Apple made a watch (and told you it was a revolution)

So Apple decided they needed to jump on the wearable tech bandwagon, and revealed the Apple Watch at their recent keynote. I guess iWatch would be a misleading name? As a tech blogger and rehabilitated fanboy, I feel obliged to write about this. They also released two new phones. They’re bigger, and can now be turned sideways for landscape mode. Such innovation. There, I’ve covered the new phones.

Completely scrambled RGB data
Apple Watch, according to their own press photo

I’m a decent enough guy, so instead of just nicking some picture from the Goog, I went to the source and downloaded the second official press image. When I tried to open it in an image viewer, it wouldn’t even let me. I tried opening it in a document viewer, and what you see above is the output. Thinking the download had become corrupted, I tried again, with the same result. I’m on Linux, of course, so I figured this was some proprietary Apple format bullshit, and spent a few minutes trying to figure it out. Then I ran another test, downloading a press photo for their Magic Trackpad, and I could open that just fine. Their keynote was completely botched as it was, and now this. Wow.

This is the Watch
This is the Watch

There, that’s better. That’s a jpeg file, copied from the same site as the tiff. It’s lower res, and I didn’t agree to their Image User Agreement to get it, because of course they have one. It’s not unreasonable though, just says I can’t edit it or use it to sell stuff. Shown in that image is both what I see as their biggest innovation and biggest mistake.

It’s a square watch.

Come on, Apple, you can do better. Nobody wants a square watch. It’s got your logo on it, so it’ll sell, but seriously, come on. You went and made a new homescreen implementation, that wonderful app cloud, perfect for a round display, but then you just went and made it square anyway. This is the opposite of what Motorola did with their Moto 360, which is that they made a beautiful round watch, but some of the UI is obviously tuned for a square display. With this you might as well have stuck with the app grid we’re used to.

Aside from that, there are a few things I’d like to mention. I’m not a big fan of this release, and I didn’t expect I’d be, but somewhere deep inside I keep hoping that Apple will become revolutionary once more. Instead they settle for telling us how revolutionary they are. They take great pride in their seriously brand new super innovative digital crown you guys this thing is the shit. It’s supposed to make their touchscreen almost unnecessary, only it doesn’t. You can use it to scroll, zoom, and for input, but when demonstrated the guy just kept tapping the screen, using the crown mostly to set the clock, which, in fairness, is what it’s supposed to do.

Oh my God you guys we make the best chargers ever! The Watch charger is magical, you just put the charger on the back and it snaps into place, just like magsafe! Only it uses induction charging! So innovative.

It’s a charger. It hopefully works. We’ve got induction chargers for the other smartwatches already, and they’re on the market. You know what would make this innovative? If you actually shipped when you announced it, you know, like you used to?

Holy balls, you won’t believe how clever we’ve been with the hardware! It’s a quantum leap in technology,  nobody has ever done anything like this before. We can’t even put in words how amazingly we’ve packaged our hardware. Everything is in one module. This is insane, an industry first!

It’s just that we’ve got that. We’ve had it for a long time. There’s System on Chip, or SoC, which puts a lot of sensors and radios and stuff on one piece of silicon. We’ve got System in package, or SIP, which packages chips inside modules to deliver supercompact working systems. How is this not that? How is this innovation and an industry first, guys? You can’t just say you’re the first to do something when you aren’t, there are laws against that shit. Don’t believe me? This is a direct quote from Apple.com:

Configuring an entire computer system on a single chip is an industry first and represents a singular feat of engineering and miniaturization.

I sincerely hope that wearables take off in a big way, and I hope that Apple will help achieve that, but this is not the revolution we’re waiting for. This is another subpar watch, touted as the most brilliant thing we’ll ever see until Apple makes The New Apple Watch. There’s more to the Watch than the things I’ve mentioned, but I only write about things that get me excited, and there’s nothing else. This Apple Watch is mostly boring.

Yes, you can quote me on that.
All of it.
I am a wizard
I am off to work

Configuring a linux firewall

So you’ve got your Linux server going, it’s configured the way you want it , and everything is coming up roses. You try to ping it, but the server doesn’t seem to exist. You’ve been blocked by some of the best/most insane firewall in the galaxy: iptables. A firewall’s job is to block unwanted traffic, and iptables takes its job seriously. By default, it. drops. everything. Got a http request incoming? Psh, drop that packet. I don’t care if you’ve got apache running. FTP request? Same story. Mysql? Nope.

A cat shoving things off a desk
This is iptables

Ssh is usually fine though, so we can log in and edit the rules. Iptables rules are added to rule chains. The only chain we’re interested in is the INPUT chain for now; We want to be able to receive http requests to our server, ssh connections, and nothing else. We’ll also want to allow existing connections to persist. These are the switches we’ll be using (you can find all these in the manpages, of course, but some are in the iptables-extensions manpage).

  • -F flushes the rulechains. This means exactly what you’d think.
  • -A [chain] adds a rule to the specified chain.
  • -I [chain] [number] same as -A but inserts rule at a given point in the chain.
  • -i [interface] specifies the interface the rule will act on. If you don’t specify this, the rule will act on all interfaces, including loopback (more on this later).
  • -p [protocol] specifies whether the rule is for tcp, udp, or whathaveyou.
  • --dport [port] further narrows down the packets to look at by checking which port they’re headed for.
  • -m [match] this is an extension that looks at the type of traffic the packet belongs to. We use it with:
  • --state [state], which asks a different module called conntrack whether the connection is INVALID, NEW, ESTABLISHED, RELATED, or UNTRACKED. This is magic, I have only a vague understanding of how it works.
  • -j [policy] says whether to accept or drop the packet.

Alright, let’s get to it. You can think of iptables as a sieve, where every rule along the way checks out a packet and decides whether to keep it or discard it. If the rule doesn’t match the packet, it moves further down the sieve to be checked by other rules. Therefore, at the end of it, if the packet doesn’t match any of our rules, we will just discard it. A good policy for internet traffic is that if you don’t know what it is, don’t touch it. Every rule we add gets added last in the chain/sieve.

A script demonstrating the use of iptables

And that’s it. We’ve configured our firewall. It will reset every time you reboot your server, but that isn’t often. I just keep a script like the one above to reconfigure it. You can get NetworkManager to configure it for you on boot, but I don’t really see the point unless you reboot your server all the time, which, I mean, why would you do such a thing?

I am still a wizard
signing off.