FZF - Fuzzy Finder


fzf is a useful fuzzy finder that can replace/augment the history command. Works in vim too.

Apple Store Pricing in Hong Kong


I was noodling around in the Apple Store recently and I noticed something interesting. Traditionally, Apple has followed a fairly simple formula for pricing in the HK Apple Store, which is to do assume a HKD:USD rate of around 7.80, round to the nearest hundred and take away 12. Sounds complicated? Not really, as what they really want is to have prices ending in 88, which is very auspicious in Chinese culture.

The first table below shows the pricing for some common products. The Rate below refers to the HK price divided by the US price to determine the exchange rate. The second HKD price uses the formula:

ROUNDUP((US Price) * 7.80 to nearest 100) -12

The difference and markup are bases on the difference between this price and the price in the HK store. The Apple TV price fits the patterns closest, but all the products follow the pattern very closely:

ProductHKDUSDRateHKDDiff (HKD)Markup
MacBook Air 11$7,688$999$7.70$7,788-$100-1.3%
MacBook Air 13$8,488$1,099$7.72$8,588-$100-1.2%
MacBookPro 13$9,188$1,199$7.66$9,388-$200-2.1%
Ret. MacBookPro 13$9,988$1,299$7.69$10,188-$200-2.0%
Ret. MacBookPro 15$15,288$1,999$7.65$15,588-$300-1.9%
iMac 21.5"$9,888$1,299$7.61$10,188-$300-2.9%
iMac 27"$13,888$1,799$7.72$14,088-$200-1.4%
Apple TV$788$99$7.96$788$00.0%

(US Apple Store prices do not normally include sales taxes, and there are also no sales taxes in Hong Kong. All prices are for the base model in each range.)

As you can see, you generally save a small percentage buying the product in HK when compared to the US price. But when you look at some third party products, the price differential between the US prices and HK prices is all over the place. Here's the prices for fitbit products:

ProductHKDUSDRateHKDDiff (HKD)Markup
Fitbit Zip$498$60$8.31$488$102.0%
Fitbit Aria$1,098$130$8.45$1,088$100.9%
Fitbit Flex$898$100$8.98$788$11014.0%
Fitbit One$898$100$8.98$788$11014.0%

Why are the last two fitbit products so expensive? An additional 14%? Seems a bit excessive!

Here's an interesting thing: the latest iPhone models also have this price increase in a way which is out of step with the existing price iOS device price points:

ProductHKDUSDRateHKDDiff (HKD)Markup
iPad 2$3,088$399$7.74$3,188-$100-3.1%
iPad mini$2,288$299$7.65$2,388-$100-4.2%
iPad Mini Retina$3,088$399$7.74$3,188-$100-3.1%
iPad Air$3,888$499$7.79$3,888$00.0%
iPhone 4S$3,488$450$7.75$3,588-$100-2.8%
iPhone 5C$4,688$549$8.54$4,288$4009.3%
iPhone 5S$5,588$649$8.61$5,088$5009.8%

Finder crashing every minute


Today I was using my MacBook Pro for work as per normal, when I noticed the Finder windows crashing every minute or so. I tried many things, including:

  • Deleting misc plists from my ~/Library/Preferences directory;
  • Rebooting in Safe Mode (Hold Shift while rebooting);
  • Restoring the System Fonts while in Safe Mode;
  • Validating the Fonts within FontBook (Found one corrupt one);
  • Deleting every single .DS_Store file on the Mac;
  • Trying to diagnose the issue from the Crash Report in the Console.

All to no avail, although I did discover something interesting, of which more anon.

Finally, I waded into the Apple Support Forums, searching on some of the terms I found in the crash reports and I finally found a solution to Finder Crashing Every Minute: Basically, turn off "show file status icons and right click menu" in the Google Drive Preferences. This instantly stopped the problems.

The interesting thing I found? My ~/Library/Preferences directory was full of locked files, and once I deleted all the *.lockfile files, quite a few apps were much faster to open, and several websites dramatically changed their fonts. Perhaps I had overwritten the default font for some of them, as they went from being a nice Helvetica to Verdana.

domain registration scam


I get scam attempts:

(Letter to Head of Brand Business or CEO, thanks)

Dear Sir or Madam,

This is a formal email. We are the department of Asian Domain Registration Service in China. Here I have something to confirm with you. We formally received an application on October 15, 2013 that a company claimed Hora Tech, Ltd were applying to register "diaspoir" as their brand name and some diaspoir Asian countries top-level domain names through our firm.

Now we are handling this registration, and after our initial checking, we found the name were similar to your company's, so we need to check with you whether your company has authorized that company to register these names. If you authorized this, we would finish the registration at once. If you did not authorize, please let us know within 7 workdays, so that we could handle this issue better. After the deadline we will unconditionally finish the registration for Hora Tech, Ltd. Looking forward to your prompt reply.

Best Regards Derek Lau Senior Consultant

Tel:+86-551-6349 5334

Fax:+86-551-6349 5344

Address:HuiZhou Ave. 856, Hefei, Anhui, CN

A quick google of the first sentence of the second paragraph reveals a hoax-slayer page about this scam, along with plenty of examples of its use. Nothing to worry about.

Inquiry of Guest Posting


First SEO spam in a while:


I came across your site (http://www.diaspoir.net/) and would like to discuss the possibility of having a guest post on your site.

I’m working on behalf of my client who is able to create articles including travel, shopping and entertainment amongst many other things.

I hope this would be something of interest and would very much like to hear back from someone regarding this guest post opportunity.

Hope to hear back from you soon.

Kind Regards,



You know, right down on the page here, just about where the email address is, are three little paragraphs of text which say:

  • Unsolicited Bulk Email (spam), commercial solicitations, SEO related items, link exchange requests, and abuse are not welcome here and will result in complaints to your ISP.
  • email the webmaster
  • Any email to the above address may be made public at the sole discretion of the recipient.

I don't think I'd pay for services from a company which apparently can't read the paragraph above and below the contact email address...

I've redacted the responsible company for a few reasons. The main reason is that I don't wish to invite assholes into my life, and SEO spammers whinging about how I am "defaming their personal braaands" by reporting accurately on things they have actually done match that description pretty well.

Also, it's not that obvious from the email, but the company is an SEO consulting company that boasts of using meta-tags and keywords to attract Google attention, which makes them borderline scammers in my book. Real SEO is good content and appropriate semantic markup, not keyword and meta-tag spamming.

Top ten SSH login attempts


With all the fuss over NSA intrusion into encrypted datastreams, I thought I'd take a look at the security situation on my own website. To that end, I wrote some perl to fondle the log files and keep a record of who's logging in and who's getting kept out.

Top 10 users accepted:

Only one user is accepted at all and that user is me. As I normally ssh in with a public key, I think this is pretty secure. I'm not giving usernames, just because. Also, all IP addresses accepted are either local addresses, or the remote address I was at recently.

Top 10 usernames rejected:

Here's where it gets interesting: there are hundreds of attempted logins per day via ssh. I keep a years worth of logs, so over the last year the top 20 usernames someone tried to use to log in with are:

  • USER_REJ: testing rejected 438 times.
  • USER_REJ: tester rejected 447 times.
  • USER_REJ: temp rejected 505 times.
  • USER_REJ: www rejected 536 times.
  • USER_REJ: testuser rejected 541 times.
  • USER_REJ: web rejected 545 times.
  • USER_REJ: test1 rejected 545 times.
  • USER_REJ: alex rejected 592 times.
  • USER_REJ: backup rejected 671 times.
  • USER_REJ: ftpuser rejected 758 times.
  • USER_REJ: tomcat rejected 767 times.
  • USER_REJ: info rejected 777 times.
  • USER_REJ: git rejected 890 times.
  • USER_REJ: postgres rejected 1351 times.
  • USER_REJ: user rejected 1520 times.
  • USER_REJ: a rejected 1559 times.
  • USER_REJ: nagios rejected 2181 times.
  • USER_REJ: admin rejected 2295 times.
  • USER_REJ: test rejected 4052 times.
  • USER_REJ: oracle rejected 4088 times.

What's interesting here is the huge gap between the top 20: almost 10 times the frequency. Also, how many are trying to log in via ssh as the standard user for services. If you allow SSH as the standard service name for popular services, you are an idiot and asking for trouble.

Top 20 rejected IP addresses

So where am I being hacked from the most? Over the last year, the logs tell the following story.

  • IP_REJ: probed 1825 times. iWeb Technologies Inc. IWEB-BLK-04 (NET-67-205-64-0-1) -
  • IP_REJ: probed 1869 times. CNC Group CHINA169 Shandong Province Network
  • IP_REJ: probed 1931 times. Indonesia
  • IP_REJ: probed 2245 times. h1762348.stratoserver.net, Berlin.
  • IP_REJ: probed 2366 times. CHINANET-ZJ Hangzhou node network
  • IP_REJ: probed 2542 times. HZDTV-IDC, China Zhejiang Province.
  • IP_REJ: probed 2546 times. CHINANET liaoning province network
  • IP_REJ: probed 2585 times. Hangzhou, Zhejiang, P.R.China
  • IP_REJ: probed 2594 times. Hyundai HCN Dongjak Systems Co., Ltd, Korea
  • IP_REJ: probed 2698 times. 2F Bundang Center, Onse IDC, 235-230, Korea
  • IP_REJ: probed 2947 times. vps2.barnes-open.net
  • IP_REJ: probed 3194 times. Chulalongkorn University, Thailand
  • IP_REJ: probed 3321 times. CHINANET Guizhou province network
  • IP_REJ: probed 4199 times. Hangzhou Alibaba Advertising Co.,Ltd, China
  • IP_REJ: probed 4768 times. Starhub internet, Singapore
  • IP_REJ: probed 5218 times. China Mobile Communications Corporation - liaoning
  • IP_REJ: probed 5704 times. Beijing Bitone United Networks Technology Service Co.,Ltd, China
  • IP_REJ: probed 8212 times. Hangzhou NEWGRAND Software Co., Ltd, China
  • IP_REJ: probed 12834 times. FIT Center, Tsinghua University, Beijing China
  • IP_REJ: probed 16360 times. WASU TV & Communication Holding Co.,Ltd. 6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012

That's a heck of a lot of illegal accessing attempts from China... Remember, this is not website accesses, these are attempted logins over ssh. There is no way any of this is mistaken SSH, as only I have login access to this box. All of these login attempts are malicious. If you are operating a commercial SSH service and you have no customers in China, you should block the whole damn country.

But who is vps2.barnes-open.net? It's almost the only non-Asian attacker in the whole list. Whois returns:

Registrant Name: Steve Barnes
Registrant Organization: BarnesSteve
Registrant Street: Shop1, 676 Wynnum Road,
Registrant City: Morningside, Brisbane  Queensland

Why is this guy, or someone using his services, trying to login to my ssh server? (Or was, the entries are from April 2013.) And why is he trying to log in as user admin? He's also tried dictionary attacks using a variety of first names and service names. Nearly 3,000 attempts? That's no accident, this site was clearly either compromised or is black hat.

Cleaning Shure SE215s


Previously, I've blogged about the poor reliability of Shure canal phones, headphones, etc. I've had one set replaced at least twice because one ear would just decrease in volume enough that you couldn't hear anything. Both times, I did genuinely get a different set of SE215 with new serial numbers.

If they do this during the two year warranty period, Shure will replace them free of charge. After that time, you will be held responsible for a cleaning/replacement charge. At this point, you may well feel that you should just buy another pair, as the repair charges are probably a significant proportion of the cost of buying another pair.

I discovered a way to get a pair of Shure SE215 back from the one ear dead state, and it's very simple. This has now worked for me twice, and may be worth a try if you are experiencing this issue *and* your Shures are out of warranty.

If they're in warranty, just take them to Shure and get them replaced.


My method is an act of desperation and is only applicable where: "My earphones are dead and I can't afford a new pair of Shures, and the affordable Ultimate Ears 200vi are crap. (I really don't need to hear that much wire jiggling noise, thankyewverymuch!)"

You will need:

  • a pair of Shure earphones which have at least one ear blocked/silent;
  • Contact cleaner spray;
  • Weak Lemon Drink (or any beverage of your choice, really);
  • A sense of desperation that you are willing to risk your headphones for this experimental procedure.

Please note (DISCLAIMER) that I accept no responsibility for any damage to your Shures, computer, lungs, environs, property, chattels and demesnes. You undertake this venture at your own risk. Contents may settle in transit. No motorcycles after 3PM.

The steps to follow are as follows:

  • remove the silicon or foam tips from your headphones;
  • bring your headphones to a place where spraying contact cleaner is safe and non offensive, and where there is good drainage. Bathrooms are good;
  • spray a short burst of contact cleaner directly into the ear tubes of the headphones and immediately turn the headphones opening down to drain excess fluid out;
  • DRINK YOUR WEAK LEMON DRINK NOW! (You will need to allow some time for the alcohol in the contact cleaner to evaporate, meanwhile excess earwax or other precious bodily fluids have been melted/synthesized and sent to the NSA/FBI/KGB for analysis and long term storage.);
  • Excess alcohol in your weak lemon drink may need dissipating through fried food and carbohydrates.
  • Test your headphones for good audio in both ears.

It may take a while for all the various substances to evaporate so be patient. You may need to DRINK YOUR WEAK LEMON DRINK a second time. You should probably pour another, rather than regurgitating the first drink. however, if you have insectoid ancestry, feel free to disgregard this advice.

    • Macrae described the conduct of bartender-turned-feng shui master Chan as “shameless and wicked as well as borne of unparalleled greed.’’
       Chan had built a career advising clients including Wang on feng shui, an ancient Chinese belief system based on harnessing natural and spiritual energies.
       He lost a legal battle in 2010 to claim the estimated US$13 billion estate of the late property tycoon, once Asia's richest woman, in a high-profile case that has gripped the city for years.
       He was then convicted yesterday of forging the will in question.
       Wang was known for her thrifty nature and outlandish dress sense, and was nicknamed “Little Sweetie'' for her pigtail hairstyle. She died of cancer in 2007 aged 69, triggering a bitter public feud over her fortune. --AFP

Posted from Diigo. The rest of my favorite links are here.

Posted from Diigo. The rest of my favorite links are here.

I was sent this in email recently. Interesting infographic. How Climate Change is Destroying the Earth

using gmail as a smart host


Problem: My new ISP blocks outgoing port 25 (SMTP) and I want to run a mail server from home.

Solution: I need to set up sendmail so that it uses gmail (or my ISP) as the outgoing smart host.

You'll need SASL running, so yum or apt-get that. Then add the following to your sendmail.mc file:

define(`RELAY_MAILER', `esmtp')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/authinfo.db')dnl

Make an authinfo: /etc/mail/auth/authinfo, chmod it to 0600, and have the following lines in it:

AuthInfo:smtp.gmail.com "U:root" 
AuthInfo:smtp.gmail.com:587 "U:root" 

(Note: these should actually be all on one line per entry, so two lines for the above.)

As always when dealing with sendmail.mc, you'll need to run the m4 processor over the file and make the hash maps. Do yourself a favour and have a Makefile to do it for you. Restart sendmail, and you should be good to go!

# makemap hash authinfo.db < auth/authinfo
# m4 sendmail.mc > sendmail.cf
# service sendmail restart

And note that if you use Application Specific passwords (i.e. 2 step authentication), you'll need to generate a password for this.

Helpful info from:

UPDATE: While the above is fine and works, Google's mail servers rewrite the From: address to the gmail account you use to authenticate. This is not the best solution if you want to not appear to only be able to send from gmail.com. Here are some other changes to use the ISP's mail server. (In this case I'm using netvigator.com, others should be similar.)

/etc/mail/auth/authinfo (Note that I don't need to specify the higher ports, as the ISP only accepts on port 25. The Method ("M:PLAIN") doesn't seem to be required either.

AuthInfo:smtp.netvigator.com "U:username" "P:password"


define(`RELAY_MAILER', `esmtp')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 25')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 25')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/authinfo.db')dnl

And to enable all this:

# makemap hash authinfo.db < auth/authinfo
# m4 sendmail.mc > sendmail.cf
# service sendmail restart

Today's Wibblinks 10/20/2012 (p.m.)

  • "If at this point in Internet history you think you’re really anonymous/pseudonymous on the Internet, or that you have a right to anonymity/pseudonymity on the Internet, you’re kind of stupid. "

    tags: blog writing scalzi books anonymity

Posted from Diigo. The rest of my favorite links are here.

"You have updates available for other accounts..." - Grrr. Arrgh. Googlegooglegoogle...

The first thing I found was:

rm -rf ~/Library/Preferences/com.apple.storeagent.plist*
rm -rf ~/Library/Preferences/com.apple.appstore.plist*

That didn't really work, so further Google brand searching found the solution at NGPixel:

1) Open System Preferences > Spotlight
2) Under the Privacy tab. Add your Macintosh HD (or whatever your main hard disk is called) to the list.
3) Close the window. Wait a few seconds. Then go back to Spotlight settings and remove the entry you just added.
4) The spotlight index should now begin to re-index completely. (A dot will fade-in/out inside the Spotlight icon in the taskbar)
5) Wait for it to finish and then launch the Mac App Store. You should now see updates in the Updates tab.

It Works!

Spotlight not working on Mac OSX


Spotlight was showing fewer and fewer results until one day it stopped even showing results from /Applications. As this is how I launch apps, something had to be done!

Opening up Terminal.app:

$ sudo mdutil -i on -E /
Error: unable to perform operation.  (-400)
	No index.

OK, so I need to delete the index, kill all the associated processes and hopefully things will restart.

$ sudo rm -rf /.Spotlight-V100/
$ sudo killall -9 mdworker
$ sudo killall -9 mds
$ sudo mdutil -i on -E /
	Indexing enabled. 

Presto! Everything working again as normal!

  • I have a morning ritual that I need to share. I call it "the terminator". First I crouch down in the shower in the classic "naked terminator traveling through time" pose. With my eyes closed I crouch there for a minute, visualizing either Arnold or the guy from the second movie (not the chick in the third one because that one sucked) and I start to hum the terminator theme. Then I slowly rise to a standing position and open my eyes. It helps me to proceed through my day as an emotionless, cyborg badass. The only problem is if the shower curtain sticks to my terminator leg. It ruins the fantasy. I think maybe I read too many comic books when I was a kid...

    tags: craigslist morning ritual

Posted from Diigo. The rest of my favorite links are here.


About Me


  • Unsolicited Bulk Email (spam), commercial solicitations, SEO related items, link exchange requests, and abuse are not welcome here and will result in complaints to your ISP.
  • Any email to the above address may be made public at the sole discretion of the recipient.

Other Stuff

  • Powered by Linux
  • (RedHat Linux)


Monthly Archives