Monday, November 30, 2020

My first week with Circle (1st Gen) on Netgear

 So Circle sent me a cheery email about my "first week with Circle!".  

However, it feels like a lot longer than a week, and I haven't exactly felt cheerful.

Yes, OK, my setup is unconventional.  It's likely the source of many of my issues. 

But, in the last week:

•  I've found that Circle is not logging Usage or History, and does not enforce time limits.

•  Circle is not filtering correctly. 

•  It is unclear if it is enforcing SafeSearch.  It seems to be, but it's hard to tell.

•  Rewards are limited to the current day.  You can set "Extend/No Time Limit", "Late/No Bedtime", or "No Offtimes".  You cannot set an increased amount of time for future days.

•  Circle notifies you of new devices appearing on the network, but tapping the notification just makes the Circle app hang.  This is obviously different behavior from every other app out there.

•  The Circle 1st Gen app has forgotten my premium subscription twice, forcing me to unsubscribe, uninstall the app, reinstall, and resubscribe.  Twice.

•  The first time, Circle forgot ALL of my setup, and I had to re-enter every single device, profile and setting.  It seems backup is not automatic; rather, you have to manually back up the 1st Gen app.  I didn't realize this since Circle touts their cloud-based accounts as crash-proof and the backup option is buried at the bottom of the "Manage" menu.

•  Backups appear to be local to the mobile device running the Circle app.

•  The second time 'round, the app asked me for a passcode, but couldn't send it to me, making it useless.  I had to change DNS settings in my primary router to get it to work.

•  When I did get the passcode, it wouldn't validate.

•  For some dumb reason, the passcode is not available in the router UI, nor can it be sent via email.  And it seems to change, meaning you can't just write it down for future reference.

•  After reconfiguration, everything connected except for Chromebooks.  Rebooting and changing DNS on the Chromebooks didn't help.  It took a reboot of the Circle router itself to fix the Chromebooks, which was not obvious.

•  Circle no longer supports the Circle Go app for 1st Gen, meaning there is no parental control off of the local Circle Wi-Fi.

From this, about the only thing that works properly are time-based schedules (Bedtime, Off Time, and Rewards thereto), and Pause.  Everything else seems broken.

Again, my setup is weird, and probably unsupported, and I freely admit that many of my troubles are caused by this.  But even when it's working, the limited Rewards, broken core functionality, and constant forgetting of premium features has driven me nearly to the breaking point.

I may bite the bullet and get a Circle Home Plus (2nd Gen) device, and use it as intended - that is, directly attached to my primary router.  But after perusing the Netgear support forums, I'm not hopeful that it will actually do what it's supposed to do.  

Plus, I'm anticipating my router to be smart enough to prevent the ARP poisoning used by Circle.  And I'm quite frankly sick of troubleshooting this thing.


Monday, November 23, 2020

How to set up a separate network for your kids that uses the Circle by Disney or Circle Home Plus

Update: Several of the features of Circle, such as filtering, usage tracking and time limits are not working.  As many others have reported similar issues, I don't know if this is a result of me setting it up as a second router or not.

I bought a used router that - unexpectedly - had the Circle parental control functions built-in.  I wanted Circle anyway, so it was a bit of luck.  But it wasn't exactly obvious how to set it up.

 

Problem:  You want to set up a Circle network without having all your devices on it.  Or: you want a separate network for your kids, managed by Circle.

Reason: 

•  You're worried about the Circle slowing down your network.  

•  The Circle is easier to set up with only a few devices connected to it.

•  You just don't like the idea of ARP spoofing your entire network. 

•  You have extra hardware lying around, may as well use it.

•  You want a hardware off button for your kids internet access.

•  It just seems easier.


Easy options:

1.  Router with Circle (Gen 1) built-in.

Pros:  Cheap, easy setup, only one additional device.

Cons:  Off-network / location app discontinued, so no management off-network and no location function; at-home management only.  Gen 1 may not be supported for too much longer (although Netgear seems to think it will stick around).

2.  Second router with stand-alone Circle device.

Pros:  Supports Circle Home Plus (Gen 2), meaning newer features (off-network / roaming device control, location) work. 

Cons:  You need to buy a stand-alone Circle device, at additional cost.  Using two routers in sequence is very much not recommended, meaning you will not find any support.

 

Note that (1), above, seemed an easy and obvious solution at the time, but it's not.  It is actually really hard to get a second router to play nice with the first router.

For these reasons, I actually recommend you go with either (2), above, or a "standard" single router with an attached Circle Home Plus, rather than trying to set up a second router for Circle functions.

However, this might be useful for someone wanting to try out Circle, or for those that want Circle separate from their "regular" network.


Circle-Enabled Router

The below is only a summary, and assumes you know how to access/configure a router.   

Unfortunately, you do need to leave the Circle router in "router mode".  Setting it to be an access point, bridge or repeater will disable the parental controls, making it a pointless exercise.  

This leaves us with cascading two routers, which is (again) not recommended.

 

Steps:

a.  Go buy a second-hand Netgear router with Circle (1st Gen) built in.  (An R7000 / AC1900 should cost around $40.)

b.   IP address:  this is a tough one.

All internet advice says to set it to a unique static IP address on the same network (i.e. 192.168.1.2).  However, there have been reports that Netgear routers not accept an address intended for internal LAN (such as 192.168.x.x, 10.0.x.x, and 169.254.x.x) as a staticWAN address, so this may not work.

From this, if in doubt, use a dynamic IP for the second router.  The Circle router should accept whatever address is handed out via DHCP.

c.  DHCP: also a tough one.

All internet advice says to turn off DHCP on your second router.  But this doesn't seem to work in this scenario.  So you may need to leave DHCP on.

d.  Assign the Wi-Fi network(s) unique SSIDs.

e.  Plug the WAN port of the new router into a LAN port on the old router.

f.  Access the new router from a mobile device:

  •  Connect the mobile to the Wi-Fi SSID of the new router

  •  Access it using http://www.routerlogin.net

g.  Enable "Parental Controls".  (The top one, not the bottom one.)

h.  Hit "Apply".

i.  Hit the link for app download / account setup.  (Note: this will NOT work from a PC, hence the need to do steps (e) onward from a mobile.)

j.  Install the Circle (Gen 1 / First Gen) app.

k.  Run the app, sign up.  

l.  Sign up for the free plan.

m.  Connect a te2 device to the new router and make sure it all works.

The above worked for me on a Nighthawk R7000 with Circle built-in.  

 

Notes:

•  I did have problems accessing the router consistently.  Changing the IP address made it inaccessible a couple of times.

•  My router appears to be weird, in that I (usually ) can't log in to the router via the direct IP address (i.e. 192.168.1.2).  Instead, I have to connect to the router Wi-Fi, then go to http://www.routerlogin.net.

•   Part of the access problem is that when you plug the Circle router into your old router, you are using the WAN port.  

This means access requests come from the WAN side. not the LAN side.  This falls under "Remote Management" (i.e. access by the outside world), which is disabled by default.

To enable, go to Advanced / Advanced Setup / Web Services Management.  The correct access URL will be 192.168.1.xxx:8443, or something like that.  The correct port will be shown on the router page.

•  If you leave DHCP on, the router should start issuing new IP addresses for a different network (i.e. 10.0.0.x).  

This seems to work fine, but will mean devices in the original network space (i.e. 192.168.x.x) will no longer be visible >by name< to the Circle-managed devices.  They should still be accessible by IP address.

•  You can also (obviously) turn off the built-in Circle (Gen 1) hardware and plug in a Circle Home Plus (Gen 2) device any time you want to. So there is an upgrade path.


The below steps I've not personally tried, but hopefully they will work.

 

Circle by Disney or Circle Home Plus (stand-alone devices)

a.  Buy or use any compatible router (list is here), provided it has an access point (AP) mode built-in.

b.  Set up the router as a wireless access point (WAP), with a unique SSID.  (Do not use the existing SSID from your existing router!)

c.  Optionally, configure the router with a unique IP address (i.e. 192.168.1.2).

d.  Plug the WAN port of the new router into a LAN port of your existing router.  Make sure it works.

e.  Set up the Circle Home Plus per the manufacturer's instructions.  Associate it with the new SSID from the new router.

This setup should set up the Circle to manage only devices connected to the SSID of the second router.



Sunday, November 15, 2020

My experience with ExpressVPN

 TL;DR:  It's not good.

Fed up with PIA, I decided to try another VPN.  I thought it might be easiest.

I wanted Hotspot Shield, but the fact that they log personally identifiable information, don't support pfsense and have no live support were deal-breakers.  I wanted it set up immediately.

 

I decided to bite the bullet and go with ExpressVPN.  

More expensive, but most said they were next fastest, they had 24/7 support and supported DD-WRT (for now) and pfsense (for future).

 

I ponied up and got a login.  I had to run their app momentarily to find the fastest server, then I set it all up.

Any it worked!  All my smart devices reconnected, all my strange connectivity issues went away. 

 

However, I couldn't find the nameservers for secure DNS protection.  I asked their chat, and they didn't know what I meant.

Turns out, ExpressVPN doesn't support this.  They do allow manual configuration (on DD-WRT or whatever), but they don't provide IP addresses for their secure nameservers.

They asked me if I wanted to use the app instead, I said no.  (Because I'm not setting up the app on every device owned by my kids, wife, etc., that's why.)

Reflashing the router is also an option.  No thanks.

We mucked about for a while.  They really didn't know what to do.

 

After some messing around, their suggestion was to set my router DNS to use 0.0.0.0 for all the DNS servers.  

This appeared to work, and I had connectivity - but left my router admin panel unavailable!  I couldn't see, change, or access anything, which was extremely frustrating.  Almost everything broke, and I couldn't fix it, and it was BAD.

I still don't know why, and never will.  But fifteen tense minutes, one hard reset, and a (painless) restore later, it was fixed.

Fortunately, I had a recent router backup, so I was able to restore the router settings.  But I was extremely unhappy for those 15 minutes, and it was almost sheer luck that I had a recent router backup to use.

 

Now, DNS leaks alone were not necessarily enough to make me quit ExpressVPN after only an hour.  And ExpressVPN did fix all of the connectivity problems I was having with PIA.

But:

-  Torrents were 25% slower than PIA.  Definitely not a boost.  This was the opposite of what I expected.  

-  Not understanding or supporting DD-WRT?

-  Not even knowing what pfsense was?

-  And borking my router?  

Come on. 

 So:

  • Incomplete / inadequate support for DD-WRT / pfsense
  • Seemingly slow torrent speeds  (for me)
  • Not-so-knowledgeable tech support that (somehow) managed to bork my router
  • High cost

Not impressed. 

Maybe if I get brave enough (and time enough) I'll try out NordVPN.  Faster downloads are a perk I'm willing to give up at this point.

Saturday, November 14, 2020

PIA did it again - Oddball problems with VPN

 

As of Nov 14, it appears PIA has stopped working again:

  • Play Store not working (on some devices, OK on others)
  • YouTube not working (on some devices, OK on others)
  • Can't connect to BBC.com, CNN.com, but can connect to most other sites fine
  • Smart home devices offline (ecobee, Honeywell, etc) 
  • Honeywell Home: Endless loading

Of course, nothing changed on my end, and everything works just fine outside of PIA.  Mobiles also work outside of router-based PIA with the PIA app.

See here for the original saga.  Seems they can't keep their network stable for more than 3 months at a time now.  Awesome stuff, those Next-Gen servers - a real improvement!

Strangely, the new problems are not as widespread or consistent as before.  One device has no YouTube, but others do.  One device can't access CNN or BBC, but others do.  A third device has no Play Store, but others do.

One constant is the smart home devices.  As before, they are connected, but cannot reach their home servers.  The ecobee is the most obvious example, as it can even ping ecobee.com but cannot connect.

Changing from AES-256-CBC to AES-128-CBC helped some devices with some problems, but other problems persist.  They're extremely annoying at best and extremely frustrating at worst.

PIA did try and claim blacklisting, but the affected devices work fine on the PIA app.  It's only router-based setup that has issues.

[Edit]:  OK, to be fair, I am using an ancient version of DD-WRT.  My router is business-critical so I don't screw with it.  Possibly I can pick up an open-box special and try flashing the latest, and/or switch to pfsense once my new box arrives.

[Update]:  I tried ExpressVPN, and it worked fine.  I had some issues and didn't stick with them, but there were no problems with connectivity per se


Thursday, September 3, 2020

The rampant success of #SupportBlackBusiness

To "The unintended consequences of #SupportBlackBusiness" -  Vox, Sept 3, 2020


"Brittney Winbush, founder of the wellness company Alexandra Winbush, had her first $10,000 sales day in June. Rather than purely elated, though, she was anxious. “Will this last?” she wondered."

Every small business owner wonders this.


"afraid to make long-term business decisions based on good faith, as history has shown these moments of reckoning rarely linger."

Long-term decisions are always a risk, especially for small businesses.  This is not at all unique to this moment.


"A reported 41 percent of Black businesses had been shut down in April due to Covid-19."

As Tim would say: compared to what?

Per Forbes, 73,000 businesses have closed due to the pandemic.  The Washington Post says 100,000, and CNBC says up to 7.5 million are at risk.  

So: How does the 41% of Black-owned businesses compare to the overall percentage of businesses closed due to COVID?

Or:  What's the overall percentage of Black-owned businesses overall?  (I wonder if it's around 40% of all businesses.)

Sure, 41% sounds scary.  But scary numbers without any context are meaningless.

(Also, isn't it a truism that two-thirds of all small businesses fail within a few years?  Just sayin'.)


"Black businesses had been denied loans and other buffers the government had put in place while big, mainstream businesses were offered millions."

It is entirely possible this is true, but this isn't evidence.  It's just stated that this is, full stop.

And why, exactly?  Is it because they're Black-owned?  Or are there other reasons?

It also seems almost equally certain that White-, Asian- and publicly-owned businesses have also been denied loans as well.  How many, we don't know.  Maybe the same?  More?  Less?
 

"The challenges that Black businesses face are more fundamental than cashflow.”

OK, possibly true.  But again, hardly unique to Black-owned businesses, and no evidence to back it up..


"The reality, too, is that many small Black businesses, due to their size, aren’t equipped to handle such surges."

This is true for any business around and about that size.  White, Black, Latino-owned - that makes absolutely no difference whatsoever.

This reminds me of the UPS commercial about the new company that gets too many orders.  Hardly ANY business can even so much as double in capability overnight, much less a 5x to 10x increase.  Again, NOT unique to Black businesses in any sense whatsoever.


"Although such deluges can result in capital and growth, until customers adjust expectations and push for structural reform that enables Black businesses to grow, these calls will always feel inadequate."

Dramatically increased sales IS growth.


“$10,000 is so little to some in the entrepreneurial world, but this money was giving me the capital cushion to hire someone, restock, and just grow,” she says. For Winbush, this was a testament to the disparities that Black entrepreneurs, especially Black women entrepreneurs, often face."

Potentially true.  I would like to think that banks will go where the money is, but according to her, that isn't happening.  I can't say it isn't or it is, and the article again does nothing to inform.  It just says it's true, doesn't even bother to cite a specific example.

If this were true, would it be so difficult to do an article about how Black-owned businesses are being unfairly denied the financial tools they need due to rampant discrimination by angel investors and/or banks?  If it's as widespread as all that, should be pretty easy to do.


"She worried about whether this interest would convert to consistent sales; she noticed that a majority of the people who were creating these lists weren’t even making purchases themselves."

Oh Lord, so what?  Free advertising!

No, seriously.  If you put an ad on the bulletin board at the local sewing club, and heard people talking about it at the coffee shop, you'd be happy, even if most of those people didn't themselves buy.  Buyers are undoubtedly best, but getting the word around is essential to finding those buyers.


“People are posting these Black-owned businesses without even researching to see what they do and what they support. It’s the same list going around. I’m not just a ‘Black-owned business.’ There are a lot of interesting things about me and my business besides my identity,” says Subrina Heyink, of Subrina Heyink Vintage."

Yes, you sell things.

OK, you probably "stand for" things, "believe in" things, or "support" things too.  That's lovely.  

But, your business exists to sell stuff.  By definition.  The rest is just image and window dressing.


"She declined interviews at the time and asked to be taken off lists once she realized that many of the people who were sharing them were doing so mindlessly, in what felt like tokenism."

Coming from a fellow small business owner, that's just idiotic.  As in "You absolutely have to be shitting me" idiotic.  No sane small business owner would EVER turn down free advertising.


"She says that some of the white influencers sharing these lists were part of a racist fashion industry that had previously hurt her business: a former fashion editor, who had once mocked Heyink for taking an activist tone on her platform, had added her to an Instagram list of fashion businesses to follow. This upset Heyink, so she asked for her name and business to be edited out of the Instagram post."

OK, absolutely.  If one wants to stand on principle and decline such advertising, of course they can.  It's a free country, after all, and people can do what they want.  

But that's still a stupid business decision, and it's entirely on you.  YOUR principles cost YOU money - nothing to do with COVID, customers, or anything, and the consequences are anything but "unintended".  YOU own that.


"More important than these lists, says Heyink, is the prospect of structural support in the form of mentorship for Black business owners, particularly Black women entrepreneurs. She says her business saw growth earlier this year when she was given the capital and mentorship to grow, and the accompanying knowledge that she could fail and try again."

All entrepreneurs take risks.  Again, not at all limited, much less unique, to Black-owned businesses.

And, if entrepreneurial Black women are all looking for mentorship, couldn't they mentor each other?  With all the free social media tools available, they can't get together?

OK, maybe there are not a lot of them.  But surely there are more than two, and that's a start.


"Still, the lists that she had been added to brought new customers her way, and she wasn’t about to let the demand overwhelm her."

Finally, someone who is taking advantage of success instead of whining about it.

And to be clear, this IS success.  Not an "unintended consequence".  This was always the entire point of starting the business in the first place.


"To prevent blowback from delays in shipment or bad reviews, she communicated to customers about her business operations, informed them about limitations that come with small businesses run by Black women, and adjusted her inventory — listing only as many items as she could afford to fulfill without falling into extreme fatigue."

So, she declines new customers and still gets piles of new customers?  Good on her!

No, really - good on her.  She's making the most of her success, entirely correct.  Excellent management of the situation.

But it's still success.  Not "unintended consequences".


"...10,000 orders between May 30 and June 1. These orders were mostly for titles which had been selling out everywhere, forcing publishers to reprint. The company did not have the manpower to fulfill that many orders and so came the backlash from customers accusing the owners of theft and fraud."

Yes, the difficulties of success.  But they're in much less danger of going under now, aren't they?

So which is it - are Black-owned businesses always screwed and eternally doomed to die, or are they suddenly riding a new market wave to more success than they can handle?  Can't really have it both ways, you know.


"The owners posted a statement to customers after complaints: “We are also receiving a number of disheartening emails asking us to cancel orders and refund payments, criticisms about how slow we are and that we have poor customer service because we have not answered an email. We do hope each and every one of you who has shown us support by purchasing through our website believe we are not accepting your money with the intention to keep it and not send out your orders.”"

Yes, the problems of success.  Seems like they're dealing with it as well as they can.

Although - OK, I'm not at all suggesting that they were somehow able to predict, cope with, or even manage such an incredibly large volume of unexpected orders - but don't most bookstores sell what's in stock, and put the rest on backorder?  Sounds like a rather large hole in their ordering system.


"The small company had channeled money into manufacturing products for the collaboration, and thus the drop resulted in uncertainty and precarity despite the company’s popularity."

What?  Small businesses take financial risks?!?  What a discovery!  What insight!! Give the author a Nobel RIGHT NOW!

OBVIOUSLY applies to every business, ever, anywhere.  Ownership has zero to do with it.


"Community rallying and hashtags not only brought Telfar and Gap to a resolution, but also catapulted the bag to new heights of demand, with the item selling out mere minutes after being released."

So - rampant success is now the problem?

Seriously - every other novel / unique item that sells out in minutes is reported as an unqualified success.  But this Black-owned business enjoys the same success and suddenly it's an issue?


"This was cause for celebration, yet brought with it resale bots and profiteers who wanted to capitalize off the attention a Black business was getting.  These problems created complaints from consumers, with some even accusing the company of creating false scarcity to drive demand. The company tried to address this by launching a “bag security” program allowing customers to preorder the bags they wanted."

Well done.  And - well, done then.  It's sorted.  And very easily, it sounds.

Tim would also (undoubtedly) point out that this is market forces at work, raising prices to cope with scarcity.  This really cannot be avoided in any meaningful sense.


"Other Black-owned businesses like golde and Hanahana Beauty also switched to a preorder model, following an influx of orders."

Yes, entirely sensible when demand exceeds supply.  The pure economist would say the prices should rise, but putting stuff on backorder works too.  

But every mail-, phone- and internet-order business has done this for simply ages. Exactly why is this suddenly a huge issue for Black businesses in particular?


"Faced with the pandemic and consequent shipping delays, she applied for a Paycheck Protection Program loan — with apprehension, due to past refusals she had gotten applying for loans as a Black small business owner. After waiting weeks to hear back and getting no response, she moved on."

This asserts without proof that she was denied the loan simply because she was Black.  Maybe, maybe not.  Some kind of evidence would be ni... oh, wait, we said that.


"Around this time, she began to appear on lists of Black businesses to support. Abena was excited, she says, because the majority of the lists — including one on BeyoncĂ©’s website — reflected an understanding of Hanahana’s mission."

OK, missions are great.  But sales are usually better.  Your mission doesn't pay the bills, sales do.


"Business got even better, but in July, the company announced that it was taking a “sustainable work vacation.” Making items available for preorder had helped Boamah, but it wasn’t enough. She realized that the company couldn’t produce or fulfill enough orders at the rate things were going, and it was important for her to keep in line with her company’s mission of sustainability and transparency. Despite the allure of new revenue, she took a break so the team could rest"

So business is good enough that she can put everyone on holiday, AND get free money?  

Perhaps these consequences were unintended - or, at least, unforeseen - but what sane business owner WOULDN'T want such luxury?

Lord knows I would sure like to be able to tell my customers to come back later in a couple of weeks, just so I can take it easy for a while.

Or, put another way - just what is she thinking?  She has UNPRECEDENTED demand, and should be moving heaven and earth to score as many of those sales as she can possibly get.  Not go off for a little lie-down after hugging Gaia.

Of course, she didn't do that at all, as the last line reveals:

"hired new team members, and applied for grants, many of which had only become available to her after the pandemic and uprisings started."

She's expanding both her team and her financial resources, presumably as fast as she possibly can.  Which is, of course, the correct and sensible response.


"Even after orders are completed, Black business owners have struggled with how to navigate shows of appreciation; many are making sure to restate their gratitude for fear of driving away customers, some of whom have implied that for them, #SupportBlackBusiness is an act of charity."

Yes, corporate image is a bitch.  But for everyone, not just them.

Seriously, how many big businesses have put their foot in it lately?


"Still others are figuring out exactly how to openly discuss the ways the influx of attention has affected operations, for better and for worse."

Oh dear God.  

EVERY business, big and small, White or Black, has operational problems.  That these problems are realatively new due to newfound success isn't a problem to be shared with your customers - it's cause for celebration, because now you're moving up in the world.  Smiling in front of the clients while working your ass off behind the scenes is the definition of small business.


"“Some Black business owners are scared to share the realities we face,” Winbush says, “because they don’t want to seem unprofessional, as coming off as unprofessional could negatively impact your business.”"

Just so.  This is Marketing 101 - make it look easy, come off calm, cool, and capable - while hiding all the hard work, frustration, and endless issues.  Regardless of what you sell - coffee, clothes, or conversation - that's exactly what you're being hired to do.

Honestly, I've never heard people whine so much about success.


Sunday, August 30, 2020

Notes on the JBL Cheetah 11101 (truck) and 21101 (buggy)

These are hobby / basher grade 4WD cars.  They are a step up from toy-grade cars like the WLToys lineup, built and priced accordingly.  

They are not the toughest cars ever but are (reportedly) pretty decent.  Crashing any car from great heights onto concrete is likely to break it - these are no exception.

Do note these cars - and especially the 120A models - are rather beyond mere toys, and use extremely powerful motors.  The young, unwary or careless could easily hurt themselves, lose a finger, etc.  Use caution!

Basic specs:

  • 1/10 scale, 4WD
  • 515mm long
  • 3S, 4000 mAh battery, T-connector (a.k.a Deans), 15min
  • 3670-2500 kv motor.
  • 80A (80 km/h) or 120A Hobbywing ESC (100 km/h)
  • All-metal gears.
  • Part-metal chassis.
  • Oil-filled dual-rate (progressive) shocks.
  • 17mm wheel hex
  • 135 / 145mm diameter / 75mm wide tires w/foam
  • LED lights 

 Note: This car is NOT a rebadged Vikar Bison or DHK Zombie.

User manual:  RCGroups 1, RCGroups 2

Transmitter:  120A versions: KTH-91900G [Manual:  RCGroups]

 

Model differences:

Car (21101):  This model is technically the "21101", though most refer to it as a "Cheetah".  Has rear wing and different wheelie bar.  Most find the wing/bar break off easily on bad landings.  Dirt/pavement combo tires.  Car is sometimes available in a package with two batteries.

Truck / truggy (11101):  No wing, "inverted" wheelie bar that tends to not break (as easily).  Sand tires that reportedly don't do quite as well on pavement.  Old models had substandard wheel nuts that could come off, but newer ones (since mid-2017) don't.  Review, review 2.

Changing from car-> truck (or vice versa) involves changing not only the shell, but the mounts for the shell, as well as the rear wheelie bar. 


Model similarities:

-  All models are available in with 80A or 120A ESC.  The 80A is often called "original" or "version 1".  The 120A is sometimes called the "upgrade" version, "version 2" or "Extreme".

-  Most parts are common between the "old" 21101 car, the "new" 21101 car, and the 11101 truck.


Related models:

-  J3SPEED : Street / on-road tires, new controller, metal slipper mount.  Also 120A with 3670-3200kv (36*70mm) motor, so faster.  Drive axles may be thinner. (Review, Discussion thread)

 

Year-on-year differences:

  • 80A models had Flysky controller (4xAA) with throttle limiting.  120A models have different controller without throttle limiting.  It may be possible to bind a Flysky GT3C (with limiting) to the later models.
  • Original 11101 trucks had different wheel nuts that tended to spin off.  These were changed to the same 10mm hex nuts as used on the 21101 car.
  • Drive shafts (CVDs) were thin / weak, were upgraded around Q1 2018.


Known issues:

  • 80A ESC and steering servo are NOT waterproof. (experiences in snow are mixed)
  • 120A might be waterproof, but might also be just "splash-proof".
  • Check all screws BEFORE running for first time.
  • 21101 wing / wheelie bar breaks easily.
  • Tires may become unglued due to high available torque.
  • Drive shafts (dogbones) tend to bend.  Easy to upgrade. 
  • Some screws are threaded into metal parts and will back out over time.  Use Loctite.
  • Wheels are difficult to remove, especially the first time.  Heating with a hair dryer seems to help.
  • All screws METRIC, most screws are hex head (i.e. allen keys)
  • Differential output cups weak.


 Known non-issues:

  • "Crackling" sound from rear at low speeds - this is normal behavior for the brushless motor.
  • Transmitter range sometimes isn't the best.  Video to help fix
  • It is definitely possible to destroy the car in stock form.

 

Parts and upgrade info

Many upgrade parts are available (JLB, Aliexpress, Aliexpress 2, Banggood, MonkeyHobby).

General:

  • It is possible to upgrade to 4S batteries, but beware of exploding tires.  
  • You also risk damaging your transmissions, especially the front gearbox.
  • Most people say the surest way to break parts is to run 4S.

Motor:

  • Stock: JLB 3670-2500kv (Banggood)
  • Upgrade: Racerstar 4068 brushless motor 2650 kv
  • Motor heatsinks: Heat sinks for 530 or 540 motor size appear to work
  • Motor fan: Banggood (picture), Video

ESC:

  • 80A (upgrade to original 80A, downgrade from original 120A): Gearbest , Banggood
  • 120A:
  • Note: people have tried spraying CorrosionX into the receiver and ESC to add a bit of waterproofing.  The effectiveness is unclear.

Servo:

  • 10kg (or more) servo recommended
  • Upgrade: 
  • Some users report the Futaba S3003 works fine, even though it is "weak"
  • Some people report the TowerPro MG995 works fine (video)
  • Note: some report all-metal steering improves the turning angle over the stock plastic parts.

Steering:

  • Metal upgrade (Banggood, Aliexpress)
  •  Note: some report all-metal steering improves the turning angle over the stock plastic parts.

Wheels/Tires:

  • Pro-Line Badlands 3.8 wheels/tires do fit. (Pro-Line)
  • Can use 1/8 tires with 17mm hex (i.e. GoolRC)
  • BSR Berserker 1/8 wheels fit.   (Hobbyking)
  • ZD Racing 1/8 wheels with 17mm hex should fit (unconfirmed).  (Banggood
  • Wheel nuts are M10.

Wheel bearings:

  • Wheel hub bearings 10x15x4mm. 

Battery:

  • 3S 4000 mAh
  • Length: with spacer foam 138mm, without 148mm.
  • Tray is 49mm wide (some say 51mm)
  • Height limited by body shell.
  • 260g

Pinion:

  • Pinion must be 32 pitch!
  • Stock: 15T: Aliexpress
  • 13T: Aliexpress (13T, 14T, 15T)
  • 17T fits.
  • 18T is reportedly too large, it interferes with one of the motor mount screws.  Can be made to fit with appropriate grinding.

Spur gear:

  • Stock: 52T
  • No known upgrades

Shocks:

  • Stock oil is likely 400 wt
  • People report good success with 800 wt
  • Note: weights in the range of 15-70 are "non-standard" USA weights.  Weights in the 200-800 range are the same oils rated using "standard" weight ratings.

CVD:

  • Reported as:
    • Original: 8mm
    • Second: 6mm
    • "Upgrade": 10mm 
  • "New", "upgraded" version (reportedly): Banggood
    • Note: these were upgraded back in 2018, photos may not be correct.  
  • There is reportedly a "hardened" version (as of 2019), but this is unconfirmed.

Slipper clutch:

  • Metal upgrade: Banggood
  • Note: it is not typically necessary to adjust the slipper. 

Tuesday, August 25, 2020

Private Internet Access (PIA) Next-Gen servers break apps and smart home devices

 Problem:  After restoring your PIA connection from after it broke using router-based VPN, you do not have full connectivity.  

Specifically, none of your smartphone apps or smart home devices work properly.

  • Your router IS connected to the VPN
  • You ARE using the correct encryption, port, and ca.crt combination
  • They DO have a working internet connection
  • They CAN see the internet
  • They DO work outside the VPN

But they can't log in to, or access, their respective servers through the VPN:

  • Gmail: Useless "View more" link that does nothing
  • Banking apps: Can't log in
  • Starbucks: Endless "Finding stores"
  • Ecobee:  "Trouble connecting to your device"
  • Honeywell Home: Endless startup
  • Ratuken Kobo: Endless accessing "My Books"
  • Smart Life: Endless startup
  • Lastpass: Password vault is empty
  • Roblox: Endless loading
  • Minecraft: Can't join multiplayer servers
  • Terraria: Can't join other players 
  • Pixel Guns 3D:  No multiplayer available
  • Ecobee thermostat: Pings "ecobee.com", but "unable to connect to web servers".
  • Lyriq water leak detectors: Permanently offline 

etc, etc, etc.

Oddly, Windows PCs work.  Chrome, Maps, and Play Store work.  Some other apps work.  Many don't.

PIA confirmed the cause was "resolvers for [the] legacy network" - i.e. on their end.


Solution (for router-based VPN only, this example is DD-WRT):  

0.  Follow this guide exactly.

1.  If your OpenVPN does not even try to connect, try removing this line from Additional Config:

 pull-filter ignore "auth-token"

It should at least connect now, but you will still have app/device issues as noted above. 

Note: This bug appears to affect only very old versions of DD-WRT.  If you can upgrade your firmware, you likely should.

2.  Set your router DNS to:

  • 10.0.0.241
  • 10.0.0.242

3.  Change to a "Next-Gen" server.  These all end in "privacy.network".

Examples:

  • us-california.privacy.network
  • ca-montreal.privacy.network
  • uk-london.privacy.network

4.  You have to try different encryption / port combinations, to see what works.

For example, I used AES-128-CBC SHA1 on port 1198, using "ca.rsa.2048.crt".  It did not work, resulting in the app/smart device issues.

I then changed to AES-256-CBC SHA256 on port 1197, using "ca.rsa.4096.crt".  That worked fine.

 You don't need to reboot your DD-WRT router (but you do need to hit "Save", then "Apply Settings"), and resolution will be more-or-less instant.  When you hit a "good" setup, you will know it.


 The above did work on OpenVPN 2.3.  Newer DD-WRT builds have 2.4, hopefully it works for that too.

 Similar steps should fix Tomato, ASUSWRT, Merlin, pfsense, whatever.  (I hope.)



This was the result of several days back and forth with PIA tech support.  Only their eventual fix has kept me with them, as I was just about to pull the trigger on NordVPN.

However, I can't help but say their NextGen rollout is a bit of a dumpster fire:

  • These problems should not be occurring.
  • They certainly should not be dumping people off perfectly good connections that have been flawless for years for reasons unknown. 
  • Their router setup guide was not updated in advance of NextGen rollout, which is dumb.
  • Their support staff seems unable to readily support the NextGen rollout, which is even dumber.
  • Tech support actually told me I had to figure out the NextGen settings by interpreting the '.ovpn' file for my preferred PIA server, which is dumbest of all, as that is not support.

 It's almost like they never saw the NextGen transition coming. Which is just shoddy business.

Yes, I know there was a merger.  So either they had to changeover with little to no warning, or they forgot about their massive upcoming server changeover because of new business cards.  Either way, it's crap for the customer.