Of all the youtube videos, I still couldn't find one that uses smartphones as a back side mirror. If you do not do this, you do not have a full straight backside view of your haircut. Without this view, many cuts are not feasible.
The good thing about the dual-phone method is that it's free; you just need to find two phones to use for the duration of your hair cut. Tape one to the wall or bathtub tile with the back camera facing out. Use the other like a handheld mirror.
The apps to use are two-way video chats like facetime, hangout or skype, in which you just need one side of it. What I actually use is IPCam to turn the phone on the wall into a webcam. On the handheld, I use Tinycam for the display. They work together and both free.
The alternative is a hinged three-piece mirror found on youtube, costing a silly amount of money. Of course, you can do it yourself but phones cost nothing and you need to do almost nothing. Of the 3 pieces of mirror, you only need the two side mirrors. They cannot be too small that you have to get very close with a limited view. With a smartphone cam, you can see at any angle you like. For Tinycam, if you double tap the screen, the image will zoom into the point of contact.
You do need two decent phones with decent wifi connections or else there will be a lag between the actions and the image on the handheld phone. Though it's not a big deal if you only want to see the result after some cutting.
I tried something similar many years ago. I used an old camcorder as the back camera, attached to a portable DVD player with video input. It sort of worked but you really need a tall tripod to mount the camcorder. It's a bit of trouble to hold the screen and you can knock out the whole system anytime. It's not possible to do it in the bathtub, my favourite place for the ease of cleaning.
I forget all about it because I developed my way of self-hair-cutting and has been using it for a couple of years now. First, you need Flowbee since it is what hair stylists do for the most part. Then, you need a Philips trimmer designed for self-hair-cutting.
The Flowbee allows you to cut all your hair to the same length, without which you have to do it approximately with two hands, having to mount or hang the handheld screen onto somewhere convenient. Some new stylists have trick clips to do it more precisely; you can do it blind with the clips. Flowbee is for short hairs from a quarter of an inch to several inches, more suitable for men. Though, it's as clumsy as a dinasour when the vacuum is attached.
The trimmer head of the Philips can be rotated at any angle, so you don't need to twist your arms to trim your back hair. It has all the attachments so you can fade and blend if you know how to. It has been a couple of years now and still works like new.
My tip to get a straight horizontal endge at the back is to use a strip of velco, the tough side, wrapping half the head at the back, attaching to a rubber band to wrap around the head from the front. Wear the velco band from the top of your head. Slip the band down to the hairline where you want to cut and then use the trimmer.
Thursday, November 24, 2016
Saturday, November 5, 2016
Scheduled blocking of websites using cheap routers
Searching for how to block Facebook on a schedule, you can see how complicated it is. Actually, just blocking a site like this is complicated by itself because of the many IP's it could use.
You may want to block youtube, gaming and social time-wasting websites, but allow two hours of access in the evenings every day. The amount of IP's to deal with is phenomenal. Also, nowadays many sites use the https protocol so URL-based blocking won't work. Somebody set up a proxy server on an old laptop to filter the web contents, but both the installation and maintenance are troublesome.
I find the DNS based solution very simple. In DD-WRT, a line in the /tmp/hosts file can block the whole site:
10.0.0.1 www.youtube.com
where a non-reachable IP is assigned to the external website. So you just need two versions of the hosts file, and restart the DNS service dnsmasq after the file is changed. Then you need two scripts as cronjobs, for example:
0 22 * * * root sh /tmp/stop.sh
0 20 * * 1-4 root sh /tmp/go.sh
0 19 * * 0,5,6 root sh /tmp/go.sh
At 22:00 every day, youtube and others sites are blocked. On weekdays except for Friday, movie time starts at 20:00, but earlier on other days at 19:00. The schedule can be entered via GUI on the Administration > Management > Cron box.
The "root" prefix is the one thing that I hate developing anything for dd-wrt. Cookbook instructions are good enough for me. You need that to run the commands with root privilege, or it wouldn't work. Because of its limitations, it mostly does something different from Linux, even though the source codes have the same origin. There are full of landmines like this and the system can never be documented enough. Even if there are documents, the functions may not work on your build version because of different chipsets and manufacturers.
To modify the hosts files and 3-line scripts, save a startup script at the Administrations > Commands tab:
You may want to block youtube, gaming and social time-wasting websites, but allow two hours of access in the evenings every day. The amount of IP's to deal with is phenomenal. Also, nowadays many sites use the https protocol so URL-based blocking won't work. Somebody set up a proxy server on an old laptop to filter the web contents, but both the installation and maintenance are troublesome.
I find the DNS based solution very simple. In DD-WRT, a line in the /tmp/hosts file can block the whole site:
10.0.0.1 www.youtube.com
where a non-reachable IP is assigned to the external website. So you just need two versions of the hosts file, and restart the DNS service dnsmasq after the file is changed. Then you need two scripts as cronjobs, for example:
0 22 * * * root sh /tmp/stop.sh
0 20 * * 1-4 root sh /tmp/go.sh
0 19 * * 0,5,6 root sh /tmp/go.sh
At 22:00 every day, youtube and others sites are blocked. On weekdays except for Friday, movie time starts at 20:00, but earlier on other days at 19:00. The schedule can be entered via GUI on the Administration > Management > Cron box.
The "root" prefix is the one thing that I hate developing anything for dd-wrt. Cookbook instructions are good enough for me. You need that to run the commands with root privilege, or it wouldn't work. Because of its limitations, it mostly does something different from Linux, even though the source codes have the same origin. There are full of landmines like this and the system can never be documented enough. Even if there are documents, the functions may not work on your build version because of different chipsets and manufacturers.
To modify the hosts files and 3-line scripts, save a startup script at the Administrations > Commands tab:
cp /tmp/hosts /tmp/hosts.go echo "10.0.0.1 www.youtube.com">>/tmp/hosts cp /tmp/hosts /tmp/hosts.stop echo "cp /tmp/hosts.go /tmp/hosts"> /tmp/go.sh echo "stopservice dnsmasq" >> /tmp/go.sh echo "startservice dnsmasq" >> /tmp/go.sh echo "cp /tmp/hosts.stop /tmp/hosts" > /tmp/stop.sh echo "stopservice dnsmasq" >> /tmp/stop.sh echo "startservice dnsmasq" >> /tmp/stop.sh
Basically, it's adding one line per website on the hosts file to be blocked.
The blocking is not necessarily immediate because of the browser cache. My observation shows that the cache expires in a few minutes at most. That means if you have been watching youtube movies less than a few minutes when the blocking starts, you may still be able to access youtube for a few more minutes. Once you stop accessing youtube for a few minutes, you cannot access it again during blockage hours. I doubt if that makes a loophole. But this can easily be plugged by enforcing a total internet ban for a few minutes, for only those IP's assigned to kids.
Now, the blockage affects everybody using the router as the DNS nameserver. For adults, you can use public servers such as the google ones at 8.8.8.8. You have to do it on every adult machine. For the kids' machines, you can use the DD-WRT access restrictions to block port 53, so all DNS requests are rejected if they try to hack, forcing the default name server 192.168.1.1 to be used. To select the affected machines, only the IP range works on my version of DD-WRT.
MAC-based restrictions mostly don't work on my version. So I have to use Static Leases on the Services tab to assign IP's to machines by their MAC's. It should be noted that it is rather easy to change IP's on any machine to defeat blocking. A simple solution will be a script to police the lease table at regular intervals and send me an email if the same MAC has other IP's assigned. It would be rather painful to develop on the router but a lot less hassle using an old laptop with Linux installed.
I also use OpenDNS for the underlying web filter. It's about the only DNS filter that allows you to customize categories to block, to whitelist and blacklist. For example, I disable all search engines but whitelist Google. So I can concentrate on getting the SafeSearch mode working on Google. The same way I disable all video sharing sites but whitelist youtube, so I can concentrate on making the restricted mode work. The router is setup to allow these sites through. Once they are working fine, I can block each site with a line in the hosts file.
The other interesting approach I tried is to install a parallel DNS nameserver on an old laptop with Linux installed, on the same wifi network. It is trivial to install Dnsmasq and works in no time. You just need to point to that machine IP for the DNS nameserver. It's the same Dnsmasq on DD-WRT but on a more powerful machine, with lots of memory and hard disc space. More fancy things can be done but the blocking above can be done by two static hosts files, one on the router and one on the Linux machine. You just need to change the nameserver file at the router, for the request to either go straight to OpenDNS or via the Dnsmasq at the laptop. But you have to make sure that the hard drive is not constantly used. The /tmp directory in dd-wrt is a RAM drive.
0 22 * * * sh /tmp/stop.sh 0 20 * * 1,2,3,4 sh /tmp/go.sh 0 19 * * 0,5,6 sh /tmp/go.sh
Sunday, October 30, 2016
Best Web Content Filtering using a cheap WIFI Router
OpenDNS is great for web content filtering, but it cannot enforce safe search nor youtube restricted mode. Of course, you can disable all search engines and all video sites.
Google did provide a mechanism via DNS to enforce safe search and restricted mode on your network, which OpenDNS cannot implement. The solution is DD-WRT. You can buy a WIFI router with DD-WRT as the OEM software. Somebody sells routers preinstalled with it, or you can replace the OEM software yourself.
The router can be very cheap. You don't need to give up your current super duper routers. You just need one DD-WRT router to be the final gatekeeper to the internet. You just need fast switching and a higher bandwidth than your ISP link.
Inside DD-WRT, under the Services tab, you can add the following to the additional DNSMasq options:
address=/www.google.com/216.239.32.20
address=/www.youtube.com/216.239.38.120
address=/m.youtube.com/216.239.38.120
address=/youtubei.googleapis.com/216.239.38.120
address=/youtube.googleapis.com/216.239.38.120
address=/www.youtube-nocookie.com/216.239.38.120
That is all! Being DD-WRT, I would be very careful about extra spaces. The 1st line redirects to the IP of forcesafesearch.google.com. The rest are Google's instructions to redirect to the IP of restrict.youtube.com. You can also redirect to 216.239.38.119, the IP of restrictmoderate.youtube.com.
Google did provide a mechanism via DNS to enforce safe search and restricted mode on your network, which OpenDNS cannot implement. The solution is DD-WRT. You can buy a WIFI router with DD-WRT as the OEM software. Somebody sells routers preinstalled with it, or you can replace the OEM software yourself.
The router can be very cheap. You don't need to give up your current super duper routers. You just need one DD-WRT router to be the final gatekeeper to the internet. You just need fast switching and a higher bandwidth than your ISP link.
Inside DD-WRT, under the Services tab, you can add the following to the additional DNSMasq options:
address=/www.google.com/216.239.32.20
address=/www.youtube.com/216.239.38.120
address=/m.youtube.com/216.239.38.120
address=/youtubei.googleapis.com/216.239.38.120
address=/youtube.googleapis.com/216.239.38.120
address=/www.youtube-nocookie.com/216.239.38.120
That is all! Being DD-WRT, I would be very careful about extra spaces. The 1st line redirects to the IP of forcesafesearch.google.com. The rest are Google's instructions to redirect to the IP of restrict.youtube.com. You can also redirect to 216.239.38.119, the IP of restrictmoderate.youtube.com.
These settings are independent of OpenDNS, but much better with it. At the OpenDNS settings, you should disable search engines and video sharing. Then you whitelist, never block, just google and youtube:
forcesafesearch.google.com
google.com
youtube.com
Unfortunately, if your kids are smart enough to bypass the DNS on the router, you have to be smarter to disable their DNS request. In DD-WRT, it's under the Access Restrictions tab. You add a policy that filters out some services. You select dns under the Blocked Services section.
Under the list of clients, you should enter all phones, computers, and tablets that access the internet. You can use MAC's, IP's or range of IP's.
The most important warning for DD-WRT is that what you see may not all work! There are multiple underlying chipsets that are not compatible. The software is probably written and tested by very few people. In brief, buy a recommended model, and flash only the recommended DD-WRT version.
For my DD-WRT, access restrictions on MAC and IP all don't work. Only a range of IP's work. MAC's are unique for each machine but IP's can change with automatic assignments by DHCP. You can map MAC's to IP's in a central place under the Services tab, DHCP Server, Static Leases.
Enjoy!
Monday, May 30, 2016
Window Tint Removal Using Steam
I tinted the car window myself using the very popular Gila product. I did the windows in my home but car windows is a different animal. I did it badly but let it hanged on for a year. Because I thought it's difficult to take it out with glues on. I brought the Gila remover but it sat in the garage.
To save time and to not touching chemicals, I brought it to a tint shop. Because retinting it would take a few minutes for them for cheap. But the problem is, to remove the tint it could take up to 3 hours! It would be the worse case I suppose, with professionally installed tint with super duper glue. Since I didn't have 3 hours, I passed.
Luckily I consulted the internet. Steam is the word. It made a lot of sense. I already have a big steamer with a lot of accessories. I didn't even remember the capacity but I put in 1 L or 1 Q of water, the steam last for hours. Still I waited and waited for a suitable day. If I messed it up again like when I put the tint up, I would leave a lot of strange things on the windows and my kids won't want to ride in it.
But it was so darn easy. I should have watched the million view video. It is easier than that. I would think the DIY tints are easy. But I think his tint were professionally done. So I suppose all the glues are about the same.
My contribution: Open the car door widely and steam from an angle so all the steam goes out of the car. My steamer is professional grade. I use a pointed nozzle so it's all steamy even outdoors.
Open the window slightly and start steaming from the top. First, tape a plastic bag on the bottom of the window so water slides down onto the ground and not the door. Tape on the window so the tapes and the bag will go with the tint when it's removed.
My top edge is already peeling off so that's where I started. You may start from the corner if that comes out first, or like the guy in the video, make a cut in the middle so you have a corner of the tint to start with.
I point the steam from the top, aiming at the meeting point between the tint and the glass, while I pull the tint down. If you don't have a pointed nozzle, you may have to steam around the edge.
If the tint breaks up into two, you can carry on one side at a time. If the tint stays in one piece, you pull and steam at the same time one corner, then the other, then the middle. Pull gently all the time. If the tint is steamed enough, you will feel that it's easy to pull. And when you feel that it's harder and harder, steam more.
Never saw and had any problem with residue or glues.
It also depends on how the tint is installed. The instructions I got was to leave a lot of margins on the sides and the bottom. But that was killing my installation. I just couldn't get those margins into the sides and bottom of the window. And since I have an exact template of the window, I should have left a very thin margin. It's easy to go into the window frame and there will not be visible gaps.
Maybe next time I use static clint films.
To save time and to not touching chemicals, I brought it to a tint shop. Because retinting it would take a few minutes for them for cheap. But the problem is, to remove the tint it could take up to 3 hours! It would be the worse case I suppose, with professionally installed tint with super duper glue. Since I didn't have 3 hours, I passed.
Luckily I consulted the internet. Steam is the word. It made a lot of sense. I already have a big steamer with a lot of accessories. I didn't even remember the capacity but I put in 1 L or 1 Q of water, the steam last for hours. Still I waited and waited for a suitable day. If I messed it up again like when I put the tint up, I would leave a lot of strange things on the windows and my kids won't want to ride in it.
But it was so darn easy. I should have watched the million view video. It is easier than that. I would think the DIY tints are easy. But I think his tint were professionally done. So I suppose all the glues are about the same.
My contribution: Open the car door widely and steam from an angle so all the steam goes out of the car. My steamer is professional grade. I use a pointed nozzle so it's all steamy even outdoors.
Open the window slightly and start steaming from the top. First, tape a plastic bag on the bottom of the window so water slides down onto the ground and not the door. Tape on the window so the tapes and the bag will go with the tint when it's removed.
My top edge is already peeling off so that's where I started. You may start from the corner if that comes out first, or like the guy in the video, make a cut in the middle so you have a corner of the tint to start with.
I point the steam from the top, aiming at the meeting point between the tint and the glass, while I pull the tint down. If you don't have a pointed nozzle, you may have to steam around the edge.
If the tint breaks up into two, you can carry on one side at a time. If the tint stays in one piece, you pull and steam at the same time one corner, then the other, then the middle. Pull gently all the time. If the tint is steamed enough, you will feel that it's easy to pull. And when you feel that it's harder and harder, steam more.
Never saw and had any problem with residue or glues.
It also depends on how the tint is installed. The instructions I got was to leave a lot of margins on the sides and the bottom. But that was killing my installation. I just couldn't get those margins into the sides and bottom of the window. And since I have an exact template of the window, I should have left a very thin margin. It's easy to go into the window frame and there will not be visible gaps.
Maybe next time I use static clint films.
Subscribe to:
Posts (Atom)