General

General

iOS 9 and the Firebase REST API

By on Monday, November 2, 2015

I was playing around with the Firebase REST APIs when I encountered the following SSL error:

NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL...

After some research, I found out that iOS 9 enforces App Transport Security or ATS which, according to Apple, “enforces best practices in the secure connections between an app and its back end”.

But I am using secure connections! After further research I found out that problem with the Firebase servers, specifically the SSL ciphers they allow.

By default, apps use only a specific set of ciphers for SSL communications:

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

Setting the NSAppTransportSecurity option will include the following ciphers, which the Firebase servers do allow:

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA

Setting the NSAppTransportSecurity option entails adding the following into the app’s Info.plist:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>firebaseio.com</key>
        <dict>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
            <false/>
        </dict>
    </dict>
</dict>

DHE stands for Diffie-Hellman Exchange. ECDHE stands for Elliptic-Curve Diffie Hellman Exchange. They both offer forward secrecy but ECDHE is just faster. So the NSThirdPartyExceptionRequiresForwardSecrecy is a bit of a misnomer.

Now I wonder why Firebase doesn’t just add support for ECDHE?

More at StackOverflow.

0
General

FoneScan is Out!

By on Thursday, August 27, 2015

FoneScan is a simple and easy-to-use barcode scanning app for your iPhone or iPad:

  1. Create data file
  2. Scan items: capture code and count
  3. Manual entry or correction
  4. Export scanned data to CSV format and email
  5. Merge or update your master spreadsheet with the scanned data

Supports the following barcode types:

  1. QR Code
  2. Data Matrix
  3. UPC E
  4. UPC A
  5. EAN 8
  6. EAN 13
  7. Code 128
  8. Code 39
  9. ITF

Do check it out!

0
General

Reading A Vernier Caliper

By on Wednesday, August 26, 2015

vernier caliper - 1

I got a plastic vernier caliper for measuring watch parts. I got a plastic one because it’s (1) cheaper and (2) it will not scratch the watch.

A caliper is a device used to measure the distance between two opposite sides of an object. A vernier scale is a device that lets the user measure more precisely than could be done unaided when reading a uniformly-divided measurement scale (such as a ruler). A vernier caliper is therefore a caliper equipped with a vernier scale for precision measurements.

It has a main scale (in this case, in mm), a sliding vernier scale (in this case, with graduations that correspond to 0.05mm), inside jaws (upper, smaller jaws on picture) or the outside jaws (lower, bigger jaws on photo).

The inside jaws is for measuring the distance from inside of objects like lug widths (inside distance between the lugs of a watch). The outside jaws is used for measuring from outside of objects like length, width, height, case diameter, and lug-to-lug distance (distance between the tip of the top lugs to the tip of the bottom lugs).

Simply slide and position the jaws lightly on the object to be measured and read the scale. In this case, the “0” index on the vernier scale points a bit over 41mm on the main scale. How much is a bit over? Find the index on the vernier scale that lines up with the index on the main scale. In this case, it’s 2. Thus the distance is 41mm + 0.2mm or 41.2mm (with a ±0.05mm error).

That’s all there is to it :)

 

0
General

Orient Mako

By on Monday, June 22, 2015

Since the demise of my Suunto Observer, I’ve been looking on-and-off for a stainless steel watch that is more casual and less toolish than my Casio G-Shock. After a whole lot of research, I finally got an Orient Mako.

Heard of Orient? I haven’t until fairly recently. Orient is supposedly Japan’s largest manufacturer of mechanical watches. It was founded in 1950. Since 2001, it has been a subsidiary of Seiko Epson Corporation, one of three core companies of the Seiko Group. But it operates independently from Seiko Watch which is owned by Seiko Holdings, another core company of the Seiko Group. It has its own product line and manufactures its movements in-house. To me that means it is a serious watch maker instead of someone who designs the outer bits and just throws in someone else’s movements.

The Mako uses the Orient Cal. 46943 movement. It is a tried and tested automatic movement but it doesn’t have manual winding and hacking (stopping the seconds hand). However a few shakes is all it takes to get the watch started and you can approximate hacking by very slowly turning the  crown clockwise when adjusting the time. The movement also has day and date complications with quick set. The day is set is done via a pusher at 2 o’clock. The date is set the conventional way by pulling the crown further out and turning it.

The dial is a very deep metallic blue with a radial ray pattern. It is absolutely gorgeous to look at. On the upper half of the dial there’s an applied Orient logo and just below it is “Orient” and just below it “Automatic” in script. On the lower half, there’s “Water Resist” in script and just below it “200m”. It has big applied Arabic numerals at 6, 9, and 12 hours and rectangular indices for the remaining hours. All are chrome-outlined and lumed. The hour and minute sword hands are also chrome-outlined and lumed. The seconds hand is chromed with a red arrow tip. No lume this time.

The bezel is a deep blue and often appears black in dim lighting. It is unidirectional with 60 clicks. It has scalloping all around with slightly bigger scallops at the 5 minute mark and every 10 minutes onward. The scalloping appear to have been stamped instead of machined. Or maybe it was overpolished. Anyway, the result is that the scallop edges are smooth and makes it a bit harder to grip and turn the bezel.

The 41.5mm case is round and made of stainless steel. The sides and bottom are mirror polished while top is circular brushed. The face, unfortunately, is just mineral glass. The caseback has nicely detailed engravings including the Orient logo. The screw-down crown is big and easy to grip. It is signed with the Orient logo. The day pusher has a screw-down collar that prevents accidental pushing and changing of the day (and flooding if you were underwater).

The bracelet is stainless steel and based on the popular Oyster design. It has polished sides and brushed top and bottom. The links are solid (not folded) but the end links are not. Adjustment is done with split pins. The clasp is made of sheet steel. It has a triple locking design and signed on the outside with the Orient logo.

The overall look and feel of the watch is unmistakably that of a quintessential dive watch as heavily influenced by the (in)famous Rolex Submariner. But it is different enough to have its own identity and just as refined enough to be worn on a day to day basis and not just on dives.

But the best thing is that for all these good qualities, it is a quite a bargain at less than $200.

Rating: 5/5

 

0