Good old coding days

Today I noticed a Facebook post from Ubuntu.

It took me back to my 6th-8th grade school days. These kinds of interesting games with such graphics made me want to immediately code them on my own with my own little spin. They were hugely satisfying. At that time I did not own a computer at home so I would take a notebook and write pages after pages of codes. Then I would coax by dad to get access to computer at his office. His office had only one computer and that too only in my dad’s boss’ cabin. His boss was the head of the office.

Once I got the access to the computer, usually on off days, I would copy all the codes from my notebook to the computer and save it on my floppy disks (yup floppy disks). This would go on for few turns as computer time was limited. Then I would get the chance to finally test the codes.

There was some kind of charm to it and they got me real high.

Now I develop web based applications for a living. I am a full stack developer, in layman terms I build from the engines all the way to seat covers of a car. It has its high moments but I still feel I have and always have had an itch to create games.

Fix very low call volume on OnePlus 3

I recently faced this issue after a recent update on my OnePlus 3. The guide at – http://innov8tiv.com/fix-low-call-volume-oneplus-3t-calls/ is pretty good. However, the “Safe Mode” test failed for me, then next steps was clean with toothbrush.

I was very much convinced that my ear piece was pretty clean and anyway I wiped it with cloth many times and there was no visible dirt. However, when I took closeup picture of the earpiece I noticed that the grill mesh was very very small. And it seemed like maybe those tiny holes in the grill have been plugged by microscopic dirt.

Checkout the grill closeup below (this is after cleaning):-

I didn’t have a toothbrush with fine enough bristles. So instead I used a cotton swab, dipped in nail polish remover. I rubbed with that couple of times and presto, the low volume issue is fixed!

TIP: You need to tilt the handset sideways against the sunlight (as shown in the pic above) to be able to see the grill holes. If they look dark then the hole is open, else maybe they are plugged.

Facebook’s evil Free Basics

It is hard to appreciate the evil in FB’s “Free Basic”. The simple facts.

If and when “Free Basics” becomes very popular, which in all likelihood it will, if government does not ban it, then people will mostly probably stop renewing their mobile data plans. That means they will be able to access only “basic” sites when on the go. If tomorrow a startup creates a competing social network – Coolbook, there is no chance, no matter how good it is, Facebook will allow it on its “Free Basics”. So that means a lot and lot of users who are now already used to “Free Basics” will rarely access that site, causing it to shutdown due to poor response, even if few people like us want to use it.

So, if majority supports “Free Basics” we are basically screwed since that will make Mark and FB to become our country’s internet gatekeeper; even if the minority does not like it. This is such an evil but genius scheme.

However, there is still slim sign of hope. In India we are very demanding customers, even when freeloading. When “Free Basics” takes off people are going to use it real heavily, and due to the sheer volume it will inevitably result into slowdown, and public outcry, giving it the much needed negative publicity.

Needless to say, all and everyone should oppose this. Do not bank on the small hope. Take action and goto savetheinternet.in.

How to register your Aadhaar number with your bank (ICICI) without the physical Aadhar card

If you are one of those unfortunates who need to register their Aadhaar number with your bank to get LPG gas subsidy, but you lost your Aadhaar card or did not receive that, then read on…

About two years back I enrolled for Aadhaar. I never received that, but I did not bother checking, since in those days Aadhaar was mostly like a passing fad. Well, now it is different. We have probably three more months of grace period before this abomination kicks in.

I went to ICICI bank with my e-Aadhaar print out, but they refused to accept that, citing company directive to accept only physical cards. This was done to prevent fraud. I contacted Aadhaar “Customer Care” to request for a duplicate physical card, but was informed that there is no such provision! In fact they have been informed that e-Aadhaar should be accepted in lieu of Aadhaar card.

I had hit a stone wall. The only way I could resolve this by trying to reason with ICICI (my bank). We cannot reason with the Govt., which keep on inventing nasty little things to make our life difficult. I tried sending my concern via https://infinity.icicibank.co.in/web/emailus/jsp/emailUs.jsp but that ended up in internal server error. Nice! (sarcasm)

I let the issue rest for sometime. After reading about the LPG deadline again in the newspapers I shook myself up, and started finding alternative ways to get in touch with ICICI. During my hunt I ended up with the email id of the CEO. I mailed to her my plight and requested her to invent an alternative process for people like us. After all, if the aim is to prevent fraud then there should be other ways too. Also they are our banker who already know so much about us to form an informed likely-hood of fraudulent stunts we may try.

I was pleasantly surprised to hear back from a Senior Manager within one business day. She assured me they will address this. On the second day I got a call from my bank Branch Manager that a new process has been sanctioned and I need to bring my Aadhaar Enrollment slip with me. Yeeaah! The Manager used the Enrollment slip to download my e-Aadhaar from uidai.gov.in directly onto his system. Some form fillings and photocopies of an Id proof and I was done.

So, if you have an account in ICICI then you can use the above process. You might want to directly check with the Branch Manager if the bank employees insist that original Aadhaar card is a must and there is no other way. They may not be informed. This process came into effect on 21st May, 2013.

If you have account in other banks and they do not yet have such a provision then you might want to communicate with the bank senior management. I was informed by a reliable source that the banks received a circular in March of this year from Govt., that e-Aadhaar should be accepted in lieu of original Aadhaar card.

I also got another info that you can download your e-Aadhaar for a maximum of five times. I am not sure how true is this, but I am not keen on testing this myself. 😛

BTW, for your information I will reiterate that – there is no way as of now to request for duplicate Aadhaar card.

Anyway, happy enrolling your Aadhaar. BTW do not forget to take your mobile phone too since you will receive your OTP on your registered phone when then bank employee tries to download your e-Aadhaar.

Update 26-Aug-2013 I am an Indane LPG customer and when I checked my Aadhaar status on their site, it showed Red for LPG and White (Invalid/Unkown) for Bank. I seeded my LPG information online from https://rasf.uidai.gov.in. Also I created an account on Indane and there they again ask for the Aadhaar details, which I provided.

Update 2-Sep-2013 Now Indane site shows Green for LPG side and Bank side is Red! I already seeded by Aadhaar with bank in May. I followed up with ICICI customer care and got it confirmed that they have my correct Aadhaar number. They suggested, I check with the Gas agency, since enrolling online may not be same as enrolling offline.

Update 6-Sep-2013 Went to my Gas agency. According to them my Aadhaar is already enrolled. So, it seems enrolling online is enough. Now I am stuck again. My guess is that the Indane software checks the status in its own database. Maybe it sycns the Bank linkage details on monthly basis for accounts with valid LPG linkage. I will now wait till the end of this month. If it becomes Green till then, fine, else I will have to pay a visit to my bank.

Update 18-Sep-2013 Finally! Now Indane site shows that both IOCL and bank are linked. It is showing green for both now. I have been checking almost regularly, so it took around 15 days to refresh.

Update 10-Oct-2013 I received my first DBT (Direct Bank Transfer) subsidy! The subsidy was credited one day before I received SMS from Indane that cash memo has been generated. However, the amount is Rs.435 only. This time they charged Rs.1096 (plus Rs.20 extortion by delivery boy) so the net cylinder refill price comes to Rs.661! That is damn costly. Few months back it was less than Rs.500. PS. The subsidy from Indane was credited by the name ‘APBS_IOC R_07-10-2013’, so look for similar name in your bank statement.

Update 18-Dec-2014 Today I finally received my Aadhaar card! That is, I received it after around 3.5+ years later!!! Kudos to Indian bureaucracy, they do get things done, even though it may not matter by then.

Securing the WordPress Login page

Of late I have seen quite a lot of brute force attempts to login into the admin account of this blog. The source IPs are wide and varied, ranging from Istanbul, Germany, Greece, US and more. In fact according to ArsTechnica article this has been happening for sometime now on a huge scale. I see a POST request on my site every few hours. Recently I submitted a list of such IPs to Deutsche Telekom Abuse Team for the offending IPs from their network.

Protection from the attack ArsTechnica suggested using

Limit Login and WP Better Security plugins. Limit Login is a simple and must have plugin. It blocks an IP for some hours our repeated failure attempts. Of course for this to be useful you need to have a strong password like mine, which is ….. . However, WP Better Security is the best but makes some drastic changes to your site. I don’t like to make so many changes, and would prefer that WordPress came bundled with those features. One of those features is modifying the login url. By default it is like http://blog.host/wp-login.php. This makes it an easy target. One simple way to fix this is change it.

Changing your login url

I do not want to physically rename wp-login.php, since that would mean after a WordPress upgrade the change would be gone. The other way is to rename it in your web-server configuration. Below is my relevant Nginx configuration. (If you are still using Apache then you may want to switch to Nginx.)

#!cink
server {
    server_name blog.host;
    # Other configs like root etc...
    location ^~ /wp-login.php {
        include phpparams.conf;
        if ($request_method = POST) { return 444; }
    }
    location ^~ /your-secret-login-page-name.php {
        rewrite ^ /wp-login.php break;
        include phpparams.conf;
    }
    # ...
}

The above config blocks all POST request to wp-login.php but allows GET requests. So, wp-login.php would show up but if someone tries to submit on that page then the server will close the connection (status 444 is a special code which instructs Nginx to close the remote connection). Since we are using ^~ to prevent Nginx from matching to any more regex locations so, if you have any location directive to match .php won’t be used. So, effectively your wp-login.php file source would be sent to the user instead of executing them. That is why I have included phpparams.conf. See the Nginx migration guide for the contents of phpparams.conf.

One Caveat

Now even if you open your-secret-login-page-name.php, the form will still send POST requests to wp-login.php, because after all that is the page which is being served. So, either you need to use web developer tools like Inspector to modify the web code or better write a GreaseMonkey or TamperMonkey script to do that for you.