Fixing a Broken Mac VPN Connection

I was on a wonky hotel wifi connection that dropped and reconnected a number of times while I was connected to my office VPN. Eventually, Mac OS X said something like “your connection sucks, I’m not going to let you use the VPN anymore, sorry sucker.”

At the time, that was no big deal, since I was heading out of the hotel.

But later, when I actually needed the VPN, it was a big deal.

No matter what I tried, the VPN wouldn’t connect. I googled some solutions and one solution pointed to flushing the network routes, i.e.:

sudo route flush

but that just ended up spinning up my CPU to 100% and seemingly not getting anywhere.

I decided to take a more targeted approach. I grabbed the IP for my VPN. (If you have a domain-based VPN host, you can get the IP by using this command:

dig +short vpn.hostname

(where you plug in your hostname for the vpn.hostname). Then, I ran this command:

sudo route delete 123.123.456.456

(again, where you plug your IP into the command, rather than my fake IP). Sho ’nuff, that fixed my problem. Your particular situation may be different (but hopefully not, and you’ll think I’m really smart).

A Couple of Quick App Reviews

I’ve been traveling a lot lately, and haven’t had a ton of free time, but I have had some time to try out a couple of apps.


With all that traveling (mostly in the car), I gave Waze another shot. And I just can’t use it for day-to-day travel. It does one thing incredibly well: using real-time data to really find you the shortest route. It’ll route around traffic, route around various incidents, and use crowdsourced data to get you there faster. And it is really good at that, save the few times where it tries to get super cute and route you through a bunch of side streets and around neighborhoods to save you a minute of travel time.

It doesn’t do anything particularly poorly, but it does pretty much everything else mediocrely. The interface is visually not pleasing, and at times, confusing. The voice prompts are distorted and are pretty bad compared to other map apps. I think the voice prompts come too close to intersections, leading to harried moments of “is this the turn, ohhhh crap it is”.

For 90% of your travel, Apple Maps or Google Maps will probably meet your needs perfectly well. When you’re stuck in traffic, get your passenger to grab Waze and see if there’s a way around.


Marco Arment’s Overcast is a new podcast player. I’ve been using it exclusively for a week, seeing if it fits my usage patterns better than other apps. So far, it does. The interface is really pretty nice—it’s pretty minimal and laid out nicely to take advantage of iOS7. It downloads and plays podcasts. I tend to listen to most podcasts at more than 1x speed, and Overcast handles that nicely. It also has a feature called “Smart Speed” where it snips out long silences to help speed up podcasts. It’s a pretty nifty feature and works as described. I’ve not noticed it yet, but it definitely speeds things up. This has allowed me to not use 2x speed, but knock back to 1.5x and still get a nice speed boost. One of the nicest features is that it will import your settings from most other podcast apps to get your started. A really nice touch. All of the server side stuff seems to run pretty smoothly … more on that in a bit.

There’s a couple of rough edges, which is to be expected in a 1.0 release. You can’t globally set “always play podcasts at X speed”—you set them on each podcast with a “use last settings” or “always use these settings”. I’d guess its an attempt to not put too much stuff hitting in a setting screen, but it always bites me when I’m playing a new podcast or a podcast that hasn’t updated since the app released. It doesn’t seem to download new podcasts quite as quickly as Instacast did. You can’t tap the top of the screen to scroll to the top of the view. When downloading, it does seem to heat up the battery decently (though that could be intermittent signal, since I’ve been traveling, so I’m holding out judgment on that one).

So far, it’s my go to podcast app. I think in a couple of iterations, it’ll have sanded off the rough edges. And, to top it off, it’s the only podcast app I know of that brings a web app to the table, which means you get desktop sync no matter where you are. The only thing that needs to happen on the desktop app is for it to find a way to play at more than 1x speed, which would be a huge win.

Digital Shakedowns

(This likely needs to be edited. Forgive any poor grammar, punctuation, or lapses in logic …)

If you’ve been paying attention to the tech press, you may have noticed an uptick in stories about DDOS (Distributed Denial of Service) attacks. A DDOS, in a nutshell, is when an attacker sends you more traffic/requests than your server or bandwidth provider can handle. It generally results in your servers going down, or your provider taking you down, for the good of their other customers.

You should familiarize yourself with the landscape. Read a couple of articles to familiarize yourself with the new wild, wild west.

DDOSes are being used as the digital equivalent of the old school shakedown. “Hey, I wouldn’t want anything bad to happen to your site. so you should, you know, pay me to make sure nothing untoward were to happen.”

In the physical world, shakedowns are less common (I think … I don’t have hard facts for that) than they were in the old days. The risk is greater to the extorter. The person or business being extorted generally has technology available to capture the extortion, our law enforcement and courts don’t look kindly on them, and since you have to physically be present to commit the extortion, it’s a lot easier to catch someone in the act.

(I’m not claiming extortion and shakedowns don’t happen any more. I just think they’re probably less common—in the US—than they used to be.)

That’s not true on the internet. With cheaply available botnets, ISPs turning a blind eye in favor of the marginal dollars, and the global internet meaning there are countries into which law enforcement cannot easily reach, the internet has become a goldmine for extortion.

There is a solution to this. It comes in two parts, and both of those parts will cost large internet providers money. But, like the music industry with MP3s, these ISPs are going to have to embrace the new cost of doing business, or they’ll slowly watch their systems turn into a barren ghetto where no true businesses will want their servers.

Step 1 of the solution is an ISP crackdown. The vast majority of the computers used in attacks are compromised PCs (often in China, where they’re using a pirated or hacked version of Windows). ISPs need to drop or throttle service the moment someone’s computer shows the signs of being used in an attack. This will hurt ISPs. They will get more support calls, deal with angry customers, and have to help customers get cleaned up. But, if they don’t do it, they’re going to run the risk of getting blocked by other service providers. If your ISP is a constant source of outbound attacks, other providers will drop your packets, and then you’ll have lots of angry customers calling to find out why they can’t get to or

Beyond just normal ISPs, VPN/Colo/Dedi/cloud providers need to crack down on their customers. The biggest spam networks in the world are all server providers who aren’t cracking down on their outbound traffic—because it makes them money. It’s not just spam though, these same servers and networks are often used for DNS or SNMP attacks. Like home ISPs, network providers should simply start dropping traffic coming from these providers until they clean up their acts. Nothing will speak louder here than money.

There’s a downside of this tactic: internet users in places like China, where the internet is one of the few tools citizens have to fight for democracy, are going to be disproportionately impacted. But, while I’m not a free marketer, this is a place where the free market could win. If a good ISP in China or Africa or some other impacted area were to provide a well regulated internet (not from a content perspsective, but from an outbound attack perspective), they wouldn’t be blocked, an customers would flock to them as the only provider who could see Twitter or YouTube.

Step 2 is for transit providers (the folks providing bandwidth to your favorite site on the internet, in essence) should stop looking at DDOS mitigation as a profit center and start looking at it as a cost of doing business. If a provider is simply charging customers for DDOS mitigation, or worse, not offering it at all, they are rapidly going to be at a competitive disadvantage. Small businesses, especially nascent small businesses or aspirational small businesses, cannot afford to pay for a big DDOS mitigation solution. Some provider is going to offer DDOS mitigation as a feature of their service, and they are going to suck up a good bit of the market. Once that happens, transit providers will have to offer a minimum level of mitigation service as part of their services.

There is one last thing that has to happen to make these digital shakedowns a thing of the past (or at least closer to a thing of the past). Someone is going to need to go to jail. It might end up being this 17 year old kid. And, honestly, it should be. He caused a huge disruption to the internet, potentially disrupted a significant amount of ecommerce, and wasted like many many days of work. It’ll only take a few examples before people realize there’s a much bigger risk in DDOSing someone.

And then we’ll be able to move digital shakedowns into the same category as physical shakedowns. Something from the “good old days.”

2014 NBA Draft Thoughts

Thursday night brings us the 2014 NBA Draft. Our Celtics pick 6th and 17th (though it wouldn’t surprise me to see them move around, given the depth of the top of this draft).

At this point, I’m nearly convinced that Aaron Gordon is the pick at #6. He’ll bring massive athleticism to the team, and the ability to defend almost any position on the court. Plus, with a year of college ball under his belt, he should be more polished than the Celtics’ recent “athletic” picks (Gerald Green, Kedrick Brown). Sure, he can’t shoot, but that’s (generally) coachable.

If Joel Embiid were to fall to #6, it makes the decision trickier, but I’m not sure you can pick a center in the top 10 who’s now got a history of back and foot problems.

(I’d also be very happy with Marcus Smart or Dante Exum at #6.)

At #17, it’s a bit more of a crapshoot. If you take Gordon at #6, you’re probably looking at a guard for #17. That’s P.J. Hairston, Zach LaVine, or maybe Gary Harris if he takes a big slide down the board. If you go guard with the first pick, I think you’re looking at small forwards like T.J. Warren or Rodney Hood. Or, you take a big risk and go for one of the big Euros (Clint Capella, Jusuf Nurkic), though I’m very against that idea.

With all of the assets the Celtic have, it should make Thursday an interesting night.

2014: The Year the US Embraced Soccer?

Probably not.

However, NBC’s really wonderful coverage of the Premier League has made many of the non-US players closer to household names (and I mean “one out of every 4 or 5 households”, but you get the point). ESPN covering the World Cup and wanting the make the most of their investment has lead to near wall to wall coverage, giving even non-soccer fans a chance to latch onto the US Men’s team.

I don’t have any expectations that Major League Soccer will all of a sudden become the 5th major league. The quality of play is just a couple of steps below what it needs to be, and aside from a couple of places, the passion that you get from your weekly Premier League match, or a World Cup match, is lacking. That crowd response makes a huge difference on television, and it makes MLS seem second-rate.

But, soccer is clearly getting closer to being a legitimate major television sport in the US (even if it won’t be via MLS). I think NBC—who, again, have done an amazing job with the Premiership—should be capitalizing on the World Cup by running some studio shows talking about the various players who normally make their living in the Premier League, and educating the new fans as to the nuances of the game. Formations, the rules, roles of the various players, etc. Not only would it be good for their ratings (what is NBC Sports Network airing right now with no soccer or hockey?), but it would bring an audience that finds itself on the cusp of soccer fandom and make NBCSN their friend, tutor, and home for soccer.

The elephant in the room is, of course, “simulation”. Or, as we like to call it, flopping.

The NBA has tried hard to make flopping a non-issue in the NBA. Between post-game reviews and fines, to highlighting floppers on the website (to, I guess, shame them into not flopping?), the NBA is at least trying something.

FIFA (as corrupt as they are—go watch this hilarious John Oliver takedown) needs to take a stronger stance. Yes, they can give yellow cards for simulation, but I think FIFA, or the individual leagues, need to tackle it similarly to the NBA. Review the dives after the game, fine players, then suspend them. Once a major player has been suspended for a few games, it’ll get better.

We’re nearing the tipping point. It’s going to happen in the next 3 or 4 years. This has been a big year for soccer in the US. Next year’s Women’s World Cup could help push it over the top, particularly if the US Women’s Team can manage another Cup win.

Apple is Settling All Debts

I won’t go into too much detail on the announcements coming out of WWDC. That’s been done better and more thoroughly by many others. I will say that this feels like Apple settling all the debts they’ve accrued over the past few years.

“Oh, you wanted apps to be able to talk to each other? Here you go.”

“Widgets on your notification screen? Yep. You got it.”

“You wanted apps to use the TouchID? Ok.”

“That whole ‘I should be able to move files around in iCloud’ thing? All set now.”

“Objective-C not modern enough for ya? Meet Swift.”

There were a bunch more announcements that basically amounted to “We told you to chill while we put in place the way to do these things safely, securely, and without trashing your battery. Here they are.”

And I think that’s a big part of what iOS 8 and Mac OS 10.10 are: the culmination of a few years worth of groundwork and infrastructure building that came together and bloomed all at once. It’s going to allow for almost everything people have asked for, and more, and to top it off, Apple brought out things like Continuity where you devices simply act as logical extension of one other. It’s a simple, powerful feature that will be hard for other companies to duplicate.

(All of this assumes Apple’s cloud services continue to get better … which seems likely given I’m not sure they could get much worse.)

John Gruber has a very nice take on it.