Open Source Peddling

I am fan of free software. Heck, I make quite a few of free programs myself. That is why it pains me to see what is happening last few years with it - malware, malware, everywhere!

For example take CamStudio, once a decent screen recording program. I’ve downloaded my setup from www.camstudio.org and everything seemed legit. Until I was offered was Search Offer powered by Bing during setup - I of course declined. After that I was offered ByteFence (which ironically promises protection against malware) and Yahoo powered search. Yes, the same install offers both Bing and Yahoo powered search. I declined them both. Guess what, it tried to install Search Offer regardless.

I found this slightly unnerving so I removed all traces of it and checked for the source code. I did find it on SourceForge after a bit of googling (camstudio.org doesn’t offer a link toward it). Installer found there was actually without malware (as far as I could see) but it was also unsigned and more than 10 times the size (11 MB vs 1 MB).

So, on one side we have install downloaded from SourceForge, 11 MB in size and unsigned. On other side we have 1 MB setup digitally signed by Path Quality (Alpha Criteria Ltd.). Which one looks more official? Yes, a search for Alpha Criteria Ltd. will show its malware roots but I still find it disturbing that such shady figures actually have a valid digital signature.

There is a real danger in someone taking your installer and making setup with malware. You cannot really do anything about that. But this is not the case here. Not only that camstudio.org is officially looking, with forum and everything, but also you can see that Nick Smith is one registering domain. Going to SourceForge pages, you can also find Nick Smith there as one of the main contributors.

What we have here is one of, possibly rogue, developer intentionally packing malware into product’s setup for profit.

This is something I have noticed for a while now. Freeware programs (regardless if open source or not) have been having more and more aggressive and misleading ads in recent years. Every time I go to download something I need to figure which link is actual download and which ones are “download” links designed to click-bait you into ad. It is a shitty and misleading practice but at least it only wastes your time. Packing malware into what amounts to officially looking software package on the officially looking pages, is another, more devious approach.

Realistically, you will not earn money on freeware. If you expect open source to get you some quick money, you are an idiot. Building open source and/or freeware software is something you should do for enjoyment and because you have an itch to scratch. You might not get money out of it but it will provide great learning experience, it will get your name out there, and possibly you might even get a tangible benefit out of it.

Or go the money route and make application for sale - there is nothing bad with that. For example, developers of Bandicam, also a screen recording program, decided to charge for their software. That is an honest approach.

Earning money by incorporating malware into your freeware application is not only dishonest but deserving of its own circle in hell.

Bimil 1.30

Here is another small update for my password manager Bimil.

A single major feature for this release is local QR code generation for two-factor key. Up to now, if you wanted to use Authenticator or similar application, Bimil would use QR Code Generator API. While they do use HTTPS and they claim not to record keys, sending this information over the Internet was a security issue in my mind. As of this version, QR code is generated within application without any external components.

Other notable change is allowing timeouts to be configurable. While I do like timeout functionality, not everybody does and now it can be turned off or adjusted.

As always, feel free to download the latest release.

Kindle Oasis

First thing you will notice as you open Kindle Oasis is how small it looks. On a first glance one would tell it has smaller screen than previous Kindles. However, it is all an illusion as screen is well known and lowed 6" diagonal.

I find screen as good as one on Kindle Voyage and, although Amazon claims Oasis’ is better, I cannot say anything bad about the either. My eyes see no significant difference between them. Curiously Oasis abandoned ambient-controlled backlight present on Voyage and I can only say good riddance.

After a long time we finally have physical buttons back. I don’t find them as enjoyable as ones on grandpa Kindle 2 but they are better than press-buttons on Kindle Voyage. Unfortunately there is no way to turn off swipe gestures on the touch screen so accidental page turns are still possible.

It took a while but we finally have a Kindle suitable for lefties among us. As device is mostly symmetric, simple rotation will make it fit in your left hand as comfortable as it was in the right. Even better, it will auto-rotate screen as soon as you do it. Only drawback is that suddenly power button is on the bottom and not possible to press using left hand. It is a minor thing and completely ignorable if you keep cover on and rely on auto-wake.

One of the more important things about any Kindle for me is how it fits and here Oasis is perfect. A slight tapering on the back leaves just enough place for the tip of your fingers to grab and rubbery material they are using makes holding it really comfortable. Unfortunately, that all goes away as soon as you put the cover.

With the cover on, Oasis becomes a bit unwieldy for me. I struggle to hold it both securely and comfortable for any longer duration as nice resting place for my fingers is suddenly displaced by a step requiring me to essentially keep my fingers straight. I found myself simply removing cover for any longer reading. Someone with smaller hands might not have these issues.

Cover itself is beautifully looking but thinness of leather doesn’t really instill much faith it will age well. As it is slightly thicker than Oasis itself, it sort-of seems as an afterthought and a way to offset small capacity of the main battery. It does that reasonably well as I can definitely say it outlasts both Voyage and Paperwhite.

All said, I find Oasis a beautiful albeit expensive device. I believe Kindle Paperwhite is a great benchmark for enjoyable reading and I wouldn’t be dreadfully punished if it was only device I could use. Voyage enhances that experience and Oasis brings it near to the perfection. But, as always, the great enjoyment comes at a great cost.

Bimil 1.20

Here is a small update for my password manager Bimil.

This release is mostly about fixing and adjusting behavior of the start screen. For example, now missing files can be removed once you try to open them and I’ve fixed crashing when there is no previously loaded files.

Search is refactored a bit to better match items within category and Bimil will auto-close if you leave it unattended for a while.

Feel free to download latest release.

Anytone AT-3318UV-D

After my Baofeng UV-82HP got banged a bit, I needed a new radio. By pure accident I’ve stumbled upon wouxun.us pages with a wide selection of Anytone radios. Loving airports and all related, I’ve got tickled by built-in AM band immediately. So I decided to go for dual-band Anytone AT-3318UV-D.

First thing I’ve noticed is that radio is much smaller than Baofeng even though it comes in bigger box. Contents are pretty much same: radio, antenna, battery, belt clip, charger, and DC adapter. Anytone additionally has lanyard while Baofeng goes an extra mile and includes a headset.

Anytone looks a bit sturdier than Baofeng, probably due to a smaller build, but I find them comparable as neither is really meant for rough handling. Battery and clip mounting are done much better on Baofeng where I found battery was impossible to remove by accident. Anytone doesn’t instill the same confidence. Further they’ve decided to mount clip on the battery instead of phone body. I find this rather weird and annoying, especially in light of having multiple batteries - each having its own clip ensures you cannot store them easily.

Chargers look equally flimsy and both have possibility to charge battery without the phone. Annoyingly Baofeng uses 10 V as input voltage and thus makes it hard to find a replacement adapter. It did work with 9 V for me but your mileage might vary. Anytone uses pretty much standard 12 V for its chargers and thus earns mega points from me.

Keypad on both uses standard 3x4 numerical layout with additional top row being used for various functions. Main Anytone advantage is having back-lit keys. If you often work in low-light situations this is awesome. On other hand its center number column is wider than ones on side, just showing it is impossible to have a standard keypad without designers screwing around at least a bit.

Baofeng has a dual PTT key, FM radio, and flashlight control on side while Anytone has a single PTT and two programmable buttons with limited function selection. I like having one of them dedicated to momentary squelch off and I prefer leaving the other one unassigned. While I was tempted to assign it as PTT for secondary channel, I rarely used that functionality on Baofeng and what I really missed was a key that does nothing except turning on the display backlight. If you leave it unassigned that is exactly what you get.

Top on Baofeng has power/volume knob and flashlight along with a handy lights showing which channel you are receiving signal from. Anytone has the same power/volume know and additionally brings another knob for rotary channel selection - that works beautifully. It is a bit strange decision to have only single receive LED (in two colors) when you can really simultaneously receive signal from two bands but I so rarely use this (or even see it in daylight) that I don’t really care. Although flashlight wasn’t really strong with Baofeng it did come in handy couple of times. No such thing on Anytone.

Specification-wise, advantage in power should go to Baofeng as it has stronger 8 W radio. However, Anytone pretty much held its own on both receive and transmit side. All repetitors I’ve used with one I could listen to with other and I had similar experience on transmit side. As my Baofeng was already damaged at the time, I cannot draw any finite conclusions but difference in performance is small if there is any.

Both support dual-band operation (136-174 MHz, 400-520 MHz) with Anytone having dual-transceiver instead of the more common dual-watch. Regardless, most of the time both worked equally good for me but for the Anytone allowing scanning and holding a conversation at the same time. It definitely offers a greater flexibility especially combined with MUCH faster scanning Anytone offers. Cherry on the top is possibility to scan CTCSS/DCS tones too - a function I haven’t noticed present on Baofeng. Although with Baofeng’s complicated menu system one can never know where everything is.

Speaking of the menu system, Anytone is a first Chinese radio I’ve used that actually has interface meant for humans. Options reachable directly from keypad are reasonably well selected and menu is good enough that you probably won’t need instructions even if you try to program all channels by hand. Setting up channel purely from handset is something that is impossible to do on Baofeng. Yes, option is technically there but it is really painful to use. Only Baofeng advantage here is allowing for seven characters in channel name instead of Anyone’s six.

Saving grace for Baofeng is Chirp. It is an open-source solution allowing for reasonably comfortable memory programming of multiple devices, including pretty much all Baofeng models. Anytone has its own solution that works badly to say the least. Yes, technically all settings are there but it is hard to say anything good about the interface not allowing for Copy/Paste. Anytone needs Chirp support and it needs it soon.

Both Anytone and Baofeng support FM broadcast band (65-108 MHz) but Anytone actually comes on top courtesy of allowing you to save channels in memory. How this is not supported on Baofeng is beyond me. Anytone additionally offers receive on AM aircraft band (118-136 MHz) strangely hidden behind the FM key. If you are next to a big airport, this one is a gem. Yes, I know you can listen to tower control online, but it is not the same.

Anytone goes even further with support for both shortwave (2.3-30 MHz) and longwave (520-1710 kHz) AM band. This is of limited use as not only antenna it comes with is completely unsuitable but these bands rarely have anything of interest. Yes, one might argue that Anytone’s definition of longwave actually also contains frequencies most commonly known as mediumwave where commercial AM stations live, but it will be a sad day when you actually go hunting for those.

This comparison might not be completely fair as Baofeng UV-82HP is only $60 while Anytone is about three time as much so I struggle to unconditionally recommend it. I find Anytone is the better radio by far but Baofeng will bring you 90% of the way. Best example is Anytone supporting proper narrow band FM. Yes, if other side is transmitting such signal you can often hear the difference as compared to Baofeng. But, guess what, most of the time everybody just uses 25 kHz FM anyhow.

On the other hand, Anytone is much more enjoyable to use as compared to Baofeng. I find it infinitely better when I am away from computer and I cannot get frequencies of repeaters in the area in advance. Not only you can quickly scan around to see which frequencies are in use but you can scan for CTCSS code they use and join the chat. And let’s not forget backlit keys and the awesome aircraft AM band.

PS: Do notice that author of this article is beginner ham at best. I find both devices are appropriate for such - these are not fancy radios nor you should expect wonders for this price.