SageTV is now open source

SageTV is a great product that I used years ago as my DVR.  What made it such a great system was that they also sold network connected set-top boxes to place around your house to watch the content.  It had a great plug-in system and lots of developers making custom interfaces and all sorts of extensions.  Then Google bought them in 2011 and they stopped selling the hardware and software.

I’ve been using MythTV for a year and a half, perhaps longer.  For the front-end of MythTV, I’ve been using Kodi on a FireTV, or (more recently) MrMC (a Kodi fork) on an AppleTV.

It’s still not as good of an experience as we had with SageTV.  SageTV had commercial detection that worked very well.  It tracked the history of the shows you have watched, could automatically convert your recordings to other video formats to save space, and had a great interface (that is actively being developed further).  It has a web interface that lets you do tons of stuff.  You can do batch jobs with a plug-in.  There’s a plug-in if you like recording sporting events that will automatically extend the recordings if your events run over.  And tons more.  It was a product way ahead of it’s time.

Years went by, and while there were advances in other products, there’s still nothing as good as SageTV, in my opinion.

You might then be able to imagine my excitement then when late last year (2015), Google open-sourced SageTV.


Of course, they aren’t bringing the hardware back, but that’s where the community comes in.  One developer has created an Android application that effectively emulates the original set-top box hardware.  The SageTV server does all the interface work, so you get the advantage of this working with all the plug-ins that work with the set-top boxes too…

I’ve been testing with the Android app on a 1st Gen FireTV and it looks very good.  I do sometimes run into issues with it not wanting to play content, until I restart the application.  But if little issues like this can be worked out, this will be a great solution.  Forget the dedicated SageTV-only hardware, just run it on whatever android-based hardware you can find…

I imagine that, given a bit more time, this will be the direction I move back to.

May 1, 2016 at 9:18 pm Leave a comment

new YNAB – Availability issues and making production DNS changes

Earlier this week, nYNAB had some availability issues.  Being the up-front guys they are, which I highly respect, they admitted to having a DNS issue.  They cleared up the problem on their end, but some ISPs had bad data cached for quite a while.  I think it’s all been corrected by now.

Not being privy to exactly what problem the YNAB team had, I’m guessing it was a bad DNS record.

I don’t work at YNAB, but here’s a good method to make public DNS changes, based on my past experience managing publicly facing DNS servers for a large retail chain.

Normally, you have a long TTL (time-to-live) for your DNS records.  Having a TTL of 1 day is pretty common.  Having this value set so high means that the DNS servers at ISPs around the world will only have to update their cache (by querying your DNS servers) once a day.  This reduces traffic to your DNS servers, and allows your end customers to get faster service, since their ISP won’t have to make a round trip to query your DNS servers to figure out how to get to your web site.  If your service is used by that ISPs customers, they will most likely have your DNS records cached.

Whenever you get ready to change your DNS records, instead of just making the change, prep for it by setting your TTL to a very low value, say 5 – 15 minutes.  The important part here is once you’ve made that TTL change, you wait for your original TTL to pass.  So, in our 1 Day example, you wait 24 hours, then make the DNS change you want to.

Waiting until your original TTL expires means that all the ISPs in the world will now have your new, lower TTL.  So, they will be querying your DNS servers much more frequently.  Your change will happen all around the world much faster this way.  That’s good, even if you put bad DNS data in by accident.

After making the change to your DNS records, monitor things for the next several hours.  If you have a reasonably popular service, you should know very quickly if your DNS changes were correct or not.  Once you are sure that everything is operating as intended, you simply raise your TTL value back up to 1 day again.  Within 15 minutes or so, all the ISPs in the world should be caching your info for a full day again.

If you detect a problem during your “monitor phase”, just switch your DNS records back to the previous configuration (but leaving the TTL set to your short value).  Monitor again to ensure that everything is back to normal.  Once satisfied, you can set your TTL back to the 1 day level.  (Or, figure out what went wrong, and try the move again.)

If you want to be more flexible on your DNS changes, you might consider permanently having a mid-level TTL, like 8 hours.  By setting the permanent value to something in this realm, you can ensure that you can make changes more quickly (since you won’t have to wait 24 hours from the time you lower your TTL to the 5 – 15 minute level, only 8 hours).

March 30, 2016 at 5:50 am Leave a comment

Withdrawing Roth IRA contributions without tax or penalty – How to file it?

Yes, this is a networking blog, primarily. I do sometimes post about personal finance, mostly related to YNAB, so this post isn’t entirely without precedence. Plus there is a tiny networking tie-in later.

I’ve read in multiple places that AT ANY TIME you can withdraw your Roth IRA contributions without tax or penalty… In at least one place, they suggested instead of funding an emergency fund that goes to a bank account, instead you fund a Roth IRA (up to the max each year), because you can take out what you put in whenever you want without penalty.

Here’s the problem: Last January I opened a Roth IRA (with a different company.  I already had a Roth opened years earlier with E*Trade). Within about 8 months, I decided that I didn’t want to continue contributing to that Roth, but would put the money that had been going into the Roth into my 401K instead, lowering my taxable income.  Instead of keeping this small Roth IRA, I decided to withdraw virtually all of my contributions and invest it in a non-retirement account.

Today, I downloaded my 1099-R form associated with this Roth IRA distribution. It had a distribution code of J in box 7, which didn’t mean much to me. I was not prepared for what happened next.

When entering that 1099-R into Turbo Tax, my tax liability jumped by over $575!

I called the company I got the Roth through, but they were not much help, not being tax professionals.  Searching around google, I found this article by one of my favorite writers about money, Jonathan Ping. (Yes, his last name is Ping. There’s that tiny networking tie-in I mentioned.)

From reading Jonathan’s article, I gathered that Form 8606 was the key to declaring the contribution amount.

After filling out the 1099-R, Turbo Tax asked me a bunch of questions, but didn’t ask for the total amount of my contributions. Searching around a bit lead me to an answer, though.

In the upper part of the screen, go to the My Account menu, then select Tools. In the pop-up window that appears next, select Topic Search, then type in 8606. With that form selected, hit the Go button.

Now it will lead you through the right line of questions so you can declare how much you contributed to your Roth IRA. Once you’ve filled that out and gone through the rest of the questions, you should find that your tax burden is much lighter… In my case, all $575+ of taxes melted right away.

Anyhow, this caused me a significant amount of stress for about 3 hours, so I thought I’d post it here and hopefully save someone else some frustration.

March 2, 2016 at 10:35 pm Leave a comment

Meraki AP Syslog to Palo Alto firewall for User ID

I recently got a Meraki AP as a demo unit. Using Palo Alto’s Syslog listener, you can get user-id info from these units, if you are doing 802.1X authentication.

Just follow the instructions here, with some adjustments…

Navigate to the Device tab, User Identification menu item, then the User Mapping tab. There, select the gear icon, and on the following pop-up screen, select Syslog Filters.
Add a new filter, with these properties:
Profile Name: Meraki AP v1.0.0
Type: Regex Identifier
Event Regex: 8021x_eap_success
Username Regex: identity='([a-zA-Z0-9\\\._]+)
Address Regex: client_ip='([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})

Then, use your newly created filter for your Syslog Listener.

In my experience, it looks like the Meraki only logs authentication events every so often. Perhaps it is caching them? At any rate, set the Cache timeout value to something greater than the default 45 minutes. I set mine to 480, though this may need tuning, depending on the environment.

Also, be aware that the first time you authenticate after setting this up, you’ll probably show up in the ip-user-mapping with no IP address. That’s because when you initially authenticate, the first Syslog message from the Meraki shows an IP of Subsequent authentication attempts have your IP address in them. Not sure how this works out in the long term.

I wouldn’t say this is quite production ready, but it is definitely worth playing with, if you happen to have both a PA firewall and a Meraki AP.

March 2, 2016 at 7:04 pm Leave a comment

Get Enterprise Wireless security at home for free!

A week or so ago, I had a bit of a scare with my NAS. In addition to storing my files, my Synology NAS also serves as a radius server for my wireless network.

So, while I was trying to fix my NAS, my wireless network was basically down. When it looked like my NAS wasn’t going to be back in operation for a few days/weeks, I started looking around very quickly for a hosted radius solution and found a great looking free option for a home user with a single AP.

It’s a pretty basic web interface, but it provides all you need. Sign up for the free level of service, add a network, configure your AP to point to the provided radius server using the random radius secret they provide. Try to connect with a device (it won’t yet, but that will register your AP with them). Next, approve your AP, then add your users in their web interface. After that, just connect to it with your wireless devices. For IOS devices (probably other device also), you’ll be prompted to accept their certificate, and asked for your username and password (which you set up in the interface).

It’s possible I left out a step or two, but it really was very, very easy to get running. I did have issues using the admin web interface with Safari, but using Chrome it worked fine.

If all goes as well as it did for me, you’ll have your devices up and running in minutes and you can sleep secure in the knowledge that you are protecting your wireless network with much better security than using the simple PSK method 99%+ of home users are using. (Ok, I made that stat up, but it’s probably pretty close)

Oh, if you are wondering, my NAS came back to life. I’ve still not switched back from IronWifi though.

February 15, 2016 at 10:38 pm Leave a comment

Budgeting – Scarcity and Abundance

Budgeting works because it helps to create a sense of scarcity. And it’s not a false sense… In fact, if instead of budgeting, you just look at your bank balance, you probably have a false sense of abundance.

You can have thousands of dollars sitting in bank accounts, but with a YNAB budget, those dollars already have jobs. Savings categories for Christmas, property tax, homeowners insurance, car replacement, school tuition, appliance replacement, vacation, etc. In your mind, it should be almost as if that money were already spent.

If I hit my head tomorrow and got amnesia about budgeting, I would feel so little stress about money, for a little while. You see, my pre-YNAB self paid attention to my bank balances. So, if I forgot about budgeting and woke up tomorrow with my current balances, I’d have a REALLY false sense of abundance. It could even spiral out of control:

Want to eat out tonight? Sure, charge it! Want a new pair of shoes? How about a new outfit too? We haven’t had a vacation in while, let’s go on a cruise!

If you are YNABing, you should expect to feel this scarcity. It shouldn’t matter if you have a significant chunk of money in the bank because those dollars are off limits, as they have already been assigned jobs. When new expenses arise, you can try to move money from another category to cover it, or put it off for a while so that you can save up to handle that expense in a future month.

The sense of scarcity also helps you make other (perhaps more difficult) decisions related to prioritization of your spending. If you are spending $25 a week at Starbucks for your morning coffee, you might find that you could get by with it just once a week, and put the other $20 a week toward saving for that new Xbox game, or perhaps that engagement ring.

February 15, 2016 at 10:22 pm Leave a comment

new YNAB – concerns about the Cloud

The new YNAB lives in the cloud instead of Dropbox, like YNAB4.

The Dropbox method required more setup by the end user.  They had to download and install Dropbox on their workstation, if they didn’t already have it.  They had to link their iPhone/Android copies of YNAB with their  Dropbox account.  I imagine there were lots of support issues with less technically savvy users related to getting this set up.  The cloud method is easier.  Go to a website, create a username and password, login to the phone app with the same credentials.  Easy.  From the support perspective, I see why YNAB went that route.  That, and the subscription stream.

I have a few concerns about YNAB living in the cloud.

  1. What if your Internet connection is unstable?  Without the Internet, your cloud based YNAB is useless.
  2. What if there is an outage of YNAB?  Suddenly, I can’t get to my budget.  Hopefully, these will be few and far between.
  3. What if there is a database corruption issue at YNAB?  Since I can’t export my data, if there was an issue with the central database, my budget would be gone.  At least until a backup is restored.  Hopefully, there would be no data loss.  Again, hopefully this never happens.
  4. Bank account details.  Yes, it’s an unaccountable third party that has your bank account credentials, not the YNAB team itself.  Imagine if the third party with this info were hacked.  Your bank account logins could be compromised.  This would be disastrous.
  5. Privacy.  YNAB, a treasure trove of financial data, will almost certainly be a target of hackers.  What could someone do with your budget and financial account information?  First, they would know the balance of your accounts, and probably the name of the banks you use (depending on how you named them).  They could impersonate a bank employee over the phone…  If you use the GPS features of YNAB (and why wouldn’t you), they would know the location of all your mobile payees.  They could determine patterns of when you shopped at certain vendors, so they might know when no one would be at home.  They would know the church you attend.  Again, this could be used to find out when your house would be empty.  Your budget may tell an attacker the hospitals and doctors you’ve used.  What about other services?  What could they do with this info?  Call or email you, impersonating a representative of a company you already do business with.  They’d know the date of each time you’ve paid your bill, and how much each payment was, so they could use that to help convince you they were legit, if needed.  They might try to offer you a great deal on something.  They could just ask for your bank routing and account numbers.  And conveniently, they would know how much money was in that account, so they would know exactly how much they could take out.

I’m not a devious crook, so I’m certain my suggestions of what could be done with #5 may be basic compared to what a career criminal could come up with.

Suffice it to say, I’m not very keen to have my data in that cloud.

January 9, 2016 at 8:22 pm Leave a comment

Older Posts


  • Blogroll

  • Feeds


    Get every new post delivered to your Inbox.