No flash for 64-bit IE9

My 64-bit IE9 could not play flash video when browsing.  Logically, as IE9 is so new, I thought it was necessary to download Adobe flash player 64-bit version.  Surprise, there is no such software as 64-bit flash.  Please see the dump below :

I do have 32-bit version of IE9 and this one has flash 10.3 properly running.  Without support for flash, I think 64-bit IE9 is almost handicapped considering that there can be up to one fourth of the world websites using flash to display content.


FTP Error "500 - Illegal port command"

After changing my Wifi home router to TP-Link, I can successfully login to a ftp server but can not do "ls" or  or transfer files and the error code returned was 500 – illegal port command.

On careful reading the TP-Link manual, there is a security feature called FTP ALG which allows ftp traversal over NAT. Without enabling FTP ALG, ftp is destined to fail because the client provides a private IP address and a port number to the FTP server but somehow, the port number is changed by the NAT device. FTP ALG ensures that the NATed port number and the ftp data port number initiated by the client are kept in a one-to-one mapping state table.

This is another example of NAT breaking end-to-end connectivity. Similar ALGs are also needed for SIP and H.323. NAT only brings troubles to the networked Internet world and it should be dropped as soon as practicable.


laptop with two display cards

My son intended to buy a Sony VAIO SB25 laptop.  Strange, it comes with two display cards; AMD Radeon HD 6470M and Intel HD Graphics 3000 card.  According to the website, the former display card shall be used to play 3D games in speed mode while the latter is for viewing in stamina mode for ordinary applications such as word processing or browsing web content.  The fact is that the Radeon display card consumes a lot of power and it would make the battery running out faster.  The use of an Intel card will help to preserve the battery capacity.  However, the end user needs to press a button in order to switch mode.  Then come my question : can the laptop be designed to auto switch from one mode to the other ?   


Which company made the first IPv6-compatible product ?

Yesterady, I took part in an online quiz on IPv6 of 10 questions and I could answer 9 questions correct.  There was a question asking which company first made the commercial IPv6-compatible product.  The choice were : Cisco, Digital Equipment Corporation, IBM, and Novell.  I picked Cisco as IPv6 backbone must bre ready before any IPv6 applications can be realized.  The answer was wrong.  It was IBM that offered IBM AIX 4.3 in 1997 which was the first product to support IPv6 in the market.


Good and bad news about MAC OSX 10.7 on IPv6

MAC OSX 10.7 is in the market now.  In terms of IPv6 improvement, it can now support RDNSS and when working with SLAAC, it can configure IPv6 address and get DNS resolvers from RADVD.  The bad news is OSX 10.7 still does not provide a genuine DHCPv6 client.  I must mention that not all organisations will adopt auto-config due to security concern and in that case DHCPv6 is the only available option to get IPv6 addresses.

Apple should have given out  DHCPv6 client program to its MAC OSX a long time ago.  What is the diffculty !!


.hk SOA Serial Number

I noticed that the SOA serial number of TLD .hk on 11 July has the format of 2071521800 whereas that record on 1 June 2011 was 2071506233. The increment was 15567.  My guess is that from 1 June 2011 to 11 July 2011, there have been 15,567 changes made in the .hk records including new domain additions, deletions and change of glue records etc. So long as the SOA serial number has a higher value than its previous one, it is possible for a primary server to update secondary servers.

Usually, some TLDs (example .se) prefer to use the yyyymmddss format like 2011071103 or the Unix time format like 1310367702 (example .com and .net) which can be readily translated back to 11 July 2011, 7 hours 3 min and 12 seconds.

It will be an interesting task to study if SOA serial number format adopted by .hk could yield technical and/or operational merits as compared to other traditional formats.


An ISP uses 6to4 tunnel to serve as v6 DNS resolver

Strange ! WTT has rolled out native IPv6 service but it  does not want to feed native IPv6 connection to its own dual-stack resolvers but uses 6to4 tunnels for serving as v6 DNS resolvers.  I have the chance to read WTT's  IPv6 configuration guide and notice that for static configuration, users have to input the DNS resolver as "2002:d596:2a92:1:71:53::". This is a 6to4 tunnel address.  Why not hook up the DNS resolver to its own native IPv6 link. 

The extra path to a 6to4 gateway introduces delay and there is no acceptable guarantee of service. Bearing in mind the WTT 200M native IPv6 service is for corporate users, how comes WTT offers a lower class service for not providing truly v4/v6 DNS resolvers.

I think ISPs in Hong Kong should be careful not to rely on tunnels as part of its native v6 service


1.8 GHz or 2.4 GHz cordless phone

My old home cordless phone broke down with the display showing nothing. I had to decide buying a new 1.8 GHz or 2.4 GHz cordless phone. In fact, the choice is not difficult. 2.4 GHz band is a junk band with lot of devices sharing the frequency channels like WiFi, Bluetooth, alarm, wireless camera and many more. When I open my netbook and scan the available WiFi in the neighbourhood, I find 17 SSIDs. Thus, the chance of interference in the 2.4 GHz is many times higher than the 1.8 GHz band.

I believe I have made a smart choice in not purchasing a 2.4 GHz cordless phone.


Remove Joomla icon

Joomla is a very popular open-source content management software for web and it is estimated that about 2 % of websites in the world are running on it.  On some occassions, if I access a website running Joomla, the default Joomla icon is displayed in the address bar.  This is regarded as a security risk and bad guys  can launch attacks target at Joomla.  It is desirable to remove the icon (favicon.ico) and replace it with the organisation's or company's logo in an 16 x 16 icon size.


Stratum 1 or 2 NTP

Yesterday I had a chat with colleagues in the Hong Kong Observatory who are planning to provide v6 NTP server by end of 2011.  During the discussion, they corrected me that their v4 or v6 NTP Servers are basically Stratum 1 and I previously had the idea that these servers were Stratum 2.  The atomic clock itself is regarded as Stratum  0 and if it is networked to an NTP Server, the NTP Server is then a Stratum 1 facility.  What we are now using in our office LAN is Stratum 2 which gets the time reference signal from a Stratum 1  source to feed to another networked segment.  Counting forward, Stratum 4 is unusable as the accuracy will further be degraded after three networked segments bearing in mind that each of them introduces some latency.