Thursday, November 24, 2016

Dual-phone method for self hair cutting

Of all the youtube videos, I still couldn't find one that uses smartphones as a back side mirror. If you do not do this, you do not have a full straight backside view of your haircut. Without this view, many cuts are not feasible.

The good thing about the dual-phone method is that it's free; you just need to find two phones to use for the duration of your hair cut. Tape one to the wall or bathtub tile with the back camera facing out. Use the other like a handheld mirror.

The apps to use are two-way video chats like facetime, hangout or skype, in which you just need one side of it. What I actually use is IPCam to turn the phone on the wall into a webcam. On the handheld, I use Tinycam for the display. They work together and both free.

The alternative is a hinged three-piece mirror found on youtube, costing a silly amount of money. Of course, you can do it yourself but phones cost nothing and you need to do almost nothing. Of the 3 pieces of mirror, you only need the two side mirrors. They cannot be too small that you have to get very close with a limited view. With a smartphone cam, you can see at any angle you like. For Tinycam, if you double tap the screen, the image will zoom into the point of contact.

You do need two decent phones with decent wifi connections or else there will be a lag between the actions and the image on the handheld phone. Though it's not a big deal if you only want to see the result after some cutting.

I tried something similar many years ago. I used an old camcorder as the back camera, attached to a portable DVD player with video input. It sort of worked but you really need a tall tripod to mount the camcorder. It's a bit of trouble to hold the screen and you can knock out the whole system anytime. It's not possible to do it in the bathtub, my favourite place for the ease of cleaning.

I forget all about it because I developed my way of self-hair-cutting and has been using it for a couple of years now. First, you need Flowbee since it is what hair stylists do for the most part. Then, you need a Philips trimmer designed for self-hair-cutting.

The Flowbee allows you to cut all your hair to the same length, without which you have to do it approximately with two hands, having to mount or hang the handheld screen onto somewhere convenient. Some new stylists have trick clips to do it more precisely; you can do it blind with the clips. Flowbee is for short hairs from a quarter of an inch to several inches, more suitable for men. Though, it's as clumsy as a dinasour when the vacuum is attached.

The trimmer head of the Philips can be rotated at any angle, so you don't need to twist your arms to trim your back hair. It has all the attachments so you can fade and blend if you know how to. It has been a couple of years now and still works like new.

My tip to get a straight horizontal endge at the back is to use a strip of velco, the tough side, wrapping half the head at the back, attaching to a rubber band to wrap around the head from the front. Wear the velco band from the top of your head. Slip the band down to the hairline where you want to cut and then use the trimmer.




Saturday, November 5, 2016

Scheduled blocking of websites using cheap routers

Searching for how to block Facebook on a schedule, you can see how complicated it is. Actually, just blocking a site like this is complicated by itself because of the many IP's it could use.

You may want to block youtube, gaming and social time-wasting websites, but allow two hours of access in the evenings every day. The amount of IP's to deal with is phenomenal. Also, nowadays many sites use the https protocol so URL-based blocking won't work. Somebody set up a proxy server on an old laptop to filter the web contents, but both the installation and maintenance are troublesome.

I find the DNS based solution very simple. In DD-WRT, a line in the /tmp/hosts file can block the whole site:

10.0.0.1  www.youtube.com

where a non-reachable IP is assigned to the external website. So you just need two versions of the hosts file, and restart the DNS service dnsmasq after the file is changed. Then you need two scripts as cronjobs, for example:

0   22   *   *   *   root  sh /tmp/stop.sh
0   20  *   *   1-4  root sh /tmp/go.sh
0  19  *  *  0,5,6 root sh /tmp/go.sh

At 22:00 every day, youtube and others sites are blocked. On weekdays except  for Friday, movie time starts at 20:00, but earlier on other days at 19:00. The schedule can be entered via GUI on the Administration > Management > Cron box.

The "root" prefix is the one thing that I hate developing anything for dd-wrt. Cookbook instructions are good enough for me. You need that to run the commands with root privilege, or it wouldn't work. Because of its limitations, it mostly does something different from Linux, even though the source codes have the same origin. There are full of landmines like this and the system can never be documented enough. Even if there are documents, the functions may not work on your build version because of different chipsets and manufacturers.

To modify the hosts files and 3-line scripts, save a startup script at the Administrations > Commands tab:

cp /tmp/hosts /tmp/hosts.go
echo "10.0.0.1   www.youtube.com">>/tmp/hosts
cp /tmp/hosts /tmp/hosts.stop
echo "cp /tmp/hosts.go /tmp/hosts"> /tmp/go.sh
echo "stopservice dnsmasq" >> /tmp/go.sh
echo "startservice dnsmasq" >> /tmp/go.sh
echo "cp /tmp/hosts.stop /tmp/hosts" > /tmp/stop.sh
echo "stopservice dnsmasq" >> /tmp/stop.sh
echo "startservice dnsmasq" >> /tmp/stop.sh
Basically, it's adding one line per website on the hosts file to be blocked.

The blocking is not necessarily immediate because of the browser cache. My observation shows that the cache expires in a few minutes at most. That means if you have been watching youtube movies less than a few minutes when the blocking starts, you may still be able to access youtube for a few more minutes. Once you stop accessing youtube for a few minutes, you cannot access it again during blockage hours. I doubt if that makes a loophole. But this can easily be plugged by enforcing a total internet ban for a few minutes, for only those IP's assigned to kids.

Now, the blockage affects everybody using the router as the DNS nameserver. For adults, you can use public servers such as the google ones at 8.8.8.8. You have to do it on every adult machine. For the kids' machines, you can use the DD-WRT access restrictions to block port 53, so all DNS requests are rejected if they try to hack, forcing the default name server 192.168.1.1 to be used. To select the affected machines, only the IP range works on my version of DD-WRT.

MAC-based restrictions mostly don't work on my version. So I have to use Static Leases on the Services tab to assign IP's to machines by their MAC's. It should be noted that it is rather easy to change IP's on any machine to defeat blocking. A simple solution will be a script to police the lease table at regular intervals and send me an email if the same MAC has other IP's assigned. It would be rather painful to develop on the router but a lot less hassle using an old laptop with Linux installed.

I also use OpenDNS for the underlying web filter. It's about the only DNS filter that allows you to customize categories to block, to whitelist and blacklist. For example, I disable all search engines but whitelist Google. So I can concentrate on getting the SafeSearch mode working on Google. The same way I disable all video sharing sites but whitelist youtube, so I can concentrate on making the restricted mode work. The router is setup to allow these sites through. Once they are working fine, I can block each site with a line in the hosts file.

The other interesting approach I tried is to install a parallel DNS nameserver on an old laptop with Linux installed, on the same wifi network. It is trivial to install Dnsmasq and works in no time. You just need to point to that machine IP for the DNS nameserver. It's the same Dnsmasq on DD-WRT but on a more powerful machine, with lots of memory and hard disc space. More fancy things can be done but the blocking above can be done by two static hosts files, one on the router and one on the Linux machine. You just need to change the nameserver file at the router, for the request to either go straight to OpenDNS or via the Dnsmasq at the laptop. But you have to make sure that the hard drive is not constantly used. The /tmp directory in dd-wrt is a RAM drive.





0 22  *  *  *  sh /tmp/stop.sh
0 20 * * 1,2,3,4  sh /tmp/go.sh
0 19 * * 0,5,6 sh /tmp/go.sh