I hope this ant killing product works

I've been using these baits for about 2 months now.

It’s like an ant version of a subway car in there!

I’ve been using these Terro liquid ant baits for about 2 months now in an effort to kill off the queen in an ant colony that appears to have taken up residence somewhere in the apartment. The ants sure do seem to gobble this stuff up, but it hasn’t yet made too much of a dent in the overall problem.

I’m thankful that these are merely ants, rather than cockroaches, but it’s nevertheless quite disturbing having these things running around your home. Up until now they’ve been confined to the living room, but lately they seem to have discovered for the first time that I have a bedroom for them to invade as well. They also seem to have learned how to climb the walls and walk upside-down on the ceiling. This is the worst of their shenanigans by far because they’re not like geckos; they can only grip onto the ceiling for so long without falling. I’m always afraid they’ll land on my head or get into my clothes. Of course, if I think an ant has gotten into my clothes and I can’t find and kill the thing I won’t feel right until I take a shower and put on fresh clothes.

I just hope that this borax stuff will kill the queen soon so the rest of the little buggers leave or die off. The ants weren’t so bad while they were mostly staying on the living room floor. I don’t know if these climbers are a different species of ant, or if the original ants just got smarter, but once they get off the floor the ick factor increases dramatically. Why, just today after I finished eating lunch one darted out from beneath my bowl as I lifted it off the table to put it into the dishwasher. Naturally I’m now worried about the possibility that I’ve actually been eating ants. I’ve just started to find them crawling their way into my bed on occasion as well. All these ants are making me feel squeamish coming into contact with my own clothes, bed sheets, and other belongings. I feel like I’ve got to do laundry more frequently, too, since I’m changing my clothes and sheets all the time.

But, it’s not too bad, really. Of all the types of pests that can infest your home, ants are probably the least objectionable of all.

I bought this (almost) brand new 40 inch LCD TV for $78

I've had this Coby TFTV4028 TV for a few months now.

I’ve had this Coby TFTV4028 TV for a few months now.

Sometimes gambling on those “parts or not working” eBay auctions pays off. The damnedest thing is that, from what I gather, this was a store return. It’s still under warranty though, which means that even if it were broken, the original owner should have been able to get it repaired or replaced for free. He or she would have had no reason to sell it.

There’s not a single scratch on the screen at all. The only cosmetic imperfection is a scuff on the lower left corner of the bezel.

The TV does have an iffy power supply. It sometimes won’t come out of standby mode. If I take the back off the TV, unplug the motherboard from the power supply for a few seconds, and then plug it back in it usually starts working again and will last for weeks or longer as long as I leave the TV plugged in and don’t have any electrical outages. If it loses electricity for even a second, it’s likely to get stuck in standby mode again and I either have to leave it unplugged from the wall for anywhere from several hours to several days or unplug the motherboard from the power supply again to get it work. It’s not much of a problem though since I don’t plan on moving/unplugging it any time soon.

I have a lovely new desk and I am way more proud of it than I ought to be

This is a story of a teensy-weensy victory that has really put me in a good mood. I am way more proud of this than I ought to be because it’s really a very minor accomplishment that anybody with a small drill and the ability to read instructions can do, but these days even tiny little moments like these in which things all come together in a fulfilling way are very rare for me.

I always thought I had rather modest requirements for a computer desk, but it looks as though I was wrong. Ordinarily I’ve got the left side of my computer desk up against a wall with one computer partially underneath the left side of the desk, more or less up against the wall. Because of this setup, I always sit at the right side of the desk. That’s why I like to have the keyboard tray on the right side of my desk. Either that, or a keyboard tray that extends from one side of the desk all the way to the other side.

I had to replace my desk since it was ruined during Sandy. I thought it would be easy to find a desk with a keyboard tray on the right but it was surprisingly difficult. I found a few but none of them had any shelves or drawers or any other sort of storage space. I prefer a desk with either a couple of shelves or drawers to store cables and adapters and miscellaneous things like that.

I finally had the bright idea of buying a desk with storage features that I liked and then adding a keyboard tray myself. This was bold on my part, because I’m not someone you could ever call “handy”. I decided on the $99 IKEA Vallvik. It has shelves that you can choose to put either on the left or the right. It’s also just about the perfect width for a keyboard tray and it’s made of solid pine instead of that honeycomb stuff some IKEA products are made of, so I was pretty certain that the screws would hold in place well enough. Here’s the desk before I began my little project:
vallvik01

I had a look online at some ready-made keyboard trays but I didn’t like the idea that they wouldn’t run the full length between the shelves at the left and the right side of the desk. I wanted my keyboard tray to span that entire space. So I bought a set of 18-inch side-mount drawer slides (Fulterer 5000) and mounted them under the desk. I thought it was neat that these drawer slides come in different colors. I bought the black ones to match the desk.

If you're smart, you'll get a friend to help you install these.

If you’re smart, you’ll get a friend to help you install these.

I was super lazy and didn’t even remove the stuff from my desk while installing these. That didn’t turn out to be a problem, though it sure was difficult installing them alone. I ended up stacking a bunch of books on the floor to hold the slides up while I drilled some holes to screw the slides in. If I had somebody to hold the slides for me I would have finished in much less time and I wouldn’t have bumped my head on the underside of the desk nearly as many times as I did. The best way to do this would have actually been to disassemble the desk and lay the two side pieces in which the drawer slides get installed flat on a table.

The next step was to measure the distance my keyboard tray would need to be. According to the instructions for the drawer slides:

Check that the side clearance between drawer and cabinet side
is at least 12.7mm (1/2in.) on each side. Maximum allowable
clearance is 13.5mm (17/32 in.)

The distance from one side of the desk to the opposite was 28 inches. 28 inches minus two halves of an inch is 27 inches. So I got a board 27 inches long. The other two dimensions don’t matter too much as long as the board is not so wide that it doesn’t fit under the desk and not so thick that it looks silly.

So I got a board 27x18x1 inches. It was unfinished pine so it was a very light color, similar to the color of the table in the far left side of the first picture on this page. It would have looked lousy if I installed it as-is. So I got “Minwax Dark Walnut 2716” wood stain and a polyurethane finish. I followed the directions on the can and did 2 coats of the stain, allowing 4 hours drying time between each, followed by 2 coats of the finish, letting it dry 24 hours between each coat of finish. Now my board is a work of art.

vallvik03

All in all, it took 4 days of on-and-off staining, finishing, and drying before the board was ready for installation. I probably would have been just fine without waiting the full 24 hours for each coat of finish, but I wasn’t in any hurry so I was happy to wait.

Again, it would have been much easier to have somebody hold either the board or the slide while attaching the “drawer profile” pieces, but I managed to get it done myself with only a few minor splinters. Thank goodness I sanded that thing so well beforehand or else I might have bled to death.

The final result.

The final result.


You can see when I use the flash on the camera that the color doesn't match quite perfectly, but it's not noticeable under normal light conditions.

You can see when I use the flash on the camera that the color doesn’t match quite perfectly, but it’s barely noticeable under normal light conditions.

Extracting Wii save files from a BootMii NAND dump

My water-damaged Wii. Believe it or not, this image has a happy ending.

My water-damaged Wii. Believe it or not, this image has a happy ending.

So other than all my furniture and my apartment itself one of the various items that was destroyed in Hurricane Sandy was my Wii. Replacing the hardware is easy since a Wii is only about 60 to 70 USD these days and will presumably just continue to drop in price since the Wii U came out. The thing that’s impossible to replace is the save data. That’s why I wanted to see if there was some way of recovering my save data and copying it to my replacement Wii.

My Wii console, AV cables, and power brick were destroyed. My controllers and WiiMotes were in a box on a high shelf so they were fine. This includes a Gamecube controller, which I found out was necessary for this process.

My place was not safe to enter for months and still isn’t. That doesn’t mean that I didn’t have a chance to retrieve some stuff though. I took the Wii, placed it in some bubble wrap, and put it in a box that went straight to a storage facility along with everything else that was in the apartment.

It was just about a week ago that I had my first opportunity to see if it had been damaged. I disassembled it to check and found that it was absolutely covered in rust on the inside. I went ahead and tried cleaning it up a bit with cotton swabs and some alcohol and actually succeeded in getting it to boot. Unfortunately, I didn’t have a WiiMote with me at the time so I turned it off. That was the last time it ever boot normally.

Every time I tried to boot it afterwards it would show the green LED, the blue LED on the front panel would flash once, and the fan would spin up, but there would be no audio or video on the TV screen and no WiiMote would sync to it. The TV did detect a signal but the screen would just stay black.

Fortunately, I had Priiloader installed on it. I held the reset and power buttons at the same time to boot to Priiloader. I inserted an SD card prepared with Bootmii and used the option in Priiloader to launch Bootmii as IOS (since I hadn’t been able to install it as boot2 when I first got the Wii). I needed to use the Gamecube controller for this since no WiiMote would sync.

Once in Bootmii I made a NAND backup. It was from this backup that I was able to extract my saves. I used ShowMiiWads to extract the files from the nand.bin. I was then pointed in the right direction by this thread on WiiBrew. In the “title” directory of the extracted NAND dump there’s another directory called “00010000” with a bunch of directories inside containing the saves for each game. I copied all of these directories into a folder called “savegames” on the root of my SD card.

Once copied, I added “00010000” to the beginning of the name of each folder that I copied to the “savegames” folder. Then I moved the files inside the “data” and “content” folders into their respective parent directories.

For example: SDroot://savegames/00010000534e5445/

Inside the “00010000534e5445″ folder are the actual save files such as “save.dat” and “banner.bin”. I’m not sure if the “title.tmd” files from the “content” folders are necessary, but I put them in there anyway. This whole process of dragging and dropping was a bit of a pain in the neck because I had saves for something like 30 different games.

I then used Save Game Manager GX from this link on the Wii to install the save files from the SD card to the Wii. It took many attempts because I kept having to try different versions of the program since I kept getting one error or another. This is the one that worked for me. Of course, you do have to already have a save game on the Wii for each save you want to restore. So I just started up each game and made a save before trying to restore my saves from the old Wii.

Ultimately I was able to restore somewhere in the area of 200 gameplay hours worth of save data to my replacement Wii from the old one. It did take me a few hours of research and trial and error to figure out how to accomplish this, but I think it was worth it, especially considering that there’s nothing much to do around here while I wait for the co-op board to get off their asses and hire someone to do repair work. They won’t let us hire our own people. Pfttt…

For the record, I think the problem with the water-damaged Wii is that, though the motherboard itself is fine, either the Bluetooth module, the WiFi module, or both were damaged by the water. The DVD drive may also be bad. I read that a Wii will boot properly without a DVD drive, but it will refuse to boot if either the Bluetooth or WiFi module is damaged or missing. This means the system could actually be fixed if I replaced those two boards but I don’t think it’s worth it now that I have a replacement Wii and my save games so I’ll probably just see if I can sell it on eBay. The reason Priiloader worked, I suppose, is that it must load before the Wii checks to see if the BT or WiFi modules are damaged.

I wasted my entire stupid day troubleshooting this stupid Arris modem

So I’m living elsewhere temporarily while my apartment is being demolished. I’ll be here until it’s rebuilt. Who knows when that’ll be. But that’s not the point. The point is that I have Time Warner Cable here and I’ve had the chance to use Road Runner for an extended period of time now. I’ve used Road Runner at friends’ homes several times in the past and had opportunities to do speed tests and the like, but I’ve never had the chance to use it on my own terms, with my own computers and home network equipment. I’m very upset at somebody — I know not whom — about a grievous oversight in the instruction manual for the DOCSIS 3.0 modem/router TWC gave me. The trouble is that I don’t know who to blame. It’s an Arris TG862G. Frankly, I had never even heard of Arris before they gave me this thing. The installer, who mentioned, by the way, that he has FiOS at home, said that the device is both a modem and a router, but that TWC doesn’t let customers change the SSID or the passphrase on the network, so if a customer wants to change that information, he or she must use his or her own router. I didn’t really care, since I do have my own router and I figured I’d just have to live with a suboptimal home network split on two different subnets (192.168.0.xxx on the Arris router and 192.168.1.xxx on my router). I didn’t think I was able to have TWC put the Arris in bridge mode since the TWC connection is on the account of the owner of the place in which I’m living (though nobody else will be using the connection). I figured I’d either do the 2 subnet thing or I’d simply use my own router as a switch and actually use the Arris router as a router. I figured I’d decide once I logged into the web configuration pages on the Arris and saw what features it had. If they compared favorably with my own router I’d just go ahead and use the Arris and use my own router as a switch (I have a real 24-port switch, but it, along with most of my stuff, is in storage until the apartment is fixed)

Anyway, the reason I’m angry is because either Arris wrote bad instructions or TWC made a slightly modified firmware for the Arris modem with an annoying feature. The manual says you can access the web GUI at 192.168.0.1, which of course is similar to most routers. I connected my computer directly to the Arris via Ethernet cable with nothing else connected to the modem but the coax cable and the AC adapter. I set my computer to get an IP address automatically to rule out the possibility that some pre-existing configuration on my computer was causing problems. I typed in the address, waited… and it timed out. After trying all sorts of other combinations (10.0.0.1, 192.168.1.1, 192.168.1.100, 192.168.0.100, etc…) I finally figured out today (2 days of web searching later) that you can only access the web configuration GUI if you unplug the coaxial cable from the Arris modem first. If you have the coaxial cable plugged in and you try to access 192.168.0.1, it’ll just time out. The fact that this isn’t mentioned in the manual is a major oversight which caused me a huge pain in the neck. All I wanted to do was access the port forwarding settings page, which should be the simplest thing in the world but because I lacked this simple bit of information I had to go on a wild goose chase of searching through forums and support pages, none of which actually mentioned this. Hopefully posting this information will save somebody a bit of time configuring his or her Arris cable modem/router in the future. I just wish I knew whether it’s Arris that made this feature or if it was an adjustment that TWC does to the units they send to customers. I know that Comcast uses this same modem for some of their customers, so I’d be interested in learning if they also suffer from this “feature”.

P.S. The connection tests about 35Mbps/5Mbps to test sites in the NY/NJ area.

I rooted my Velocity Micro Cruz PS47 tablet

I rooted it!

I bought this tablet on a whim in “as-is” condition from the store of my all-time favourite ebay seller in the world since I’d had good experiences fixing broken items I’ve bought from the company in the past. I bought my laptop “as-is” from this particular company for some astonishingly low price when all that was needed was to replace the cable connecting the LCD to the motherboard. The screen itself was fine. I’ve got e-readers, game consoles, and other items from the two ebay shops this company runs that sell only “as-is” and broken items. All of them have ultimately turned out to be fixable for significantly less than the price of equivalent merchandise that’s not sold “as-is”. It’s a great little secret that I’m hesitant to even mention because now the two people who read this blog will become new competition in the auctions.

In any case, I’ve never owned an Android device before so I thought a $10 tablet was a good place to start. I thought a cheap tablet would be good for a noob like me. Boy howdy, was I sure wrong about that. The tablet was fine when I got it. It was missing the volume keys but that’s not really a problem because you can adjust the volume via the menus using the touch screen. It has a reset hole like old Macintosh computers for when it crashes. You can use a straightened paperclip to press it.

The documentation/support for the tablet is actually decent. The ADB drivers on the Velocity Cruz website actually work. The instructions, however, are incomplete. Although the correct hardware ID is listed in the driver inf file, nowhere does it mention that you must create the file C:\Users\yourname\.android\adb_usb.ini. Note that there’s a period before the name of the directory.

The correct vendor ID for the PS47 is 0x2396. You can verify this by going to Device Manager and clicking on Details and then choosing “Hardware Ids” from the drop-down menu:

If you haven’t yet installed the drivers, look for a device called rk2918sdk, right-click it and choose “update drivers”. Choose “Browse my computer for driver software”-> “Let me pick from a list of device drivers on my computer” -> remove the checkmark from “Show compatible hardware” -> click “Have disk” -> “Browse” and choose the “android_winusb.inf” downloaded from the Velocity Cruz website. Install it anyway if Windows warns you it’s not signed.

Nooo!

Anyway, once I figured out how to get ADB working I saw by running cat /proc/mounts that the /system partition is cramfs, which is not writable. That was why SuperOneClick and all those other “one-click” solutions failed. “Great”, thought I, “I’ve got a useless tablet now. It’s no use at all if you cannot write to /system”. But that’s not true, I’ve since realised. That was why even though I could get an ADB shell as root (as I’ve read is the case with most rk2918 tablets) the command “mount -o remount,rw -t cramfs /dev/block/mtdblock4 /system” still kept giving the error “read-only filesystem”.

I was on the verge of despair until I found this excellent website which explains how to dump your stock ROM, convert it to ext3, and then reflash it to your rk2918 device.

I wanted very much to try the guide but I couldn’t figure out how to get the PS47 into flash mode. The website is correct that you must hold the volume – (minus) button while plugging in the USB cable with the device powered off. I was just not persistent enough at first. Perhaps it’s because the only way I could hold the volume minus button was by using a paperclip, since the buttons themselves are missing on this unit. It ended up taking me about 20 attempts but eventually I got it into flash mode. The thing about flash mode though that’s confusing to a noob like me is that the screen doesn’t turn on on the PS47 when it’s in flash mode. It looks like it’s still turned off. So the only way to know if you’ve succeeded in getting into flash mode or not is to do what the website says and check the results of lsusb (or if you’re using Windows, something like USBDeview). I succeeded eventually though at getting into flash mode and went ahead and flashed the new ext3 image but I couldn’t get the tablet to boot afterwards. The tablet would just hang at the boot logo where it displays “Cruz”. I tried the whole guide again from the beginning but still no luck getting it to boot. I must have missed some additional file that needs to be edited, maybe in the boot.img. Luckily I was able to simply reflash my backup boot.img and system.img to get back to where I started.

Then I had the bright idea of doing everything the guide says except, instead of trying to make an ext3 system.img I would unpack the stock cramfs system.img, chmod 6755 on /system/bin/su, repack it as cramfs, and flash it to my device. This basically worked. I rebooted after flashing the new image, opened the terminal emulator app that I had installed earlier to confirm I wasn’t able to su, tried “su”ing and sure enough, it worked. I then ran “busybox whoami” and it told me what I wanted to hear: I was rooted. Superuser.apk works, too. So does ROM manager. Unfortunately, this hasn’t allowed me to use Google Play, as I had hoped. But that doesn’t really matter, I suppose.

So here’s the basic process I followed. Most of it is exactly the same as the guide posted on the rk2918 tools website minus the ext3 bit. There’s no need to modify the boot.img at all for what I did. I don’t know if it was actually necessary or not, but I did the whole thing as root on a computer running Ubuntu.

cd ~/rk2918tools
./dump_imgs.py stock_imgs
cp -a stock_imgs new_imgs
cd new_imgs
sudo cramfsck -x system system.img
#Add the su binary from http://androidsu.com/superuser/
wget http://downloads.androidsu.com/superuser/su-bin-3.0.3.2-efghi-signed.zip
sudo unzip su-bin-3.0.3.2-efghi-signed.zip system/bin/su
sudo chmod 6755 system/bin/su
sudo chmod 777 system
sudo chown root:root system
mkcramfs system system_new.img
cd ../
./img-manager.py write system system_new.img
#wait to see the message "Image written successfully"
./rkflashtool b

Update: I discovered that Google Market works if you put vending.apk in /system/app before building the system.img and follow this guide. However, even after doing so I still couldn’t install Chaos Rings. It tells me my device isn’t compatible, though it does occur to me that it might actually not be related to hardware but instead simply because Square Enix can see I’m trying to install it from the United States, not Japan.

My PS3 has had very bad luck indeed

I bought a box of individually packaged PS3 parts on eBay that the seller assured me were all from the same system. He or she explained in the auction description that the system suffered from the YLOD problem. Since I have a heat gun now and the price was even lower than the other YLOD systems on eBay due to it being already disassembled, I bought it.

A reflow fixed the YLOD for about a year. When I got the YLOD again the other day I tried doing another reflow with the heat gun. This is the same PS3 that I broke the USB ports on, so if I destroy it utterly, it’s no big loss to me. But sure enough, the second reflow did the job and it booted up and ran. I even left it alone to play gameplay videos in Dynasty Warriors for about an hour or two as a stress test and it was fine.

When I turned it on the next day, however, I immediately saw a warning about error 80010201. The light that should be green on the Ethernet port wouldn’t turn on. I figured I must have damaged the Ethernet port somehow during my clumsy YLOD fix. “No problem”, I say to myself, “I’ll just use WiFi”. So I scan for my network and get an error message that says something along the lines of “no access point detected”, although I forget the precise wording. I tried entering the SSID manually but it just got stuck when I did.

Although I didn’t notice it at the time, what should have tipped me off at that point was that Bluetooth wasn’t working. The battery in my controller was dead, so I connected by USB cable. I only realised later, after making things much worse, that Bluetooth wasn’t working.

After I read online that reinstalling or updating the firmware can sometimes fix these mysterious errors, I thought I would try re-installing kmeaw 3.55. As a precaution I was going to first install OFW 3.55 and then install kmeaw 3.55 afterwards. Unfortunately, at about 62 to 64% of the way through the flash every console owner’s worst nightmare happened: the flash failed with a cryptic error message.

The error I received was 8002f1f9. This was actually helpful, because other people had already done most of the work for me in figuring out more or less what it meant. I’m almost certain now that every single one of my problems was because the WiFi/Bluetooth daughterboard was not connected properly, though I did check about 10 times that the ribbon cable was firmly inserted and not visibly damaged. The only thing that made me wonder if perhaps something else was wrong in addition to the CWI-001 board was that the Ethernet didn’t work either. I’ve read, however, that this board also controls Ethernet network connections, despite what one might think.

Bearing in mind the possibility that the CW-001 board also controlled the Ethernet port, I bought a replacement on eBay. However, it occurred to me that it was possible that the board was fine but it was merely the ribbon cable that was damaged. The seller provided both the card and the ribbon cable for it so I did an experiment when it arrived. I put in the new board using the old cable and booted the system. It gave the same 8002f1f9 error message at about 62-64%. I then powered the system down, took out the new card and the old ribbon and inserted the new ribbon and the old card. The combination of new ribbon + old card worked and now I’m back on 3.55 kmeaw.

I’ve learned a few lessons from this experience. The most important, perhaps, is that error 8002f1f9 refers to a problem with the WiFi/Bluetooth daughterboard and that it is, indeed, this board that also controls the Ethernet port. The Ethernet port won’t work if you try to boot without the board connected. The green light won’t light up at all.

The second lesson is to be careful with the ribbon cables. This is the first time I’ve ever damaged one but I’m 99% certain this was the cause of all my problems. There was absolutely no visible damage to the ribbon, but it’s clear after testing it so many times that I must have damaged it somehow.

The final lesson that I’ve learned from my problem is that it taught me how to get a console out of an update loop, which means that merely failing to update the firmware won’t really “brick” a console as long as you can fix whatever caused the failure in the first place. The trouble with update loops, of course, is that since the firmware flash failed, every time the user boots the system it retries the installation which will never succeed until the hardware problem is solved. This means that you cannot access the recovery menu. According to a thread I read on the official Playstation forums of all places, if you install a hard drive in the system that is not PS3-formatted (i.e. any notebook HDD) you can get to the recovery menu even if the console had been stuck in an update loop prior. You can then hot-swap the drives by taking out the non-PS3 HDD and inserting the HDD you actually want to use with the PS3. It’s a bit frightening removing and then installing an HDD while the PS3 is powered on and running, but I gave it a shot before I figured out that the Wifi board was the culprit and discovered that this method works perfectly. It’s not enough to simply boot without any HDD installed because the PS3 won’t go to the recovery menu if there’s no HDD at all. It must be a non-PS3-formatted HDD.

But fuuuuckkkkkk… I really want to play Ni no Kuni. It’s not even an issue of not wanting to pay for games. I buy all my PS3 games. It’s just that I can’t update my firmware to play the games I legitimately purchase without forgoing CFW. I have a retail copy of Tales of Xillia that I still haven’t been able to play for this very reason. That’s also why I won’t buy Ni no Kuni until I either buy another PS3 or there emerges a new exploit. I don’t want to buy a TB dongle. If I were going to do that, I’d just buy a used PS3 slim incapable of being downgraded to 3.55 for slightly more than the price of the dongle instead and designate it my dedicated legit console. All options seem like a waste of money to me though at this juncture.

I’ve dumped Comodo

Haha, I just love this kid.

Comodo firewall is great if you like to micromanage every single process on your computer. Nothing slips past Comodo, seemingly even if you set the firewall to “disabled”. On the one hand, it’s a bit idiot-proof to the extent that it’s hard to accidentally disable the whole program by some mistake. On the other hand, I’m rarely able to get it to do exactly what I want. For example, just to get a simple P2P program working required making 4 non-intuitive application rules (one for port 80 for tracker announces, one for TCP in/out, one for UDP in/out, one to deny everything else) and a global rule. I also had to make these 5 new rules top priority or else they didn’t take effect. There’s a section for managing programs on an application-by-application basis so you’d think I could just point the firewall to P2P_program.exe and tell it something along the lines of “trust everything P2P_program tries to do; it’s safe” but that doesn’t work. Even the “allow all” setting doesn’t really allow all. You have to dig deep in the forums to figure out how to allow a single program access through the firewall on a single port or port range, as though this were some sort of uncommon task that only superusers need to know how to do. It’s not though. Whenever you install a program that needs relatively unfettered access to your Internet connection you need to let it through your firewall but there’s so much prerequisite knowledge needed to be able to do that in Comodo firewall that it can be extremely frustrating and time consuming. I should be able to choose a program, specify some ports and a direction (ie. IN/OUT) and be done with it. I shouldn’t have to mess with global rules, stealth port settings, and application-specific rules or be familiar with some arcane settings buried in an obscure “advanced” menu.

Comodo is not a bad firewall. Of course, I know nothing really about computer security, so even if it were a bad firewall I wouldn’t be qualified to judge. What I can say though is that Comodo makes it so difficult to actually allow a program to run normally that I may as well unplug my Ethernet cable for 100% security. The program is so secure that it makes it a real challenge to weaken it even slightly. A more user friendly approach is what I’m looking for, even if it may put me in a less secure environment than Comodo. I’d rather be put in a bit of danger by human error resulting from my own foolishness than do things safely but painstakingly with Comodo.

My other problem with Comodo though is cfp.exe, which unexpectedly jumps to 25% CPU utilization occasionally. I’ve read that this can be caused by conflict with another firewall or AV program but I don’t have another firewall and I’ve tried uninstalling my AV program Avast, with attention to meticulous detail including using CCleaner and the official Avast manual removal tool. I’ve also specified the entire “COMODO” directory to be excluded when Avast does virus scans. In the Defense+ settings of Comodo I’ve likewise specified all the Avast folders to be excluded. Neither of those ideas helped. The high CPU usage is not a reproducible reaction. It’s totally unpredictable and has no upside, which is what makes it so aggravating, unlike the strictness of the rules system which at least has the benefit of preventing me from doing something stupid. Sometimes I’ll simply be browsing the web without any P2P program open at all and cfp.exe will cripple my computer, sometimes for just a few minutes, sometimes for as much as a half an hour.

I didn’t want to use a commercial firewall as a replacement. I did a google search for “lightweight firewall” and came across PrivateFirewall. I’ve only been using it for about 30 minutes now but I already know how to make global rules, new application rules, how to trust an application completely, and how to make application rules that allow a program through the firewall only under certain conditions such as only via specific ports or only in one direction or the other. These are all things that were not satisfactorily covered in the Comodo help menus which meant I had to read countless threads on the Comodo forums before I could figure out how to do them and even then, my rules did not always work properly because I had missed some other minor setting that would render them ineffective.

I also like the PrivateFirewall taskbar icon of a friendly police officer.