other packages will not be installed by default, but can be installed later on by following instructions from Text Installer b134-based project gate images.
• The text-based installation offers more installation options, like installing into a whole disk, a partition or a slice within a Solaris2 partition. Again, this can be achieved by following instructions from Text Installer b134-based project gate images.

Being able to install OpenSolaris into a slice within a partition can be useful. For example, my OpenSolaris box has 1x2TB disk and 3×1.5TB disks. I want one ZFS pool to span 4×1.5TB slices (across the 4 drives) and the ZFS root pool on the remaining space in the 2TB disk. With the LiveCD it requires a lot of hacking as described in HP Proliant DL180 G6 and ZFS (part V). With the text-based installation it is straightforward and it does not require booting a Linux distribution to modify the partition table, or from an OpenSolaris LiveCD to adjust the slices.