Big Bazaar’s ‘your money is gone in 15-day’ return policy November 8, 2008
Posted by
indus in : Web , 2comments
I was looking for a multi-region DVD player and hopped into Big Bazaar, a multi-brand chain store which sells everything from vegetables to LCD TV. The sales guy pitched me to a buy a Philips DVD Player stating that, “it will play everything!”. To my surprise there was no region code mentioned on the box packaging of the DVD player (Philip’s own deceptive packaging). As a skeptic, I asked that guy whether the item is returnable. Yes, he said.
Once unpackaged, the DVD player only played region 5 (India/Asia) DVDs; and not the ‘Region 1′ (US/Canada), a cache of which lugged from US.
Went back to Big Bazaar after 10 days, was able to return the item with a little play of words but to my surprise was a credit-note instead of the cash Rs. 3500, I paid. The credit note was okay as that may be a way to dissuade fraud. The fine line was that the credit note expires in 15 days from issue date. The money will evaporate if I don’t go back to the same store and spend it all. This is unfair. I’m planning to file a complaint with the ministry of consumer affairs on this practice. It may not be illegal from Biz Bazaar’s point of view as in India returning an item itself is a new concept!
There are a few things Big Bazaar should fix to avoid consumer complaints:
1. Issue a non-expiring credit note or make it 6 months/12 months to the least
2. Allow that credit-note to be encashed at all Big Bazaars and not just the specific store where the note was issued.
| 3.8 (2 people) |
Does SalesForce.com really locks your data? November 4, 2008
Posted byindus in : Web , add a comment
I love Zoho and what they have delivered as a product suite. SalesForce.com and Zoho have a bitter relationship after their failed talks of merging (Benioff made the offer which Zoho rejected)However, I disagree with Sridhar on one count in his latest post:
Since then, Salesforce has repeatedly tried to block customers from migrating to Zoho CRM, by telling them (falsely) that they cannot take their data out of Salesforce until their contract duration is over. We have emails from customers recounting this.
Isn’t that the natural tactic any sales guy plays to prevent customer migration? Migrating data out of SalesForce.com is one email away. Even if you are during trial period, they give you the complete dump of all the object as excel spreadsheet without a word.
| 3.4 |
Dr. Arvind Shenoy’s clinic just gets you in! October 31, 2008
Posted byindus in : bangalore, r2i , add a comment
In Bangalore since last 20 days and lots of ranting to do. Starting somewhere.
I had to take my young one to a pediatrician urgently on a Thursday evening. Someone mentioned Dr. Arvind Shenoy; he is the Head of Deptt. at Bangalore’s Manipal Hospital. I called up his private clinic (yeah, more on ‘private practice’ of docs in a later post), got an appointment. The lady, “Just come over, it is an hour wait for last-minute appointments.”
Once we checked in we were told that our turn would be after 2 and half hours, “The consultation is moving slow, sir”, quipped the reception.
| 3.4 |
Prevent SSH password attacks using denyhosts package September 10, 2008
Posted byindus in : Linux , 1 comment so far
When I saw this in my daily log report. I was like WTF! Script kiddies are having fun. Little bit of Googling and I installed the denyhosts package on Feodra Core 7. Here’s the step by step guide.
shell>yum install denyhosts
shell>/etc/init.d/denyhosts start
Most probably denyhosts is going to run on server restarts. However, make sure that’s the case by
shell>chkconfig denyhosts on
The denyhosts package watches the /var/log/secure log file at a fixed interval and then when it finds a match (like illegal login attempts, etc.) it adds an entry in the /etc/hosts.deny file. The /etc/hosts.deny file contains pairs of entries in network daemon, client ip (or hostname) format which looks like this:
daemon_name: X.Y.Z.W
After installing the denyhosts package, you can tweak the configuration by modifying the /etc/denyhosts.conf file. Here’s what I changed essentially
#Block the host after 3 failed attempts
#for non-existing logins
DENY_THRESHOLD_INVALID = 3
#Block the host after 5 failed
#attempts of existing logins
DENY_THRESHOLD_VALID = 5
#Block after 3 failed attempts for root login.
#Ideally, you should disable root login for ssh
DENY_THRESHOLD_ROOT = 3
#Good idea to capture the host name from IP
HOSTNAME_LOOKUP=YES
#I left this blank as we capture the
#reports via logwatch
ADMIN_EMAIL =
Here’s what my /etc/hosts.deny looked like after a few days
# DenyHosts: Sun Sep 7 06:00:08 2008 | sshd: 210.51.1.231
sshd: 210.51.1.231
# DenyHosts: Sun Sep 7 18:34:01 2008 | sshd: 117.36.50.66
sshd: 117.36.50.66
# DenyHosts: Mon Sep 8 05:05:04 2008 | sshd: 218.4.150.50
sshd: 218.4.150.50
# DenyHosts: Tue Sep 9 01:36:18 2008 | sshd: 12.174.168.124
sshd: 12.174.168.124
Don’t forget to restart denyhosts if you change the config file.
| 3.7 (1 person) |
deli.ciou.us vs. Delicious Toolbar buttons: Keeping logged in August 19, 2008
Posted byindus in : deli.cio.us , add a comment
Delicious launched a new version a few days ago. All good, new features, etc. etc. But, I liked it’s simple interface — just Tag the things you visit and save it for future use. What else is needed when you wanna bookmark.
The new IE7 Toolbar buttons are way too much — like recently visited links, and a lot of new features which I don’t necessarily need. So, I wanted to keep using the old toolbar buttons — but it won’t work! Everytime I try to bookmark a page, it will force an account sign-in for a new session 
Here’s how to keep using the old IE7 Toolbar buttons without the pesky sign-in:
- Install the new toolbar buttons on IE7 (the install process itself is quirky). Do not uninstall the old toolbar buttons
- Sign in to delicious.com using our account via the new IE7 buttons
- Hide the new buttons (forever)
- Keep using the old ones without any trouble
| 3.9 (2 people) |
Apache logs, Load Balancer and X-Forwarded-For August 13, 2008
Posted byindus in : apache, tips , 1 comment so far
In most normal configurations Apache’s web server logs look like this:
75.104.128.36 - - [13/Aug/2008:14:06:32 -0700] “GET /index.html HTTP/1.1″ 200 21279 “http://khaitan.org/” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.16) Gecko/20080702 Firefox/2.0.0.16″
This is achieved by using the following log format in the apache virtual host config, which looks like this:
%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-agent}i"
However, when you move apache behind a Load Balancer say F5 BigIP, the logs start showing the IP of the load balancer instead of the actual client IP. This may result to error in reporting viz. uniques, and other issues if your application relies on knowing the client IP. It is also possible that any geo based code may also stop working. There is an easy way to fix it.
Good news is that most of the modern load balancers already have a mechanism of sending the client IP. This is done by inserting an HTTP header X-Forwarded-For. It may look something like this: UA-CPU: x86
Accept-Encoding: gzip, deflate
X-Forwarded-For: 67.161.42.194
First, Make sure that your Load Balancer is sending the X-Forwarded-For header. Drop this small php file on your server which is behind the load balancer and make sure that the IP of the machine from where you are connecting to shows up in the header as shown above.
<?php
$headers = apache_request_headers();
foreach ($headers as $header => $value) {
echo "$header: $value
\n";
}
?>
If you do not see that header, change your load balancer settings (Google X-Forwarded-For for your specific load balancer) or better still call your Sys admin to do it for you.
Finally, modify your log directive in apache by replacing %h to %{X-Forwarded-For}i
%{X-Forwarded-For}i %l %u %t "%r" %>s %b "%{Referer}i" "%{User-agent}i"
| 3.9 (2 people) |
MySQL data sharding using Spock Proxy August 12, 2008
Posted byindus in : Mysql , 4comments
Yesterday at the Silicon valley MySQL Meetup, Frank of Spock.com talked about Spock Proxy. Spock Proxy is a fork of MySQL proxy which has been built to meet the data sharding needs of Spock.com, the people search engine.
Here are some highlights:
- Spock.com’s web interface is built on Rails and they use ActiveRecords as their O-R layer for MySQL data access
- Spock has around 1,000 web servers using Rails and they connect to MySQL slaves and masters using Spock Proxy
- Spock Proxy acts like a normal MySQL engine, except that it transparently talks to other MySQL servers. At spock they use 4 master and 4 slaves each having their own Spock Proxy.
- The Web servers each have one connection open to the Spock Proxy while the proxy may have 100s of pooled connections
- The Proxy tokenizes a SQL statement and figures out the target shard for the query. The query must have a shard_key. The shard_key is stored in a Universal DB which stores the dictionary of the partitioned tables, shard hostname/user/password, ranges and range for auto_incremented columns
- It currently supports only range based partitioning — while a lot of partitioning is done based on hashing, but should not be a big deal to change
- The current alpha version is very much suited to meet Spock’s internal needs, but I’m sure people will take this up to generalize
- Unsupported query constructs (like inner queries, group by, multi-table joins) may not throw exceptions. DDLs are also not supported
| 3.7 (1 person) |
Java Technologies at Yahoo! August 5, 2008
Posted byindus in : Java, Yahoo , add a comment
Yesterday, I attended a talk at SDForum presented by Dean Yu and Joshua Blatt of the Java platform team at Yahoo! The Java platform team centralizes the Java efforts for Yahoo’s non-open source efforts. I say non-open source as the platform team covers everything except things like Hadoop, etc. which are in the public domain.
Java as a technology is not native to Yahoo! The platform at Yahoo! was primarily C/C++ and PHP at the frontend (mostly). Java came through several acquisitions which were running Java stack, notably:
- 1998 Classic Games, Sprtasy
- 2002 Hotjobs
- 2003 Overture (Altavista)
- 2004 Kelkoo, Musimatch
Here are the raw bytes from the session:
- Tomcat + jboss efforts for securing them
- Mostly LAMP stack at Yahoo!
- Rate limiting using Apache modules
- Runs apache in multiple process mode
- Y! data streams for keeping application specific stores and pushing data around (Yahoo’s proprietary message bus like implementation)
- Integration using JNI to C++ code using Swig for wrapper generation
- All security related code is in C++; helps maintain a single language code-base. Hence, wide JNI use from app tier
- Uses IPC Bridge for coarse grained calls to non-thread safe libraries (JNI has multi-threading issues)
- Group dedicated to creating JNI wrappers of native code
- JNI performance FUD
- Java to Native C++ code via JNI < 20 nano seconds (Cool!) compare this with Java to Java < 1 nano seconds. Big difference but nano seconds compared to network latencies of seconds
- String functions to native code via JNI take > 3ms coz of UTF-16 to UTF-8 character conversion issues
- JNI Multi-threading issues are solved by IPC bridge shared memory and TCP over loopback
- JSVC Apache commons daemon for loading privileged data during Tomcat startup and then running in low privilege mode
- Like Multi-process Apache, a new architecture for multi-process Tomcat being baked
- Software project management using Maven (Maven — awww!)
- Automatic builds using Cruise control and Hudson
- RPM-based software deployment to 100s of nodes
| 3.7 (1 person) |
Twitter should count out @replies and @user from status text July 17, 2008
Posted byindus in : twitter , add a comment
Twitter messages are limited to 140 bytes (not characters, if you are multi-byte speaker!). However, a lot of messages now carry the usernames, either for @replies or for simply refering to @user in the message. As the twitter userbase grows, people would start running out of shorter names like @t, @ev or @1ndus and eventually go the email route having_my_long_name@emailhost.com.
The day is not far when twitter screen names would @mylongname2008. This one takes 10% of the text from 140 available.
At the minimal twitter should count out the @replies and @user from the 140 characters and make that part of the meta-data.
The API can handle this transparently, It just requires adding a new field called to-user-screen-name in the API. The API already has all the information for the sender ids, sender screen names, reply-to-user-id, user-id, etc.
| 3.9 (3 people) |
WordPress inching towards full CMS capabilities July 14, 2008
Posted byindus in : Web, WordPress , add a comment
Matt announced WordPress 2.6. Features include:
- Version Control: Wiki like tracking of edits
- Google gears compatibility
- Theme previews — was much needed for experimentation!
- Plugin update notification bubble
- SSL Support and other security enhancements
- Word count
- Easter egg (Matt has quashed the rumours)
| 3.9 (2 people) |
