Beijing School for the Blind

Media_httpfarm4static_iaskt

Our primary reason for visiting China was to establish a link with a Chinese School to share good practice and cultural information. Having visited Beijing School for the Blind on a previous visit, we had seen plenty that impressed us and areas that we could work together.

Beijing school for Blind takes in blind and partially-sighted children from their catchment area, having a pupil population of around 200. Beijing School for the Blind also has an impressive vocational programme, training their pupils to do Chinese Massage and piano tuning. The school is also doing some pioneering work providing mobility training for pupils, and providing tuition in a variety of subjects. Some of the pupils have multiple special needs, a common occurrence in UK special schools but less so in Chinese schools.

We were fortunate enough to see a range of classes and lessons, and to meet some of the pupils first hand. One thing that immediately struck us was the dedication and professionalism of the staff who truly are a credit to the school. We were made to feel very welcome by the staff and felt like old friends by the time we left.

I hope that as we work together, we can share some of the good practice that exists in both of our institutions and also put to rest some of the misconceptions that people in the UK have about China and the people that live there.

Hutongs of Beijing

Have spent a fascinating afternoon visiting first the Beijing Bell and Drum towers, then the hutongs of the area.

The Bell and Drum towers were ancient time keeping devices, so that workers could keep time before watches/timepieces were common. More information here.

The hutongs are narrow alleyways between lines of traditional courtyard residences. We toured the streets of these hutongs by pedal rickshaw (pedicab) – and stopped several times to visit the homes of Beijing residents who lived in some of these hutongs. As a preserved area, homes in the hutongs are highly sought after, especially with their historical connection to the Feng-Shui of the Ming dynasty. We saw several occupied hutongs, and were grateful to the Beijing citizens who allowed us into their homes.

Arrival in Beijing

We arrived safe and sound in Beijing after a pleasant journey. We were very privileged to have the use of the BA Club class lounge in Heathrow, and then to receive an upgrade to business class! If only I could always travel like this – a reclining seat that turns into a bed seems like an essential part of a long haul flight!

We arrived at the new Terminal 3 building, which only opened in February this year. Last time I came to Beijing I used the old terminal so using the new, shiny and extremely modern terminal (with monorail from arrivals to baggage claim) came as a surprise. Although I couldn’t take any pictures in the airport, this wikipedia entry shows terminal 3.

The pickup and transport to the airport was without incident and seemed relatively sedate by Beijing standards – perhaps that’s due to the rain. Did I mention it is raining here? Check out the picture from my hotel room window! I’m hoping the rain doesn’t spoil our Hutong tour booked in an hour.

Youtube for a nostalgia trip…

Don’t ask me why but when I was sat at my desktop pc I suddenly wondered if Youtube would have any of the favourite videos from when I was a teenager many years ago. Sure enough I found an amazing collection of Debbie Gibson videos including the one linked below. It also inspired me to find out what she was up to now – which led to her website and her myspace site.Unfortunately Youtube is blocked across my educational institutions across the UK, but it is a massive video archive of popular culture and well worth a look. Youtube isn’t just for silly clips recorded on mobile phones!

Nokia N95

Media_http3bpblogspot_iiptf

I have to say I’m loving my Nokia N95. I wanted a phone with a decent camera (since most of the photos I take are on my phone). The wifi and gps tagging of photos were also features I liked. I’ve added mobile broadband to (I’m on Three – the add-on is X series silver). I’ve also added a software service called Shozu which can automatically upload my images to the internet. I’ve set it to send to Flickr as a default – so I get an instant backup on the web – which others can see too! Check out my flickr photos here.

The only drawback I’ve found is that I turned on geotagging, and of course it geotags pictures that you upload from MMS. Not a huge drawback though. (And it only tags one out of ten pictures!)

I’m also loving the new google maps – with cell tower location finding and the gps, it is pretty powerful. I’d recommend the N95 to anyone who needs a fancy feature-filled phone (and doesn’t need long battery life)

Hosting from home for free – loads of bandwidth and space

Whilst the price of shared hosting is falling, trusting your website to an unknown company is always a risk. Even some of the largest sellers oversell bandwidth and space, so who do you trust your website to? I decided to host my site on my own server at home – since I pay for a 24/7 internet connection.

When I set up my server, I was new to DNS and hosting, and decided to move my domain to dyndns.com who provide a dynamic DNS service. They offer free accounts with popular names like dyn-o-saur.com or you can go for your own top level .com domain.

What they don’t say is that you can use their free account and register your domain name with a cheap provider like godaddy. This saves you around $30 per domain – worth it if you have a lot of domains.

All you do is set up your free account with your dynamic provider (and install the update client which tells their servers if your ip address changes). You register your domain with your preferred provider and set up a cname record which points to your free domain name. This means that any traffic going to your registered address is redirected to your free dynamic dns account.

All you then need to do is set up your web server to recognise the new sites you have added and bingo – you can run dozens of sites from one machine. This is the guide I followed.

There are downsides to hosting your own server. First of all you have to pay for your own internet and electricity which is not an insignificant cost. My cable modem offers 400k/s incoming and 40 k/s outgoing (with peak time traffic shaping) for the equivalent of $50 a month. Electricity in the UK is also rapidly rising in price thanks to the lack of freedom in the European energy market – my Dell server costs the equivalent of $10 – $12 a month. Another downside is technical knowledge. Your server is continually exposed to the internet and you need to make sure you only open ports you need, and that you keep the server patched and up to date.

With energy prices rising so rapidly, I regularly review my decision to host from home. Using an older more energy friendly PC will help keep the costs down but there is no short cut to gaining technical knowledge (although you could run a preconfigured server on a virtual machine!).

Do you host from home? Are you looking for free hosting for a blog? Leave me a comment below.

Edit: 15/09/08 Since I posted this originally my workload has increased and I just didn’t have time to maintain my installations (updating the ubuntu server was easy, updating joomla/wordpress a bit more time consuming).  I decided to move my blog back to blogger and rely on Google Analytics for my visitor information.  (That and I also needed to turn the ‘office room’ back into a guest bedroom and the server was too noisy for someone to get any sleep!).

Find out where your spam comes from….

Ever wondered where spammers get your email address from? This is how you can find out – it only works when you start with a new domain or new googlemail account.

Method 1

If you have a custom domain you registered e.g. fiendishlyclever.com you own all the email addresses at that domain. If you set all the emails to forward to your current email address you will get all the email that comes to every address. Then all you need to do is when you sign up for a site, you include the site name in the email address you give for that site. For example if you were shopping on Amazon, you would give your email address as amazon@domainname.com where you swap domainname.com for your own. When you start getting spam email you can see where they have come from.

Method 2

This is very similar but uses Googlemail (Gmail). Google mail has a set of features only recently documented. Because of the way Google parses the email addresses, you can change your email address in 2 different ways and still receive your email. Googlemail takes no notice of where the dots are before the @ sign so you can change these when you give out your email address – although this is not as useful as the next feature. You can also add a plus sign (+) and extra characters after your username and before the @ sign. This has been confirmed to work with regular googlemail and googlemail for domains. This can be used now in the same way as method 1. When you sign up for a new site, add +sitename before the @ sign. For example username+amazon@gmail.com if you were shopping at Amazon. You could also do this when you give out your email address to friends. When you start to get spam email – have a look and see who sold you out! I’ve started using this method so it will be interesting to see if the email addresses of my incoming spam change!

Playing Warcraft over an SSH tunnel

Media_http3bpblogspot_tspii

Scenario: I want to play World of Warcraft at work or behind a firewall. Most ports are blocked although I am able to get a tunnel out (eg on port 443). Of course you need a PC left on around the clock to connect to (or a router running dd-wrt) – to see my other SSH related articles click ‘Technology talk’ on the menu to the left.

Solution: Use a commercial piece of software called proxifier which routes traffic from any piece of software over your ssh tunnel. (Update: There is a new version of proxifier which can be run from a usb key in addition to the standard version)

Open your ssh tunnel using putty (be sure to make sure you have the dynamic/socks tunnel enabled). Opening a tunnel on port 443 is usually possible. I am usually able to open a tunnel on port 443 from where I work (an educational broadband consortium) but on the few occasions when I can’t open one, I can force one if I know the proxy server name by putting the proxy details in the proxy tab. (This link may tell you if you are behind a proxy server – click on ‘Proxy test’)

In the options for proxifier tell it which port your tunnel is on (proxy settings).

You can set it to route all traffic (apart from exclusions) over the tunnel, or to only route traffic from certain applications over your tunnel. I did the latter.

When I started warcraft up I was able to log on from work over my tunnel. Ping times were usually playable (120ms upwards) but this depended on the quality of the connection between your computer and your server.

And there you have it – World of Warcraft over an ssh tunnel from work! Easy when you know how!! (and much simpler than setting up a VPN!).

Of course you need a piece of hardware permanently powered up at the other end but buying the right router or running a low power Linux box like a Linksys NSLU2 is a brilliant way around this (and can also host networked storage, web pages and even torrents whilst drawing very little power).

This page gets more hits than any other on my site – please leave a comment if you found this page useful or if you have any questions.

Web browsing over an SSH tunnel

This is how I set up my SSH

server so that I can connect securely over an encrypted connection whenever I want to browse in private. A powerful tool when combined with a U3 memory stick or the portable apps suite.

The first step is to set up ssh/openssh on your server. Your server needs to be permanently switched on and connected to the internet. You should also aim to have a firewall between your computer and the internet, and leave as few open ports as possible. I have successfully set up openssh on windows XP but it I feel safer running an ssh server on a Linux server. I’ve run (and am still running) ssh servers on both Ubuntu server and on my ‘unslung’ Linksys NSLU2. If you are looking for a low-power web server and ssh server you can’t go far wrong with the NSLU2. I’ll say no more about this clever little device apart from saying that it has its own website dealing with how to unlock the extra functionality and set up the various servers – http://www.nslu2-linux.org/

You will need to forward a port from the router to your server – in the past I’ve given my server a static IP address on the internal network. This means the router will always be able to connect to it on the same IP address. Under ubuntu you can give your server a static IP address by editing /etc/network/interfaces (type sudo nano /etc/network/interfaces ).
It should look like:
auto eth0
iface eth0 inet dhcp

and you need to change it to something like this (assuming your router is 192.168.1.1)

auto eth0
iface eth0 inet static
address 192.168.1.100
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1

then you can restart the networking components by typing sudo /etc/init.d/networking restart

Setting port forwarding for your router is outside the scope of this guide – searching Google should help you if your manual doesn’t give you any help.

If you are running ubuntu server you get the option to install an ssh server as part of the installation process. You can always install it later if required using the (sudo) apt-get install ssh command.
Once you have a working ssh server you will need to edit the config file and set up a key to log on. Using a simple password is not very secure and not recommended. Also changing the default port from 22 to a higher number prevents many intrusion attempts – port 443 is often open from work networks (recommended if you are wanting to use this technique to surf undetected from work).
You need to edit /etc/ssh/sshd_config (sudo nano /etc/ssh/sshd_config) and check these lines
Port – change from 22 to something like 443
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
Once you have a working setup that you can use with a public key you will have to change
PasswordAuthentication to no to prevent anyone logging in by guessing a password.

The next stage is to make a key – use puttygen for this (it’s easiest to do this on the remote pc) http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Generate a random key and save the private key onto your computer. You will need to copy and paste the public key so don’t quit yet. Connect to your server using Putty – it should ask for a user name and password at this stage.

Where to save the file public key depends on the user name you wish to log in with.
Change to that directory – cd /home/user
See if you have a .ssh folder by trying to cd .ssh (if you haven’t you can mkdir .ssh)
Inside the .ssh folder you create a key file by typing echo ssh-rsa

= rsa-key-20080210 > authorized_keys
(Right clicking on the putty window pastes the clipboard into the screen).
Set file permissions by typing chmod 644 authorized_keys

Logout with putty and try again using a key. To do this go in the ssh section of the putty config and look for the auth section – this is where you enter the location of the private key you saved earlier.

You also need to set up the tunnel – look in putty under SSH/tunnels and type 8181 into the source port box, click the dynamic button and then add. You should see D8181 appear in the window.
In firefox or internet explorer you need to find the proxy settings and set them for 127.0.0.1 port 8181 (socks 5 proxy). I’d recommend using Firefox since you can also send your DNS requests over your ssh tunnel and no one in the office can tell what you are browsing. Type about:config in the firefox address bar and look for network.proxy.socks_remote_dns = true
If you use firefox in different environments I’d recommend looking for a proxy switching app (eg foxyproxy).

I realise these instructions are pretty brief and require a little technical knowledge – if you require more detailed help, fill in the contact me form on my website and I may be able to help you. Alternatively you could try searching google using some of the terms from this guide. Happy surfing.

Media_http1bpblogspot_dorvp

River Trent flooding under Harrington Bridge, Sawley

We’ve had lots of rain in the UK over the last few days. River levels have been getting higher and we’ve been a little concerned about the risk of flooding. Having not been able to see the extent of the flooding during daylight (I’m always at work!), I managed to see today how far the flood water extends. These are some of the photos I took with my phone. Full sized photos are in this gallery:

Media_httplh3googleco_vzghk
Trent flooding under Harrington Bridge