Deliver liquidity, multiple ledgers at a time please

The low friction cost of Bitcoin is an appealing parts of its proposition. You can send bitcoins at a fraction of the cost of traditional payment platforms. Now that user interfaces are improving and supported by more secure technologies such as TEE the overall usability of Bitcoin as a payment platform begins to look more and more appealing.

But results are lagging. One of the main reasons that is grinding the Bitcoin dream to a halt is the volatility of the cryptocurrency. The lack of a fixed exchange rate with fiat currencies makes for an unattractive proposition where any user could suddenly pay x% more or less for a product or service. As a payment solution, Bitcoin is undoubtedly a great alternative. But since it’ll never be pegged to the Euro, Dollar or any other fiat currency it’s potential remains unfulfilled.

Distributed ledgers such as Ripple allow fiat currencies, backed by gateways, to exist on the ledger and be transacted as if it was a cryptocurrency. While this appears to be a great solutions the challenge now lies in how to transfer these fiat currencies from the Ripple ledger to another ledger, say the Ethereum blockchain. In short: You can’t. You’ll have to redeem the funds at the gateway where they were issued, wire them back to your bank account and deposit them with a different gateway.

For now the promise of frictionless payments via distributed ledgers can only be fulfilled when the funds reside on one distributed legder and remain there. This scenario is unlikely to sustain given the diversity of altcoins that already exist and the progress of many fintech companies to offer new services based on this frictionless promise. This is especially true for smart contract-based blockchains, whose utility accelerates as soon as both the funds and the contract can be stored and transacted.

If we want distributed ledgers to exchange value we’ll need to look beyond gateways that only transact value to and from a distributed ledger. Exchanges already fulfill a service where cryptocurrencies can be exchanged but when it comes to transacting with the real world, everything slows down to the same crawl we’re already used to. Ideally the right to redeem funds from a certain gateway can be transferred to another ledger (for example with a smart contract), otherwise gateways would have to act as a means of transfer and the cost of liquidity on a distributed ledger becomes as high as they are today.

Distributed ledgers hold a frictionless promise when it comes to volatile cryptocurrencies. Only once we’re able to transact fiat currency in between blockchains this promise can be fulfilled. If not we’ll just be stuck with a bunch of ledgers that can’t exchange real world value amongst each other, much like the system we use today.

The impact of Blockchain Technology on Financial Transaction Platforms

I recently finished my thesis with the above mentioned title. For those interested please have a look at it here:

Cisco VDSL config for ISP with RFC1483 bridging, DHCP and NAT

Telfort, a Dutch ISP, delivers VDSL connections using RFC1483 bridging. This is quite a different approach than the more common PPPoE setup. See below for an example.

First remove any ATM and Dialer interfaces you have defined, instead you use the Ethernet0 interface from the VDSL controller. Define a subinterface for the VLAN your ISP uses. In case of Telfort this is 34.

interface Ethernet0
no ip address
no shutdown
interface Ethernet0.34
encapsulation dot1Q 34
ip address dhcp
ip nat outside

On the subinterface you define that the IP address is requested through DHCP and with ip nat outside. Next apply the ip nat inside traffic on your internal interface, define your NAT rule and matching access list and you’re good to go. The default ip route is acquired via DHCP automatically.

interface Vlan1
ip address
ip nat inside
ip nat inside source list 101 interface Ethernet0.34 overload
access-list 101 permit ip any

Trimming .m4v files in QuickTime X with subtitles

When you trim a .m4v video in QuickTime X that has subtitles embedded (by using Handbrake for instance) you’ll run into a problem that Quicktime X Player will no longer recognize the subtitle stream. When you copy the .m4v file to an iPad the subtitles will work again but do no longer indicate their correct language.

Fortunately there’s an easy fix as the problem lies in the metadata. The simple Subler application allows you to edit this metadata and restore your subtitles. Here’s how the metadata of a trimmed file will look:

You can see how all streams are set to an unknown language. The problem lies in the “Alternate group” flag which is set to none. If you set this flag to “2” and save your file, all will be good. When you’re at it, set the correct language for the audio and subtitle stream as well so Quicktime can display them properly.

Mac OS X 10.7 experiences and incompatibilities

I’m currently running the GM version of Mac OS X 10.7 Lion and ran into a few things that I wanted to share with you.

First of all, Little Snitch 2.3.6 and Cisco AnyConnect 3.0.2 don’t work correctly with Lion. Little Snitch keeps respawning and never actually launches, it can be easily uninstalled using the uninstall option in the installer. If you want you can download a nightly build that solves these issues here (UPDATE: Little Snitch 2.4.1 is Lion compatible and available here). Cisco AnyConnect will authenticate but is unable to establish a connection and will produce an error message. If your life/salary depends on AnyConnect, refrain from installing Lion for now (UPDATE: see below).

Another piece of software that doesn’t survive the upgrade is the e.dentifier2 software from ANB Amro, you can safely download and reinstall it (here) and it will work correctly.

I hoped the archive option in Apple Mail would be compatible with GMail but unfortunately it is not. Google simply removes the “Inbox” tag from a message so it will only appear in the “All messages” box. Apple Mail creates a separate mailbox called “Archive” on the server and copies all mail in this location. I’ll keep looking for a better solution but for now I don’t see it.

The biggest thing is the reversed scrolling, it behaves now like the iPad and iPhone but you’re not working on an iPad so you keep messing it up. This will take me a while to get used to.

UPDATE: Cisco has released version 3.0.3 of the AnyConnect Secure Mobility client. This update unfortunately does not work with all gateways as it holds a certificate validation error and will sometimes not connect. The bug is filed with Cisco under ID CSCtr64798 and has a severity 2 status. In my experience it works fine if your router uses its self signed certificates. When using certificated signed by a CA your mileage my vary. There is a workaround available by importing the certificates to your local certification store. As of today (the 29th of July) Cisco states on their twitter feed that a fix is coming soon.

UPDATE 2: Cisco has issued a new update to their AnyConnect client that effectively solved the problems mentioned above. If you have a valid Cisco support contract you can grab it here. As mentioned in the comments the e.dentifier2 software from ABN Amro only works when Java is installed on Mac OS X. You can download Java for Lion here.

Cisco router configuration for a Tele2 VDSL connection

I got myself a Cisco 887V-W to replace the Comtrend modem that Tele2 ships with their 50 Mbit VDSL connection, once called Fiber Speed. Thanks goes out to Glazenbakje for a basic VDSL config that I could tweak to get it to work with Tele2.

I’d advise to upgrade to IOS 15.1T as it holds a newer ADSL firmware that does a better job calculating the attainable rate. If you connect your router and execute the sh controllers vdsl 0 command you’ll see something like this that indicates you have a VDSL carrier signal:

Modem Status: TC Sync (Showtime!)
DSL Config Mode: AUTO
Trained Mode: G.993.2 (VDSL2) Profile 17a
TC Mode: PTM
Selftest Result: 0x00
DELT configuration: disabled
DELT state: not running
Trellis: ON  ON
Line Attenuation:  0.0 dB  0.0 dB
Signal Attenuation:  0.0 dB  0.0 dB
Noise Margin:  6.2 dB  5.8 dB
Attainable Rate: 44884 kbits/s 5535 kbits/s
Actual Power: 14.2 dBm  1.4 dBm

And now for the basic config lines to get this going:

interface Ethernet0
no ip address
interface Ethernet0.32
encapsulation dot1Q 32
pppoe-client dial-pool-number 10
interface Vlan1
ip address
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452

interface Dialer 10
mtu 1492
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
no ip virtual-reassembly in
encapsulation ppp
ip route-cache policy
dialer pool 10
dialer string 555
dialer-group 10
ppp authentication chap callin
ppp chap hostname <username>
ppp chap password 0 <your decoded password>
no cdp enable
ip nat inside source list 101 interface Dialer10 overload
ip route Dialer10
access-list 101 permit ip any
dialer-list 10 protocol ip permit

Notes of interest: The VLAN ID that Tele2 uses for their internet connection is 32. They have different ID’s for i.e. the management connection to the modem but you don’t need those. They use CHAP for their PPPoE identification and I needed to use a dialer string with a random number to trigger the dial out.

In case you have any questions feel free to leave a comment and I’ll try to answer to the best of my ability.

Default IP address and enable password of a Cisco 887V-W ISR router

This will probably be the case for other Cisco routers as well but for reasons unknown Cisco has decided to set an enable password on this router. The usual guessing (cisco, Cisco etc) didn’t work out so I had to break out the console cable and recover it as it didn’t seem to be documented anywhere.

It it c. Yes that’s just that one letter. The ip address was