Synology DSM 5.0-4493 Update 4 Released

Support.

Synology has just released Update 4 for DSM 5. The updates fixes OpenSSL and Kerberos security issues among other things. The last Synology security exploit to hit the news was based on old vulnerabilities. So while it’s a pain you should plan to patch as soon as it’s practical. I updated my DS212J, DS212+ and DS1511+ without a problem. And so far, no new errors have surfaced.

 

Google dominates top 10 apps, says ComScore

Google dominates top 10 apps, says ComScore.

This is another “duh” survey. Android dominates in pure market share for smartphones (over 85%). The real story here is that Facebook is number 1. Maybe not a shocker, but people do have to install it and set it up.

Other non-Google apps are Instagram (owned by Facebook). Apple Maps and Yahoo News. Apple Maps surprised me being tied for #10. With all the bad press and the fact that Apple only has about 22% of the market this was unexpected.

 

This is What’s Wrong With Security Reporting

Yahoo news picked up this story and it trended to the top (many others also carried it with the same sensationalization . While the meat of the story may have some good information (although not new information), the headline and conclusions are meant to draw clicks.

Headline:

Your Gmail App Is Shockingly Easy to Hack

In the first paragraph:

..allows them access to mobile Gmail accounts with a 92 percent success rate.

What’s wrong with this? Well, for one the “hack” requires downloading a malicious app to your Android phone. And that 92% success rate? Only among those that download the malicious app.

Yes, it would be nice if shared memory could not me accessed. But that shared memory access also brings benefits (OK, I assume the benefits part. Don’t ask me to list them).

They didn’t test other mobile OS’s but say the hack should work on them too. I’m no developer but I thought on iOS shared memory wasn’t, well, shared by apps. Which resulted in many of the complaints about apps not working together. I’ve also read comments that apps don’t access shared memory on Windows Phone. So this calls into question that assumption by the researchers.

In any event it works on other mobile OS’s, even for Android the headline should be “Installing malicious app will cause security issue!” But I guess that falls into the non-clickworthy “duh” category.

We’ve Moved In

We’ve moved to a new Web host

The OS Quest is up a running on it’s new host, WordPress.com. If you’re on the site you should see a red “The OS Quest” in the header when your on the site.

If you subscribed via RSS the feed should still work and if you see this post in your RSS reader then it does still work.

Mail subscribers will have been dropped, with my apologies, I could transfer them out of Feedburner since you need to opt-in. You can subscribe by hitting the link over on the right.

Some photos from older posts have broken links. I’m working on fixing these. If you come across any in an article your trying to read let me know and I’ll fix those links asap.

The “featured image” feature of WordPress is used differently in this theme. This causes some ugliness in some posts which I’m also working on cleaning up. Going forward things will be much cleaner.

I know things have been slow the last few months on The OS Quest but I should have more frequent updates in the near future.

Thanks for being an OS Quest Reader.

sign that says keep going don't look back

It’s Alive! And Moving

After gathering cobwebs for several months I’m planning to resuscitate this site. As part of that I’ll be moving to a new web host and finally moving off of feedburner. I’ll be moving things this coming Friday February 21st.

To RSS and EMail Subscribers

The move off of feedburner means many of you that read this site through an RSS reader may get orphaned and need to resubscribe. I’ve used the non-Feedburner RSS link for awhile so many of you many not have a problem, but early on I did go all in with Feedburner. I will use the permanent redirection feature which should maintain your feed, but Feedburner has been wonky for a long time now and I wouldn’t count on it. I suggest (and appreciate) looking at the subscription options below and picking one to subscribe after Feb 22nd.

The E-Mail subscriptions will be removed. While E-Mail subscriptions will be available after the move I can’t move them and prove you opted-in. Besides, it’s been so long since there’s been a post that a E-Mail from a unfamiliar address may seem like spam. E-Mail subscriptions will be available after the site is moved. My apologies to those who’ll be cut off.

If you already follow me on Twitter there isn’t any change.

Subscription Options

You can subscribe to this site using any of the following methods.

RSS at http://www.osquest.com/feed

Twitter at http://www.twitter.com/osquest

Google+ at https://plus.google.com/115496065279439065529/. The Google Plus feed is also where I aggregate everything. So you will see posts from other blogs along with non-Tech posts. The feed currently has a fountain pen flavor since that’s where my activity has been.

An email subscription will be available after the move. I don’t want to make it available before the move because I don’t want to end up spamming you by accident during the move.

Why The Changes?

In word: Simplification

While I like maintaining my own VPS server and tinkering with WordPress, the never-ending update cycle takes too much of my time on a schedule I can’t control. So I’m moving over to WordPress.com where they’ll host the site and handle all the updates. I just need to worry about content.

This is certainly less flexible, but it should work well for me. I set up a new site on WordPress.com over a year ago. I had been screwing around tweaking design and features when I finally said “screw it” and set it up on WordPress.com. I kept it simple so I could move to self-hosted down the road. Instead I’ve found I liked it and I’m moving my self-hosted sites to WordPress.com.

The stars also aligned to make this a good time to do it. My VPS contract expired in January and it was time for a major OS upgrade to the VPS server. While fun, it’s extremely time consuming. After all, upgrading an server OS also means reviewing the configuration and software used and then reviewing the abilities of the new OS and making changes as needed.

Also on the horizon is a conflict between a WordPress upgrade and the theme I used. I use a lot of customization in the theme and it’s been stable for a long time. I don’t know when, but I have this feeling it will bite me soon.

I hope I’ll see you on the new site.

Google Reader Dies Tomorrow

Google shuts down Google Reader tomorrow, July 1st.

There’s been a lot of web chatter about replacements and Feedly seems to be winning the public relations race. Personally, I went with FeedBin.

FeedBin is a paid service, $2/mth or $20/yr. I consider this a benefit since the cost is upfront and not hidden behind a “free” business plan. FeedBin supports Google Reader keyboard shortcuts and posts can be starred the same way as in Google Reader. All my sharing sites are supported which is another benefit. There is support for several iOS apps, but I’m sticking to its web interface. The web interface is a little rough on my Windows Phone but otherwise it’s easy enough for me to use.

I had planned to move this site off Feedburder at the same time Google Reader died and just take one big hit to the RSS subscription count. But I fell behind so I’m still on FeedBurner. The link at the top of this site doesn’t use the Feedburner specific URL so it will survive when I eventually do move off.

Free Server Upgrade!

I’ve been neglecting my website recently and was surprised to find a server upgrade waiting for me when I opened the Dashboard.

When I logged onto my Linode control panel today I noticed a “Free Upgrade Pending” notice. Much to my surprise I found that Linode has been doing a bunch of upgrades. This one was to double my RAM size, from 512 MB to 1 GB of RAM. Although it wasn’t exactly free, they got rid of that habit of ending prices in .95’s. So the monthly price got bumped a nickel to the even dollar amount.

The estimate was that my upgrade would take 19 minutes. Linode provides this estimate prior to the request to enter the upgrade queue so I can decide if I have the time. The reality was it took about 11 minutes from when I clicked upgrade to when it was back online. There wasn’t anyone in the queue ahead of me, if there was my server would have stayed up until it was my turn.

I’m also on hardware that now has 8 cores. Nice! If only I didn’t have to share them.

Screenshot of CPUs on host

 

I still haven’t gone in and modified my app settings to take advantage of the memory. I’ll have to think about how I want to use it since my server really doesn’t get stressed. I may be better off increasing my PHP cache so more PHP code can be cached in memory rather than simply increasing Apache or MYSQL capability. Back when I was first learning and tuning the Opcode cache I found that eventually the available memory would file up and it would start swapping stuff out so I cut back on what got cached. I may have enough memory now.

I’ve been busy recently, unable to tend to my sites, and I’ve been considering if I should look for a managed alternative for this site (or something like Squarespace) but I really like to have hands on. It just annoying when I don’t have time to go hands on. Plus, problems always occur at the most inopportune time And then something like this comes along and I get excited. Yea, I know. It’s just more RAM that this site doesn’t really need. But hey, I still get excited.

There’s been some pockets of site downtime recently. Don’t blame the server, it’s been me. I’ve been tinkering and some changes have required server reboots or full restarts of Apache. I’ve done it when traffic is low, but apologizes if you got caught in a reboot.

Linode has been writing about the upgrades on their blog (which I didn’t notice until today, bad me). If you want to try Linode I’ll get a small kickback if you sign up through this link or use the referral code: a6b0ae3bcb8e5d87840c56fac5965e763d4363d4 on the signup form. A bare server OS isn’t suitable for everyone, but I’ve been a happy customer since December 2009. If your already a Linode customer be sure to go in upgrade when you get a chance, it’s only a nickel.

Dropping Feedburner on July 1st

Feedburner has been suffering from neglect for what seems like years.  I’ve decided that July 1, 2013 will be a good time to cut the Feedburner connection for my RSS feed. That’s when Google shutters Google Reader which will no doubt cause a decrease in subscribers and some chaos all by itself. I’m going with the native WordPress RSS feed, rather than be at the mercy of another service again.

I already updated the RSS subscription link on the top of this blog so you can update your subscription if you’re already a subscriber (Thanks!). Or just click this link http://www.osquest.com/feed which is the new RSS link. I haven’t picked a new email subscription service yet so that link is unchanged. Sorry for the annoyance of having to re-subscribe, but I figure a Feedburner death is inevitable and it adds no value to this website since it’s frequently broken.

Alternately you can follow me on Twitter, also linked at the top of this page.

Thanks,

Ray

CES Coverage and Thoughts

CES 2013 is coming and while I can’tr get excited about it, some of the coverage should be fun.

CES LogoThe Home Server Show and SurfaceGeeks will be providing live CES coverage. You can watch Dave run around the show floor at http://homeservershow.com/live and the schedule is at http://homeservershow.com/ces-2013-live-broadcast-schedule-liveces.html, although it may be easier to just assume the second half of the day, depending on your time zone, and tune in every evening.

As for myself, I have to admit CES doesn’t excite me. I’ll visit the Home Server Show coverage, but beyond that blogs that will be dedicated to CES coverage get temporarily deleted from my feed and any that slip through just get marked as read in bulk. I’m nearly burnt out on tech. My problem with CES is that it will promote a lot of products we’ll never see along with technology the manufacturers hope catch on. Once the hype of CES fades and products either appear or don’t I’ll get interested again. I don’t want to burn out on marketing, show me the cool tech I can get.

It’s probably because I’m getting old, but this year I want to concentrate on enjoying what I have, tweak it to make it better and not get lost in the hype or always reach for the “next big thing”.

But no matter, the Home Server Show coverage should still be fun.